Skip to content

Commit

Permalink
dropbearkey: save a public key file on a key generation
Browse files Browse the repository at this point in the history
The OpenSSH keygen stores the public part of a new key to a .pub file.
Make the DropBear behave same.

Signed-off-by: Sergey Ponomarev <[email protected]>
  • Loading branch information
stokito authored and mkj committed Jan 22, 2024
1 parent c92bd40 commit 24cf4e6
Showing 1 changed file with 41 additions and 8 deletions.
49 changes: 41 additions & 8 deletions src/dropbearkey.c
Original file line number Diff line number Diff line change
Expand Up @@ -75,9 +75,12 @@

static void printhelp(char * progname);


static void printpubkey(sign_key * key, int keytype, const char * comment);
static int printpubfile(const char* filename, const char * comment);
static void printpubkey(sign_key * key, int keytype, const char * comment, int create_pub_file, const char * filename);
/* Print a public key and fingerprint to stdout.
* Used for "dropbearkey -y" command but also after generation of a new key.
* For the new key pair the create_pub_file will be TRUE and the pub key will be saved to a .pub file.
*/
static int printpubfile(const char* filename, const char * comment, int create_pub_file);

/* Print a help message */
static void printhelp(char * progname) {
Expand Down Expand Up @@ -238,7 +241,7 @@ int main(int argc, char ** argv) {
}

if (printpub) {
int ret = printpubfile(filename, NULL);
int ret = printpubfile(filename, NULL, 0);
exit(ret);
}

Expand Down Expand Up @@ -294,13 +297,13 @@ int main(int argc, char ** argv) {
dropbear_exit("Failed to generate key.\n");
}

printpubfile(filename, comment);
printpubfile(filename, comment, 1);

return EXIT_SUCCESS;
}
#endif

static int printpubfile(const char* filename, const char* comment) {
static int printpubfile(const char* filename, const char* comment, int create_pub_file) {

buffer *buf = NULL;
sign_key *key = NULL;
Expand All @@ -326,7 +329,7 @@ static int printpubfile(const char* filename, const char* comment) {
goto out;
}

printpubkey(key, keytype, comment);
printpubkey(key, keytype, comment, create_pub_file, filename);

err = DROPBEAR_SUCCESS;

Expand All @@ -340,7 +343,7 @@ static int printpubfile(const char* filename, const char* comment) {
return err;
}

static void printpubkey(sign_key * key, int keytype, const char * comment) {
static void printpubkey(sign_key * key, int keytype, const char * comment, int create_pub_file, const char * filename) {

buffer * buf = NULL;
unsigned char base64key[MAX_PUBKEY_SIZE*2];
Expand All @@ -352,6 +355,20 @@ static void printpubkey(sign_key * key, int keytype, const char * comment) {
struct passwd * pw = NULL;
char * username = NULL;
char hostname[100];
char * filename_pub = NULL;
int filename_pub_len = 0;
int pubkey_fd = -1;

if (create_pub_file) {
filename_pub_len = strlen(filename) + 5;
filename_pub = m_malloc(filename_pub_len);
snprintf(filename_pub, filename_pub_len, "%s.pub", filename);

pubkey_fd = open(filename_pub, O_RDWR | O_CREAT | O_EXCL, S_IRUSR | S_IWUSR);
if (pubkey_fd < 0) {
dropbear_log(LOG_ERR, "Save public key to %s failed: %s", filename_pub, strerror(errno));
}
}

buf = buf_new(MAX_PUBKEY_SIZE);
buf_put_pub_key(buf, key, keytype);
Expand All @@ -373,6 +390,10 @@ static void printpubkey(sign_key * key, int keytype, const char * comment) {
if (comment) {
printf("%s %s %s\n",
typestring, base64key, comment);
if (pubkey_fd >= 0) {
dprintf(pubkey_fd, "%s %s %s\n",
typestring, base64key, comment);
}
} else {
/* a user@host comment is informative */
username = "";
Expand All @@ -386,11 +407,23 @@ static void printpubkey(sign_key * key, int keytype, const char * comment) {

printf("%s %s %s@%s\n",
typestring, base64key, username, hostname);
if (pubkey_fd >= 0) {
dprintf(pubkey_fd,"%s %s %s@%s\n",
typestring, base64key, username, hostname);
}
}

fp = sign_key_fingerprint(buf_getptr(buf, len), len);
printf("Fingerprint: %s\n", fp);

m_free(fp);
buf_free(buf);

if (pubkey_fd >= 0) {
if (fsync(pubkey_fd) != 0) {
dropbear_log(LOG_ERR, "fsync of %s failed: %s", filename_pub, strerror(errno));
}
m_close(pubkey_fd);
}
m_free(filename_pub);
}

0 comments on commit 24cf4e6

Please sign in to comment.