X-Git-Url: https://git.distorted.org.uk/~mdw/catacomb/blobdiff_plain/141c12847a1c2f8cc8db03d420551584e689fb87..3b09bd841c6f31e968717e46b5e995fff0481924:/progs/key.c diff --git a/progs/key.c b/progs/key.c index 8cd43fe7..d5bfedb8 100644 --- a/progs/key.c +++ b/progs/key.c @@ -53,6 +53,7 @@ #include "bintab.h" #include "bbs.h" +#include "des.h" #include "dh.h" #include "dsa.h" #include "dsarand.h" @@ -411,7 +412,6 @@ static void alg_des(keyopts *k) unsigned sz; octet *p; key_data *kd; - int i; if (!k->bits) k->bits = 168; @@ -422,13 +422,7 @@ static void alg_des(keyopts *k) sz = k->bits / 7; p = sub_alloc(sz); k->r->ops->fill(k->r, p, sz); - for (i = 0; i < sz; i++) { - octet x = p[i] | 0x01; - x = x ^ (x >> 4); - x = x ^ (x >> 2); - x = x ^ (x >> 1); - p[i] = (p[i] & 0xfe) | (x & 0x01); - } + des_fixparity(p, p, sz); kd = key_newbinary(KCAT_SYMM | KF_BURN, p, sz); memset(p, 0, sz); dolock(k, &kd, 0); @@ -1065,6 +1059,7 @@ static int cmd_add(int argc, char *argv[]) { "expire", OPTF_ARGREQ, 0, 'e' }, { "comment", OPTF_ARGREQ, 0, 'c' }, { "tag", OPTF_ARGREQ, 0, 't' }, + { "retag", 0, 0, 'r' }, { "rand-id", OPTF_ARGREQ, 0, 'R' }, { "key-id", OPTF_ARGREQ, 0, 'I' }, { "curve", OPTF_ARGREQ, 0, 'C' }, @@ -1397,6 +1392,11 @@ static void showkeydata(key_data *k, int ind, listopts *o, dstr *d) } \ } while (0) + if ((k->e&KF_ENCMASK) == KENC_ENCRYPT && o->v <= 4) + { fputs(" encrypted\n", stdout); return; } + if ((k->e&KF_ENCMASK) != KENC_STRUCT && !(k->e&KF_NONSECRET) && o->v <= 3) + { fputs(" secret\n", stdout); return; } + switch (k->e & KF_ENCMASK) { /* --- Binary key data --- * @@ -1432,20 +1432,16 @@ static void showkeydata(key_data *k, int ind, listopts *o, dstr *d) * key. Otherwise just say that it's encrypted and move on. */ - case KENC_ENCRYPT: - if (o->v <= 3) - fputs(" encrypted\n", stdout); + case KENC_ENCRYPT: { + key_data *kd; + if (key_punlock(&kd, k, d->buf)) + printf(" \n", d->buf); else { - key_data *kd; - if (key_punlock(&kd, k, d->buf)) - printf(" \n", d->buf); - else { - fputs(" encrypted", stdout); - showkeydata(kd, ind, o, d); - key_drop(kd); - } + fputs(" encrypted", stdout); + showkeydata(kd, ind, o, d); + key_drop(kd); } - break; + } break; /* --- Integer keys --- * * @@ -1871,7 +1867,7 @@ static int cmd_finger(int argc, char *argv[]) argv += optind; argc -= optind; if (rc) { die(EXIT_FAILURE, - "Usage: fingerprint [-a HASHALG] [-p STYLE] [-f FILTER] [TAG...]"); + "Usage: fingerprint [-a HASH] [-p STYLE] [-f FILTER] [TAG...]"); } doopen(&f, KOPEN_READ); @@ -1945,7 +1941,7 @@ static int cmd_verify(int argc, char *argv[]) argv += optind; argc -= optind; if (rc || argc != 2) { die(EXIT_FAILURE, - "Usage: verify [-a HASHALG] [-p STYLE] [-f FILTER] TAG FINGERPRINT"); + "Usage: verify [-a HASH] [-p STYLE] [-f FILTER] TAG FINGERPRINT"); } doopen(&f, KOPEN_READ); @@ -2234,7 +2230,7 @@ Options:\n\ -v, --verbose Show more information.\n\ " }, { "fingerprint", cmd_finger, - "fingerprint [-a HASHALG] [-p STYLE] [-f FILTER] [TAG...]", "\ + "fingerprint [-a HASH] [-p STYLE] [-f FILTER] [TAG...]", "\ Options:\n\ \n\ -f, --filter=FILT Only hash key components matching FILT.\n\ @@ -2272,7 +2268,7 @@ Options:\n\ { "tidy", cmd_tidy, "tidy" }, { "add", cmd_add, "add [-OPTIONS] TYPE [ATTR...]\n\ - Options: [-lqrLKS] [-a ALG] [-bB BITS] [-p PARAM] [-R TAG]\n\ + Options: [-lqrLKS] [-a ALG] [-bB BITS] [-E PUBEXP] [-p PARAM] [-R TAG]\n\ [-A SEEDALG] [-s SEED] [-n BITS] [-I KEYID]\n\ [-e EXPIRE] [-t TAG] [-c COMMENT]", "\ Options:\n\ @@ -2281,6 +2277,7 @@ Options:\n\ ($ show keygen for list.)\n\ -b, --bits=N Generate an N-bit key.\n\ -B, --qbits=N Use an N-bit subgroup or factors.\n\ +-E, --public-exponent=E Use E as RSA public exponent (default 65537)\n\ -p, --parameters=TAG Get group parameters from TAG.\n\ -C, --curve=NAME Use elliptic curve or DH group NAME.\n\ ($ show ec or $ show dh for list.)\n\