summaryrefslogtreecommitdiffstats
path: root/ssh-keygen.c
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--ssh-keygen.c26
1 files changed, 22 insertions, 4 deletions
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 5b945a8..97c6d13 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.471 2023/09/04 10:29:58 job Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.472 2024/01/11 01:45:36 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -262,10 +262,12 @@ ask_filename(struct passwd *pw, const char *prompt)
name = _PATH_SSH_CLIENT_ID_ED25519;
else {
switch (sshkey_type_from_name(key_type_name)) {
+#ifdef WITH_DSA
case KEY_DSA_CERT:
case KEY_DSA:
name = _PATH_SSH_CLIENT_ID_DSA;
break;
+#endif
#ifdef OPENSSL_HAS_ECC
case KEY_ECDSA_CERT:
case KEY_ECDSA:
@@ -376,10 +378,12 @@ do_convert_to_pkcs8(struct sshkey *k)
if (!PEM_write_RSA_PUBKEY(stdout, k->rsa))
fatal("PEM_write_RSA_PUBKEY failed");
break;
+#ifdef WITH_DSA
case KEY_DSA:
if (!PEM_write_DSA_PUBKEY(stdout, k->dsa))
fatal("PEM_write_DSA_PUBKEY failed");
break;
+#endif
#ifdef OPENSSL_HAS_ECC
case KEY_ECDSA:
if (!PEM_write_EC_PUBKEY(stdout, k->ecdsa))
@@ -400,10 +404,12 @@ do_convert_to_pem(struct sshkey *k)
if (!PEM_write_RSAPublicKey(stdout, k->rsa))
fatal("PEM_write_RSAPublicKey failed");
break;
+#ifdef WITH_DSA
case KEY_DSA:
if (!PEM_write_DSA_PUBKEY(stdout, k->dsa))
fatal("PEM_write_DSA_PUBKEY failed");
break;
+#endif
#ifdef OPENSSL_HAS_ECC
case KEY_ECDSA:
if (!PEM_write_EC_PUBKEY(stdout, k->ecdsa))
@@ -478,8 +484,10 @@ do_convert_private_ssh2(struct sshbuf *b)
u_int magic, i1, i2, i3, i4;
size_t slen;
u_long e;
+#ifdef WITH_DSA
BIGNUM *dsa_p = NULL, *dsa_q = NULL, *dsa_g = NULL;
BIGNUM *dsa_pub_key = NULL, *dsa_priv_key = NULL;
+#endif
BIGNUM *rsa_n = NULL, *rsa_e = NULL, *rsa_d = NULL;
BIGNUM *rsa_p = NULL, *rsa_q = NULL, *rsa_iqmp = NULL;
@@ -507,10 +515,12 @@ do_convert_private_ssh2(struct sshbuf *b)
}
free(cipher);
- if (strstr(type, "dsa")) {
- ktype = KEY_DSA;
- } else if (strstr(type, "rsa")) {
+ if (strstr(type, "rsa")) {
ktype = KEY_RSA;
+#ifdef WITH_DSA
+ } else if (strstr(type, "dsa")) {
+ ktype = KEY_DSA;
+#endif
} else {
free(type);
return NULL;
@@ -520,6 +530,7 @@ do_convert_private_ssh2(struct sshbuf *b)
free(type);
switch (key->type) {
+#ifdef WITH_DSA
case KEY_DSA:
if ((dsa_p = BN_new()) == NULL ||
(dsa_q = BN_new()) == NULL ||
@@ -539,6 +550,7 @@ do_convert_private_ssh2(struct sshbuf *b)
fatal_f("DSA_set0_key failed");
dsa_pub_key = dsa_priv_key = NULL; /* transferred */
break;
+#endif
case KEY_RSA:
if ((r = sshbuf_get_u8(b, &e1)) != 0 ||
(e1 < 30 && (r = sshbuf_get_u8(b, &e2)) != 0) ||
@@ -702,12 +714,14 @@ do_convert_from_pkcs8(struct sshkey **k, int *private)
(*k)->type = KEY_RSA;
(*k)->rsa = EVP_PKEY_get1_RSA(pubkey);
break;
+#ifdef WITH_DSA
case EVP_PKEY_DSA:
if ((*k = sshkey_new(KEY_UNSPEC)) == NULL)
fatal("sshkey_new failed");
(*k)->type = KEY_DSA;
(*k)->dsa = EVP_PKEY_get1_DSA(pubkey);
break;
+#endif
#ifdef OPENSSL_HAS_ECC
case EVP_PKEY_EC:
if ((*k = sshkey_new(KEY_UNSPEC)) == NULL)
@@ -777,10 +791,12 @@ do_convert_from(struct passwd *pw)
fprintf(stdout, "\n");
} else {
switch (k->type) {
+#ifdef WITH_DSA
case KEY_DSA:
ok = PEM_write_DSAPrivateKey(stdout, k->dsa, NULL,
NULL, 0, NULL, NULL);
break;
+#endif
#ifdef OPENSSL_HAS_ECC
case KEY_ECDSA:
ok = PEM_write_ECPrivateKey(stdout, k->ecdsa, NULL,
@@ -3752,9 +3768,11 @@ main(int argc, char **argv)
n += do_print_resource_record(pw,
_PATH_HOST_RSA_KEY_FILE, rr_hostname,
print_generic, opts, nopts);
+#ifdef WITH_DSA
n += do_print_resource_record(pw,
_PATH_HOST_DSA_KEY_FILE, rr_hostname,
print_generic, opts, nopts);
+#endif
n += do_print_resource_record(pw,
_PATH_HOST_ECDSA_KEY_FILE, rr_hostname,
print_generic, opts, nopts);