dropbearkey: save a public key file

The OpenSSH keygen stores the public key to a seperate file with .pub suffix. Make the DropBear behave same.
mkj · Dec 16, 2023 · 708a78b · 708a78b
1 parent e4228dd
commit 708a78b
Showing 1 changed file with 36 additions and 7 deletions.
diff --git a/src/dropbearkey.c b/src/dropbearkey.c
@@ -64,8 +64,8 @@
 static void printhelp(char * progname);
 
 
-static void printpubkey(sign_key * key, int keytype, const char * comment);
-static int printpubfile(const char* filename, const char * comment);
+static void printpubkey(const char * filename, sign_key * key, int keytype, const char * comment);
+static int printpubfile(const char* filename, const char * comment, int create_pub_file);
 
 /* Print a help message */
 static void printhelp(char * progname) {
@@ -226,7 +226,7 @@ int main(int argc, char ** argv) {
 	}
 
 	if (printpub) {
-		int ret = printpubfile(filename, NULL);
+		int ret = printpubfile(filename, NULL, 0);
 		exit(ret);
 	}
 
@@ -289,13 +289,13 @@ int main(int argc, char ** argv) {
 		dropbear_exit("Failed to generate key.\n");
 	}
 
-	printpubfile(filename, comment);
+	printpubfile(filename, comment, 1);
 
 	return EXIT_SUCCESS;
 }
 #endif
 
-static int printpubfile(const char* filename, const char* comment) {
+static int printpubfile(const char* filename, const char* comment, int create_pub_file) {
 
 	buffer *buf = NULL;
 	sign_key *key = NULL;
@@ -321,7 +321,7 @@ static int printpubfile(const char* filename, const char* comment) {
 		goto out;
 	}
 
-	printpubkey(key, keytype, comment);
+	printpubkey(create_pub_file ? filename : NULL, key, keytype, comment);
 
 	err = DROPBEAR_SUCCESS;
 
@@ -335,7 +335,7 @@ static int printpubfile(const char* filename, const char* comment) {
 	return err;
 }
 
-static void printpubkey(sign_key * key, int keytype, const char * comment) {
+static void printpubkey(const char * filename, sign_key * key, int keytype, const char * comment) {
 
 	buffer * buf = NULL;
 	unsigned char base64key[MAX_PUBKEY_SIZE*2];
@@ -347,6 +347,20 @@ static void printpubkey(sign_key * key, int keytype, const char * comment) {
 	struct passwd * pw = NULL;
 	char * username = NULL;
 	char hostname[100];
+	char * filename_pub = NULL;
+	int filename_pub_len = 0;
+	int pubkey_fd = -1;
+
+	if (filename) {
+		filename_pub_len = strlen(filename) + 5;
+		filename_pub = m_malloc(filename_pub_len);
+		snprintf(filename_pub, filename_pub_len, "%s.pub", filename);
+
+		pubkey_fd = open(filename_pub, O_RDWR | O_CREAT | O_EXCL, S_IRUSR | S_IWUSR);
+		if (pubkey_fd < 0) {
+			dropbear_log(LOG_ERR, "Save public key to %s failed: %s", filename_pub, strerror(errno));
+		}
+	}
 
 	buf = buf_new(MAX_PUBKEY_SIZE);
 	buf_put_pub_key(buf, key, keytype);
@@ -368,6 +382,10 @@ static void printpubkey(sign_key * key, int keytype, const char * comment) {
 	if (comment) {
 		printf("%s %s %s\n",
 				typestring, base64key, comment);
+		if (pubkey_fd >= 0) {
+			dprintf(pubkey_fd, "%s %s %s\n",
+					typestring, base64key, comment);
+		}
 	} else {
 		/* a user@host comment is informative */
 		username = "";
@@ -381,11 +399,22 @@ static void printpubkey(sign_key * key, int keytype, const char * comment) {
 
 		printf("%s %s %s@%s\n",
 				typestring, base64key, username, hostname);
+		if (pubkey_fd >= 0) {
+			dprintf(pubkey_fd,"%s %s %s@%s\n",
+					typestring, base64key, username, hostname);
+		}
 	}
 
 	fp = sign_key_fingerprint(buf_getptr(buf, len), len);
 	printf("Fingerprint: %s\n", fp);
 
 	m_free(fp);
 	buf_free(buf);
+
+	if (pubkey_fd >= 0) {
+		if (fsync(pubkey_fd) != 0) {
+			dropbear_log(LOG_ERR, "fsync of %s failed: %s", filename_pub, strerror(errno));
+		}
+		m_close(pubkey_fd);
+	}
 }