nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-07-01 03:22:48 -05:00
Code Issues Projects Releases Wiki Activity

Introduce OpenSSH-compatible SHA256 key fingerprinting.

Browse Source 
There's a new enumeration of fingerprint types, and you tell
ssh2_fingerprint() or ssh2_fingerprint_blob() which of them to use.

So far, this is only implemented behind the scenes, and exposed for
testcrypt to test. All the call sites of ssh2_fingerprint pass a fixed
default fptype, which is still set to the old MD5. That will change
shortly.
This commit is contained in:
Simon Tatham
2021-03-13 09:52:56 +00:00
parent 0bc78dea68
commit 1da353e649
11 changed files with 133 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
pageant.c
View File

@ -703,7 +703,8 @@ static PageantAsyncOp *pageant_make_op(
int i;
ssh2_userkey *skey;
for (i = 0; NULL != (skey = pageant_nth_ssh2_key(i)); i++) {
char *fingerprint = ssh2_fingerprint(skey->key);
char *fingerprint = ssh2_fingerprint(
skey->key, SSH_FPTYPE_DEFAULT);
pageant_client_log(pc, reqid, "returned key: %s %s",
fingerprint, skey->comment);
sfree(fingerprint);
@ -812,7 +813,8 @@ static PageantAsyncOp *pageant_make_op(
have_flags = true;
if (!pc->suppress_logging) {
char *fingerprint = ssh2_fingerprint_blob(keyblob);
char *fingerprint = ssh2_fingerprint_blob(
keyblob, SSH_FPTYPE_DEFAULT);
pageant_client_log(pc, reqid, "requested key: %s", fingerprint);
sfree(fingerprint);
}
@ -927,7 +929,7 @@ static PageantAsyncOp *pageant_make_op(
}
if (!pc->suppress_logging) {
char *fingerprint = ssh2_fingerprint(key->key);
char *fingerprint = ssh2_fingerprint(key->key, SSH_FPTYPE_DEFAULT);
pageant_client_log(pc, reqid, "submitted key: %s %s",
fingerprint, key->comment);
sfree(fingerprint);
@ -1019,7 +1021,8 @@ static PageantAsyncOp *pageant_make_op(
}
if (!pc->suppress_logging) {
char *fingerprint = ssh2_fingerprint_blob(blob);
char *fingerprint = ssh2_fingerprint_blob(
blob, SSH_FPTYPE_DEFAULT);
pageant_client_log(pc, reqid, "unwanted key: %s", fingerprint);
sfree(fingerprint);
}
@ -1132,7 +1135,7 @@ static PageantAsyncOp *pageant_make_op(
if (!pc->suppress_logging) {
char *fingerprint = ssh2_fingerprint_blob(
ptrlen_from_strbuf(public_blob));
ptrlen_from_strbuf(public_blob), SSH_FPTYPE_DEFAULT);
pageant_client_log(pc, reqid, "add-ppk: %s %s",
fingerprint, comment);
sfree(fingerprint);
@ -1234,7 +1237,8 @@ static PageantAsyncOp *pageant_make_op(
}
if (!pc->suppress_logging) {
char *fingerprint = ssh2_fingerprint_blob(blob);
char *fingerprint = ssh2_fingerprint_blob(
blob, SSH_FPTYPE_DEFAULT);
pageant_client_log(pc, reqid, "key to re-encrypt: %s",
fingerprint);
sfree(fingerprint);
@ -1316,7 +1320,8 @@ static PageantAsyncOp *pageant_make_op(
int i;
ssh2_userkey *skey;
for (i = 0; NULL != (skey = pageant_nth_ssh2_key(i)); i++) {
char *fingerprint = ssh2_fingerprint(skey->key);
char *fingerprint = ssh2_fingerprint(
skey->key, SSH_FPTYPE_DEFAULT);
pageant_client_log(pc, reqid, "returned key: %s %s",
fingerprint, skey->comment);
sfree(fingerprint);
@ -2224,7 +2229,8 @@ int pageant_enum_keys(pageant_key_enum_fn_t callback, void *callback_ctx,
cbkey.comment = mkstr(kl2->keys[i].comment);
cbkey.ssh_version = 2;
char *fingerprint = ssh2_fingerprint_blob(kl2->keys[i].blob);
char *fingerprint = ssh2_fingerprint_blob(kl2->keys[i].blob,
SSH_FPTYPE_DEFAULT);
callback(callback_ctx, fingerprint, cbkey.comment,
kl2->keys[i].flags, &cbkey);