pageant -l: indicate whether keys are encrypted.

The callback function to pageant_enum_keys now takes a flags parameter, which receives the flags word from the extended key list request, if available. (If not, then the flags word is passed as zero.) The only callback that uses this parameter is the one for printing text output from 'pageant -l', which uses it to print a suffix on each line, indicating whether the key is stored encrypted only (so it will need a passphrase on next use), or whether it's stored both encrypted _and_ unencrypted (so that 'pageant -R' will be able to return it to the former state).
2025-01-08 08:58:00 +00:00 · 2020-12-15 14:07:29 +00:00 · 2020-12-15 14:07:29 +00:00 · 353db3132f
commit 353db3132f
parent da0dc28ab3
3 changed files with 16 additions and 6 deletions
--- a/pageant.c
+++ b/pageant.c
@ -2209,7 +2209,8 @@ int pageant_enum_keys(pageant_key_enum_fn_t callback, void *callback_ctx,
            char *fingerprint = rsa_ssh1_fingerprint(&rkey);
            freersakey(&rkey);

-            callback(callback_ctx, fingerprint, cbkey.comment, &cbkey);
+            callback(callback_ctx, fingerprint, cbkey.comment,
+                     kl1->keys[i].flags, &cbkey);
            strbuf_free(cbkey.blob);
            sfree(cbkey.comment);
            sfree(fingerprint);
@ -2225,7 +2226,8 @@ int pageant_enum_keys(pageant_key_enum_fn_t callback, void *callback_ctx,

            char *fingerprint = ssh2_fingerprint_blob(kl2->keys[i].blob);

-            callback(callback_ctx, fingerprint, cbkey.comment, &cbkey);
+            callback(callback_ctx, fingerprint, cbkey.comment,
+                     kl2->keys[i].flags, &cbkey);
            sfree(fingerprint);
            sfree(cbkey.comment);
            strbuf_free(cbkey.blob);
--- a/pageant.h
+++ b/pageant.h
@ -233,6 +233,7 @@ void pageant_pubkey_free(struct pageant_pubkey *key);
 typedef void (*pageant_key_enum_fn_t)(void *ctx,
                                      const char *fingerprint,
                                      const char *comment,
+                                      uint32_t ext_flags,
                                      struct pageant_pubkey *key);
 int pageant_enum_keys(pageant_key_enum_fn_t callback, void *callback_ctx,
                      char **retstr);
--- a/unix/uxpgnt.c
+++ b/unix/uxpgnt.c
@ -576,10 +576,16 @@ static bool unix_add_keyfile(const char *filename_str, bool add_encrypted)
    return ret;
 }

-void key_list_callback(void *ctx, const char *fingerprint,
-                       const char *comment, struct pageant_pubkey *key)
+void key_list_callback(void *ctx, const char *fingerprint, const char *comment,
+                       uint32_t ext_flags, struct pageant_pubkey *key)
 {
-    printf("%s %s\n", fingerprint, comment);
+    const char *mode = "";
+    if (ext_flags & LIST_EXTENDED_FLAG_HAS_NO_CLEARTEXT_KEY)
+        mode = " (encrypted)";
+    else if (ext_flags & LIST_EXTENDED_FLAG_HAS_ENCRYPTED_KEY_FILE)
+        mode = " (re-encryptable)";
+
+    printf("%s %s%s\n", fingerprint, comment, mode);
 }

 struct key_find_ctx {
@ -613,7 +619,8 @@ bool match_fingerprint_string(const char *string, const char *fingerprint)
 }

 void key_find_callback(void *vctx, const char *fingerprint,
-                       const char *comment, struct pageant_pubkey *key)
+                       const char *comment, uint32_t ext_flags,
+                       struct pageant_pubkey *key)
 {
    struct key_find_ctx *ctx = (struct key_find_ctx *)vctx;