nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-09 17:38:00 +00:00
Code Issues Projects Releases Wiki Activity

Implement OpenSSH-compatible RSA key fingerprints and use them throughout

Browse Source 
[originally from svn r637]
This commit is contained in:
Simon Tatham 2000-09-26 14:26:21 +00:00
parent 3312fd2933
commit 355cdbd5e8
6 changed files with 65 additions and 100 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
pageant.c
View File

@ -143,8 +143,16 @@ void keylist_update(void) {
if (keylist) {
SendDlgItemMessage(keylist, 100, LB_RESETCONTENT, 0, 0);
for (key = first234(rsakeys, &e); key; key = next234(&e)) {
char listentry[512], *p;
/*
* Replace two spaces in the fingerprint with tabs, for
* nice alignment in the box.
*/
rsa_fingerprint(listentry, sizeof(listentry), key);
p = strchr(listentry, ' '); if (p) *p = '\t';
p = strchr(listentry, ' '); if (p) *p = '\t';
SendDlgItemMessage (keylist, 100, LB_ADDSTRING,
0, (LPARAM) key->comment);
0, (LPARAM)listentry);
}
SendDlgItemMessage (keylist, 100, LB_SETCURSEL, (WPARAM) -1, 0);
}
@ -327,6 +335,7 @@ void answer_msg(void *msg) {
ret[4] = SSH_AGENT_SUCCESS;
} else {
freersakey(key);
free(key);
}
}
break;
@ -413,10 +422,13 @@ static int CALLBACK KeyListProc(HWND hwnd, UINT msg,
switch (msg) {
case WM_INITDIALOG:
for (key = first234(rsakeys, &e); key; key = next234(&e)) {
SendDlgItemMessage (hwnd, 100, LB_ADDSTRING,
0, (LPARAM) key->comment);
}
keylist = hwnd;
{
static int tabs[2] = {25, 175};
SendDlgItemMessage (hwnd, 100, LB_SETTABSTOPS, 2,
(LPARAM) tabs);
}
keylist_update();
return 0;
case WM_COMMAND:
switch (LOWORD(wParam)) {
@ -463,12 +475,7 @@ static int CALLBACK KeyListProc(HWND hwnd, UINT msg,
break;
del234(rsakeys, key);
freersakey(key); free(key);
SendDlgItemMessage(hwnd, 100, LB_RESETCONTENT, 0, 0);
for (key = first234(rsakeys, &e); key; key = next234(&e)) {
SendDlgItemMessage (hwnd, 100, LB_ADDSTRING,
0, (LPARAM) key->comment);
}
SendDlgItemMessage (hwnd, 100, LB_SETCURSEL, (WPARAM) -1, 0);
keylist_update();
}
return 0;
}

2
pageant.rc
View File

@ -24,7 +24,7 @@ CAPTION "Pageant Key List"
FONT 8, "MS Sans Serif"
BEGIN
LISTBOX 100, 10, 10, 280, 155,
LBS_HASSTRINGS | WS_VSCROLL | WS_TABSTOP
LBS_HASSTRINGS | LBS_USETABSTOPS | WS_VSCROLL | WS_TABSTOP
PUSHBUTTON "&Add Key", 101, 60, 162, 60, 14
PUSHBUTTON "&Remove Key", 102, 180, 162, 60, 14
DEFPUSHBUTTON "&Close", IDOK, 240, 182, 50, 14

16
ssh.c
View File

@ -1100,21 +1100,15 @@ static int do_ssh1_login(unsigned char *in, int inlen, int ispkt)
j = makekey(pktin.body+8+i, &hostkey, &keystr2, 0);
/*
* Hash the host key and print the hash in the log box. Just as
* a last resort in case the registry's host key checking is
* compromised, we'll allow the user some ability to verify
* host keys by eye.
* Log the host key fingerprint.
*/
MD5Init(&md5c);
MD5Update(&md5c, keystr2, hostkey.bytes);
MD5Final(session_id, &md5c);
{
char logmsg[80];
int i;
logevent("Host key MD5 is:");
logevent("Host key fingerprint is:");
strcpy(logmsg, " ");
for (i = 0; i < 16; i++)
sprintf(logmsg+strlen(logmsg), "%02x", session_id[i]);
hostkey.comment = NULL;
rsa_fingerprint(logmsg+strlen(logmsg), sizeof(logmsg)-strlen(logmsg),
&hostkey);
logevent(logmsg);
}

1
ssh.h
View File

@ -48,6 +48,7 @@ void rsasign(unsigned char *data, int length, struct RSAKey *key);
void rsasanitise(struct RSAKey *key);
int rsastr_len(struct RSAKey *key);
void rsastr_fmt(char *str, struct RSAKey *key);
void rsa_fingerprint(char *str, int len, struct RSAKey *key);
void freersakey(struct RSAKey *key);
typedef unsigned int word32;

109
sshrsa.c
View File

@ -9,35 +9,9 @@
#include <stdlib.h>
#include <string.h>
#if defined TESTMODE || defined RSADEBUG
#ifndef DLVL
#define DLVL 10000
#endif
#define debug(x) bndebug(#x,x)
static int level = 0;
static void bndebug(char *name, Bignum b) {
int i;
int w = 50-level-strlen(name)-5*b[0];
if (level >= DLVL)
return;
if (w < 0) w = 0;
dprintf("%*s%s%*s", level, "", name, w, "");
for (i=b[0]; i>0; i--)
dprintf(" %04x", b[i]);
dprintf("\n");
}
#define dmsg(x) do {if(level<DLVL){dprintf("%*s",level,"");printf x;}} while(0)
#define enter(x) do { dmsg(x); level += 4; } while(0)
#define leave(x) do { level -= 4; dmsg(x); } while(0)
#else
#define debug(x)
#define dmsg(x)
#define enter(x)
#define leave(x)
#endif
#include "ssh.h"
int makekey(unsigned char *data, struct RSAKey *result,
unsigned char **keystr, int order) {
unsigned char *p = data;
@ -77,8 +51,6 @@ void rsaencrypt(unsigned char *data, int length, struct RSAKey *key) {
int w, i;
unsigned char *p;
debug(key->exponent);
memmove(data+key->bytes-length, data, length);
data[0] = 0;
data[1] = 2;
@ -106,12 +78,8 @@ void rsaencrypt(unsigned char *data, int length, struct RSAKey *key) {
b1[1+i/2] |= byte;
}
debug(b1);
modpow(b1, key->exponent, key->modulus, b2);
debug(b2);
p = data;
for (i=key->bytes; i-- ;) {
unsigned char b;
@ -160,49 +128,44 @@ void rsastr_fmt(char *str, struct RSAKey *key) {
str[len] = '\0';
}
/*
* Generate a fingerprint string for the key. Compatible with the
* OpenSSH fingerprint code.
*/
void rsa_fingerprint(char *str, int len, struct RSAKey *key) {
struct MD5Context md5c;
unsigned char digest[16];
char buffer[16*3+40];
int numlen, slen, i;
MD5Init(&md5c);
numlen = ssh1_bignum_length(key->modulus) - 2;
for (i = numlen; i-- ;) {
unsigned char c = bignum_byte(key->modulus, i);
MD5Update(&md5c, &c, 1);
}
numlen = ssh1_bignum_length(key->exponent) - 2;
for (i = numlen; i-- ;) {
unsigned char c = bignum_byte(key->exponent, i);
MD5Update(&md5c, &c, 1);
}
MD5Final(digest, &md5c);
sprintf(buffer, "%d ", ssh1_bignum_bitcount(key->modulus));
for (i = 0; i < 16; i++)
sprintf(buffer+strlen(buffer), "%s%02x", i?":":"", digest[i]);
strncpy(str, buffer, len); str[len-1] = '\0';
slen = strlen(str);
if (key->comment && slen < len-1) {
str[slen] = ' ';
strncpy(str+slen+1, key->comment, len-slen-1);
str[len-1] = '\0';
}
}
void freersakey(struct RSAKey *key) {
if (key->modulus) freebn(key->modulus);
if (key->exponent) freebn(key->exponent);
if (key->private_exponent) freebn(key->private_exponent);
if (key->comment) free(key->comment);
}
#ifdef TESTMODE
#ifndef NODDY
#define p1 10007
#define p2 10069
#define p3 10177
#else
#define p1 3
#define p2 7
#define p3 13
#endif
unsigned short P1[2] = { 1, p1 };
unsigned short P2[2] = { 1, p2 };
unsigned short P3[2] = { 1, p3 };
unsigned short bigmod[5] = { 4, 0, 0, 0, 32768U };
unsigned short mod[5] = { 4, 0, 0, 0, 0 };
unsigned short a[5] = { 4, 0, 0, 0, 0 };
unsigned short b[5] = { 4, 0, 0, 0, 0 };
unsigned short c[5] = { 4, 0, 0, 0, 0 };
unsigned short One[2] = { 1, 1 };
unsigned short Two[2] = { 1, 2 };
int main(void) {
modmult(P1, P2, bigmod, a); debug(a);
modmult(a, P3, bigmod, mod); debug(mod);
sub(P1, One, a); debug(a);
sub(P2, One, b); debug(b);
modmult(a, b, bigmod, c); debug(c);
sub(P3, One, a); debug(a);
modmult(a, c, bigmod, b); debug(b);
modpow(Two, b, mod, a); debug(a);
return 0;
}
#endif

8
win_res.rc
View File

@ -341,14 +341,14 @@ BEGIN
END
/* Accelerators used: co */
IDD_LOGBOX DIALOG DISCARDABLE 100, 20, 160, 119
IDD_LOGBOX DIALOG DISCARDABLE 100, 20, 260, 119
STYLE DS_MODALFRAME | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION "PuTTY Event Log"
FONT 8, "MS Sans Serif"
BEGIN
DEFPUSHBUTTON "&Close", IDOK, 85, 102, 44, 14
PUSHBUTTON "C&opy", IDN_COPY, 31, 102, 44, 14
LISTBOX IDN_LIST, 3, 3, 154, 95, LBS_HASSTRINGS | LBS_USETABSTOPS | WS_VSCROLL | LBS_EXTENDEDSEL
DEFPUSHBUTTON "&Close", IDOK, 135, 102, 44, 14
PUSHBUTTON "C&opy", IDN_COPY, 81, 102, 44, 14
LISTBOX IDN_LIST, 3, 3, 254, 95, LBS_HASSTRINGS | LBS_USETABSTOPS | WS_VSCROLL | LBS_EXTENDEDSEL
END
/* No accelerators used */