Try to make our PGP signing more useful:

* All the PuTTY tools for Windows and Unix now contain the fingerprints of
   the Master Keys. The method for accessing them is crude but universal:
   a new "-pgpfp" command-line option. (Except Unix PuTTYgen, which takes
   "--pgpfp" just to be awkward.)

 * Move the key policy discussion from putty-website/keys.html to
   putty/doc/pgpkeys.but, and autogenerate the former from the latter.
   Also tweak the text somewhat and include the fingerprints of the
   Master Keys themselves.
   (I've merged the existing autogeneration scripts into a single new
   one; I've left the old scripts and keys.html around until such time
   as the webmonster reviews the changes and plumbs in the new script;
   he should remove the old files then.)

[originally from svn r5524]
[this svn revision also touched putty-website]

windows/wincons.c

@@ -271,6 +271,22 @@ void old_keyfile_warning(void)
     fputs(message, stderr);
 }
 
+/*
+ * Display the fingerprints of the PGP Master Keys to the user.
+ */
+void pgp_fingerprints(void)
+{
+    fputs("These are the fingerprints of the PuTTY PGP Master Keys. They can\n"
+	  "be used to establish a trust path from this executable to another\n"
+	  "one. See the manual for more information.\n"
+	  "(Note: these fingerprints have nothing to do with SSH!)\n"
+	  "\n"
+	  "PuTTY Master Key (RSA), 1024-bit:\n"
+	  "  " PGP_RSA_MASTER_KEY_FP "\n"
+	  "PuTTY Master Key (DSA), 1024-bit:\n"
+	  "  " PGP_DSA_MASTER_KEY_FP "\n", stdout);
+}
+
 void console_provide_logctx(void *logctx)
 {
     console_logctx = logctx;

windows/window.c

@@ -479,6 +479,9 @@ int WINAPI WinMain(HINSTANCE inst, HINSTANCE prev, LPSTR cmdline, int show)
 		    sfree(s1);
 		    sfree(s2);
 		    exit(0);
+		} else if (!strcmp(p, "-pgpfp")) {
+		    pgp_fingerprints();
+		    exit(1);
 		} else if (*p != '-') {
 		    char *q = p;
 		    if (got_host) {

windows/winhelp.h

@@ -142,3 +142,5 @@
 #define WINHELP_CTXID_errors_cantloadkey 3
 #define WINHELP_CTX_option_cleanup "options.cleanup"
 #define WINHELP_CTXID_option_cleanup 4
+#define WINHELP_CTX_pgp_fingerprints "pgpfingerprints"
+#define WINHELP_CTXID_pgp_fingerprints 5

windows/winpgen.c

@@ -1404,16 +1404,6 @@ int WINAPI WinMain(HINSTANCE inst, HINSTANCE prev, LPSTR cmdline, int show)
     int argc;
     char **argv;
 
-    split_into_argv(cmdline, &argc, &argv, NULL);
-
-    if (argc > 0) {
-	/*
-	 * Assume the first argument to be a private key file, and
-	 * attempt to load it.
-	 */
-	cmdline_keyfile = argv[0];
-    }
-
     InitCommonControls();
     hinst = inst;
     hwnd = NULL;
@@ -1438,6 +1428,21 @@ int WINAPI WinMain(HINSTANCE inst, HINSTANCE prev, LPSTR cmdline, int show)
             help_path = NULL;
     }
 
+    split_into_argv(cmdline, &argc, &argv, NULL);
+
+    if (argc > 0) {
+	if (!strcmp(argv[0], "-pgpfp")) {
+	    pgp_fingerprints();
+	    exit(1);
+	} else {
+	    /*
+	     * Assume the first argument to be a private key file, and
+	     * attempt to load it.
+	     */
+	    cmdline_keyfile = argv[0];
+	}
+    }
+
     random_ref();
     return DialogBox(hinst, MAKEINTRESOURCE(201), NULL,
 		     MainDlgProc) != IDOK;

windows/winpgnt.c

@@ -2058,67 +2058,14 @@ int WINAPI WinMain(HINSTANCE inst, HINSTANCE prev, LPSTR cmdline, int show)
     /*
      * Find out if Pageant is already running.
      */
-    already_running = FALSE;
-    if (agent_exists())
-	already_running = TRUE;
-    else {
+    already_running = agent_exists();
 
-	if (!prev) {
-	    wndclass.style = 0;
-	    wndclass.lpfnWndProc = WndProc;
-	    wndclass.cbClsExtra = 0;
-	    wndclass.cbWndExtra = 0;
-	    wndclass.hInstance = inst;
-	    wndclass.hIcon = LoadIcon(inst, MAKEINTRESOURCE(IDI_MAINICON));
-	    wndclass.hCursor = LoadCursor(NULL, IDC_IBEAM);
-	    wndclass.hbrBackground = GetStockObject(BLACK_BRUSH);
-	    wndclass.lpszMenuName = NULL;
-	    wndclass.lpszClassName = APPNAME;
-
-	    RegisterClass(&wndclass);
-	}
-
-	keylist = NULL;
-
-	hwnd = CreateWindow(APPNAME, APPNAME,
-			    WS_OVERLAPPEDWINDOW | WS_VSCROLL,
-			    CW_USEDEFAULT, CW_USEDEFAULT,
-			    100, 100, NULL, NULL, inst, NULL);
-
-	/* Set up a system tray icon */
-	AddTrayIcon(hwnd);
-
-        /* Accelerators used: nsvkxa */
-        systray_menu = CreatePopupMenu();
-	if (putty_path) {
-	    session_menu = CreateMenu();
-	    AppendMenu(systray_menu, MF_ENABLED, IDM_PUTTY, "&New Session");
-	    AppendMenu(systray_menu, MF_POPUP | MF_ENABLED,
-		       (UINT) session_menu, "&Saved Sessions");
-	    AppendMenu(systray_menu, MF_SEPARATOR, 0, 0);
-	}
-        AppendMenu(systray_menu, MF_ENABLED, IDM_VIEWKEYS,
-               "&View Keys");
-        AppendMenu(systray_menu, MF_ENABLED, IDM_ADDKEY, "Add &Key");
-	AppendMenu(systray_menu, MF_SEPARATOR, 0, 0);
-        if (help_path)
-            AppendMenu(systray_menu, MF_ENABLED, IDM_HELP, "&Help");
-        AppendMenu(systray_menu, MF_ENABLED, IDM_ABOUT, "&About");
-	AppendMenu(systray_menu, MF_SEPARATOR, 0, 0);
-        AppendMenu(systray_menu, MF_ENABLED, IDM_CLOSE, "E&xit");
-	initial_menuitems_count = GetMenuItemCount(session_menu);
-
-	/* Set the default menu item. */
-	SetMenuDefaultItem(systray_menu, IDM_VIEWKEYS, FALSE);
-
-	ShowWindow(hwnd, SW_HIDE);
-
-	/*
-	 * Initialise storage for RSA keys.
-	 */
+    /*
+     * Initialise storage for RSA keys.
+     */
+    if (!already_running) {
 	rsakeys = newtree234(cmpkeys_rsa);
 	ssh2keys = newtree234(cmpkeys_ssh2);
-
     }
 
     /*
@@ -2131,7 +2078,12 @@ int WINAPI WinMain(HINSTANCE inst, HINSTANCE prev, LPSTR cmdline, int show)
      */
     split_into_argv(cmdline, &argc, &argv, &argstart);
     for (i = 0; i < argc; i++) {
-	if (!strcmp(argv[i], "-c")) {
+	if (!strcmp(argv[i], "-pgpfp")) {
+	    pgp_fingerprints();
+	    if (advapi)
+		FreeLibrary(advapi);
+	    return 1;
+	} else if (!strcmp(argv[i], "-c")) {
 	    /*
 	     * If we see `-c', then the rest of the
 	     * command line should be treated as a
@@ -2182,6 +2134,56 @@ int WINAPI WinMain(HINSTANCE inst, HINSTANCE prev, LPSTR cmdline, int show)
 	return 0;
     }
 
+    if (!prev) {
+	wndclass.style = 0;
+	wndclass.lpfnWndProc = WndProc;
+	wndclass.cbClsExtra = 0;
+	wndclass.cbWndExtra = 0;
+	wndclass.hInstance = inst;
+	wndclass.hIcon = LoadIcon(inst, MAKEINTRESOURCE(IDI_MAINICON));
+	wndclass.hCursor = LoadCursor(NULL, IDC_IBEAM);
+	wndclass.hbrBackground = GetStockObject(BLACK_BRUSH);
+	wndclass.lpszMenuName = NULL;
+	wndclass.lpszClassName = APPNAME;
+
+	RegisterClass(&wndclass);
+    }
+
+    keylist = NULL;
+
+    hwnd = CreateWindow(APPNAME, APPNAME,
+			WS_OVERLAPPEDWINDOW | WS_VSCROLL,
+			CW_USEDEFAULT, CW_USEDEFAULT,
+			100, 100, NULL, NULL, inst, NULL);
+
+    /* Set up a system tray icon */
+    AddTrayIcon(hwnd);
+
+    /* Accelerators used: nsvkxa */
+    systray_menu = CreatePopupMenu();
+    if (putty_path) {
+	session_menu = CreateMenu();
+	AppendMenu(systray_menu, MF_ENABLED, IDM_PUTTY, "&New Session");
+	AppendMenu(systray_menu, MF_POPUP | MF_ENABLED,
+		   (UINT) session_menu, "&Saved Sessions");
+	AppendMenu(systray_menu, MF_SEPARATOR, 0, 0);
+    }
+    AppendMenu(systray_menu, MF_ENABLED, IDM_VIEWKEYS,
+	   "&View Keys");
+    AppendMenu(systray_menu, MF_ENABLED, IDM_ADDKEY, "Add &Key");
+    AppendMenu(systray_menu, MF_SEPARATOR, 0, 0);
+    if (help_path)
+	AppendMenu(systray_menu, MF_ENABLED, IDM_HELP, "&Help");
+    AppendMenu(systray_menu, MF_ENABLED, IDM_ABOUT, "&About");
+    AppendMenu(systray_menu, MF_SEPARATOR, 0, 0);
+    AppendMenu(systray_menu, MF_ENABLED, IDM_CLOSE, "E&xit");
+    initial_menuitems_count = GetMenuItemCount(session_menu);
+
+    /* Set the default menu item. */
+    SetMenuDefaultItem(systray_menu, IDM_VIEWKEYS, FALSE);
+
+    ShowWindow(hwnd, SW_HIDE);
+
     /*
      * Main message loop.
      */

windows/winplink.c

@@ -210,7 +210,8 @@ static void usage(void)
     printf("Usage: plink [options] [user@]host [command]\n");
     printf("       (\"host\" can also be a PuTTY saved session name)\n");
     printf("Options:\n");
-    printf("  -V        print version information\n");
+    printf("  -V        print version information and exit\n");
+    printf("  -pgpfp    print PGP key fingerprints and exit\n");
     printf("  -v        show verbose messages\n");
     printf("  -load sessname  Load settings from saved session\n");
     printf("  -ssh -telnet -rlogin -raw\n");
@@ -339,6 +340,9 @@ int main(int argc, char **argv)
 		use_subsystem = 1;
 	    } else if (!strcmp(p, "-V")) {
                 version();
+            } else if (!strcmp(p, "-pgpfp")) {
+                pgp_fingerprints();
+                exit(1);
 	    } else {
 		fprintf(stderr, "plink: unknown option \"%s\"\n", p);
 		errors = 1;

windows/winutils.c

@@ -7,6 +7,7 @@
 #include <ctype.h>
 
 #include "winstuff.h"
+#include "putty.h"
 #include "misc.h"
 
 #ifdef TESTMODE
@@ -105,6 +106,7 @@ static VOID CALLBACK message_box_help_callback(LPHELPINFO lpHelpInfo)
 	CHECK_CTX(errors_hostkey_changed);
 	CHECK_CTX(errors_cantloadkey);
 	CHECK_CTX(option_cleanup);
+	CHECK_CTX(pgp_fingerprints);
 #undef CHECK_CTX
 	if (context) {
 	    /* We avoid using malloc, in case we're in a situation where
@@ -139,6 +141,24 @@ int message_box(LPCTSTR text, LPCTSTR caption, DWORD style, DWORD helpctxid)
     return MessageBoxIndirect(&mbox);
 }
 
+/*
+ * Display the fingerprints of the PGP Master Keys to the user.
+ */
+void pgp_fingerprints(void)
+{
+    message_box("These are the fingerprints of the PuTTY PGP Master Keys. They can\n"
+		"be used to establish a trust path from this executable to another\n"
+		"one. See the manual for more information.\n"
+		"(Note: these fingerprints have nothing to do with SSH!)\n"
+		"\n"
+		"PuTTY Master Key (RSA), 1024-bit:\n"
+		"  " PGP_RSA_MASTER_KEY_FP "\n"
+		"PuTTY Master Key (DSA), 1024-bit:\n"
+		"  " PGP_DSA_MASTER_KEY_FP,
+		"PGP fingerprints", MB_ICONINFORMATION | MB_OK,
+		HELPCTXID(pgp_fingerprints));
+}
+
 /*
  * Split a complete command line into argc/argv, attempting to do
  * it exactly the same way Windows itself would do it (so that