Unix Pageant: support multiple fingerprint types.

The callback-function API in pageant.h for key enumeration is modified so that we pass an array of all the available fingerprints for each key. In Unix Pageant, that's used by the -l option to print whichever fingerprint the user asked for. (Unfortunately, the option name -E is already taken, so for the moment I've called it --fptype. I may revisit that later.) Also, when matching a key by fingerprint, we're prepared to match against any fingerprint type we know, with disambiguating prefixes if necessary (e.g. you can match "md5🆎12" or "sha256:Ab12". That has to be done a bit carefully, because we match MD5 hex fingerprints case-insensitively, but SHA256 fingerprints are case-sensitive.
2025-07-01 11:32:48 -05:00 · 2021-03-13 10:27:50 +00:00
parent 995e2f7164
commit 7cadad4cec
3 changed files with 115 additions and 30 deletions
--- a/pageant.c
+++ b/pageant.c
@ -2211,14 +2211,15 @@ int pageant_enum_keys(pageant_key_enum_fn_t callback, void *callback_ctx,
                    goto out;
                }
            }
-            char *fingerprint = rsa_ssh1_fingerprint(&rkey);
+            char **fingerprints = rsa_ssh1_fake_all_fingerprints(&rkey);
            freersakey(&rkey);

-            callback(callback_ctx, fingerprint, cbkey.comment,
+            callback(callback_ctx, fingerprints, cbkey.comment,
                     kl1->keys[i].flags, &cbkey);
+
            strbuf_free(cbkey.blob);
            sfree(cbkey.comment);
-            sfree(fingerprint);
+            ssh2_free_all_fingerprints(fingerprints);
        }
    }

@ -2229,12 +2230,13 @@ int pageant_enum_keys(pageant_key_enum_fn_t callback, void *callback_ctx,
            cbkey.comment = mkstr(kl2->keys[i].comment);
            cbkey.ssh_version = 2;

-            char *fingerprint = ssh2_fingerprint_blob(kl2->keys[i].blob,
-                                                      SSH_FPTYPE_DEFAULT);
+            char **fingerprints =
+                ssh2_all_fingerprints_for_blob(kl2->keys[i].blob);

-            callback(callback_ctx, fingerprint, cbkey.comment,
+            callback(callback_ctx, fingerprints, cbkey.comment,
                     kl2->keys[i].flags, &cbkey);
-            sfree(fingerprint);
+
+            ssh2_free_all_fingerprints(fingerprints);
            sfree(cbkey.comment);
            strbuf_free(cbkey.blob);
        }