nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-07-17 19:11:00 -05:00
Code Issues Projects Releases Wiki Activity

Centralise SSH-2 key fingerprinting into sshpubk.c.

Browse Source 
There were ad-hoc functions for fingerprinting a bare key blob in both
cmdgen.c and pageant.c, not quite doing the same thing. Also, every
SSH-2 public key algorithm in the code base included a dedicated
fingerprint() method, which is completely pointless since SSH-2 key
fingerprints are computed in an algorithm-independent way (just hash
the standard-format public key blob), so each of those methods was
just duplicating the work of the public_blob() method with a less
general output mechanism.

Now sshpubk.c centrally provides an ssh2_fingerprint_blob() function
that does all the real work, plus an ssh2_fingerprint() function that
wraps it and deals with calling public_blob() to get something to
fingerprint. And the fingerprint() method has been completely removed
from ssh_signkey and all its implementations, and good riddance.
This commit is contained in:
Simon Tatham
2015-05-12 14:35:44 +01:00
parent eef0235a0f
commit 8682246d33
10 changed files with 71 additions and 213 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
pageant.c
View File

@ -259,25 +259,6 @@ void *pageant_make_keylist2(int *length)
return ret;
}
char *fingerprint_ssh2_blob(const void *blob, int bloblen)
{
unsigned char digest[16];
char fingerprint_str[16*3];
unsigned stringlen;
int i;
MD5Simple(blob, bloblen, digest);
for (i = 0; i < 16; i++)
sprintf(fingerprint_str + i*3, "%02x%s", digest[i], i==15 ? "" : ":");
stringlen = GET_32BIT((const unsigned char *)blob);
if (stringlen < bloblen-4)
return dupprintf("%.*s %s", (int)stringlen, (const char *)blob + 4,
fingerprint_str);
else
return dupstr(fingerprint_str);
}
static void plog(void *logctx, pageant_logfn_t logfn, const char *fmt, ...)
#ifdef __GNUC__
__attribute__ ((format (printf, 3, 4)))
@ -381,7 +362,8 @@ void *pageant_handle_msg(const void *msg, int msglen, int *outlen,
int i;
struct ssh2_userkey *skey;
for (i = 0; NULL != (skey = pageant_nth_ssh2_key(i)); i++) {
char *fingerprint = skey->alg->fingerprint(skey->data);
char *fingerprint = ssh2_fingerprint(skey->alg,
skey->data);
plog(logctx, logfn, "returned key: %s %s",
fingerprint, skey->comment);
sfree(fingerprint);
@ -528,7 +510,7 @@ void *pageant_handle_msg(const void *msg, int msglen, int *outlen,
}
data = p;
if (logfn) {
char *fingerprint = fingerprint_ssh2_blob(b.blob, b.len);
char *fingerprint = ssh2_fingerprint_blob(b.blob, b.len);
plog(logctx, logfn, "requested key: %s", fingerprint);
sfree(fingerprint);
}
@ -728,7 +710,7 @@ void *pageant_handle_msg(const void *msg, int msglen, int *outlen,
key->comment = comment;
if (logfn) {
char *fingerprint = key->alg->fingerprint(key->data);
char *fingerprint = ssh2_fingerprint(key->alg, key->data);
plog(logctx, logfn, "submitted key: %s %s",
fingerprint, key->comment);
sfree(fingerprint);
@ -822,7 +804,7 @@ void *pageant_handle_msg(const void *msg, int msglen, int *outlen,
p += b.len;
if (logfn) {
char *fingerprint = fingerprint_ssh2_blob(b.blob, b.len);
char *fingerprint = ssh2_fingerprint_blob(b.blob, b.len);
plog(logctx, logfn, "unwanted key: %s", fingerprint);
sfree(fingerprint);
}
@ -1688,7 +1670,7 @@ int pageant_enum_keys(pageant_key_enum_fn_t callback, void *callback_ctx,
sfree(keylist);
return PAGEANT_ACTION_FAILURE;
}
fingerprint = fingerprint_ssh2_blob(p, n);
fingerprint = ssh2_fingerprint_blob(p, n);
cbkey.blob = p;
cbkey.bloblen = n;
p += n, keylistlen -= n;