nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-02-03 21:52:24 +00:00
Code Issues Projects Releases Wiki Activity

Add comments on OpenSSH AES-encrypted key support, including one

Browse Source 
mentioning that I haven't yet switched to _exporting_ OpenSSH keys
in the new style.

[originally from svn r8917]
This commit is contained in:
Simon Tatham 2010-04-12 11:02:06 +00:00
parent 108791e15c
commit 97ca111e29
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
import.c
View File

@ -529,6 +529,10 @@ struct ssh2_userkey *openssh_read(const Filename *filename, char *passphrase,
* - let block B equal MD5(A || passphrase || iv) * - let block B equal MD5(A || passphrase || iv)
* - block C would be MD5(B || passphrase || iv) and so on * - block C would be MD5(B || passphrase || iv) and so on
* - encryption key is the first N bytes of A || B * - encryption key is the first N bytes of A || B
*
* (Note that only 8 bytes of the iv are used for key
* derivation, even when the key is encrypted with AES and
* hence there are 16 bytes available.)
*/ */
struct MD5Context md5c; struct MD5Context md5c;
unsigned char keybuf[32]; unsigned char keybuf[32];
@ -872,6 +876,9 @@ int openssh_write(const Filename *filename, struct ssh2_userkey *key,
/* /*
* Encrypt the key. * Encrypt the key.
*
* For the moment, we still encrypt our OpenSSH keys using
* old-style 3DES.
*/ */
if (passphrase) { if (passphrase) {
/* /*