From ae3863679d83910fd69fbdd1627d92a61ff112c5 Mon Sep 17 00:00:00 2001 From: Simon Tatham Date: Sun, 3 Jun 2018 08:08:53 +0100 Subject: [PATCH] Give rsa_fingerprint() a new name and API. It's an SSH-1 specific function, so it should have a name reflecting that, and it didn't. Also it had one of those outdated APIs involving passing it a client-allocated buffer and size. Now it has a sensible name, and internally it constructs the output string using a strbuf and returns it dynamically allocated. --- cmdgen.c | 3 +-- pageant.c | 22 ++++++++++++---------- ssh.c | 14 ++++++-------- ssh.h | 2 +- sshrsa.c | 23 +++++++++-------------- windows/winpgen.c | 25 ++++++++++--------------- windows/winpgnt.c | 11 +++++++---- 7 files changed, 46 insertions(+), 54 deletions(-) diff --git a/cmdgen.c b/cmdgen.c index e2d1e75f..f4771e1f 100644 --- a/cmdgen.c +++ b/cmdgen.c @@ -1017,8 +1017,7 @@ int main(int argc, char **argv) if (sshver == 1) { assert(ssh1key); - fingerprint = snewn(128, char); - rsa_fingerprint(fingerprint, 128, ssh1key); + fingerprint = rsa_ssh1_fingerprint(ssh1key); } else { if (ssh2key) { fingerprint = ssh2_fingerprint(ssh2key->alg, diff --git a/pageant.c b/pageant.c index 71256ff3..41a0c4ff 100644 --- a/pageant.c +++ b/pageant.c @@ -213,9 +213,9 @@ void pageant_handle_msg(BinarySink *bs, int i; struct RSAKey *rkey; for (i = 0; NULL != (rkey = pageant_nth_ssh1_key(i)); i++) { - char fingerprint[128]; - rsa_fingerprint(fingerprint, sizeof(fingerprint), rkey); + char *fingerprint = rsa_ssh1_fingerprint(rkey); plog(logctx, logfn, "returned key: %s", fingerprint); + sfree(fingerprint); } } } @@ -282,10 +282,11 @@ void pageant_handle_msg(BinarySink *bs, } if (logfn) { - char fingerprint[128]; + char *fingerprint; reqkey.comment = NULL; - rsa_fingerprint(fingerprint, sizeof(fingerprint), &reqkey); + fingerprint = rsa_ssh1_fingerprint(&reqkey); plog(logctx, logfn, "requested key: %s", fingerprint); + sfree(fingerprint); } if ((key = find234(rsakeys, &reqkey, NULL)) == NULL) { pageant_failure_msg(bs, "key not found", logctx, logfn); @@ -386,9 +387,9 @@ void pageant_handle_msg(BinarySink *bs, } if (logfn) { - char fingerprint[128]; - rsa_fingerprint(fingerprint, sizeof(fingerprint), key); + char *fingerprint = rsa_ssh1_fingerprint(key); plog(logctx, logfn, "submitted key: %s", fingerprint); + sfree(fingerprint); } if (add234(rsakeys, key) == key) { @@ -496,9 +497,9 @@ void pageant_handle_msg(BinarySink *bs, } if (logfn) { - char fingerprint[128]; + char *fingerprint; reqkey.comment = NULL; - rsa_fingerprint(fingerprint, sizeof(fingerprint), &reqkey); + fingerprint = rsa_ssh1_fingerprint(&reqkey); plog(logctx, logfn, "unwanted key: %s", fingerprint); } @@ -1316,7 +1317,7 @@ int pageant_enum_keys(pageant_key_enum_fn_t callback, void *callback_ctx, nkeys = toint(get_uint32(src)); for (i = 0; i < nkeys; i++) { struct RSAKey rkey; - char fingerprint[128]; + char *fingerprint; /* public blob and fingerprint */ memset(&rkey, 0, sizeof(rkey)); @@ -1330,7 +1331,7 @@ int pageant_enum_keys(pageant_key_enum_fn_t callback, void *callback_ctx, return PAGEANT_ACTION_FAILURE; } - rsa_fingerprint(fingerprint, sizeof(fingerprint), &rkey); + fingerprint = rsa_ssh1_fingerprint(&rkey); cbkey.blob = strbuf_new(); rsa_ssh1_public_blob(BinarySink_UPCAST(cbkey.blob), &rkey, @@ -1341,6 +1342,7 @@ int pageant_enum_keys(pageant_key_enum_fn_t callback, void *callback_ctx, strbuf_free(cbkey.blob); freersakey(&rkey); sfree(cbkey.comment); + sfree(fingerprint); } sfree(keylist); diff --git a/ssh.c b/ssh.c index e575fc99..641543d4 100644 --- a/ssh.c +++ b/ssh.c @@ -4130,13 +4130,10 @@ static void do_ssh1_login(void *vctx) * Log the host key fingerprint. */ if (!get_err(pktin)) { - char logmsg[80]; + char *fingerprint = rsa_ssh1_fingerprint(&s->hostkey); logevent("Host key fingerprint is:"); - strcpy(logmsg, " "); - s->hostkey.comment = NULL; - rsa_fingerprint(logmsg + strlen(logmsg), - sizeof(logmsg) - strlen(logmsg), &s->hostkey); - logevent(logmsg); + logeventf(ssh, " %s", fingerprint); + sfree(fingerprint); } ssh->v1_remote_protoflags = get_uint32(pktin); @@ -4186,13 +4183,14 @@ static void do_ssh1_login(void *vctx) * First format the key into a string. */ int len = rsastr_len(&s->hostkey); - char fingerprint[100]; + char *fingerprint; char *keystr = snewn(len, char); rsastr_fmt(keystr, &s->hostkey); - rsa_fingerprint(fingerprint, sizeof(fingerprint), &s->hostkey); + fingerprint = rsa_ssh1_fingerprint(&s->hostkey); /* First check against manually configured host keys. */ s->dlgret = verify_ssh_manual_host_key(ssh, fingerprint, NULL, NULL); + sfree(fingerprint); if (s->dlgret == 0) { /* did not match */ bombout(("Host key did not appear in manually configured list")); sfree(keystr); diff --git a/ssh.h b/ssh.h index 2905037a..d4ca6584 100644 --- a/ssh.h +++ b/ssh.h @@ -192,7 +192,7 @@ Bignum rsa_ssh1_decrypt(Bignum input, struct RSAKey *key); void rsasanitise(struct RSAKey *key); int rsastr_len(struct RSAKey *key); void rsastr_fmt(char *str, struct RSAKey *key); -void rsa_fingerprint(char *str, int len, struct RSAKey *key); +char *rsa_ssh1_fingerprint(struct RSAKey *key); int rsa_verify(struct RSAKey *key); void rsa_ssh1_public_blob(BinarySink *bs, struct RSAKey *key, RsaSsh1Order order); diff --git a/sshrsa.c b/sshrsa.c index 51396a5c..2aaaf2d3 100644 --- a/sshrsa.c +++ b/sshrsa.c @@ -340,30 +340,25 @@ void rsastr_fmt(char *str, struct RSAKey *key) * Generate a fingerprint string for the key. Compatible with the * OpenSSH fingerprint code. */ -void rsa_fingerprint(char *str, int len, struct RSAKey *key) +char *rsa_ssh1_fingerprint(struct RSAKey *key) { struct MD5Context md5c; unsigned char digest[16]; - char buffer[16 * 3 + 40]; - int slen, i; + strbuf *out; + int i; MD5Init(&md5c); put_mp_ssh1(&md5c, key->modulus); put_mp_ssh1(&md5c, key->exponent); MD5Final(digest, &md5c); - sprintf(buffer, "%d ", bignum_bitcount(key->modulus)); + out = strbuf_new(); + strbuf_catf(out, "%d ", bignum_bitcount(key->modulus)); for (i = 0; i < 16; i++) - sprintf(buffer + strlen(buffer), "%s%02x", i ? ":" : "", - digest[i]); - strncpy(str, buffer, len); - str[len - 1] = '\0'; - slen = strlen(str); - if (key->comment && slen < len - 1) { - str[slen] = ' '; - strncpy(str + slen + 1, key->comment, len - slen - 1); - str[len - 1] = '\0'; - } + strbuf_catf(out, "%s%02x", i ? ":" : "", digest[i]); + if (key->comment) + strbuf_catf(out, " %s", key->comment); + return strbuf_to_str(out); } /* diff --git a/windows/winpgen.c b/windows/winpgen.c index edde9be2..bc68148f 100644 --- a/windows/winpgen.c +++ b/windows/winpgen.c @@ -734,8 +734,7 @@ void load_key_file(HWND hwnd, struct MainDlgState *state, SetDlgItemText(hwnd, IDC_PASSPHRASE2EDIT, passphrase); if (type == SSH_KEYTYPE_SSH1) { - char buf[128]; - char *savecomment; + char *fingerprint, *savecomment; state->ssh2 = FALSE; state->commentptr = &state->key.comment; @@ -746,11 +745,11 @@ void load_key_file(HWND hwnd, struct MainDlgState *state, */ savecomment = state->key.comment; state->key.comment = NULL; - rsa_fingerprint(buf, sizeof(buf), - &state->key); + fingerprint = rsa_ssh1_fingerprint(&state->key); state->key.comment = savecomment; + SetDlgItemText(hwnd, IDC_FINGERPRINT, fingerprint); + sfree(fingerprint); - SetDlgItemText(hwnd, IDC_FINGERPRINT, buf); /* * Construct a decimal representation * of the key, for pasting into @@ -1406,7 +1405,7 @@ static INT_PTR CALLBACK MainDlgProc(HWND hwnd, UINT msg, * Now update the key controls with all the key data. */ { - char *savecomment; + char *fp, *savecomment; /* * Blank passphrase, initially. This isn't dangerous, * because we will warn (Are You Sure?) before allowing @@ -1423,16 +1422,12 @@ static INT_PTR CALLBACK MainDlgProc(HWND hwnd, UINT msg, */ savecomment = *state->commentptr; *state->commentptr = NULL; - if (state->ssh2) { - char *fp; + if (state->ssh2) fp = ssh2_fingerprint(state->ssh2key.alg, state->ssh2key.data); - SetDlgItemText(hwnd, IDC_FINGERPRINT, fp); - sfree(fp); - } else { - char buf[128]; - rsa_fingerprint(buf, sizeof(buf), &state->key); - SetDlgItemText(hwnd, IDC_FINGERPRINT, buf); - } + else + fp = rsa_ssh1_fingerprint(&state->key); + SetDlgItemText(hwnd, IDC_FINGERPRINT, fp); + sfree(fp); *state->commentptr = savecomment; /* * Construct a decimal representation of the key, for diff --git a/windows/winpgnt.c b/windows/winpgnt.c index 6b9f1e6c..43266440 100644 --- a/windows/winpgnt.c +++ b/windows/winpgnt.c @@ -290,14 +290,16 @@ void keylist_update(void) if (keylist) { SendDlgItemMessage(keylist, 100, LB_RESETCONTENT, 0, 0); for (i = 0; NULL != (rkey = pageant_nth_ssh1_key(i)); i++) { - char listentry[512], *p; + char *listentry, *fp, *p; + + fp = rsa_ssh1_fingerprint(rkey); + listentry = dupprintf("ssh1\t%s", fp); + sfree(fp); + /* * Replace two spaces in the fingerprint with tabs, for * nice alignment in the box. */ - strcpy(listentry, "ssh1\t"); - p = listentry + strlen(listentry); - rsa_fingerprint(p, sizeof(listentry) - (p - listentry), rkey); p = strchr(listentry, ' '); if (p) *p = '\t'; @@ -306,6 +308,7 @@ void keylist_update(void) *p = '\t'; SendDlgItemMessage(keylist, 100, LB_ADDSTRING, 0, (LPARAM) listentry); + sfree(listentry); } for (i = 0; NULL != (skey = pageant_nth_ssh2_key(i)); i++) { char *listentry, *p;