Give rsa_fingerprint() a new name and API.

It's an SSH-1 specific function, so it should have a name reflecting
that, and it didn't. Also it had one of those outdated APIs involving
passing it a client-allocated buffer and size. Now it has a sensible
name, and internally it constructs the output string using a strbuf
and returns it dynamically allocated.

cmdgen.c

@@ -1017,8 +1017,7 @@ int main(int argc, char **argv)
 
 	    if (sshver == 1) {
 		assert(ssh1key);
-		fingerprint = snewn(128, char);
+		fingerprint = rsa_ssh1_fingerprint(ssh1key);
-		rsa_fingerprint(fingerprint, 128, ssh1key);
 	    } else {
 		if (ssh2key) {
 		    fingerprint = ssh2_fingerprint(ssh2key->alg,

pageant.c

@@ -213,9 +213,9 @@ void pageant_handle_msg(BinarySink *bs,
                 int i;
                 struct RSAKey *rkey;
                 for (i = 0; NULL != (rkey = pageant_nth_ssh1_key(i)); i++) {
-                    char fingerprint[128];
+                    char *fingerprint = rsa_ssh1_fingerprint(rkey);
-                    rsa_fingerprint(fingerprint, sizeof(fingerprint), rkey);
                     plog(logctx, logfn, "returned key: %s", fingerprint);
+                    sfree(fingerprint);
                 }
             }
 	}
@@ -282,10 +282,11 @@ void pageant_handle_msg(BinarySink *bs,
             }
 
             if (logfn) {
-                char fingerprint[128];
+                char *fingerprint;
                 reqkey.comment = NULL;
-                rsa_fingerprint(fingerprint, sizeof(fingerprint), &reqkey);
+                fingerprint = rsa_ssh1_fingerprint(&reqkey);
                 plog(logctx, logfn, "requested key: %s", fingerprint);
+                sfree(fingerprint);
             }
             if ((key = find234(rsakeys, &reqkey, NULL)) == NULL) {
                 pageant_failure_msg(bs, "key not found", logctx, logfn);
@@ -386,9 +387,9 @@ void pageant_handle_msg(BinarySink *bs,
             }
 
             if (logfn) {
-                char fingerprint[128];
+                char *fingerprint = rsa_ssh1_fingerprint(key);
-                rsa_fingerprint(fingerprint, sizeof(fingerprint), key);
                 plog(logctx, logfn, "submitted key: %s", fingerprint);
+                sfree(fingerprint);
             }
 
 	    if (add234(rsakeys, key) == key) {
@@ -496,9 +497,9 @@ void pageant_handle_msg(BinarySink *bs,
             }
 
             if (logfn) {
-                char fingerprint[128];
+                char *fingerprint;
                 reqkey.comment = NULL;
-                rsa_fingerprint(fingerprint, sizeof(fingerprint), &reqkey);
+                fingerprint = rsa_ssh1_fingerprint(&reqkey);
                 plog(logctx, logfn, "unwanted key: %s", fingerprint);
             }
 
@@ -1316,7 +1317,7 @@ int pageant_enum_keys(pageant_key_enum_fn_t callback, void *callback_ctx,
     nkeys = toint(get_uint32(src));
     for (i = 0; i < nkeys; i++) {
         struct RSAKey rkey;
-        char fingerprint[128];
+        char *fingerprint;
 
         /* public blob and fingerprint */
         memset(&rkey, 0, sizeof(rkey));
@@ -1330,7 +1331,7 @@ int pageant_enum_keys(pageant_key_enum_fn_t callback, void *callback_ctx,
             return PAGEANT_ACTION_FAILURE;
         }
 
-        rsa_fingerprint(fingerprint, sizeof(fingerprint), &rkey);
+        fingerprint = rsa_ssh1_fingerprint(&rkey);
 
         cbkey.blob = strbuf_new();
         rsa_ssh1_public_blob(BinarySink_UPCAST(cbkey.blob), &rkey,
@@ -1341,6 +1342,7 @@ int pageant_enum_keys(pageant_key_enum_fn_t callback, void *callback_ctx,
         strbuf_free(cbkey.blob);
         freersakey(&rkey);
         sfree(cbkey.comment);
+        sfree(fingerprint);
     }
 
     sfree(keylist);

ssh.c

@@ -4130,13 +4130,10 @@ static void do_ssh1_login(void *vctx)
      * Log the host key fingerprint.
      */
     if (!get_err(pktin)) {
-	char logmsg[80];
+	char *fingerprint = rsa_ssh1_fingerprint(&s->hostkey);
 	logevent("Host key fingerprint is:");
-	strcpy(logmsg, "      ");
+        logeventf(ssh, "      %s", fingerprint);
-	s->hostkey.comment = NULL;
+        sfree(fingerprint);
-	rsa_fingerprint(logmsg + strlen(logmsg),
-			sizeof(logmsg) - strlen(logmsg), &s->hostkey);
-	logevent(logmsg);
     }
 
     ssh->v1_remote_protoflags = get_uint32(pktin);
@@ -4186,13 +4183,14 @@ static void do_ssh1_login(void *vctx)
 	 * First format the key into a string.
 	 */
 	int len = rsastr_len(&s->hostkey);
-	char fingerprint[100];
+	char *fingerprint;
 	char *keystr = snewn(len, char);
 	rsastr_fmt(keystr, &s->hostkey);
-	rsa_fingerprint(fingerprint, sizeof(fingerprint), &s->hostkey);
+	fingerprint = rsa_ssh1_fingerprint(&s->hostkey);
 
         /* First check against manually configured host keys. */
         s->dlgret = verify_ssh_manual_host_key(ssh, fingerprint, NULL, NULL);
+        sfree(fingerprint);
         if (s->dlgret == 0) {          /* did not match */
             bombout(("Host key did not appear in manually configured list"));
             sfree(keystr);

ssh.h

@@ -192,7 +192,7 @@ Bignum rsa_ssh1_decrypt(Bignum input, struct RSAKey *key);
 void rsasanitise(struct RSAKey *key);
 int rsastr_len(struct RSAKey *key);
 void rsastr_fmt(char *str, struct RSAKey *key);
-void rsa_fingerprint(char *str, int len, struct RSAKey *key);
+char *rsa_ssh1_fingerprint(struct RSAKey *key);
 int rsa_verify(struct RSAKey *key);
 void rsa_ssh1_public_blob(BinarySink *bs, struct RSAKey *key,
                           RsaSsh1Order order);

sshrsa.c

@@ -340,30 +340,25 @@ void rsastr_fmt(char *str, struct RSAKey *key)
  * Generate a fingerprint string for the key. Compatible with the
  * OpenSSH fingerprint code.
  */
-void rsa_fingerprint(char *str, int len, struct RSAKey *key)
+char *rsa_ssh1_fingerprint(struct RSAKey *key)
 {
     struct MD5Context md5c;
     unsigned char digest[16];
-    char buffer[16 * 3 + 40];
+    strbuf *out;
-    int slen, i;
+    int i;
 
     MD5Init(&md5c);
     put_mp_ssh1(&md5c, key->modulus);
     put_mp_ssh1(&md5c, key->exponent);
     MD5Final(digest, &md5c);
 
-    sprintf(buffer, "%d ", bignum_bitcount(key->modulus));
+    out = strbuf_new();
+    strbuf_catf(out, "%d ", bignum_bitcount(key->modulus));
     for (i = 0; i < 16; i++)
-	sprintf(buffer + strlen(buffer), "%s%02x", i ? ":" : "",
+	strbuf_catf(out, "%s%02x", i ? ":" : "", digest[i]);
-		digest[i]);
+    if (key->comment)
-    strncpy(str, buffer, len);
+        strbuf_catf(out, " %s", key->comment);
-    str[len - 1] = '\0';
+    return strbuf_to_str(out);
-    slen = strlen(str);
-    if (key->comment && slen < len - 1) {
-	str[slen] = ' ';
-	strncpy(str + slen + 1, key->comment, len - slen - 1);
-	str[len - 1] = '\0';
-    }
 }
 
 /*

windows/winpgen.c

@@ -734,8 +734,7 @@ void load_key_file(HWND hwnd, struct MainDlgState *state,
 	    SetDlgItemText(hwnd, IDC_PASSPHRASE2EDIT,
 			   passphrase);
 	    if (type == SSH_KEYTYPE_SSH1) {
-		char buf[128];
+		char *fingerprint, *savecomment;
-		char *savecomment;
 
 		state->ssh2 = FALSE;
 		state->commentptr = &state->key.comment;
@@ -746,11 +745,11 @@ void load_key_file(HWND hwnd, struct MainDlgState *state,
 		 */
 		savecomment = state->key.comment;
 		state->key.comment = NULL;
-		rsa_fingerprint(buf, sizeof(buf),
+		fingerprint = rsa_ssh1_fingerprint(&state->key);
-				&state->key);
 		state->key.comment = savecomment;
+		SetDlgItemText(hwnd, IDC_FINGERPRINT, fingerprint);
+                sfree(fingerprint);
 
-		SetDlgItemText(hwnd, IDC_FINGERPRINT, buf);
 		/*
 		 * Construct a decimal representation
 		 * of the key, for pasting into
@@ -1406,7 +1405,7 @@ static INT_PTR CALLBACK MainDlgProc(HWND hwnd, UINT msg,
 	 * Now update the key controls with all the key data.
 	 */
 	{
-	    char *savecomment;
+	    char *fp, *savecomment;
 	    /*
 	     * Blank passphrase, initially. This isn't dangerous,
 	     * because we will warn (Are You Sure?) before allowing
@@ -1423,16 +1422,12 @@ static INT_PTR CALLBACK MainDlgProc(HWND hwnd, UINT msg,
 	     */
 	    savecomment = *state->commentptr;
 	    *state->commentptr = NULL;
-	    if (state->ssh2) {
+	    if (state->ssh2)
-		char *fp;
 		fp = ssh2_fingerprint(state->ssh2key.alg, state->ssh2key.data);
+            else
+                fp = rsa_ssh1_fingerprint(&state->key);
             SetDlgItemText(hwnd, IDC_FINGERPRINT, fp);
             sfree(fp);
-	    } else {
-		char buf[128];
-		rsa_fingerprint(buf, sizeof(buf), &state->key);
-		SetDlgItemText(hwnd, IDC_FINGERPRINT, buf);
-	    }
 	    *state->commentptr = savecomment;
 	    /*
 	     * Construct a decimal representation of the key, for

windows/winpgnt.c

@@ -290,14 +290,16 @@ void keylist_update(void)
     if (keylist) {
 	SendDlgItemMessage(keylist, 100, LB_RESETCONTENT, 0, 0);
 	for (i = 0; NULL != (rkey = pageant_nth_ssh1_key(i)); i++) {
-	    char listentry[512], *p;
+	    char *listentry, *fp, *p;
+
+	    fp = rsa_ssh1_fingerprint(rkey);
+	    listentry = dupprintf("ssh1\t%s", fp);
+            sfree(fp);
+
 	    /*
 	     * Replace two spaces in the fingerprint with tabs, for
 	     * nice alignment in the box.
 	     */
-	    strcpy(listentry, "ssh1\t");
-	    p = listentry + strlen(listentry);
-	    rsa_fingerprint(p, sizeof(listentry) - (p - listentry), rkey);
 	    p = strchr(listentry, ' ');
 	    if (p)
 		*p = '\t';
@@ -306,6 +308,7 @@ void keylist_update(void)
 		*p = '\t';
 	    SendDlgItemMessage(keylist, 100, LB_ADDSTRING,
 			       0, (LPARAM) listentry);
+            sfree(listentry);
 	}
 	for (i = 0; NULL != (skey = pageant_nth_ssh2_key(i)); i++) {
 	    char *listentry, *p;