1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-25 09:12:24 +00:00

Give rsa_fingerprint() a new name and API.

It's an SSH-1 specific function, so it should have a name reflecting
that, and it didn't. Also it had one of those outdated APIs involving
passing it a client-allocated buffer and size. Now it has a sensible
name, and internally it constructs the output string using a strbuf
and returns it dynamically allocated.
This commit is contained in:
Simon Tatham 2018-06-03 08:08:53 +01:00
parent 3f1f7c3ce7
commit ae3863679d
7 changed files with 46 additions and 54 deletions

View File

@ -1017,8 +1017,7 @@ int main(int argc, char **argv)
if (sshver == 1) { if (sshver == 1) {
assert(ssh1key); assert(ssh1key);
fingerprint = snewn(128, char); fingerprint = rsa_ssh1_fingerprint(ssh1key);
rsa_fingerprint(fingerprint, 128, ssh1key);
} else { } else {
if (ssh2key) { if (ssh2key) {
fingerprint = ssh2_fingerprint(ssh2key->alg, fingerprint = ssh2_fingerprint(ssh2key->alg,

View File

@ -213,9 +213,9 @@ void pageant_handle_msg(BinarySink *bs,
int i; int i;
struct RSAKey *rkey; struct RSAKey *rkey;
for (i = 0; NULL != (rkey = pageant_nth_ssh1_key(i)); i++) { for (i = 0; NULL != (rkey = pageant_nth_ssh1_key(i)); i++) {
char fingerprint[128]; char *fingerprint = rsa_ssh1_fingerprint(rkey);
rsa_fingerprint(fingerprint, sizeof(fingerprint), rkey);
plog(logctx, logfn, "returned key: %s", fingerprint); plog(logctx, logfn, "returned key: %s", fingerprint);
sfree(fingerprint);
} }
} }
} }
@ -282,10 +282,11 @@ void pageant_handle_msg(BinarySink *bs,
} }
if (logfn) { if (logfn) {
char fingerprint[128]; char *fingerprint;
reqkey.comment = NULL; reqkey.comment = NULL;
rsa_fingerprint(fingerprint, sizeof(fingerprint), &reqkey); fingerprint = rsa_ssh1_fingerprint(&reqkey);
plog(logctx, logfn, "requested key: %s", fingerprint); plog(logctx, logfn, "requested key: %s", fingerprint);
sfree(fingerprint);
} }
if ((key = find234(rsakeys, &reqkey, NULL)) == NULL) { if ((key = find234(rsakeys, &reqkey, NULL)) == NULL) {
pageant_failure_msg(bs, "key not found", logctx, logfn); pageant_failure_msg(bs, "key not found", logctx, logfn);
@ -386,9 +387,9 @@ void pageant_handle_msg(BinarySink *bs,
} }
if (logfn) { if (logfn) {
char fingerprint[128]; char *fingerprint = rsa_ssh1_fingerprint(key);
rsa_fingerprint(fingerprint, sizeof(fingerprint), key);
plog(logctx, logfn, "submitted key: %s", fingerprint); plog(logctx, logfn, "submitted key: %s", fingerprint);
sfree(fingerprint);
} }
if (add234(rsakeys, key) == key) { if (add234(rsakeys, key) == key) {
@ -496,9 +497,9 @@ void pageant_handle_msg(BinarySink *bs,
} }
if (logfn) { if (logfn) {
char fingerprint[128]; char *fingerprint;
reqkey.comment = NULL; reqkey.comment = NULL;
rsa_fingerprint(fingerprint, sizeof(fingerprint), &reqkey); fingerprint = rsa_ssh1_fingerprint(&reqkey);
plog(logctx, logfn, "unwanted key: %s", fingerprint); plog(logctx, logfn, "unwanted key: %s", fingerprint);
} }
@ -1316,7 +1317,7 @@ int pageant_enum_keys(pageant_key_enum_fn_t callback, void *callback_ctx,
nkeys = toint(get_uint32(src)); nkeys = toint(get_uint32(src));
for (i = 0; i < nkeys; i++) { for (i = 0; i < nkeys; i++) {
struct RSAKey rkey; struct RSAKey rkey;
char fingerprint[128]; char *fingerprint;
/* public blob and fingerprint */ /* public blob and fingerprint */
memset(&rkey, 0, sizeof(rkey)); memset(&rkey, 0, sizeof(rkey));
@ -1330,7 +1331,7 @@ int pageant_enum_keys(pageant_key_enum_fn_t callback, void *callback_ctx,
return PAGEANT_ACTION_FAILURE; return PAGEANT_ACTION_FAILURE;
} }
rsa_fingerprint(fingerprint, sizeof(fingerprint), &rkey); fingerprint = rsa_ssh1_fingerprint(&rkey);
cbkey.blob = strbuf_new(); cbkey.blob = strbuf_new();
rsa_ssh1_public_blob(BinarySink_UPCAST(cbkey.blob), &rkey, rsa_ssh1_public_blob(BinarySink_UPCAST(cbkey.blob), &rkey,
@ -1341,6 +1342,7 @@ int pageant_enum_keys(pageant_key_enum_fn_t callback, void *callback_ctx,
strbuf_free(cbkey.blob); strbuf_free(cbkey.blob);
freersakey(&rkey); freersakey(&rkey);
sfree(cbkey.comment); sfree(cbkey.comment);
sfree(fingerprint);
} }
sfree(keylist); sfree(keylist);

14
ssh.c
View File

@ -4130,13 +4130,10 @@ static void do_ssh1_login(void *vctx)
* Log the host key fingerprint. * Log the host key fingerprint.
*/ */
if (!get_err(pktin)) { if (!get_err(pktin)) {
char logmsg[80]; char *fingerprint = rsa_ssh1_fingerprint(&s->hostkey);
logevent("Host key fingerprint is:"); logevent("Host key fingerprint is:");
strcpy(logmsg, " "); logeventf(ssh, " %s", fingerprint);
s->hostkey.comment = NULL; sfree(fingerprint);
rsa_fingerprint(logmsg + strlen(logmsg),
sizeof(logmsg) - strlen(logmsg), &s->hostkey);
logevent(logmsg);
} }
ssh->v1_remote_protoflags = get_uint32(pktin); ssh->v1_remote_protoflags = get_uint32(pktin);
@ -4186,13 +4183,14 @@ static void do_ssh1_login(void *vctx)
* First format the key into a string. * First format the key into a string.
*/ */
int len = rsastr_len(&s->hostkey); int len = rsastr_len(&s->hostkey);
char fingerprint[100]; char *fingerprint;
char *keystr = snewn(len, char); char *keystr = snewn(len, char);
rsastr_fmt(keystr, &s->hostkey); rsastr_fmt(keystr, &s->hostkey);
rsa_fingerprint(fingerprint, sizeof(fingerprint), &s->hostkey); fingerprint = rsa_ssh1_fingerprint(&s->hostkey);
/* First check against manually configured host keys. */ /* First check against manually configured host keys. */
s->dlgret = verify_ssh_manual_host_key(ssh, fingerprint, NULL, NULL); s->dlgret = verify_ssh_manual_host_key(ssh, fingerprint, NULL, NULL);
sfree(fingerprint);
if (s->dlgret == 0) { /* did not match */ if (s->dlgret == 0) { /* did not match */
bombout(("Host key did not appear in manually configured list")); bombout(("Host key did not appear in manually configured list"));
sfree(keystr); sfree(keystr);

2
ssh.h
View File

@ -192,7 +192,7 @@ Bignum rsa_ssh1_decrypt(Bignum input, struct RSAKey *key);
void rsasanitise(struct RSAKey *key); void rsasanitise(struct RSAKey *key);
int rsastr_len(struct RSAKey *key); int rsastr_len(struct RSAKey *key);
void rsastr_fmt(char *str, struct RSAKey *key); void rsastr_fmt(char *str, struct RSAKey *key);
void rsa_fingerprint(char *str, int len, struct RSAKey *key); char *rsa_ssh1_fingerprint(struct RSAKey *key);
int rsa_verify(struct RSAKey *key); int rsa_verify(struct RSAKey *key);
void rsa_ssh1_public_blob(BinarySink *bs, struct RSAKey *key, void rsa_ssh1_public_blob(BinarySink *bs, struct RSAKey *key,
RsaSsh1Order order); RsaSsh1Order order);

View File

@ -340,30 +340,25 @@ void rsastr_fmt(char *str, struct RSAKey *key)
* Generate a fingerprint string for the key. Compatible with the * Generate a fingerprint string for the key. Compatible with the
* OpenSSH fingerprint code. * OpenSSH fingerprint code.
*/ */
void rsa_fingerprint(char *str, int len, struct RSAKey *key) char *rsa_ssh1_fingerprint(struct RSAKey *key)
{ {
struct MD5Context md5c; struct MD5Context md5c;
unsigned char digest[16]; unsigned char digest[16];
char buffer[16 * 3 + 40]; strbuf *out;
int slen, i; int i;
MD5Init(&md5c); MD5Init(&md5c);
put_mp_ssh1(&md5c, key->modulus); put_mp_ssh1(&md5c, key->modulus);
put_mp_ssh1(&md5c, key->exponent); put_mp_ssh1(&md5c, key->exponent);
MD5Final(digest, &md5c); MD5Final(digest, &md5c);
sprintf(buffer, "%d ", bignum_bitcount(key->modulus)); out = strbuf_new();
strbuf_catf(out, "%d ", bignum_bitcount(key->modulus));
for (i = 0; i < 16; i++) for (i = 0; i < 16; i++)
sprintf(buffer + strlen(buffer), "%s%02x", i ? ":" : "", strbuf_catf(out, "%s%02x", i ? ":" : "", digest[i]);
digest[i]); if (key->comment)
strncpy(str, buffer, len); strbuf_catf(out, " %s", key->comment);
str[len - 1] = '\0'; return strbuf_to_str(out);
slen = strlen(str);
if (key->comment && slen < len - 1) {
str[slen] = ' ';
strncpy(str + slen + 1, key->comment, len - slen - 1);
str[len - 1] = '\0';
}
} }
/* /*

View File

@ -734,8 +734,7 @@ void load_key_file(HWND hwnd, struct MainDlgState *state,
SetDlgItemText(hwnd, IDC_PASSPHRASE2EDIT, SetDlgItemText(hwnd, IDC_PASSPHRASE2EDIT,
passphrase); passphrase);
if (type == SSH_KEYTYPE_SSH1) { if (type == SSH_KEYTYPE_SSH1) {
char buf[128]; char *fingerprint, *savecomment;
char *savecomment;
state->ssh2 = FALSE; state->ssh2 = FALSE;
state->commentptr = &state->key.comment; state->commentptr = &state->key.comment;
@ -746,11 +745,11 @@ void load_key_file(HWND hwnd, struct MainDlgState *state,
*/ */
savecomment = state->key.comment; savecomment = state->key.comment;
state->key.comment = NULL; state->key.comment = NULL;
rsa_fingerprint(buf, sizeof(buf), fingerprint = rsa_ssh1_fingerprint(&state->key);
&state->key);
state->key.comment = savecomment; state->key.comment = savecomment;
SetDlgItemText(hwnd, IDC_FINGERPRINT, fingerprint);
sfree(fingerprint);
SetDlgItemText(hwnd, IDC_FINGERPRINT, buf);
/* /*
* Construct a decimal representation * Construct a decimal representation
* of the key, for pasting into * of the key, for pasting into
@ -1406,7 +1405,7 @@ static INT_PTR CALLBACK MainDlgProc(HWND hwnd, UINT msg,
* Now update the key controls with all the key data. * Now update the key controls with all the key data.
*/ */
{ {
char *savecomment; char *fp, *savecomment;
/* /*
* Blank passphrase, initially. This isn't dangerous, * Blank passphrase, initially. This isn't dangerous,
* because we will warn (Are You Sure?) before allowing * because we will warn (Are You Sure?) before allowing
@ -1423,16 +1422,12 @@ static INT_PTR CALLBACK MainDlgProc(HWND hwnd, UINT msg,
*/ */
savecomment = *state->commentptr; savecomment = *state->commentptr;
*state->commentptr = NULL; *state->commentptr = NULL;
if (state->ssh2) { if (state->ssh2)
char *fp;
fp = ssh2_fingerprint(state->ssh2key.alg, state->ssh2key.data); fp = ssh2_fingerprint(state->ssh2key.alg, state->ssh2key.data);
SetDlgItemText(hwnd, IDC_FINGERPRINT, fp); else
sfree(fp); fp = rsa_ssh1_fingerprint(&state->key);
} else { SetDlgItemText(hwnd, IDC_FINGERPRINT, fp);
char buf[128]; sfree(fp);
rsa_fingerprint(buf, sizeof(buf), &state->key);
SetDlgItemText(hwnd, IDC_FINGERPRINT, buf);
}
*state->commentptr = savecomment; *state->commentptr = savecomment;
/* /*
* Construct a decimal representation of the key, for * Construct a decimal representation of the key, for

View File

@ -290,14 +290,16 @@ void keylist_update(void)
if (keylist) { if (keylist) {
SendDlgItemMessage(keylist, 100, LB_RESETCONTENT, 0, 0); SendDlgItemMessage(keylist, 100, LB_RESETCONTENT, 0, 0);
for (i = 0; NULL != (rkey = pageant_nth_ssh1_key(i)); i++) { for (i = 0; NULL != (rkey = pageant_nth_ssh1_key(i)); i++) {
char listentry[512], *p; char *listentry, *fp, *p;
fp = rsa_ssh1_fingerprint(rkey);
listentry = dupprintf("ssh1\t%s", fp);
sfree(fp);
/* /*
* Replace two spaces in the fingerprint with tabs, for * Replace two spaces in the fingerprint with tabs, for
* nice alignment in the box. * nice alignment in the box.
*/ */
strcpy(listentry, "ssh1\t");
p = listentry + strlen(listentry);
rsa_fingerprint(p, sizeof(listentry) - (p - listentry), rkey);
p = strchr(listentry, ' '); p = strchr(listentry, ' ');
if (p) if (p)
*p = '\t'; *p = '\t';
@ -306,6 +308,7 @@ void keylist_update(void)
*p = '\t'; *p = '\t';
SendDlgItemMessage(keylist, 100, LB_ADDSTRING, SendDlgItemMessage(keylist, 100, LB_ADDSTRING,
0, (LPARAM) listentry); 0, (LPARAM) listentry);
sfree(listentry);
} }
for (i = 0; NULL != (skey = pageant_nth_ssh2_key(i)); i++) { for (i = 0; NULL != (skey = pageant_nth_ssh2_key(i)); i++) {
char *listentry, *p; char *listentry, *p;