1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-10 01:48:00 +00:00

cmdgen: have --dump output private parts of PPKs.

This seems more useful than the previous behaviour of not prompting for
a passphrase and only emitting the public part; if we want that back
I suppose we could invent a "-O text-public".

Also, document the text dump format a bit in the man page.
This commit is contained in:
Jacob Nevins 2021-04-07 22:57:51 +01:00
parent 21c2e451da
commit af9a66be2a
2 changed files with 27 additions and 12 deletions

View File

@ -810,22 +810,30 @@ int main(int argc, char **argv)
/*
* Figure out whether we need to load the encrypted part of the
* key. This will be the case if either (a) we need to write
* out a private key format, or (b) the entire input key file
* is encrypted.
* key. This will be the case if (a) we need to write out
* a private key format, (b) the entire input key file is
* encrypted, or (c) we're outputting TEXT, in which case we
* want all of the input file including private material if it
* exists.
*/
if (outtype == PRIVATE || outtype == OPENSSH_AUTO ||
outtype == OPENSSH_NEW || outtype == SSHCOM ||
bool intype_entirely_encrypted =
intype == SSH_KEYTYPE_OPENSSH_PEM ||
intype == SSH_KEYTYPE_OPENSSH_NEW ||
intype == SSH_KEYTYPE_SSHCOM)
intype == SSH_KEYTYPE_SSHCOM;
bool intype_has_private =
!(intype == SSH_KEYTYPE_SSH1_PUBLIC ||
intype == SSH_KEYTYPE_SSH2_PUBLIC_RFC4716 ||
intype == SSH_KEYTYPE_SSH2_PUBLIC_OPENSSH);
bool outtype_has_private =
outtype == PRIVATE || outtype == OPENSSH_AUTO ||
outtype == OPENSSH_NEW || outtype == SSHCOM;
if (outtype_has_private || intype_entirely_encrypted ||
(outtype == TEXT && intype_has_private))
load_encrypted = true;
else
load_encrypted = false;
if (load_encrypted && (intype == SSH_KEYTYPE_SSH1_PUBLIC ||
intype == SSH_KEYTYPE_SSH2_PUBLIC_RFC4716 ||
intype == SSH_KEYTYPE_SSH2_PUBLIC_OPENSSH)) {
if (load_encrypted && !intype_has_private) {
fprintf(stderr, "puttygen: cannot perform this action on a "
"public-key-only input file\n");
RETURN(1);

View File

@ -167,9 +167,16 @@ permitted for SSH-1 keys.
\dt \cw{text}
\dd Save a textual dump of all the numbers that comprise the key.
Useful for debugging, or for using PuTTYgen as a key generator for
applications other than SSH.
\dd Save a textual dump of the numeric components comprising the key
(both the public and private parts, if present). Useful for debugging,
or for using PuTTYgen as a key generator for applications other than
SSH.
\lcont{
The output consists of a series of \cw{name=value} lines, where each
\c{value} is either a C-like string literal in double quotes, or a
hexadecimal number starting with \cw{0x...}
}
If no output type is specified, the default is \c{private}.