From 044e4217f389a8c242cce8ff0ca9e130574bd3f6 Mon Sep 17 00:00:00 2001 From: Jacob Nevins Date: Thu, 20 Oct 2022 23:25:34 +0100 Subject: [PATCH 1/3] Windows PuTTYgen: fit cert info values in dialog. (When an item is too long, as "Fingerprint including certificate" often is, you can at least drag the control to see all of the content.) --- windows/puttygen.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/puttygen.c b/windows/puttygen.c index 143e7b5f..457dbfa1 100644 --- a/windows/puttygen.c +++ b/windows/puttygen.c @@ -1402,14 +1402,14 @@ static INT_PTR CertInfoProc(HWND hwnd, UINT msg, WPARAM wParam, ES_AUTOHSCROLL | ES_READONLY; if (item->type == SDT_MORE_INFO_VALUE_BLOB) { rk.left = 12; - rk.right = 426; + rk.right = 286; rk.top = y; rk.bottom = 8; y += 10; editstyle |= ES_MULTILINE; rv.left = 12; - rv.right = 426; + rv.right = 286; rv.top = y; rv.bottom = 64; y += 68; @@ -1420,7 +1420,7 @@ static INT_PTR CertInfoProc(HWND hwnd, UINT msg, WPARAM wParam, rk.bottom = 8; rv.left = 150; - rv.right = 438; + rv.right = 298; rv.top = y; rv.bottom = 12; From 25ac012c4068976299ab397fcf221980a86ced63 Mon Sep 17 00:00:00 2001 From: Jacob Nevins Date: Thu, 20 Oct 2022 23:42:21 +0100 Subject: [PATCH 2/3] Document Windows PuTTYgen "-t ed25519" / "ed448". --- doc/pubkey.but | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/doc/pubkey.but b/doc/pubkey.but index 539b55b4..27c0ba60 100644 --- a/doc/pubkey.but +++ b/doc/pubkey.but @@ -535,7 +535,8 @@ The options supported on the command line are: \dt \cw{\-t} \e{keytype} \dd Type of key to generate. You can select \c{rsa}, \c{dsa}, -\c{ecdsa}, \c{eddsa} or \c{rsa1}. See \k{puttygen-keytype}. +\c{ecdsa}, \c{eddsa}, \c{ed25519}, \c{ed448}, or \c{rsa1}. +See \k{puttygen-keytype}. \dt \cw{\-b} \e{bits} From 4af8a585e70cc03ae3e5dacd55c037ff09852f9b Mon Sep 17 00:00:00 2001 From: Jacob Nevins Date: Thu, 20 Oct 2022 23:55:19 +0100 Subject: [PATCH 3/3] cmdgen: Fix docs and usage messages. Some new cert-related stuff wasn't documented in the usage message and/or man page; and the longer-standing "-E fptype" was entirely omitted from the usage message. --- cmdgen.c | 4 ++++ doc/man-puttygen.but | 28 +++++++++++++++++----------- 2 files changed, 21 insertions(+), 11 deletions(-) diff --git a/cmdgen.c b/cmdgen.c index 25078b9a..b12758a1 100644 --- a/cmdgen.c +++ b/cmdgen.c @@ -130,13 +130,17 @@ void help(void) " public RFC 4716 / ssh.com public key\n" " public-openssh OpenSSH public key\n" " fingerprint output the key fingerprint\n" + " cert-info print certificate information\n" " text output the key components as " "'name=0x####'\n" " -o specify output file\n" " -l equivalent to `-O fingerprint'\n" " -L equivalent to `-O public-openssh'\n" " -p equivalent to `-O public'\n" + " --cert-info equivalent to `-O cert-info'\n" " --dump equivalent to `-O text'\n" + " -E fptype specify fingerprint output type:\n" + " sha256, md5, sha256-cert, md5-cert\n" " --certificate file incorporate a certificate into the key\n" " --remove-certificate remove any certificate from the key\n" " --reencrypt load a key and save it with fresh " diff --git a/doc/man-puttygen.but b/doc/man-puttygen.but index 092f05c0..e6a2c990 100644 --- a/doc/man-puttygen.but +++ b/doc/man-puttygen.but @@ -12,10 +12,12 @@ \e bbbbbbbb iiiiiii bb iiiiiii bb iiii bbbbbbbb iiiiii bb \c [ -C new-comment ] [ -P ] [ --reencrypt ] \e bb iiiiiiiiiii bb bbbbbbbbbbb -\c [ -O output-type | -l | -L | -p | --dump ] [ -E fptype ] -\e bb iiiiiiiiiii bb bb bb bbbbbb bb iiiiii -\c [ --ppk-param key=value,... ] -\e bbbbbbbbbbb iiibiiiiib +\c [ --certificate cert-file | --remove-certificate ] +\e bbbbbbbbbbbbb iiiiiiiii bbbbbbbbbbbbbbbbbbbb +\c [ -O output-type | -l | -L | -p | --dump | --cert-info ] +\e bb iiiiiiiiiii bb bb bb bbbbbb bbbbbbbbbbb +\c [ --ppk-param key=value,... | -E fptype ] +\e bbbbbbbbbbb iiibiiiiib bb iiiiii \c [ -o output-file ] \e bb iiiiiiiiiii @@ -58,8 +60,9 @@ ssh.com's implementation. You can also specify a file containing only a \e{public} key here. The operations you can do are limited to outputting another public -key format or a fingerprint. Public keys can be in RFC 4716 or -OpenSSH format, or the standard SSH-1 format. +key format (possibly removing an attached certificate first), or a +fingerprint. Public keys can be in RFC 4716 or OpenSSH format, or +the standard SSH-1 format. } @@ -148,7 +151,8 @@ modifying an existing key. \dd Adds an OpenSSH-style certificate to the public half of the key, so that the output file contains a certified public key with the same private key. If the input file already contained a certificate, it -will be replaced with the new one. +will be replaced with the new one. (Use \cq{-} to read a certificate +from standard input.) \dt \cw{\-\-remove\-certificate} @@ -288,8 +292,9 @@ SSH. \lcont{ The output consists of a series of \cw{name=value} lines, where each -\c{value} is either a C-like string literal in double quotes, or a -hexadecimal number starting with \cw{0x...} +\c{value} is either a C-like string literal in double quotes, a +hexadecimal number starting with \cw{0x...}, or a binary blob +encoded with base64, denoted by \cw{b64("...")}. } If no output type is specified, the default is \c{private}. @@ -302,8 +307,9 @@ If no output type is specified, the default is \c{private}. this option is not specified, \c{puttygen} will assume you want to overwrite the original file if the input and output file types are the same (changing a comment or passphrase), and will assume you -want to output to stdout if you are asking for a public key or -fingerprint. Otherwise, the \c{\-o} option is required. +want to output to stdout if you are asking for a public key, +fingerprint, or one of the textual dump types. Otherwise, the +\c{\-o} option is required. \dt \cw{\-l}