mirror of
https://git.tartarus.org/simon/putty.git
synced 2025-01-08 08:58:00 +00:00
cmdgen: support configurable key fingerprint type.
I've added the -E option, similar to ssh-keygen's, and cgtest checks it against the OpenSSH version to ensure they match.
This commit is contained in:
parent
1da353e649
commit
ef5540c185
60
cgtest.c
60
cgtest.c
@ -371,7 +371,7 @@ int main(int argc, char **argv)
|
||||
|
||||
char filename[128], osfilename[128], scfilename[128];
|
||||
char pubfilename[128], tmpfilename1[128], tmpfilename2[128];
|
||||
char *fp = NULL;
|
||||
char *fps[SSH_N_FPTYPES];
|
||||
|
||||
sprintf(filename, "test-%s.ppk", keytype->name);
|
||||
sprintf(pubfilename, "test-%s.pub", keytype->name);
|
||||
@ -391,13 +391,14 @@ int main(int argc, char **argv)
|
||||
*/
|
||||
setup_passphrases(NULL);
|
||||
test(0, "puttygen", "-L", filename, "-o", pubfilename, NULL);
|
||||
{
|
||||
for (FingerprintType fptype = 0; fptype < SSH_N_FPTYPES; fptype++) {
|
||||
const char *fpname = (fptype == SSH_FPTYPE_MD5 ? "md5" : "sha256");
|
||||
char *cmdbuf;
|
||||
fp = NULL;
|
||||
cmdbuf = dupprintf("ssh-keygen -E md5 -l -f '%s' > '%s'",
|
||||
pubfilename, tmpfilename1);
|
||||
char *fp = NULL;
|
||||
cmdbuf = dupprintf("ssh-keygen -E %s -l -f '%s' > '%s'",
|
||||
fpname, pubfilename, tmpfilename1);
|
||||
if (cgtest_verbose)
|
||||
printf("OpenSSH fp check: %s\n", cmdbuf);
|
||||
printf("OpenSSH %s fp check: %s\n", fpname, cmdbuf);
|
||||
if (system(cmdbuf) ||
|
||||
(fp = get_fp(tmpfilename1,
|
||||
CGT_SSH_KEYGEN | keytype->flags)) == NULL) {
|
||||
@ -407,10 +408,11 @@ int main(int argc, char **argv)
|
||||
sfree(cmdbuf);
|
||||
if (fp && cgtest_verbose) {
|
||||
char *line = get_line(tmpfilename1);
|
||||
printf("OpenSSH fp: %s\n", line);
|
||||
printf("OpenSSH %s fp: %s\n", fpname, line);
|
||||
printf("Cleaned up: %s\n", fp);
|
||||
sfree(line);
|
||||
}
|
||||
fps[fptype] = fp;
|
||||
}
|
||||
|
||||
/*
|
||||
@ -423,17 +425,22 @@ int main(int argc, char **argv)
|
||||
* List the fingerprint of the key.
|
||||
*/
|
||||
setup_passphrases(NULL);
|
||||
test(0, "puttygen", "-l", filename, "-o", tmpfilename1, NULL);
|
||||
if (!fp) {
|
||||
/*
|
||||
* If we can't test fingerprints against OpenSSH, we
|
||||
* can at the very least test equality of all the
|
||||
* fingerprints we generate of this key throughout
|
||||
* testing.
|
||||
*/
|
||||
fp = get_fp(tmpfilename1, 0);
|
||||
} else {
|
||||
check_fp(tmpfilename1, fp, "%s initial fp", keytype->name);
|
||||
for (FingerprintType fptype = 0; fptype < SSH_N_FPTYPES; fptype++) {
|
||||
const char *fpname = (fptype == SSH_FPTYPE_MD5 ? "md5" : "sha256");
|
||||
test(0, "puttygen", "-E", fpname, "-l", filename,
|
||||
"-o", tmpfilename1, NULL);
|
||||
if (!fps[fptype]) {
|
||||
/*
|
||||
* If we can't test fingerprints against OpenSSH, we
|
||||
* can at the very least test equality of all the
|
||||
* fingerprints we generate of this key throughout
|
||||
* testing.
|
||||
*/
|
||||
fps[fptype] = get_fp(tmpfilename1, 0);
|
||||
} else {
|
||||
check_fp(tmpfilename1, fps[fptype], "%s initial %s fp",
|
||||
keytype->name, fpname);
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
@ -486,7 +493,8 @@ int main(int argc, char **argv)
|
||||
*/
|
||||
setup_passphrases(NULL);
|
||||
test(0, "puttygen", "-l", osfilename, "-o", tmpfilename1, NULL);
|
||||
check_fp(tmpfilename1, fp, "%s openssh clear fp", keytype->name);
|
||||
check_fp(tmpfilename1, fps[SSH_FPTYPE_DEFAULT],
|
||||
"%s openssh clear fp", keytype->name);
|
||||
|
||||
/*
|
||||
* List the public half of the OpenSSH-formatted key in
|
||||
@ -518,7 +526,8 @@ int main(int argc, char **argv)
|
||||
*/
|
||||
setup_passphrases(NULL);
|
||||
test(0, "puttygen", "-l", scfilename, "-o", tmpfilename1, NULL);
|
||||
check_fp(tmpfilename1, fp, "%s ssh.com clear fp", keytype->name);
|
||||
check_fp(tmpfilename1, fps[SSH_FPTYPE_DEFAULT],
|
||||
"%s ssh.com clear fp", keytype->name);
|
||||
|
||||
/*
|
||||
* List the public half of the ssh.com-formatted key in
|
||||
@ -630,8 +639,8 @@ int main(int argc, char **argv)
|
||||
*/
|
||||
setup_passphrases("sponge2", NULL);
|
||||
test(0, "puttygen", "-l", osfilename, "-o", tmpfilename1, NULL);
|
||||
check_fp(tmpfilename1, fp, "%s openssh encrypted fp",
|
||||
keytype->name);
|
||||
check_fp(tmpfilename1, fps[SSH_FPTYPE_DEFAULT],
|
||||
"%s openssh encrypted fp", keytype->name);
|
||||
|
||||
/*
|
||||
* List the public half of the OpenSSH-formatted key in
|
||||
@ -671,8 +680,8 @@ int main(int argc, char **argv)
|
||||
*/
|
||||
setup_passphrases("sponge2", NULL);
|
||||
test(0, "puttygen", "-l", scfilename, "-o", tmpfilename1, NULL);
|
||||
check_fp(tmpfilename1, fp, "%s ssh.com encrypted fp",
|
||||
keytype->name);
|
||||
check_fp(tmpfilename1, fps[SSH_FPTYPE_DEFAULT],
|
||||
"%s ssh.com encrypted fp", keytype->name);
|
||||
|
||||
/*
|
||||
* List the public half of the ssh.com-formatted key in
|
||||
@ -762,7 +771,8 @@ int main(int argc, char **argv)
|
||||
setup_passphrases(NULL);
|
||||
test(1, "puttygen", "-C", "spurious-new-comment", pubfilename, NULL);
|
||||
|
||||
sfree(fp);
|
||||
for (FingerprintType fptype = 0; fptype < SSH_N_FPTYPES; fptype++)
|
||||
sfree(fps[fptype]);
|
||||
|
||||
if (remove_files) {
|
||||
remove(filename);
|
||||
|
17
cmdgen.c
17
cmdgen.c
@ -244,6 +244,7 @@ int main(int argc, char **argv)
|
||||
const PrimeGenerationPolicy *primegen = &primegen_probabilistic;
|
||||
bool strong_rsa = false;
|
||||
ppk_save_parameters params = ppk_save_default_parameters;
|
||||
FingerprintType fptype = SSH_FPTYPE_DEFAULT;
|
||||
|
||||
if (is_interactive())
|
||||
progress_fp = stderr;
|
||||
@ -507,6 +508,7 @@ int main(int argc, char **argv)
|
||||
case 'C':
|
||||
case 'O':
|
||||
case 'o':
|
||||
case 'E':
|
||||
/*
|
||||
* Option requiring parameter.
|
||||
*/
|
||||
@ -575,6 +577,17 @@ int main(int argc, char **argv)
|
||||
case 'o':
|
||||
outfile = p;
|
||||
break;
|
||||
case 'E':
|
||||
if (!strcmp(p, "md5"))
|
||||
fptype = SSH_FPTYPE_MD5;
|
||||
else if (!strcmp(p, "sha256"))
|
||||
fptype = SSH_FPTYPE_SHA256;
|
||||
else {
|
||||
fprintf(stderr, "puttygen: unknown fingerprint "
|
||||
"type `%s'\n", p);
|
||||
errs = true;
|
||||
}
|
||||
break;
|
||||
}
|
||||
p = NULL; /* prevent continued processing */
|
||||
break;
|
||||
@ -1182,11 +1195,11 @@ int main(int argc, char **argv)
|
||||
fingerprint = rsa_ssh1_fingerprint(ssh1key);
|
||||
} else {
|
||||
if (ssh2key) {
|
||||
fingerprint = ssh2_fingerprint(ssh2key->key, SSH_FPTYPE_DEFAULT);
|
||||
fingerprint = ssh2_fingerprint(ssh2key->key, fptype);
|
||||
} else {
|
||||
assert(ssh2blob);
|
||||
fingerprint = ssh2_fingerprint_blob(
|
||||
ptrlen_from_strbuf(ssh2blob), SSH_FPTYPE_DEFAULT);
|
||||
ptrlen_from_strbuf(ssh2blob), fptype);
|
||||
}
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user