1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-24 16:52:24 +00:00

winpgnt: add GUI button to re-encrypt an SSH-2 key.

This commit is contained in:
Simon Tatham 2021-04-04 09:42:00 +01:00
parent 9e3d78bddb
commit f5df09adb7
6 changed files with 48 additions and 19 deletions

View File

@ -243,16 +243,13 @@ This works the same way whether the key is used by an instance of
PuTTY running locally, or a remote client connecting to Pageant PuTTY running locally, or a remote client connecting to Pageant
through agent forwarding. through agent forwarding.
After the key has been decrypted for the first use, it remains To add a key to Pageant in this encrypted form, press the \q{Add Key
decrypted, so that it can be used again. (encrypted)} button in the Pageant main window, or alternatively
right-click on the Pageant icon in the system tray and select \q{Add
To add a key to Pageant by reading it out of a local disk file, press Key (encrypted)} from there. Pageant will bring up a file dialog, in
the \q{Add Key (encrypted)} button in the Pageant main window, or just the same way as it would for the plain \q{Add Key} button. But it
alternatively right-click on the Pageant icon in the system tray and won't ask for a passphrase. Instead, the key will be listed in the
select \q{Add Key (encrypted)} from there. Pageant will bring up a main window with \q{(encrypted)} after it.
file dialog, in just the same way as it would for the plain \q{Add
Key} button. But it won't ask for a passphrase. Instead, the key will
be listed in the main window with \q{(encrypted)} after it.
To start Pageant up in the first place with encrypted keys loaded into To start Pageant up in the first place with encrypted keys loaded into
it, you can use the \cq{--encrypted} option on the command line. For it, you can use the \cq{--encrypted} option on the command line. For
@ -260,6 +257,10 @@ example:
\c C:\PuTTY\pageant.exe --encrypted d:\main.ppk \c C:\PuTTY\pageant.exe --encrypted d:\main.ppk
After a key has been decrypted for the first use, it remains
decrypted, so that it can be used again. You can do this using the
\q{Re-encrypt} button in the Pageant main window.
\s{CAUTION}: When Pageant displays a prompt to decrypt an \s{CAUTION}: When Pageant displays a prompt to decrypt an
already-loaded key, it cannot give keyboard focus to the prompt dialog already-loaded key, it cannot give keyboard focus to the prompt dialog
box. As far as I know this is a deliberate defensive measure by box. As far as I know this is a deliberate defensive measure by

View File

@ -1400,6 +1400,14 @@ bool pageant_delete_nth_ssh2_key(int i)
return true; return true;
} }
bool pageant_reencrypt_nth_ssh2_key(int i)
{
PageantKey *pk = index234(keytree, find_first_key_for_version(2) + i);
if (!pk)
return false;
return reencrypt_key(pk);
}
/* ---------------------------------------------------------------------- /* ----------------------------------------------------------------------
* The agent plug. * The agent plug.
*/ */

View File

@ -113,12 +113,14 @@ void pageant_make_keylist2(BinarySink *);
/* /*
* Accessor functions for Pageant's internal key lists, used by GUI * Accessor functions for Pageant's internal key lists, used by GUI
* Pageant, to count the keys and to delete a key. * Pageant, to count the keys, to delete a key, or to re-encrypt a
* decrypted-on-demand key (SSH-2 only).
*/ */
int pageant_count_ssh1_keys(void); int pageant_count_ssh1_keys(void);
int pageant_count_ssh2_keys(void); int pageant_count_ssh2_keys(void);
bool pageant_delete_nth_ssh1_key(int i); bool pageant_delete_nth_ssh1_key(int i);
bool pageant_delete_nth_ssh2_key(int i); bool pageant_delete_nth_ssh2_key(int i);
bool pageant_reencrypt_nth_ssh2_key(int i);
/* /*
* This callback must be provided by the Pageant front end code. * This callback must be provided by the Pageant front end code.

View File

@ -19,6 +19,7 @@
#define IDC_KEYLIST_LISTBOX 100 #define IDC_KEYLIST_LISTBOX 100
#define IDC_KEYLIST_ADDKEY 101 #define IDC_KEYLIST_ADDKEY 101
#define IDC_KEYLIST_ADDKEY_ENC 110 #define IDC_KEYLIST_ADDKEY_ENC 110
#define IDC_KEYLIST_REENCRYPT 106
#define IDC_KEYLIST_REMOVE 102 #define IDC_KEYLIST_REMOVE 102
#define IDC_KEYLIST_HELP 103 #define IDC_KEYLIST_HELP 103
#define IDC_KEYLIST_FPTYPE_STATIC 104 #define IDC_KEYLIST_FPTYPE_STATIC 104

View File

@ -43,18 +43,19 @@ BEGIN
PUSHBUTTON "&Cancel", IDCANCEL, 135, 52, 40, 14 PUSHBUTTON "&Cancel", IDCANCEL, 135, 52, 40, 14
END END
IDD_KEYLIST DIALOG DISCARDABLE 0, 0, 450, 211 IDD_KEYLIST DIALOG DISCARDABLE 0, 0, 450, 236
STYLE DS_MODALFRAME | WS_POPUP | WS_CAPTION | WS_SYSMENU STYLE DS_MODALFRAME | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION "Pageant Key List" CAPTION "Pageant Key List"
FONT 8, "MS Shell Dlg" FONT 8, "MS Shell Dlg"
BEGIN BEGIN
LISTBOX 100, 10, 10, 420, 155, LISTBOX 100, 10, 10, 420, 155,
LBS_EXTENDEDSEL | LBS_HASSTRINGS | LBS_USETABSTOPS | WS_VSCROLL | WS_TABSTOP LBS_EXTENDEDSEL | LBS_HASSTRINGS | LBS_USETABSTOPS | WS_VSCROLL | WS_TABSTOP
PUSHBUTTON "&Add Key", IDC_KEYLIST_ADDKEY, 75, 187, 60, 14 PUSHBUTTON "&Add Key", IDC_KEYLIST_ADDKEY, 10, 187, 60, 14
PUSHBUTTON "Add Key (&encrypted)", IDC_KEYLIST_ADDKEY_ENC, 150, 187, 100, 14 PUSHBUTTON "Add Key (&encrypted)", IDC_KEYLIST_ADDKEY_ENC, 75, 187, 80, 14
PUSHBUTTON "&Remove Key", IDC_KEYLIST_REMOVE, 315, 187, 60, 14 PUSHBUTTON "Re-e&ncrypt", IDC_KEYLIST_REENCRYPT, 315, 187, 60, 14
PUSHBUTTON "&Help", IDC_KEYLIST_HELP, 10, 187, 50, 14 PUSHBUTTON "&Remove", IDC_KEYLIST_REMOVE, 380, 187, 60, 14
DEFPUSHBUTTON "&Close", IDOK, 390, 187, 50, 14 PUSHBUTTON "&Help", IDC_KEYLIST_HELP, 10, 212, 50, 14
DEFPUSHBUTTON "&Close", IDOK, 390, 212, 50, 14
LTEXT "&Fingerprint type:", IDC_KEYLIST_FPTYPE_STATIC, 10, 172, 60, 8 LTEXT "&Fingerprint type:", IDC_KEYLIST_FPTYPE_STATIC, 10, 172, 60, 8
COMBOBOX IDC_KEYLIST_FPTYPE, 70, 170, 60, 12, CBS_DROPDOWNLIST COMBOBOX IDC_KEYLIST_FPTYPE, 70, 170, 60, 12, CBS_DROPDOWNLIST
END END

View File

@ -582,6 +582,7 @@ static INT_PTR CALLBACK KeyListProc(HWND hwnd, UINT msg,
} }
return 0; return 0;
case IDC_KEYLIST_REMOVE: case IDC_KEYLIST_REMOVE:
case IDC_KEYLIST_REENCRYPT:
if (HIWORD(wParam) == BN_CLICKED || if (HIWORD(wParam) == BN_CLICKED ||
HIWORD(wParam) == BN_DOUBLECLICKED) { HIWORD(wParam) == BN_DOUBLECLICKED) {
int i; int i;
@ -617,7 +618,14 @@ static INT_PTR CALLBACK KeyListProc(HWND hwnd, UINT msg,
*/ */
for (i = sCount - 1; (itemNum >= 0) && (i >= 0); i--) { for (i = sCount - 1; (itemNum >= 0) && (i >= 0); i--) {
if (selectedArray[itemNum] == rCount + i) { if (selectedArray[itemNum] == rCount + i) {
pageant_delete_nth_ssh2_key(i); switch (LOWORD(wParam)) {
case IDC_KEYLIST_REMOVE:
pageant_delete_nth_ssh2_key(i);
break;
case IDC_KEYLIST_REENCRYPT:
pageant_reencrypt_nth_ssh2_key(i);
break;
}
itemNum--; itemNum--;
} }
} }
@ -625,7 +633,14 @@ static INT_PTR CALLBACK KeyListProc(HWND hwnd, UINT msg,
/* do the same for the rsa keys */ /* do the same for the rsa keys */
for (i = rCount - 1; (itemNum >= 0) && (i >= 0); i--) { for (i = rCount - 1; (itemNum >= 0) && (i >= 0); i--) {
if(selectedArray[itemNum] == i) { if(selectedArray[itemNum] == i) {
pageant_delete_nth_ssh1_key(i); switch (LOWORD(wParam)) {
case IDC_KEYLIST_REMOVE:
pageant_delete_nth_ssh1_key(i);
break;
case IDC_KEYLIST_REENCRYPT:
/* SSH-1 keys can't be re-encrypted */
break;
}
itemNum--; itemNum--;
} }
} }
@ -660,6 +675,7 @@ static INT_PTR CALLBACK KeyListProc(HWND hwnd, UINT msg,
case IDC_KEYLIST_ADDKEY: topic = WINHELP_CTX_pageant_addkey; break; case IDC_KEYLIST_ADDKEY: topic = WINHELP_CTX_pageant_addkey; break;
case IDC_KEYLIST_REMOVE: topic = WINHELP_CTX_pageant_remkey; break; case IDC_KEYLIST_REMOVE: topic = WINHELP_CTX_pageant_remkey; break;
case IDC_KEYLIST_ADDKEY_ENC: case IDC_KEYLIST_ADDKEY_ENC:
case IDC_KEYLIST_REENCRYPT:
topic = WINHELP_CTX_pageant_deferred; break; topic = WINHELP_CTX_pageant_deferred; break;
} }
if (topic) { if (topic) {