nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-10 01:48:00 +00:00
Code Issues Projects Releases Wiki Activity
426901b891
putty-source/ssh
History
Simon Tatham cd7f6c4407 Certificate-aware handling of key fingerprints. 
OpenSSH, when called on to give the fingerprint of a certified public
key, will in many circumstances generate the hash of the public blob
of the _underlying_ key, rather than the hash of the full certificate.

I think the hash of the certificate is also potentially useful (if
nothing else, it provides a way to tell apart multiple certificates on
the same key). But I can also see that it's useful to be able to
recognise a key as the same one 'really' (since all certificates on
the same key share a private key, so they're unavoidably related).

So I've dealt with this by introducing an extra pair of fingerprint
types, giving the cross product of {MD5, SHA-256} x {base key only,
full certificate}. You can manually select which one you want to see
in some circumstances (notably PuTTYgen), and in others (such as
diagnostics) both fingerprints will be emitted side by side via the
new functions ssh2_double_fingerprint[_blob].

The default, following OpenSSH, is to just fingerprint the base key.
2022-08-05 18:08:59 +01:00
..
agentf.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
bpp1.c New Seat callback, seat_sent(). 2021-06-27 13:52:48 +01:00
bpp2.c New Seat callback, seat_sent(). 2021-06-27 13:52:48 +01:00
bpp-bare.c New Seat callback, seat_sent(). 2021-06-27 13:52:48 +01:00
bpp.h Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
ca-config.c Certificate trust scope: change to a boolean-expression system. 2022-06-25 14:32:23 +01:00
censor1.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
censor2.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
channel.h Formatting: normalise back to 4-space indentation. 2022-08-03 20:48:46 +01:00
CMakeLists.txt Move host CA config box out into its own source file. 2022-05-01 10:16:19 +01:00
common.c Formatting: realign run-on parenthesised stuff. 2022-08-03 20:48:46 +01:00
connection1-client.c New Seat query, has_mixed_input_stream(). 2021-11-06 14:48:26 +00:00
connection1-server.c Formatting: normalise back to 4-space indentation. 2022-08-03 20:48:46 +01:00
connection1.c Richer data type for interactive prompt results. 2021-12-28 18:08:31 +00:00
connection1.h Richer data type for interactive prompt results. 2021-12-28 18:08:31 +00:00
connection2-client.c New Seat query, has_mixed_input_stream(). 2021-11-06 14:48:26 +00:00
connection2-server.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
connection2.c Formatting: normalise back to 4-space indentation. 2022-08-03 20:48:46 +01:00
connection2.h Richer data type for interactive prompt results. 2021-12-28 18:08:31 +00:00
crc-attack-detector.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
gss.h Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00
gssc.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
gssc.h Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
kex2-client.c Certificate-aware handling of key fingerprints. 2022-08-05 18:08:59 +01:00
kex2-server.c Refactor ecdh_kex into an organised vtable. 2022-04-15 17:46:06 +01:00
login1-server.c Formatting: realign run-on parenthesised stuff. 2022-08-03 20:48:46 +01:00
login1.c Formatting: realign run-on parenthesised stuff. 2022-08-03 20:48:46 +01:00
mainchan.c Formatting: realign run-on parenthesised stuff. 2022-08-03 20:48:46 +01:00
nogss.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
nosharing.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
pgssapi.c Formatting: miscellaneous. 2022-08-03 20:48:46 +01:00
pgssapi.h Formatting: remove spurious spaces in 'type * var'. 2022-08-03 20:48:46 +01:00
portfwd.c Formatting: miscellaneous. 2022-08-03 20:48:46 +01:00
ppl.h Support for detached certificates in userauth. 2022-04-25 15:09:31 +01:00
scpserver.c Generalise strbuf_catf() into put_fmt(). 2021-11-19 11:32:47 +00:00
server.c Centralise most details of host-key prompting. 2022-07-07 18:05:32 +01:00
server.h Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00
sesschan.c Centralise most details of host-key prompting. 2022-07-07 18:05:32 +01:00
sftp.c Formatting: miscellaneous. 2022-08-03 20:48:46 +01:00
sftp.h Fix a batch of typos in comments and docs. 2022-01-03 06:40:51 +00:00
sftpcommon.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
sftpserver.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
sharing.c Formatting: standardise on "func(\n", not "func\n(". 2022-08-03 20:48:46 +01:00
signal-list.h Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
ssh.c Support for detached certificates in userauth. 2022-04-25 15:09:31 +01:00
transient-hostkey-cache.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
transport2.c Formatting: miscellaneous. 2022-08-03 20:48:46 +01:00
transport2.h Fix rekeying when using a certified host key. 2022-04-29 22:44:40 +01:00
ttymode-list.h Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
userauth2-client.c Formatting: miscellaneous. 2022-08-03 20:48:46 +01:00
userauth2-server.c Uppity: add stunt options for trivial authentication. 2021-06-19 21:34:56 +01:00
verstring.c Formatting: realign run-on parenthesised stuff. 2022-08-03 20:48:46 +01:00
x11fwd.c Formatting: realign run-on parenthesised stuff. 2022-08-03 20:48:46 +01:00
zlib.c Formatting: remove spurious spaces in 'type * var'. 2022-08-03 20:48:46 +01:00