projects
/
u
/
mdw
/
putty
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Turns out that the compose-keys fix in r9567 did in fact break one
[u/mdw/putty]
/
import.c
diff --git
a/import.c
b/import.c
index
17bf65b
..
55e3be2
100644
(file)
--- a/
import.c
+++ b/
import.c
@@
-334,7
+334,7
@@
static struct openssh_key *load_openssh_key(const Filename *filename,
ret->encrypted = 0;
memset(ret->iv, 0, sizeof(ret->iv));
ret->encrypted = 0;
memset(ret->iv, 0, sizeof(ret->iv));
- fp = f_open(
*
filename, "r", FALSE);
+ fp = f_open(filename, "r", FALSE);
if (!fp) {
errmsg = "unable to open key file";
goto error;
if (!fp) {
errmsg = "unable to open key file";
goto error;
@@
-529,6
+529,10
@@
struct ssh2_userkey *openssh_read(const Filename *filename, char *passphrase,
* - let block B equal MD5(A || passphrase || iv)
* - block C would be MD5(B || passphrase || iv) and so on
* - encryption key is the first N bytes of A || B
* - let block B equal MD5(A || passphrase || iv)
* - block C would be MD5(B || passphrase || iv) and so on
* - encryption key is the first N bytes of A || B
+ *
+ * (Note that only 8 bytes of the iv are used for key
+ * derivation, even when the key is encrypted with AES and
+ * hence there are 16 bytes available.)
*/
struct MD5Context md5c;
unsigned char keybuf[32];
*/
struct MD5Context md5c;
unsigned char keybuf[32];
@@
-872,6
+876,9
@@
int openssh_write(const Filename *filename, struct ssh2_userkey *key,
/*
* Encrypt the key.
/*
* Encrypt the key.
+ *
+ * For the moment, we still encrypt our OpenSSH keys using
+ * old-style 3DES.
*/
if (passphrase) {
/*
*/
if (passphrase) {
/*
@@
-912,7
+919,7
@@
int openssh_write(const Filename *filename, struct ssh2_userkey *key,
* And save it. We'll use Unix line endings just in case it's
* subsequently transferred in binary mode.
*/
* And save it. We'll use Unix line endings just in case it's
* subsequently transferred in binary mode.
*/
- fp = f_open(
*
filename, "wb", TRUE); /* ensure Unix line endings */
+ fp = f_open(filename, "wb", TRUE); /* ensure Unix line endings */
if (!fp)
goto error;
fputs(header, fp);
if (!fp)
goto error;
fputs(header, fp);
@@
-1046,7
+1053,7
@@
static struct sshcom_key *load_sshcom_key(const Filename *filename,
ret->keyblob = NULL;
ret->keyblob_len = ret->keyblob_size = 0;
ret->keyblob = NULL;
ret->keyblob_len = ret->keyblob_size = 0;
- fp = f_open(
*
filename, "r", FALSE);
+ fp = f_open(filename, "r", FALSE);
if (!fp) {
errmsg = "unable to open key file";
goto error;
if (!fp) {
errmsg = "unable to open key file";
goto error;
@@
-1665,7
+1672,7
@@
int sshcom_write(const Filename *filename, struct ssh2_userkey *key,
* And save it. We'll use Unix line endings just in case it's
* subsequently transferred in binary mode.
*/
* And save it. We'll use Unix line endings just in case it's
* subsequently transferred in binary mode.
*/
- fp = f_open(
*
filename, "wb", TRUE); /* ensure Unix line endings */
+ fp = f_open(filename, "wb", TRUE); /* ensure Unix line endings */
if (!fp)
goto error;
fputs("---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----\n", fp);
if (!fp)
goto error;
fputs("---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----\n", fp);