From: jacob Date: Sat, 26 Feb 2005 15:50:29 +0000 (+0000) Subject: The comment that Private-Hash: was not allowed in DSS PuTTY-User-Key-File-1 X-Git-Url: https://git.distorted.org.uk/~mdw/sgt/putty/commitdiff_plain/a92a95249e6e8cf732d34bf966a1a791f62eced4 The comment that Private-Hash: was not allowed in DSS PuTTY-User-Key-File-1 keys was apparently incorrect; prior to r1413, it was both allowed, and generated for passphraseless keys. Remove it and associated validation so that people are able to load such keys into PuTTYgen to upgrade them, as suggested. git-svn-id: svn://svn.tartarus.org/sgt/putty@5403 cda61777-01e9-0310-a592-d414129be87e --- diff --git a/sshpubk.c b/sshpubk.c index 9e89fe97..166afbcb 100644 --- a/sshpubk.c +++ b/sshpubk.c @@ -461,10 +461,9 @@ int saversakey(const Filename *filename, struct RSAKey *key, char *passphrase) * with "PuTTY-User-Key-File-1" (version number differs). In this * format the Private-MAC: field only covers the private-plaintext * field and nothing else (and without the 4-byte string length on - * the front too). Moreover, for RSA keys the Private-MAC: field - * can be replaced with a Private-Hash: field which is a plain - * SHA-1 hash instead of an HMAC. This is not allowable in DSA - * keys. (Yes, the old format was a mess. Guess why it changed :-) + * the front too). Moreover, the Private-MAC: field can be replaced + * with a Private-Hash: field which is a plain SHA-1 hash instead of + * an HMAC (this was generated for unencrypted keys). */ static int read_header(FILE * fp, char *header) @@ -723,8 +722,7 @@ struct ssh2_userkey *ssh2_load_userkey(const Filename *filename, if ((mac = read_body(fp)) == NULL) goto error; is_mac = 1; - } else if (0 == strcmp(header, "Private-Hash") && - alg == &ssh_rsa && old_fmt) { + } else if (0 == strcmp(header, "Private-Hash") && old_fmt) { if ((mac = read_body(fp)) == NULL) goto error; is_mac = 0;