diff options
author | Simon Tatham <anakin@pobox.com> | 2022-05-01 13:27:46 +0300 |
---|---|---|
committer | Simon Tatham <anakin@pobox.com> | 2022-05-01 13:27:46 +0300 |
commit | 6472b5ded76c76ac388598b6998effc73861368b (patch) | |
tree | 49a076cdcb4e88152ebdd577c913deb796314289 /ssh | |
parent | d06ae2f5c345741192a0e3f9086765382690e37b (diff) |
CA config: permit pasting a whole OpenSSH public key.
Now, we try putting the contents of the public-key edit box through
ppk_load_s if it isn't a plain base64-encoded string.
Diffstat (limited to 'ssh')
-rw-r--r-- | ssh/ca-config.c | 34 |
1 files changed, 33 insertions, 1 deletions
diff --git a/ssh/ca-config.c b/ssh/ca-config.c index e8802a4c..0f82bb35 100644 --- a/ssh/ca-config.c +++ b/ssh/ca-config.c @@ -164,15 +164,47 @@ static void ca_load_handler(dlgcontrol *ctrl, dlgparam *dp, } } +static strbuf *decode_pubkey(ptrlen data, const char **error) +{ + /* + * See if we have a plain base64-encoded public key blob. + */ + if (base64_valid(data)) + return base64_decode_sb(data); + + /* + * Otherwise, try to decode as if it was a public key _file_. + */ + BinarySource src[1]; + BinarySource_BARE_INIT_PL(src, data); + strbuf *blob = strbuf_new(); + if (ppk_loadpub_s(src, NULL, BinarySink_UPCAST(blob), NULL, error)) + return blob; + + return NULL; +} + static void ca_save_handler(dlgcontrol *ctrl, dlgparam *dp, void *data, int event) { struct ca_state *st = (struct ca_state *)ctrl->context.p; if (event == EVENT_ACTION) { + strbuf *pubkey; + { + const char *error; + pubkey = decode_pubkey(ptrlen_from_asciz(st->pubkey), &error); + if (!pubkey) { + char *msg = dupprintf("CA public key invalid: %s", error); + dlg_error_msg(dp, msg); + sfree(msg); + return; + } + } + host_ca *hca = snew(host_ca); memset(hca, 0, sizeof(*hca)); hca->name = dupstr(st->name); - hca->ca_public_key = base64_decode_sb(ptrlen_from_asciz(st->pubkey)); + hca->ca_public_key = pubkey; hca->n_hostname_wildcards = count234(st->host_wcs); hca->hostname_wildcards = snewn(hca->n_hostname_wildcards, char *); for (size_t i = 0; i < hca->n_hostname_wildcards; i++) |