diff options
author | Simon Tatham <anakin@pobox.com> | 2022-08-02 20:14:06 +0300 |
---|---|---|
committer | Simon Tatham <anakin@pobox.com> | 2022-08-02 20:39:31 +0300 |
commit | ff2ffa539c4ce6051fc9010abacb05510bded46f (patch) | |
tree | 4347a0f28354c73a3d5b3af61571461d87e5bfd2 /windows | |
parent | fea08bb24499dc76e3fb58895ca0f015714a1d53 (diff) |
Windows Pageant: display RSA/DSA cert bit counts.
The test in the Pageant list box code for whether we should display
the bit count of a key was done by checking specifically for ssh_rsa
or ssh_dsa, which of course meant that it didn't catch the certified
versions of those keys.
Now there's yet another footling ssh_keyalg method that asks the
question 'is it worth displaying the bit count?', to which RSA and DSA
answer yes, and the opensshcert family delegates to its base key type,
so that RSA and DSA certified keys also answer yes.
(This isn't the same as ssh_key_public_bits(alg, blob) >= 0. All
supported public key algorithms _can_ display a bit count if called
on. But only in RSA and DSA is it configurable, and therefore worth
bothering to print in the list box.)
Also in this commit, I've fixed a bug in the certificate
implementation of public_bits, which was passing a wrongly formatted
public blob to the underlying key. (Done by factoring out the code
from opensshcert_new_shared which constructed the _correct_ public
blob, and reusing it in public_bits to do the same job.)
Diffstat (limited to 'windows')
-rw-r--r-- | windows/pageant.c | 15 |
1 files changed, 4 insertions, 11 deletions
diff --git a/windows/pageant.c b/windows/pageant.c index aea98389..05447f5f 100644 --- a/windows/pageant.c +++ b/windows/pageant.c @@ -372,18 +372,11 @@ static void keylist_update_callback( put_datapl(disp->alg, keytype_word); } - put_datapl(disp->bits, ptrlen_get_word(&fingerprint, " ")); - put_datapl(disp->hash, ptrlen_get_word(&fingerprint, " ")); + ptrlen bits_word = ptrlen_get_word(&fingerprint, " "); + if (ssh_keyalg_variable_size(alg)) + put_datapl(disp->bits, bits_word); - /* - * But we don't display the bit count if the algorithm isn't - * one of the ones where it can vary. That way, those - * algorithm names (which are generally longer) can safely - * overlap into the bits column without colliding with - * pointless text. - */ - if (!(alg == &ssh_dsa || alg == &ssh_rsa)) - strbuf_clear(disp->bits); + put_datapl(disp->hash, ptrlen_get_word(&fingerprint, " ")); } } |