simon-git: putty (main): Simon Tatham
Commits to Tartarus hosted VCS
tartarus-commits at lists.tartarus.org
Mon Feb 22 20:56:00 GMT 2021
TL;DR:
e9aa28fe Restore the ability to write out PPK v2.
b8f3fc4b cmdgen: add a --reencrypt option.
117cee8e cmdgen: command-line control of PPK save parameters.
c10aff8a Windows PuTTYgen: configurable PPK save parameters.
Repository: https://git.tartarus.org/simon/putty.git
On the web: https://git.tartarus.org/?p=simon/putty.git
Branch updated: main
Committer: Simon Tatham <anakin at pobox.com>
Date: 2021-02-22 20:56:00
commit e9aa28fe02e2ad23b2433af1158306185a369dba
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=e9aa28fe02e2ad23b2433af1158306185a369dba;hp=66983e241070a1ca8513a2d9ac3df64b9a460b11
Author: Simon Tatham <anakin at pobox.com>
Date: Sun Feb 21 22:29:10 2021 +0000
Restore the ability to write out PPK v2.
This commit adds the capability in principle to ppk_save_sb, by adding
a fmt_version field in the save parameters structure. As yet it's not
connected up to any user interface in PuTTYgen, but I think I'll need
to, because currently there's no way at all to convert PPK v3 back to
v2, and surely people will need to interoperate with older
installations of PuTTY, or with other PPK-consuming software.
ssh.h | 5 +++++
sshpubk.c | 30 +++++++++++++++++++-----------
test/cryptsuite.py | 19 +++++++++++++++----
testcrypt.c | 8 +++++---
testcrypt.h | 2 +-
5 files changed, 45 insertions(+), 19 deletions(-)
commit b8f3fc4bd1c17c74fa1f17f78eb55a24a4f7a53e
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=b8f3fc4bd1c17c74fa1f17f78eb55a24a4f7a53e;hp=e9aa28fe02e2ad23b2433af1158306185a369dba
Author: Simon Tatham <anakin at pobox.com>
Date: Mon Feb 22 17:56:02 2021 +0000
cmdgen: add a --reencrypt option.
This allows you to load and save the same key without making any
semantic changes to it. Currently, you can only do that by pretending
to make a change, like changing the passphrase or the comment to the
same thing it was before.
With two key file formats now supported, and a bunch of reconfigurable
parameters in the v3 key derivation, it's now more likely that you'd
want to re-encrypt the same key in a different way, to upgrade or
downgrade or tinker with it. (Or perhaps even just re-randomise the
salt, so that someone reading the key file doesn't know _whether_
you've changed the passphrase!)
cmdgen.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
commit 117cee8ea62b42b20c3c16d0584b411bf8d3d0de
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=117cee8ea62b42b20c3c16d0584b411bf8d3d0de;hp=b8f3fc4bd1c17c74fa1f17f78eb55a24a4f7a53e
Author: Simon Tatham <anakin at pobox.com>
Date: Mon Feb 22 18:13:12 2021 +0000
cmdgen: command-line control of PPK save parameters.
This allows you to manually adjust the Argon2 parameters so that you
can trade off CPU requirements in legitimate use against difficulty of
brute-force attack. It also allows downgrading the key file version
back to the widespread PPK v2, so you can manually back-port a key
that you accidentally generated too new.
cmdgen.c | 74 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++--
1 file changed, 72 insertions(+), 2 deletions(-)
commit c10aff8a4764bec5aa70d82c734869e7ccce37b0
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=c10aff8a4764bec5aa70d82c734869e7ccce37b0;hp=117cee8ea62b42b20c3c16d0584b411bf8d3d0de
Author: Simon Tatham <anakin at pobox.com>
Date: Mon Feb 22 20:15:11 2021 +0000
Windows PuTTYgen: configurable PPK save parameters.
The GUI key generator doesn't need a --reencrypt option, because you
can already just click Load and then Save without changing anything in
between. But it does need a dialog box with all the fiddly Argon2
settings in it, plus a setting to go back to PPK v2.
windows/puttygen-rc.h | 13 ++++
windows/puttygen.rc | 26 ++++++++
windows/winpgen.c | 169 +++++++++++++++++++++++++++++++++++++++++++++++++-
3 files changed, 207 insertions(+), 1 deletion(-)
More information about the tartarus-commits
mailing list