simon-git: putty (main): Simon Tatham
Commits to Tartarus hosted VCS
tartarus-commits at lists.tartarus.org
Sat May 7 13:15:49 BST 2022
TL;DR:
ab70bda4 ntru_gen_short: remove quadratic-time shuffle.
5390aef3 GTK: make explicit text controls selectable.
cd094b28 Allow CTRL_TEXT controls to be non-wrapping.
4b0e54c2 CA config box: fully validate the CA public key.
b753cf6e Reject multilayer certificates in check_cert.
Repository: https://git.tartarus.org/simon/putty.git
On the web: https://git.tartarus.org/?p=simon/putty.git
Branch updated: main
Committer: Simon Tatham <anakin at pobox.com>
Date: 2022-05-07 13:15:49
commit ab70bda4c72c0eb245aa65fdcd5e487c82f90477
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=ab70bda4c72c0eb245aa65fdcd5e487c82f90477;hp=5ca78237edf7873fdec01fb657c023d9777faf5d
Author: Simon Tatham <anakin at pobox.com>
Date: Fri May 6 17:51:13 2022 +0100
ntru_gen_short: remove quadratic-time shuffle.
This function has to make an array containing a specific number of
random values that are +1 or -1, and all the rest zero. The simplest
way I could think of to do it at first was to make the array with all
the zeroes at the end and then shuffle the array.
But I couldn't think of a time-safe algorithm to shuffle an array in
such a way that all orders come out equiprobable, that was better than
quadratic time. In fact I still can't think of one. (Making a random
Benes network is the best idea I've come up with: it arranges that
every output order is _possible_, and runs in O(N log N) time, but it
skews the probabilities, which makes it unacceptable.)
However, there's no need to shuffle an array in this application
anyway: we're not actually trying to generate a random _permutation_,
only a random element of (n choose w). So we can just walk linearly
along the array remembering how many nonzero elements we have yet to
output, and using an appropriately chosen random number at each step
to decide whether this will be one of them.
This isn't a significant improvement in the performance of NTRU
overall, but it satisfies my sense of rightness a little, and at least
means I don't have to have a comment in the code apologising for the
terrible algorithm any more.
crypto/ntru.c | 48 ++++++++++++++++++++++++------------------------
1 file changed, 24 insertions(+), 24 deletions(-)
commit 5390aef3fc7deca225dd76db15021dc5c4ab53f2
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=5390aef3fc7deca225dd76db15021dc5c4ab53f2;hp=ab70bda4c72c0eb245aa65fdcd5e487c82f90477
Author: Simon Tatham <anakin at pobox.com>
Date: Sat May 7 11:00:19 2022 +0100
GTK: make explicit text controls selectable.
This doesn't apply to every GtkLabel I instantiate: only the ones
constructed as part of implementing the cross-platform CTRL_TEXT.
Those labels contain information that the dialog box is deliberately
communicating to the user, so it seems a sensible idea to make sure
they can be copy-pasted.
By default, this also seems to cause them to become able to take the
input focus, so I've reverted that. You can select them with the
mouse, but I think having them appear in the tab order is an
awkwardness too far, since they're not active in any other way.
unix/dialog.c | 2 ++
1 file changed, 2 insertions(+)
commit cd094b28a3b17793d689f1fd7ea66e6b82c9f413
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=cd094b28a3b17793d689f1fd7ea66e6b82c9f413;hp=5390aef3fc7deca225dd76db15021dc5c4ab53f2
Author: Simon Tatham <anakin at pobox.com>
Date: Sat May 7 08:23:38 2022 +0100
Allow CTRL_TEXT controls to be non-wrapping.
This is for cases where they're presenting information to the user
that wouldn't wrap sensibly anyway (such as an SSH key fingerprint
which is mostly all one word), and in which newlines might be
significant.
On GTK, the implementing widget is still a GtkLabel, but without the
wrap flag set, and wrapped in a GtkScrolledWindow in case the text is
too wide to fit.
On Windows, I've switched to using an edit box instead of a static
text control, making it readonly, and borderless via my existing
MakeDlgItemBorderless helper function. This doesn't get you an actual
scrollbar, but it does mean you can scroll left and right by dragging
with the mouse.
dialog.c | 1 +
dialog.h | 8 ++++++++
unix/dialog.c | 12 +++++++++++-
windows/controls.c | 34 ++++++++++++++++++++--------------
windows/platform.h | 2 +-
5 files changed, 41 insertions(+), 16 deletions(-)
commit 4b0e54c22aaed9f6250325d8d949231b5aa678ea
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=4b0e54c22aaed9f6250325d8d949231b5aa678ea;hp=cd094b28a3b17793d689f1fd7ea66e6b82c9f413
Author: Simon Tatham <anakin at pobox.com>
Date: Thu May 5 20:26:05 2022 +0100
CA config box: fully validate the CA public key.
Now we check that we can actually make an ssh_key out of it, and
moreover, that the key is of a sensible kind (i.e. not a certificate
in turn). If that's not true, we report something about the problem in
a new CTRL_TEXT below the public key input box. If the key _is_ valid,
that same text control is used to show its type, length and
fingerprint.
On Windows, I've widened the dialog box a little to make fingerprints
fit sensibly in it.
ssh/ca-config.c | 119 ++++++++++++++++++++++++++++++++++-------------
windows/dialog.c | 4 +-
windows/putty-common.rc2 | 2 +-
3 files changed, 89 insertions(+), 36 deletions(-)
commit b753cf6e3b7e439ed95b8e6df4a0aefaa5e27bed
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=b753cf6e3b7e439ed95b8e6df4a0aefaa5e27bed;hp=4b0e54c22aaed9f6250325d8d949231b5aa678ea
Author: Simon Tatham <anakin at pobox.com>
Date: Sat May 7 12:25:54 2022 +0100
Reject multilayer certificates in check_cert.
Rejecting them in the CA config box reminded me that the main checking
code also ought to do the same thing.
crypto/openssh-certs.c | 31 ++++++++++++++++++++++++++++++-
test/cryptsuite.py | 37 +++++++++++++++++++++++++++++++++++++
2 files changed, 67 insertions(+), 1 deletion(-)
More information about the tartarus-commits
mailing list