simon-git: putty (main): Simon Tatham

Commits to Tartarus hosted VCS tartarus-commits at lists.tartarus.org
Fri Jan 2 12:59:32 GMT 2026 

TL;DR:
  36a04966 Remove spurious \n in OpenSSH key import diagnostics.
  78599038 cryptsuite: remove a stray import statement.
  3fd66c67 OpenSSH key import: support aes256-gcm encrypted keys.
  995b63a8 It's a new year.

Repository:     https://git.tartarus.org/simon/putty.git
On the web:     https://git.tartarus.org/?p=simon/putty.git
Branch updated: main
Committer:      Simon Tatham <anakin at pobox.com>
Date:           2026-01-02 12:59:32

commit 36a049664915bd9e4493bc38c585f8d27c2ec7a2
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=36a049664915bd9e4493bc38c585f8d27c2ec7a2;hp=148c3b01338592d606e5756b5f22524c70b4246c
Author: Simon Tatham <anakin at pobox.com>
Date:   Fri Jan 2 10:22:15 2026 +0000

    Remove spurious \n in OpenSSH key import diagnostics.
    
    The output "errmsg" inconsistently had a newline in some cases and not
    in others. In fact it doesn't need one, so I've removed the unwanted
    ones.

 import.c | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

commit 78599038a3f78e7521c68c019993a0c34504ce37
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=78599038a3f78e7521c68c019993a0c34504ce37;hp=36a049664915bd9e4493bc38c585f8d27c2ec7a2
Author: Simon Tatham <anakin at pobox.com>
Date:   Fri Jan 2 12:24:54 2026 +0000

    cryptsuite: remove a stray import statement.
    
    What was that doing _there_, deep in the middle of a function? I have
    to assume I hacked it in temporarily to go with a diagnostic print,
    and then took out the more obvious print statement leaving the
    spuriopus import behind.

 test/cryptsuite.py | 1 -
 1 file changed, 1 deletion(-)

commit 3fd66c6796bfcf9e9e515c915de9cf8ec9bed6a9
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=3fd66c6796bfcf9e9e515c915de9cf8ec9bed6a9;hp=78599038a3f78e7521c68c019993a0c34504ce37
Author: Simon Tatham <anakin at pobox.com>
Date:   Fri Jan 2 12:25:53 2026 +0000

    OpenSSH key import: support aes256-gcm encrypted keys.
    
    A user reports that 1Password will choose this cipher to encrypt the
    'new' non-PEM OpenSSH key file format. You can make OpenSSH itself do
    the same, using the option "-Z aes256-gcm at openssh.com" during key
    generation.
    
    I don't know _why_ 1Password chooses this, because in this context,
    the MAC built in to AES-GCM isn't used - the OpenSSH key file format
    has no MAC at all. So AES-GCM becomes just an alternative form of
    counter-mode encryption, with a more restricted shape of IV. This also
    requires a manual workaround to avoid the keystream being out of sync,
    because the MAC isn't there to consume the first block of it.

 import.c | 39 ++++++++++++++++++++++++++++++++++++---
 1 file changed, 36 insertions(+), 3 deletions(-)

commit 995b63a82bac4f6985958cb92943e807a9f35736
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=995b63a82bac4f6985958cb92943e807a9f35736;hp=3fd66c6796bfcf9e9e515c915de9cf8ec9bed6a9
Author: Simon Tatham <anakin at pobox.com>
Date:   Fri Jan 2 12:54:11 2026 +0000

    It's a new year.
    
    According to source control, this is the first time *I've* remembered
    to update the copyright date since 2005! Every year since then, it's
    been Jacob, except for 2013, when apparently nobody remembered at all.

 LICENCE | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

More information about the tartarus-commits mailing list