Skip to content

Commit

Permalink
Sign ECDSA NISTP384 With SHA2-384
Browse files Browse the repository at this point in the history 
- Adjusted new hashing function to sign  ecdsa-sha2-nistp384 SSH requests with SHA-384 for hashing.
  • Loading branch information
@NoMoreFood
NoMoreFood committed Jan 3, 2022
1 parent c13e168 commit a7127f6
Show file tree
Hide file tree
Showing 26 changed files with 77 additions and 60 deletions.
Binary file removed binaries/puttycac-0.76u2-installer.msi
View file
Binary file not shown.
Binary file removed binaries/puttycac-0.76u2.zip
View file
Binary file not shown.
Binary file added binaries/puttycac-0.76u3-installer.msi
View file
Binary file not shown.
Binary file added binaries/puttycac-0.76u3.zip
View file
Binary file not shown.
Binary file removed binaries/puttycac-64bit-0.76u2-installer.msi
View file
Binary file not shown.
Binary file removed binaries/puttycac-64bit-0.76u2.zip
View file
Binary file not shown.
Binary file added binaries/puttycac-64bit-0.76u3-installer.msi
View file
Binary file not shown.
Binary file added binaries/puttycac-64bit-0.76u3.zip
View file
Binary file not shown.
108 changes: 54 additions & 54 deletions binaries/puttycac-hash.txt
View file
@@ -1,69 +1,69 @@

Algorithm Hash Path
--------- ---- ----
SHA256 58F4103543961F2E017BD62A679C3522D30B67F95C2CC6644BDF52FCCAC56A99 x64\pageant.exe
SHA256 AB09292537B7A4F3DED1CB187BD32D83D9BA3B0249A392375E2C4ABBAC32DF1C x64\plink.exe
SHA256 16BFB507938C184BD8027A6B2B8F04DC3908708A992C50DB6C36183848C956C9 x64\pscp.exe
SHA256 B4BDACD8EB4786412BF9C8D34BD46931BFE2A36FD7A49C0CEAA4633AC8B88388 x64\psftp.exe
SHA256 12DE8267DE04B85AB951C05B8B54D80E67B6612FC096A6C33ACDF7E9D5143E5F x64\putty.exe
SHA256 894E80D06F90F17F10002024083F44153BAE350CF0B8A7B41281EC9F12B4300A x64\puttygen.exe
SHA256 66355F195B5267738755054F22C6EF7C0254253AB8BE2C27E33169E3CFB49D09 x64\puttytel.exe
SHA256 BDC803DA4C82EF5E59B9C2149C635AFE9FCA9332FF67170C47DFCB0DC8B69EE3 x86\pageant.exe
SHA256 A8C36FE7750907E81DD18C77CA62D5167F01C2719D180C515173C22C3E1A2475 x86\plink.exe
SHA256 62F1392D540221B08A2C0F158367C8501084172898B5BE4A95DAA2D86FAE73A1 x86\pscp.exe
SHA256 48BC15D72918B9DF7B8F3F563365A75BCDED35F801806564C884A89934842EB5 x86\psftp.exe
SHA256 8B473F78B1903C232FB467D0BEFA078CD167436400CD03938D9730BD0709C8BD x86\putty.exe
SHA256 27EAADD7B45FB6F7E2ADB4DA38FE3C9C6B4C33050BA3F582A8F331F56B638B62 x86\puttygen.exe
SHA256 221AC6A655F04B678CC4A8AC701A80EB6CAF2AA9791970BD43DFB8EBBFEC4E10 x86\puttytel.exe
SHA256 D626CDC8AFD44B491B579B4C15F39647024F8CF02274738F1E6F3A0B8133EE9D puttycac-0.76u2-installer.msi
SHA256 BA819F1295622BC6CFE81B28D820007D9441992F42FB64E272988A640EAAA797 puttycac-0.76u2.zip
SHA256 B586C90D9059563CACA421BA8A0E1B86AC4A79FE985181179AB616A1EDE63C29 puttycac-64bit-0.76u2-installer.msi
SHA256 8CD808CA1DCEAC6466BB6CCC867DEB63A03E6EB6A242A7E707FF650F6DE7B909 puttycac-64bit-0.76u2.zip
SHA256 99AFBE1AB0FCBB1A2C5DD9B44787502EBEA0BBF8026552A224A7358E31C15CCC x64\pageant.exe
SHA256 268C402267EA07EA25948E547A2B0CA911B84C512F830EC62BE51512BB684B47 x64\plink.exe
SHA256 4CF4FE07D0C475CEAD7E8341A1BE5AB6F57D2BCABC19E4CF3409B48F15850E87 x64\pscp.exe
SHA256 650D66A57550795B3F45F62F4DA8AF206C37086463A51EB270EEF4FD12B8B663 x64\psftp.exe
SHA256 8880037F8EB5A5413EE517FC20E311DB2B03CCA04368555503DADF6F2530F14F x64\putty.exe
SHA256 24E497A61A0C3E5A2CDDE511AE95E4AB5975B584F5CF7568B253EC4D5B2ECBAA x64\puttygen.exe
SHA256 A3DDD8CBFB6C42D40E11315040E963FBEEC315941136BADB1D412E2E0902666C x64\puttytel.exe
SHA256 9FF702CE50AADBA6C28CDBD6F14103FA92965EEB00DCCF5D0AB3F6B68A53342D x86\pageant.exe
SHA256 20F9C52796F8416E4A3EFFB3D1566E5DAA9CCC680587077439C518DAFF4B6421 x86\plink.exe
SHA256 39538899F7169BA46A83F0BB9AD86FC0A1C081AC92787DACF6B505428460E363 x86\pscp.exe
SHA256 79288DB757FFA4E0304DED5510E1177A5C1FAC8319076514EC9A50AF2681E0FF x86\psftp.exe
SHA256 E9C223EAD768637AC5B4E5615D75C2C1929D63FEC148E5D074A2F71F6A30A204 x86\putty.exe
SHA256 F4CF24B339BB8A037B91EC6FE996770E36AB475CB9C13BE6D4D41FF2132386B9 x86\puttygen.exe
SHA256 63E34D1A26AC35426896F6298A620290C1C856BC0D5532B784FB9F47A634168B x86\puttytel.exe
SHA256 57D14CCB4C0C25AE418544E37682A79D26729BB1798518F71AD494B9CBD0C561 puttycac-0.76u3-installer.msi
SHA256 93E0E94731561578AF08C4A8737709EE5546E68C05AEE666BA221431B11CFF34 puttycac-0.76u3.zip
SHA256 7BCB75CC32377D05365039200D6065AB4ED3D7B75E00FA005CB63F84B76133AF puttycac-64bit-0.76u3-installer.msi
SHA256 C8755DDDA98343786C0B2DFBE2E20087161244BAE09EBA34ED1D8D06DEEAF041 puttycac-64bit-0.76u3.zip



Algorithm Hash Path
--------- ---- ----
SHA1 E8A596F9B346038031471CADEF91A528F5D74987 x64\pageant.exe
SHA1 852DFFB91580AD98B5BD4957FA128B629D71945C x64\plink.exe
SHA1 924D67BA841B442661B4B7681B1DA3775BA5B903 x64\pscp.exe
SHA1 2BACDBE77CDDEBF9390D6A611A5BD97310879E8B x64\psftp.exe
SHA1 599E91A2594BD6CBAAC980D347EA88A5ABB3DFD7 x64\putty.exe
SHA1 B967BA1B437845F342BF2E91A437643241B92248 x64\puttygen.exe
SHA1 1B0B7CAF736056E34A63E1CF2F2B2DE392B5699C x64\puttytel.exe
SHA1 65E5D4DF01F6250BE421DF31DAF46BB0946FCE24 x86\pageant.exe
SHA1 D31F01EEB8E5FF42860F0D8E74605D17284B938D x86\plink.exe
SHA1 41B08BFF59FE532A4F949DCC3BCF5EFE488F42CB x86\pscp.exe
SHA1 43F29825A8158BF96DE11D4A8EBEDFC338077990 x86\psftp.exe
SHA1 481F9B58AE3C1144DE5288ACF86890469968267C x86\putty.exe
SHA1 886DBB9E00D59BEDC4E18A4BAA518CC5174B3454 x86\puttygen.exe
SHA1 50F2385DE59EC099DC7D9B5DFEDDF020B805A8C4 x86\puttytel.exe
SHA1 7663A6E63BF86BCA97048F61345C0BB4B6FA5B24 puttycac-0.76u2-installer.msi
SHA1 9FD516C046BDE538BE9E78FB9A4E7E2F86259A20 puttycac-0.76u2.zip
SHA1 F92AFC23F6B69387FB7E7C6B32A96A4AA866DF2C puttycac-64bit-0.76u2-installer.msi
SHA1 8B8B6F84E3F84BA96597B4B4BD20A8A545FB1DDA puttycac-64bit-0.76u2.zip
SHA1 C38D8C4BD62C70AC1BB35B491D62F9E0A8B36E99 x64\pageant.exe
SHA1 D5A61C74702002992DE98C57CCF955A2442D5BBF x64\plink.exe
SHA1 F2D19945A6E3DAAE8A84A79498A3ECC5364B0D44 x64\pscp.exe
SHA1 EE0A6FC727FCBA217F1E08DFD2211D3CB7E844B1 x64\psftp.exe
SHA1 8EF3F294A5B8F24A3DCBDB500788562AC5328E79 x64\putty.exe
SHA1 3BBE560D68FC2B658159CD49FC8B39220D1B60AC x64\puttygen.exe
SHA1 87E65B3309B82DC35FEDC48F388B68518F73EFF6 x64\puttytel.exe
SHA1 818B3E9517FE57BEA7E62636171FAE7D45643276 x86\pageant.exe
SHA1 BC0218CD113464669352CB6FD4E77FB193D5CC09 x86\plink.exe
SHA1 6C4CBB4E978DDE58C4CA72BAA063E9C64AF742EB x86\pscp.exe
SHA1 E8DCE546F5F2D98A2F1327C9F23A7B46A303F8C4 x86\psftp.exe
SHA1 F106E94EA4E289C7EAD83A7B0AB699334951D3A4 x86\putty.exe
SHA1 E8CC2558D03CD216067EC23D8517F7FDA519D464 x86\puttygen.exe
SHA1 E114600C103FD7CF8A6DDB5888E55617966CAF5D x86\puttytel.exe
SHA1 015E0FF1E95FE7EEF727B2E90A124AD1796EF073 puttycac-0.76u3-installer.msi
SHA1 38FDCFCFC56D8D2943418FDE1304DD2EB5D19FAB puttycac-0.76u3.zip
SHA1 C5F82B5CB6A8139FC2BC80A0B62BAB8FEAD08FB3 puttycac-64bit-0.76u3-installer.msi
SHA1 5C933E4BD9178A793565155F9DCCB4ED2BFE1379 puttycac-64bit-0.76u3.zip



Algorithm Hash Path
--------- ---- ----
MD5 9845A9EF9716D1FFE3CEC1016C62DA25 x64\pageant.exe
MD5 06390005E92734DFCDAD4555DB325B1A x64\plink.exe
MD5 D721D29B0DBCCB7AB63AA961DF6F89D9 x64\pscp.exe
MD5 60E5A2CAEAD64330E127FCC866092149 x64\psftp.exe
MD5 350A1F8DCB88C24A78C9E37807E3E439 x64\putty.exe
MD5 B122BA440AAB1AEFF0551DEDBE91984E x64\puttygen.exe
MD5 DC81440314B5C87DBC5EE46FA9EECB82 x64\puttytel.exe
MD5 FD3943236F65CF3DCFE1B9F3F16A8E2F x86\pageant.exe
MD5 CF3D02DD9081B0A1851EB6BCCECE2E1F x86\plink.exe
MD5 26F44115A29C98B13559B8EB614C6298 x86\pscp.exe
MD5 BE917FC0B5CA75B69CC3AF0FBCE77CC4 x86\psftp.exe
MD5 B51CD082C1828E76D40D3BD975263846 x86\putty.exe
MD5 AA70E89CD6EF40917BCF6EC1CD634ADA x86\puttygen.exe
MD5 D5E9E7A1F549FA978FC8C3AD58A3F9CD x86\puttytel.exe
MD5 E82325AAB79AF1CB76752C83BFEDA532 puttycac-0.76u2-installer.msi
MD5 0B62D02468C37DA3D381640855A48D7E puttycac-0.76u2.zip
MD5 A36B4E319C0AB32BF7CB22B482A91A4F puttycac-64bit-0.76u2-installer.msi
MD5 53162899579B752D6A9FF3EFD18181C3 puttycac-64bit-0.76u2.zip
MD5 64C9398ADD9DA38B5AA936CBD4092E65 x64\pageant.exe
MD5 8F67B3555B512E93A4B4A2A1BC367DA4 x64\plink.exe
MD5 9275F93040174BB13E2E78DE2B6DED45 x64\pscp.exe
MD5 DE0D42E32B16DAB71BE68AADDBAECA31 x64\psftp.exe
MD5 80242CCA8A62F54DE82615224F3267F1 x64\putty.exe
MD5 9FC91344DB58C247A19AC690712594F4 x64\puttygen.exe
MD5 5191758AA2AC94CBA167B6D41D8E29F8 x64\puttytel.exe
MD5 B66736514BA93F841AAC15CE9ED16906 x86\pageant.exe
MD5 83B13795918141DE22A635AD1CD54D3A x86\plink.exe
MD5 2890BB5FA50F2847CE2D2FFC57B8148A x86\pscp.exe
MD5 2A86F4AA5AFEF2B0A996A9664C0DAB85 x86\psftp.exe
MD5 A2D862B2E215E34847DFE762FA516D93 x86\putty.exe
MD5 6A913FF108FACBEDA20B89108019579A x86\puttygen.exe
MD5 5DFE1DB029966AA7D6836ECF1504FA93 x86\puttytel.exe
MD5 CF701681F4EBD6E9C37433A6CEB9E970 puttycac-0.76u3-installer.msi
MD5 52163E540902E19D8908446F60E1AEF1 puttycac-0.76u3.zip
MD5 C0847297FD41AE663A24FB388C7AE348 puttycac-64bit-0.76u3-installer.msi
MD5 9BA40200A80AD7B7411D8E9F154FDE9A puttycac-64bit-0.76u3.zip


Binary file modified binaries/x64/pageant.exe
View file
Binary file not shown.
Binary file modified binaries/x64/plink.exe
View file
Binary file not shown.
Binary file modified binaries/x64/pscp.exe
View file
Binary file not shown.
Binary file modified binaries/x64/psftp.exe
View file
Binary file not shown.
Binary file modified binaries/x64/putty.exe
View file
Binary file not shown.
Binary file modified binaries/x64/puttygen.exe
View file
Binary file not shown.
Binary file modified binaries/x64/puttytel.exe
View file
Binary file not shown.
Binary file modified binaries/x86/pageant.exe
View file
Binary file not shown.
Binary file modified binaries/x86/plink.exe
View file
Binary file not shown.
Binary file modified binaries/x86/pscp.exe
View file
Binary file not shown.
Binary file modified binaries/x86/psftp.exe
View file
Binary file not shown.
Binary file modified binaries/x86/putty.exe
View file
Binary file not shown.
Binary file modified binaries/x86/puttygen.exe
View file
Binary file not shown.
Binary file modified binaries/x86/puttytel.exe
View file
Binary file not shown.
19 changes: 18 additions & 1 deletion code/cert/cert_common.c
View file
Expand Up @@ -186,7 +186,7 @@ LPBYTE cert_sign(struct ssh2_userkey * userkey, LPCBYTE pDataToSign, int iDataTo
// sanity check
if (userkey->comment == NULL) return NULL;

// determine hashing algorithm for signing
// determine hashing algorithm for signing - upgrade to sha2 if possible
LPCSTR sHashAlgName = userkey->key->vt->ssh_id;
if (strstr(userkey->key->vt->ssh_id, "ssh-rsa") && (iAgentFlags & SSH_AGENT_RSA_SHA2_256) && cert_test_hash(userkey->comment, SSH_AGENT_RSA_SHA2_256)) {
sHashAlgName = "rsa-sha2-256";
Expand Down Expand Up @@ -620,6 +620,14 @@ LPBYTE cert_get_hash(LPCSTR szAlgo, LPCBYTE pDataToHash, DWORD iDataToHashSize,
0x05, 0x00, /* type NULL, length 0x0 (0) */
0x04, 0x20 /* type Octet string, length 0x20 (32), followed by sha256 hash */
};
const BYTE OID_SHA384[] = {
0x30, 0x41, /* type Sequence, length 0x41 (65) */
0x30, 0x0d, /* type Sequence, length 0x0d (13) */
0x06, 0x09, /* type OID, length 0x09 (9) */
0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, /* id-sha384 OID */
0x05, 0x00, /* type NULL, length 0x0 (0) */
0x04, 0x30 /* type Octet string, length 0x30 (48), followed by sha384 hash */
};
const BYTE OID_SHA512[] = {
0x30, 0x51, /* type Sequence, length 0x51 (81) */
0x30, 0x0d, /* type Sequence, length 0x0d (13) */
Expand All @@ -644,6 +652,15 @@ LPBYTE cert_get_hash(LPCSTR szAlgo, LPCBYTE pDataToHash, DWORD iDataToHashSize,
pDigest = (LPBYTE)OID_SHA256;
}
}
else if (strcmp(szAlgo, "ecdsa-sha2-nistp384") == 0)
{
sNCryptAlg = BCRYPT_SHA384_ALGORITHM;
if (bNeedsDigest)
{
iDigestSize = sizeof(OID_SHA384);
pDigest = (LPBYTE)OID_SHA384;
}
}
else if (strcmp(szAlgo, "rsa-sha2-512") == 0 || strcmp(szAlgo, "ecdsa-sha2-nistp521") == 0)
{
sNCryptAlg = BCRYPT_SHA512_ALGORITHM;
Expand Down
6 changes: 3 additions & 3 deletions code/version.h
View file
@@ -1,6 +1,6 @@
/* Generated by automated build script */
#define RELEASE 0.76
#define TEXTVER "Release 0.76-2"
#define SSHVER "-Release-0.76-2"
#define BINARY_VERSION 0,76,0,2
#define TEXTVER "Release 0.76-3"
#define SSHVER "-Release-0.76-3"
#define BINARY_VERSION 0,76,0,3
#define SOURCE_COMMIT "See https://github.com/NoMoreFood/putty-cac"
4 changes: 2 additions & 2 deletions packager/build.cmd
View file
Expand Up @@ -2,8 +2,8 @@
TITLE Building PuTTY-CAC

:: version information
SET VER=0.76u2
SET VERN=0.76.0.2
SET VER=0.76u3
SET VERN=0.76.0.3

:: cert info to use for signing
SET CERT=BC4F81C0B3B32755A8CC9A6B91713958294788F0
Expand Down

0 comments on commit a7127f6

Please sign in to comment.