1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

agent: Ignore MD5 Fingerprints for ssh keys

--
* agent/command-ssh.c (add_control_entry): Ignore failure of the MD5
  digest

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
This commit is contained in:
Jakub Jelen 2022-04-12 16:26:58 +02:00 committed by NIIBE Yutaka
parent 5e508ffcab
commit c4436ebfa5

View File

@ -1095,8 +1095,9 @@ add_control_entry (ctrl_t ctrl, ssh_key_type_spec_t *spec,
time_t atime = time (NULL); time_t atime = time (NULL);
err = ssh_get_fingerprint_string (key, GCRY_MD_MD5, &fpr_md5); err = ssh_get_fingerprint_string (key, GCRY_MD_MD5, &fpr_md5);
/* ignore the errors as MD5 is not available in FIPS mode */
if (err) if (err)
goto out; fpr_md5 = NULL;
err = ssh_get_fingerprint_string (key, GCRY_MD_SHA256, &fpr_sha256); err = ssh_get_fingerprint_string (key, GCRY_MD_SHA256, &fpr_sha256);
if (err) if (err)
@ -1113,7 +1114,8 @@ add_control_entry (ctrl_t ctrl, ssh_key_type_spec_t *spec,
spec->name, spec->name,
1900+tp->tm_year, tp->tm_mon+1, tp->tm_mday, 1900+tp->tm_year, tp->tm_mon+1, tp->tm_mday,
tp->tm_hour, tp->tm_min, tp->tm_sec, tp->tm_hour, tp->tm_min, tp->tm_sec,
fpr_md5, fpr_sha256, hexgrip, ttl, confirm? " confirm":""); fpr_md5? fpr_md5:"", fpr_sha256, hexgrip, ttl,
confirm? " confirm":"");
} }
out: out: