diff options
author | Andreas Schneider <asn@cryptomilk.org> | 2018-01-09 20:20:53 +0100 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2018-01-10 22:31:02 +0100 |
commit | 67b8f3d6dfa2c631a92da74f483d24242621ac37 (patch) | |
tree | 45847b37d2d3b43d0eed05efd7548669c705bf7e | |
parent | b0af81271023ddb13a9328756019942e91bb1d30 (diff) | |
download | libssh-67b8f3d6dfa2c631a92da74f483d24242621ac37.tar.gz libssh-67b8f3d6dfa2c631a92da74f483d24242621ac37.tar.xz libssh-67b8f3d6dfa2c631a92da74f483d24242621ac37.zip |
pki_crypto: Fix private key generation with password
We need to specify a cipher when we generate a key with a password.
OpenSSH uses aes_128_cbc, so we should use the same.
Thanks to Julian Lunz for the report.
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
-rw-r--r-- | src/pki_crypto.c | 6 | ||||
-rw-r--r-- | tests/unittests/torture_pki_dsa.c | 2 | ||||
-rw-r--r-- | tests/unittests/torture_pki_ecdsa.c | 2 | ||||
-rw-r--r-- | tests/unittests/torture_pki_rsa.c | 2 |
4 files changed, 6 insertions, 6 deletions
diff --git a/src/pki_crypto.c b/src/pki_crypto.c index 2aa0e956..a2c89325 100644 --- a/src/pki_crypto.c +++ b/src/pki_crypto.c @@ -662,7 +662,7 @@ ssh_string pki_private_key_to_pem(const ssh_key key, } else { rc = PEM_write_bio_DSAPrivateKey(mem, key->dsa, - NULL, /* cipher */ + EVP_aes_128_cbc(), NULL, /* kstr */ 0, /* klen */ NULL, /* auth_fn */ @@ -687,7 +687,7 @@ ssh_string pki_private_key_to_pem(const ssh_key key, } else { rc = PEM_write_bio_RSAPrivateKey(mem, key->rsa, - NULL, /* cipher */ + EVP_aes_128_cbc(), NULL, /* kstr */ 0, /* klen */ NULL, /* auth_fn */ @@ -712,7 +712,7 @@ ssh_string pki_private_key_to_pem(const ssh_key key, } else { rc = PEM_write_bio_ECPrivateKey(mem, key->ecdsa, - NULL, /* cipher */ + EVP_aes_128_cbc(), NULL, /* kstr */ 0, /* klen */ NULL, /* auth_fn */ diff --git a/tests/unittests/torture_pki_dsa.c b/tests/unittests/torture_pki_dsa.c index be428e0c..1bfdb894 100644 --- a/tests/unittests/torture_pki_dsa.c +++ b/tests/unittests/torture_pki_dsa.c @@ -81,7 +81,7 @@ static void torture_pki_dsa_write_privkey(void **state) unlink(LIBSSH_DSA_TESTKEY); rc = ssh_pki_export_privkey_file(origkey, - "", + NULL, NULL, NULL, LIBSSH_DSA_TESTKEY); diff --git a/tests/unittests/torture_pki_ecdsa.c b/tests/unittests/torture_pki_ecdsa.c index e7524b7a..18c5a78a 100644 --- a/tests/unittests/torture_pki_ecdsa.c +++ b/tests/unittests/torture_pki_ecdsa.c @@ -354,7 +354,7 @@ static void torture_pki_ecdsa_write_privkey(void **state) unlink(LIBSSH_ECDSA_TESTKEY); rc = ssh_pki_export_privkey_file(origkey, - "", + NULL, NULL, NULL, LIBSSH_ECDSA_TESTKEY); diff --git a/tests/unittests/torture_pki_rsa.c b/tests/unittests/torture_pki_rsa.c index 965ebcc3..b1dd97d0 100644 --- a/tests/unittests/torture_pki_rsa.c +++ b/tests/unittests/torture_pki_rsa.c @@ -434,7 +434,7 @@ static void torture_pki_rsa_write_privkey(void **state) unlink(LIBSSH_RSA_TESTKEY); rc = ssh_pki_export_privkey_file(origkey, - "", + NULL, NULL, NULL, LIBSSH_RSA_TESTKEY); |