commit | 0a08dada0ff98d02f3864a23ae8d27cb8fba5303 | [log] [tgz] |
---|---|---|
author | Filippo Valsorda <hi@filippo.io> | Sun Nov 17 18:43:54 2019 -0500 |
committer | Filippo Valsorda <filippo@golang.org> | Thu Dec 05 16:18:47 2019 +0000 |
tree | 52bdafe97d3886509ad71575af7fbb8a7efc119b | |
parent | 86a70503ff7e82ffc18c7b0de83db35da4791e6a [diff] |
ssh: reject unencrypted keys from ParsePrivateKeyWithPassphrase The behavior of ParsePrivateKeyWithPassphrase when the key is unencrypted is unspecified. Currently, it just parses them like ParsePrivateKey, which is unlikely to be what anyone wants: for us to ignore a passphrase that they explicitly passed. It also makes the implementation of encrypted OpenSSH keys in the next CL more confused. Instead, make ParsePrivateKey return a PassphraseNeededError, so the application logic can be ParsePrivateKey -> detect encrypted key -> obtain passphrase -> ParsePrivateKeyWithPassphrase. That error will also let us return the public key for OpenSSH keys. Change-Id: Ife4fb2499ae538bef36e353adf9bc8e902662386 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/207599 Run-TryBot: Filippo Valsorda <filippo@golang.org> Run-TryBot: Han-Wen Nienhuys <hanwen@google.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Han-Wen Nienhuys <hanwen@google.com>
This repository holds supplementary Go cryptography libraries.
The easiest way to install is to run go get -u golang.org/x/crypto/...
. You can also manually git clone the repository to $GOPATH/src/golang.org/x/crypto
.
This repository uses Gerrit for code changes. To learn how to submit changes to this repository, see https://golang.org/doc/contribute.html.
The main issue tracker for the crypto repository is located at https://github.com/golang/go/issues. Prefix your issue with “x/crypto:” in the subject line, so it is easy to find.
Note that contributions to the cryptography package receive additional scrutiny due to their sensitive nature. Patches may take longer than normal to receive feedback.