From 909d2b4975f4e6b01c70e3577c8be510c7481ff6 Mon Sep 17 00:00:00 2001 From: Simon Cornish Date: Thu, 29 Aug 2013 21:05:50 -0700 Subject: Allow public_key:pem_entry_decode/2) to handle AES-128-CBC ciphered keys Private keys generated by modern versions of ssh-keygen are ciphered with AES-128-CBC instead of DES-EDE3-CBC. Since DES-EDE3-CBC ciphered keys are handled, and the underlying support for AES-128-CBC is already present, it seems a bug of omission that AES-128-CBC ciphered keys are not. --- lib/public_key/test/pbe_SUITE.erl | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'lib/public_key/test/pbe_SUITE.erl') diff --git a/lib/public_key/test/pbe_SUITE.erl b/lib/public_key/test/pbe_SUITE.erl index 2c9b17478d..b68ffbd5fd 100644 --- a/lib/public_key/test/pbe_SUITE.erl +++ b/lib/public_key/test/pbe_SUITE.erl @@ -218,6 +218,14 @@ encrypted_private_key_info(Config) when is_list(Config) -> [{'PrivateKeyInfo', _, {"RC2-CBC",_}} = PubEntry2] = PemRc2Entry, KeyInfo = public_key:pem_entry_decode(PubEntry2, "password"), + %% key generated with ssh-keygen -N hello_aes -f aes_128_cbc_enc_key + {ok, PemAesCbc} = file:read_file(filename:join(Datadir, "aes_128_cbc_enc_key")), + + PemAesCbcEntry = public_key:pem_decode(PemAesCbc), + ct:print("Pem entry: ~p" , [PemAesCbcEntry]), + [{'RSAPrivateKey', _, {"AES-128-CBC",_}} = PubAesCbcEntry] = PemAesCbcEntry, + #'RSAPrivateKey'{} = public_key:pem_entry_decode(PubAesCbcEntry, "hello_aes"), + check_key_info(KeyInfo). -- cgit v1.2.3