[project @ Arch-1:robey@lag.net--2003-public%secsh--dev--1.0--patch-43]

fix encrypted private key files
the random byte padding on private key files' BER data was confusing openssh,
so switch to null-byte padding, which is slightly less secure but works with
crappy old openssh.  also, enforce the mode when writing the private key
file.  we really really want it to be 0600.  (python seems to ignore the
mode normally.)
This commit is contained in:
Robey Pointer 2004-04-06 22:03:21 +00:00
parent 945a41dd3d
commit 68c8a9b2e6
1 changed files with 6 additions and 2 deletions

View File

@ -22,7 +22,7 @@
Common API for all public keys. Common API for all public keys.
""" """
import base64 import os, base64
from Crypto.Hash import MD5 from Crypto.Hash import MD5
from Crypto.Cipher import DES3 from Crypto.Cipher import DES3
@ -301,6 +301,8 @@ class PKey (object):
@raise IOError: if there was an error writing the file. @raise IOError: if there was an error writing the file.
""" """
f = open(filename, 'w', 0600) f = open(filename, 'w', 0600)
# grrr... the mode doesn't always take hold
os.chmod(filename, 0600)
f.write('-----BEGIN %s PRIVATE KEY-----\n' % tag) f.write('-----BEGIN %s PRIVATE KEY-----\n' % tag)
if password is not None: if password is not None:
# since we only support one cipher here, use it # since we only support one cipher here, use it
@ -313,7 +315,9 @@ class PKey (object):
key = util.generate_key_bytes(MD5, salt, password, keysize) key = util.generate_key_bytes(MD5, salt, password, keysize)
if len(data) % blocksize != 0: if len(data) % blocksize != 0:
n = blocksize - len(data) % blocksize n = blocksize - len(data) % blocksize
data += randpool.get_bytes(n) #data += randpool.get_bytes(n)
# that would make more sense ^, but it confuses openssh.
data += '\0' * n
data = cipher.new(key, mode, salt).encrypt(data) data = cipher.new(key, mode, salt).encrypt(data)
f.write('Proc-Type: 4,ENCRYPTED\n') f.write('Proc-Type: 4,ENCRYPTED\n')
f.write('DEK-Info: %s,%s\n' % (cipher_name, util.hexify(salt))) f.write('DEK-Info: %s,%s\n' % (cipher_name, util.hexify(salt)))