diff options
| author | Jeff Forcier <jeff@bitprophet.org> | 2017-11-29 12:20:43 -0800 |
|---|---|---|
| committer | Jeff Forcier <jeff@bitprophet.org> | 2017-11-29 12:20:43 -0800 |
| commit | f2a7bb421cfa46e59f1c978bc30caf42311c8748 (patch) | |
| tree | 45971cbb63ecbf75283829e465148f1c10e1b226 | |
| parent | f1562d76511890c648c657c45debe57b5112872f (diff) | |
| parent | 225a6da81e400139d9d1d61027614ac119e20a59 (diff) | |
Merge branch '2.4'
| -rw-r--r-- | paramiko/ed25519key.py | 3 | ||||
| -rw-r--r-- | sites/www/changelog.rst | 3 | ||||
| -rw-r--r-- | tests/test_pkey.py | 10 |
3 files changed, 15 insertions, 1 deletions
diff --git a/paramiko/ed25519key.py b/paramiko/ed25519key.py index 418a822d..8ad71d08 100644 --- a/paramiko/ed25519key.py +++ b/paramiko/ed25519key.py @@ -25,6 +25,7 @@ import six from paramiko.message import Message from paramiko.pkey import PKey +from paramiko.py3compat import b from paramiko.ssh_exception import SSHException, PasswordRequiredException @@ -132,7 +133,7 @@ class Ed25519Key(PKey): else: cipher = Transport._cipher_info[ciphername] key = bcrypt.kdf( - password=password, + password=b(password), salt=bcrypt_salt, desired_key_bytes=cipher["key-size"] + cipher["block-size"], rounds=bcrypt_rounds, diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index 41721713..d415aa92 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,6 +2,9 @@ Changelog ========= +* :bug:`1039` Ed25519 auth key decryption raised an unexpected exception when + given a unicode password string (typical in python 3). Report by Theodor van + Nahl and fix by Pierce Lopez. * :release:`2.4.0 <2017-11-14>` * :feature:`-` Add a new ``passphrase`` kwarg to `SSHClient.connect <paramiko.client.SSHClient.connect>` so users may disambiguate key-decryption diff --git a/tests/test_pkey.py b/tests/test_pkey.py index c745232b..7b2ab2ec 100644 --- a/tests/test_pkey.py +++ b/tests/test_pkey.py @@ -467,6 +467,16 @@ class KeyTest(unittest.TestCase): self.assertTrue(not pub.can_sign()) self.assertEqual(key, pub) + def test_ed25519_nonbytes_password(self): + # https://github.com/paramiko/paramiko/issues/1039 + key = Ed25519Key.from_private_key_file( + test_path('test_ed25519_password.key'), + # NOTE: not a bytes. Amusingly, the test above for same key DOES + # explicitly cast to bytes...code smell! + 'abc123', + ) + # No exception -> it's good. Meh. + def test_ed25519_load_from_file_obj(self): with open(_support('test_ed25519.key')) as pkey_fileobj: key = Ed25519Key.from_private_key(pkey_fileobj) |