diff options
-rw-r--r-- | paramiko/ed25519key.py | 3 | ||||
-rw-r--r-- | sites/www/changelog.rst | 3 | ||||
-rw-r--r-- | tests/test_pkey.py | 10 |
3 files changed, 15 insertions, 1 deletions
diff --git a/paramiko/ed25519key.py b/paramiko/ed25519key.py index 418a822d..8ad71d08 100644 --- a/paramiko/ed25519key.py +++ b/paramiko/ed25519key.py @@ -25,6 +25,7 @@ import six from paramiko.message import Message from paramiko.pkey import PKey +from paramiko.py3compat import b from paramiko.ssh_exception import SSHException, PasswordRequiredException @@ -132,7 +133,7 @@ class Ed25519Key(PKey): else: cipher = Transport._cipher_info[ciphername] key = bcrypt.kdf( - password=password, + password=b(password), salt=bcrypt_salt, desired_key_bytes=cipher["key-size"] + cipher["block-size"], rounds=bcrypt_rounds, diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst index 2a54714a..4690c0ed 100644 --- a/sites/www/changelog.rst +++ b/sites/www/changelog.rst @@ -2,6 +2,9 @@ Changelog ========= +* :bug:`1039` Ed25519 auth key decryption raised an unexpected exception when + given a unicode password string (typical in python 3). Report by Theodor van + Nahl and fix by Pierce Lopez. * :bug:`1108 (1.17+)` Rename a private method keyword argument (which was named ``async``) so that we're compatible with the upcoming Python 3.7 release (where ``async`` is a new keyword.) Thanks to ``@vEpiphyte`` for the report. diff --git a/tests/test_pkey.py b/tests/test_pkey.py index a9205a18..42d8e6bb 100644 --- a/tests/test_pkey.py +++ b/tests/test_pkey.py @@ -466,6 +466,16 @@ class KeyTest(unittest.TestCase): self.assertTrue(not pub.can_sign()) self.assertEqual(key, pub) + def test_ed25519_nonbytes_password(self): + # https://github.com/paramiko/paramiko/issues/1039 + key = Ed25519Key.from_private_key_file( + test_path('test_ed25519_password.key'), + # NOTE: not a bytes. Amusingly, the test above for same key DOES + # explicitly cast to bytes...code smell! + 'abc123', + ) + # No exception -> it's good. Meh. + def test_ed25519_load_from_file_obj(self): with open(test_path('test_ed25519.key')) as pkey_fileobj: key = Ed25519Key.from_private_key(pkey_fileobj) |