Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix two issues with writing private key with passphrase #772

Closed
wants to merge 3 commits into from
Closed

Fix two issues with writing private key with passphrase #772

Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
61b436c
Pass password through to _write_private_key(...)
cjh1 Jul 8, 2016
b1ecb44
BestEncryption is now BestAvailableEncryption
cjh1 Jul 8, 2016
998f223
Add AES-256-CBC as known encryption for private key
cjh1 Jul 8, 2016
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
2 changes: 1 addition & 1 deletion paramiko/pkey.py
View file
Open in desktop
Expand Up @@ -342,7 +342,7 @@ def _write_private_key(self, f, key, format, password=None):
if password is None:
encryption = serialization.NoEncryption()
else:
encryption = serialization.BestEncryption(password)
encryption = serialization.BestAvailableEncryption(password.encode())
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The method does not specify if the "password" parameter is bytes or string. If it's not documented elsewhere, wouldn't it be better to expect bytes in input? This affects python3. As an alternative, we could accept both types and call encode() only if the type is string.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All the public methods in this class that take a password are expecting strings, so I think this password parameter should also be a string. Should I add a doc string to indicate this?


f.write(key.private_bytes(
serialization.Encoding.PEM,
Expand Down