You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently, someone can create a private ssh-key with ssh.MarshalPrivateKeyWithPassphrase(). This API doesn't expose the configured rounds.
The rounds are currently hard-coded in:
seankhliao
changed the title
proposal: x/crypto: Make the number of rounds for Passphrase encrypted keys configurable
proposal: x/crypto/ssh: make the number of rounds for Passphrase encrypted keys configurable
Aug 1, 2024
drakkan
added a commit
to drakkan/proposal
that referenced
this issue
Sep 15, 2024
…Options
PrivateKeySigner is a Signer that can also return the associated
crypto.Signer.
This means ParseRawPrivateKey and ParseRawPrivateKeyWithPassphrase
can be private now.
MarshalPrivateKeyOptions defines the options to Marshal a private
key in OpenSSH format. We can pass the passphrase as option to
MarshalPrivateKey and so we don't need MarshalPrivateKeyWithPassphrase.
Additionally we can also configure the salt rounds that is currently
hard coded (see golang/go#68700) and easly add more options in the
future.
… Options
PrivateKeySigner is a Signer that can also return the associated
crypto.Signer.
This means ParseRawPrivateKey and ParseRawPrivateKeyWithPassphrase
can be private now.
MarshalPrivateKeyOptions defines the options to Marshal a private
key in OpenSSH format. We can pass the passphrase as option to
MarshalPrivateKey and so we don't need MarshalPrivateKeyWithPassphrase.
Additionally we can also configure the salt rounds that is currently
hard coded (see golang/go#68700) and easly add more options in the
future.
Change-Id: Id5c30f69fc600d19ef579aa2cf54dc8620677bb8
GitHub-Last-Rev: 98ee61e
GitHub-Pull-Request: #52
Reviewed-on: https://go-review.googlesource.com/c/proposal/+/613036
Commit-Queue: Nicola Murino <[email protected]>
Reviewed-by: Nicola Murino <[email protected]>
Auto-Submit: Nicola Murino <[email protected]>
Proposal Details
Hey,
Currently, someone can create a private ssh-key with
ssh.MarshalPrivateKeyWithPassphrase()
. This API doesn't expose the configured rounds.The rounds are currently hard-coded in:
It would be nice if this is configurable as it is in
ssh-keygen -a
The text was updated successfully, but these errors were encountered: