Skip to content

Commit 53e23fe

Browse files
nahuelAlex Wilson
nahuel
authored and
Alex Wilson
committed
#50 Support PKCS#5 AES-256-CBC encrypted private keys
Reviewed by: Alex Wilson <[email protected]>
1 parent 6b68d49 commit 53e23fe

File tree

3 files changed

+48
-1
lines changed

3 files changed

+48
-1
lines changed

lib/utils.js

+2-1
Original file line numberDiff line numberDiff line change
@@ -87,7 +87,8 @@ function assertCompatible(obj, klass, needVer, name) {
8787

8888
var CIPHER_LEN = {
8989
'des-ede3-cbc': { key: 7, iv: 8 },
90-
'aes-128-cbc': { key: 16, iv: 16 }
90+
'aes-128-cbc': { key: 16, iv: 16 },
91+
'aes-256-cbc': { key: 32, iv: 16 }
9192
};
9293
var PKCS5_SALT_LEN = 8;
9394

test/assets/p50key.pem

+30
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,30 @@
1+
-----BEGIN RSA PRIVATE KEY-----
2+
Proc-Type: 4,ENCRYPTED
3+
DEK-Info: AES-256-CBC,C874518D21E3C9C4F0CA44C8060D631B
4+
5+
6kCcRk72I+6eYBpvDpMu/hxJKVI9xpsJikmfyc//0HLBP6e95cuk3EHWUG5/2cLb
6+
RSniNWjeIBmxMUlJP7vCdmdnJQ+so/9JzmztwHIEk/kMW1jgNnWH53pUhuNTllFy
7+
M7/c2IOD5gWSrl/MijNNhYaglh2Zn5djJvuoJmmT3lXsIFc1FQw0luDBxYE7l5Rf
8+
PuZxuRgpHwbuAAJ2UW2NDlYxtpOI3ilh90GHl+G/DEks3N/tWvWQKWbkGy10I2Nm
9+
TbBlGf78KU5Br3fIdau5YdKUFT7vFfhuX/txB1eqV7wbMBjeDKEJNylfwANGQyMk
10+
iUZo54FdNCfZC9IYHOxJ2ntNYlV0qnD+JwffE3fmDL+QXAdr5kHY5D/C5vgLelpS
11+
1JNQPNnRll04Sj0b3ozfmPShLhTfyRUXqyngiqLl1rp0/52B4WCZuZUz17JErwas
12+
AN8e0jmNn4nGP/MZAb4sZ2ENirkguoi+yqqeGVRVylAAHzp7yPNLDp53l4vYoQ0R
13+
H99SJ+0I8PZCeODSfQm+c76mQBfUEUXYnD2LUzNZ+qZrtlUS/i0i/3wvJ+Ek4GGL
14+
lm+81KEkbmAzAe+BhXpCa+PUhuo30yhqqneq1fqhi6Hit247nIOAXjEowTYKLwxD
15+
VGHowhBZqyB+YzCApO0KFsbDeTij/VaLdm29JpAWuN6k8l1IUr3kfJerF5oItVv+
16+
VLNiC0P15yIbY5QaQHM5RkOh0kJcAnvuTRqz0Lq6rVQVE3qvwig86B1TCYO15dB9
17+
9HyRDFoR2CZ2Dy6nUCQl1nnYa7sD3GxSusoMLN1DxV+afeyW7RBQP3veWxb+nNNu
18+
M6ImxzOOEZuLQ0nG+gny25KoIfH1BuQwTd82SPl7Uez8LrTY41P/SdLxa/UFodM9
19+
BYWGdbdIgpfcTgdSoGIUvSA86RvnN7umM5DkNH8WMfm7Tfx/GCDEYANBH2yH79cn
20+
s4fCrRsE8QN4cm7LnKrhKZSEaLN5YVjoV4aiDZv3UHYdEwr1GrK2H+FxvEPCFIbh
21+
GEhP34wb9co8kQrUl0LKT+cRt5nTSF+pEDpOaE/h1B58hPNFqZJSeaUaHLUJQ84X
22+
OTJnUS+fU5B/dA/smPKPyqcq7wLjkB/FmIjYm/ezXZ9Qg2IFhBMSxAHuGdxeg8C8
23+
vypd9E1w36pm0y5E6ilogf1+UI7SsLo2HiUz8jc25SgoMv4W45dv+jwNOAAk26Z/
24+
vMD0diOAVSTpqtmYVEx/CsEoEXtLg36sUVR+NUFwdhTiVYRuaqhwvcHW4Z14DzLm
25+
tASkhcdd+9bjGUX3oJFsyitqSnMAzajthcEFsUuGaeI/DL+2NRZYrQNOVnmzKPJS
26+
0cnOJnPTI1a93FbWnTjMWLR+iNZHtafUGuf2IYHlFAiR0ekVUQHcUGC4oyKZUaPI
27+
CU9rFRGeql4XYp8UC0pBCTF5a+0Dixs7HUCc4abmlgsxfcQrIa5IFCbzmBQBs6x4
28+
9XZ9T6qedqFX5Cuy/k/9b8QKQKlzXEPFpmfXvTy0a0OS16ypCia0PuWiLgjCLkzA
29+
lqmgx4ohcj1asGUCItGeGBXbmEaBVLMgz7QDWzuIGdnq+IfVYCn37UyxdCyVkHBr
30+
-----END RSA PRIVATE KEY-----

test/private-key.js

+16
Original file line numberDiff line numberDiff line change
@@ -241,6 +241,22 @@ test('parse and produce encrypted ssh-private ecdsa', function (t) {
241241
t.end();
242242
});
243243

244+
test('pem pkcs#5 encrypted with aes-256-cbc', function (t) {
245+
var keyPem = fs.readFileSync(path.join(testDir, 'p50key.pem'));
246+
t.throws(function () {
247+
sshpk.parsePrivateKey(keyPem, 'pem');
248+
});
249+
t.throws(function () {
250+
sshpk.parsePrivateKey(keyPem, 'pem',
251+
{ passphrase: 'incorrect' });
252+
});
253+
var key = sshpk.parsePrivateKey(keyPem, 'pem',
254+
{ passphrase: 'pass' });
255+
t.strictEqual(key.type, 'rsa');
256+
t.strictEqual(key.size, 2048);
257+
t.end();
258+
});
259+
244260
var KEY_RSA, KEY_DSA, KEY_ECDSA, KEY_ECDSA2, KEY_ED25519;
245261

246262
test('setup keys', function (t) {

0 commit comments

Comments
 (0)