Opened 3 years ago

Closed 2 years ago

Last modified 21 months ago

#8828 enhancement closed fixed (fixed)

Add support for ecdsa keys using scripts/ckeygen

Reported by: Abhishek Choudhary Owned by: Cory Benfield <lukasaoz@…>
Priority: normal Milestone:
Component: conch Keywords:
Cc: Branch: 8828-acabhishek942-ecdsa
branch-diff, diff-cov, branch-cov, buildbot
Author:

Description

Add support for ecdsa keys using scripts/ckeygen

Change History (14)

comment:1 Changed 3 years ago by Abhishek Choudhary

Keywords: review added

comment:2 Changed 2 years ago by Cory Benfield

Keywords: review removed
Owner: set to acabhishek

Some notes have been left in the GitHub PR.

comment:3 Changed 2 years ago by Abhishek Choudhary

Keywords: review added
Owner: acabhishek deleted

Thank you for the review.

I addressed lukasa's feedback from the github PR. but decided to keep AES-256-CBC because cryptography's serialization.BestAvailableEncryption uses AES-256-CBC right now and without that tests fails with unknown cipher. I am adding this back to the review queue.

comment:4 Changed 2 years ago by Moshe Zadka

Component: coreconch

Switched component.

comment:5 Changed 2 years ago by Moshe Zadka

Keywords: review removed
Owner: set to Abhishek Choudhary

Reviewed on GH.

comment:6 Changed 2 years ago by Abhishek Choudhary

Keywords: review added
Owner: Abhishek Choudhary deleted

Thanks for the review.

I addressed moshez's feedback and also tweaked the script a little so that it now accepts keytypes like 'RSA', 'DsA', previously only lowercase strings were accepted, this method also mimics ssh-keygen.

comment:7 Changed 2 years ago by Cory Benfield

Keywords: review removed
Owner: set to acabhishek

comment:8 Changed 2 years ago by Abhishek Choudhary

Keywords: review added
Owner: acabhishek deleted

comment:9 Changed 2 years ago by Cory Benfield

Keywords: review removed
Owner: set to acabhishek

comment:10 Changed 2 years ago by Abhishek Choudhary

Keywords: review added
Owner: acabhishek deleted

comment:11 Changed 2 years ago by Cory Benfield

Branch: 8828-acabhishek942-ecdsa

comment:12 Changed 2 years ago by Cory Benfield <lukasaoz@…>

Owner: set to Cory Benfield <lukasaoz@…>
Resolution: fixed
Status: newclosed

In 2b6b2d99:

Merge 8828-acabhishek942-ecdsa: Add support for ecdsa keys using scripts/ckeygen

Author: acabhishek942
Reviewer: lukasa, moshez
Fixes: #8828

comment:13 Changed 2 years ago by Adi Roiban

There is also #5350 as the original but in which conch was crashing as it was failing to parse an ECDSA key.

with this ticket fixed, the #5350 issue should also be fixed as conch should no longer fail to read an ECDSA key

Note: See TracTickets for help on using tickets.