Opened 3 years ago

Closed 3 years ago

#9681 defect closed fixed (fixed)

Wrong iqmp parameter in serialised RSA private keys

Reported by: Colin Watson Owned by: Glyph
Priority: normal Milestone:
Component: conch Keywords:
Cc: Branch:
Author:

Description (last modified by Colin Watson)

Conch serialises RSA private keys for OpenSSH and LSH with the "iqmp" parameter set to p-1 mod q, but OpenSSH and LSH both expect that to be q-1 mod p. Prior to the fix in #9518, p and q were sometimes swapped causing this to end up being accidentally correct anyway; but we should really write out the correct value.

(I noticed this when working on a branch to add support for writing OpenSSH's newish "v1" private key format.)

Change History (4)

comment:1 Changed 3 years ago by Colin Watson

Keywords: review added

https://github.com/twisted/twisted/pull/1171

comment:2 Changed 3 years ago by Colin Watson

Description: modified (diff)

comment:3 Changed 3 years ago by Glyph

Keywords: review removed
Owner: set to Glyph

Looks like this is correct, so I will land. Thanks for your contribution!

comment:4 Changed 3 years ago by Glyph <glyph@…>

Resolution: fixed
Status: newclosed

In 51943386:

Error: Processor CommitTicketReference failed
 does not appear to be a Git repository. See the log for more information.
Note: See TracTickets for help on using tickets.