Skip to content

Consumers can now request private keys (for SSH certificates) protected by a passphrase #264

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
achuchev wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Consumers can now request private keys (for SSH certificates) protected by a passphrase #264

achuchev wants to merge 1 commit into from

Conversation

@achuchev
Copy link
Contributor

@achuchev achuchev commented Oct 7, 2022

  • The PrivateKeyPassphrase attribute was missing, so consumers cannot request private keys protected by a passphrase.
  • Remove PrivateKeyFormat from the SSH cert data structure. This option has never been implemented on the server side.

@achuchev
Pass PrivateKeyPassphrase when requesting SSH certificates
e2e07b6 
Remove PrivateKeyFormat from the SSH cert data structure. This option was never implemented on the server side.
@luispresuelVenafi
Copy link
Contributor

luispresuelVenafi commented Oct 11, 2022

Changes looks good @achuchev , could you add a unit test for this?

@achuchev
Copy link
Contributor Author

achuchev commented Oct 12, 2022

@luispresuelVenafi Do you mind to point me where I can find similar tests?

@luispresuelVenafi
Copy link
Contributor

luispresuelVenafi commented Oct 12, 2022
edited
Loading

Sure @achuchev, you could take this test as an example: https://github.com/Venafi/vcert/blob/master/pkg/venafi/tpp/connector_test.go#L2107

You could do the following tests:

  • Provide the passphrase in the request and after the retrieve operation, that passphrase still works for opening the private key.
  • Negative test: Provide a passphrase in the request and try to open the private key without providing the passphrase; it should fail.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rvelaVenafi rvelaVenafi Awaiting requested review from rvelaVenafi rvelaVenafi is a code owner

@marcos-albornoz marcos-albornoz Awaiting requested review from marcos-albornoz marcos-albornoz is a code owner

@luispresuelVenafi luispresuelVenafi Awaiting requested review from luispresuelVenafi luispresuelVenafi is a code owner

@EduardoVV EduardoVV Awaiting requested review from EduardoVV EduardoVV is a code owner

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@achuchev @luispresuelVenafi