[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-bugs] #19777 [Core Tor/Tor]: tor-gencert should warn nicely when PEM passphrases are too short
#19777: tor-gencert should warn nicely when PEM passphrases are too short
------------------------------+---------------------
Reporter: isis | Owner:
Type: defect | Status: new
Priority: Very Low | Milestone:
Component: Core Tor/Tor | Version:
Severity: Minor | Keywords: gencert
Actual Points: | Parent ID:
Points: 1 | Reviewer:
Sponsor: |
------------------------------+---------------------
If you do `$ ./src/tools/tor-gencert --create-identity-key` and then give
a horribly insecure passphrase like "tor" as the passphrase to the PEM
certificate, tor-gencert will give this rather cryptic error message:
{{{
Jul 28 18:46:45.709 [err] Couldn't write identity key to
./authority_identity_key
Jul 28 18:46:45.710 [err] crypto error while Writing identity key:
problems getting password (in PEM routines:PEM_def_callback)
Jul 28 18:46:45.710 [err] crypto error while Writing identity key: read
key (in PEM routines:DO_PK8PKEY)
}}}
It would be nice if instead it just said "I require a passphrase with a
minimum of 8 characters!" or something like that.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19777>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs