Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-11082

Use PKey.read when loading private keys

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Resolved
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: PUP 6.24.0, PUP 7.9.0
    • Component/s: None
    • Labels:
    • Template:
    • Team:
      Froyo
    • Story Points:
      1
    • Sprint:
      Froyo - 6/16/2021, Froyo - 6/30/2021
    • Release Notes:
      Bug Fix
    • Release Notes Summary:
      Puppet Agent can now load private keys in PKCS#8 format.
    • QA Risk Assessment:
      Needs Assessment

      Description

      There's a littany of reasons that we couldn't use PKey.read in https://github.com/puppetlabs/puppet/blob/1a13e0cf96c70b303492e684f9ccf4c38207b3dd/lib/puppet/x509/cert_provider.rb#L218-L222.

      However, We no longer use this code in Terminii that will be loaded in JRuby (and so don't use this code at all in JRuby) nor do we support older versions of Ruby in Puppet 7.x. Our manual determination of which implementation class to construct is somewhat naive and PKey.read will do a better job.

      Consequently, we should use PKey.read in the above code.

      Note: This should only be updated for puppet7 (main branch).

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              maggie Maggie Dreyer
              Reporter:
              justin Justin Stoller
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Zendesk Support