#19777: tor-gencert should warn nicely when PEM passphrases are too short ------------------------------+--------------------- Reporter: isis | Owner: Type: defect | Status: new Priority: Very Low | Milestone: Component: Core Tor/Tor | Version: Severity: Minor | Keywords: gencert Actual Points: | Parent ID: Points: 1 | Reviewer: Sponsor: | ------------------------------+--------------------- If you do `$ ./src/tools/tor-gencert --create-identity-key` and then give a horribly insecure passphrase like "tor" as the passphrase to the PEM certificate, tor-gencert will give this rather cryptic error message:
{{{ Jul 28 18:46:45.709 [err] Couldn't write identity key to ./authority_identity_key Jul 28 18:46:45.710 [err] crypto error while Writing identity key: problems getting password (in PEM routines:PEM_def_callback) Jul 28 18:46:45.710 [err] crypto error while Writing identity key: read key (in PEM routines:DO_PK8PKEY) }}} It would be nice if instead it just said "I require a passphrase with a minimum of 8 characters!" or something like that. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19777> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online _______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs