From fba220433d402a733fab3320a74ab1475e8b0aad Mon Sep 17 00:00:00 2001
From: Alisue <lambdalisue@hashnote.net>
Date: Tue, 26 Oct 2021 16:23:26 +0900
Subject: [PATCH 1/2] Add private key serialization tests

---
 tests/keyfiles.rs | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/tests/keyfiles.rs b/tests/keyfiles.rs
index c014ffa..e6badd0 100644
--- a/tests/keyfiles.rs
+++ b/tests/keyfiles.rs
@@ -21,6 +21,17 @@ fn verify_key<P: AsRef<Path>>(keyfile: P, passphrase: Option<&str>) {
     let pubkey = PublicKey::from_keystr(from_utf8(pubdata.as_slice()).unwrap()).unwrap();
 
     utils::fingerprint_assert(&privkey, &pubkey);
+
+    // Make sure that privkey can be serialized
+    // https://github.com/Leo1003/rust-osshkeys/issues/4
+    if privkey.keytype() != KeyType::ED25519 {
+        // ED25519 key can only be stored in OpenSSH format
+        let _ = privkey.serialize_pem(None).unwrap();
+        let _ = privkey.serialize_pkcs8(None).unwrap();
+    }
+    let _ = privkey
+        .serialize_openssh(None, osshkeys::cipher::Cipher::Null)
+        .unwrap();
 }
 
 #[test]

From cbfd9ba1336457610d73f15c9924b87ecea2146a Mon Sep 17 00:00:00 2001
From: Alisue <lambdalisue@hashnote.net>
Date: Tue, 26 Oct 2021 16:17:50 +0900
Subject: [PATCH 2/2] Fix invalid private key by `from_keystr` for OpenSSH
 format

Close #4
---
 src/format/ossh_privkey.rs | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/src/format/ossh_privkey.rs b/src/format/ossh_privkey.rs
index 977358a..83ed515 100644
--- a/src/format/ossh_privkey.rs
+++ b/src/format/ossh_privkey.rs
@@ -5,8 +5,9 @@ use crate::sshbuf::{SshBuf, SshReadExt, SshWriteExt};
 use bcrypt_pbkdf::bcrypt_pbkdf;
 use byteorder::WriteBytesExt;
 use cryptovec::CryptoVec;
+use openssl::bn::BigNum;
 use openssl::dsa::Dsa;
-use openssl::rsa::RsaPrivateKeyBuilder;
+use openssl::rsa::Rsa;
 use rand::prelude::*;
 use rand::rngs::StdRng;
 use std::io::{Cursor, Read, Write};
@@ -131,13 +132,13 @@ fn decode_key(reader: &mut SshBuf) -> OsshResult<KeyPair> {
             let n = reader.read_mpint()?;
             let e = reader.read_mpint()?;
             let d = reader.read_mpint()?;
-            let mut _iqmp = reader.read_mpint()?;
+            let iqmp = reader.read_mpint()?;
             let p = reader.read_mpint()?;
             let q = reader.read_mpint()?;
-            let rsa = RsaPrivateKeyBuilder::new(n, e, d)?
-                .set_factors(p, q)?
-                .build();
-            _iqmp.clear(); // Explicity clear the sensitive data
+            let one = BigNum::from_u32(1)?;
+            let dmp1 = &d % &(&p - &one);
+            let dmq1 = &d % &(&q - &one);
+            let rsa = Rsa::from_private_components(n, e, d, p, q, dmp1, dmq1, iqmp)?;
             match keyname {
                 RSA_NAME => RsaKeyPair::from_ossl_rsa(rsa, RsaSignature::SHA1),
                 RSA_SHA256_NAME => RsaKeyPair::from_ossl_rsa(rsa, RsaSignature::SHA2_256),