[Bug 2522] New: Key parser should reflect errors from OpenSSL
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Sat Jan 9 03:15:29 AEDT 2016
https://bugzilla.mindrot.org/show_bug.cgi?id=2522
Bug ID: 2522
Summary: Key parser should reflect errors from OpenSSL
Product: Portable OpenSSH
Version: 7.1p1
Hardware: Other
OS: Linux
Status: NEW
Keywords: patch
Severity: enhancement
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
Reporter: jjelen at redhat.com
Created attachment 2781
--> https://bugzilla.mindrot.org/attachment.cgi?id=2781&action=edit
proposed patch
TL;DR
./ssh-add <(echo "")
asks for passphrase for empty key. The blob is passed to OpenSSL and
every parser failure is reported as "wrong passphrase", which is
broken. Checking the actual error from OpenSSL would solve this issue.
Long story:
Based on Red hat Bugzilla [1], my post on mailing list [2] and SO
question [3] I went down the source code and investigated a bit
communication between OpenSSH and OpenSSL in terms of private key
parsing.
When openSSH can not derive the key type it passes the whole blob to
OpenSSL function and waits if it can parse it.
PEM_read_bio_PrivateKey() # called from sshkey.c @ 3791
Only return value from this function is NULL on failure. The reason can
be obtained using ERR_ functions from OpenSSL
ERR_get_error(); # actual error code
ERR_print_errors_fp(stderr); # prints verbose info
Possible reasons for failure of the above mentioned function are
described in openssl/pem.h [4]. Basically, some of the reasons are
obviously not related to wrong passphrase. I tried with somehow
crippled keys and I ended up with attached patch so far (currently
contains also debug output from openssl on failure). The proposed patch
does not solve only the issue with empty key and "crippled" one, but
also problems with unknown RSA1 keys when built without SSH1 protocol:
$ ./ssh-add <(echo "")
140239613359768:error:0906D06C:lib(9):func(109):reason(108):pem_lib.c:701:Expecting:
ANY PRIVATE KEY
Error loading key "/dev/fd/63": invalid format
$ ./ssh-add /tmp/rsa
140408665470616:error:0906D066:lib(9):func(109):reason(102):pem_lib.c:809:
Error loading key "/tmp/rsa": invalid format
$ ./ssh-add /tmp/rsa1
140632696993432:error:0906D06C:lib(9):func(109):reason(108):pem_lib.c:701:Expecting:
ANY PRIVATE KEY
Error loading key "/tmp/rsa1": invalid format
Let me know if there is something not clear and if it can be included
in the next release.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1282423
[2]
http://lists.mindrot.org/pipermail/openssh-unix-dev/2015-December/034617.html
[3] http://unix.stackexchange.com/q/251194/121504
[4]
https://github.com/openssl/openssl/blob/master/include/openssl/pem.h#L509
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list