[Bug 2754] New: ssh-keygen.exe returns invalid format when passphrase is not empty when WITH_OPENSSL is not defined.

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Sat Aug 5 07:51:10 AEST 2017


https://bugzilla.mindrot.org/show_bug.cgi?id=2754

            Bug ID: 2754
           Summary: ssh-keygen.exe returns invalid format when passphrase
                    is not empty when WITH_OPENSSL is not defined.
           Product: Portable OpenSSH
           Version: 7.5p1
          Hardware: amd64
                OS: All
            Status: NEW
          Severity: normal
          Priority: P5
         Component: ssh-keygen
          Assignee: unassigned-bugs at mindrot.org
          Reporter: yawang at microsoft.com

on a build without OpenSSL,

ssh-keygen.exe -t ed25519 -P Bull -f C:\mspctl\openssh\id_ED25519
Generating public/private ed25519 key pair.
Saving key "C:\\mspctl\\openssh\\id_ED25519" failed: invalid argument

This occurs when we compile on windows, but we believe it also repros
on other os.

The cause is that when passphrase is not empty, ciphername is assigned
to DEFAULT_CIPHERNAME("aes256-cbc") at the following line in function
sshkey_private_to_blob2, but "aes256-cbc" is not valid in ciphers array
when WITH_OPENSSL is 0

        if (passphrase == NULL || !strlen(passphrase)) {
                ciphername = "none";
                kdfname = "none";
        } else if (ciphername == NULL)
                ciphername = DEFAULT_CIPHERNAME;

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list