[Bug 2913] New: Reading PEM keys might file if they decrypt to garbage with zero-length passprahse with new OpenSSL 1.1.0i
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Wed Oct 3 20:31:37 AEST 2018
https://bugzilla.mindrot.org/show_bug.cgi?id=2913
Bug ID: 2913
Summary: Reading PEM keys might file if they decrypt to garbage
with zero-length passprahse with new OpenSSL 1.1.0i
Product: Portable OpenSSH
Version: 7.7p1
Hardware: Other
OS: Linux
Status: NEW
Keywords: patch
Severity: enhancement
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
Reporter: jjelen at redhat.com
Created attachment 3183
--> https://bugzilla.mindrot.org/attachment.cgi?id=3183&action=edit
proposed patch
Some encrypted PEM keys stopped working from OpenSSH with the new
OpenSSL 1.1.0i, while they still can be used from OpenSSL. The example
key is attached to the Red Hat bugzilla [1].
After some analysis done by Tomas, there is a change in OpenSSL that
supports zero-length passprahse, that are passed by default to the PEM
decryption methods. In a rare case, the padding is decrypted
successfully with this passprahse, the garbage is passed further which
results in fail in OpenSSH.
The correct solution is to create a password callback that returns -1
to overwrite the default passphrase callback as attached in the patch.
With this patch, the ssh tools correctly ask for the passphrase, rather
than failing with invalid key error.
For more information, see the attached bugzilla [1].
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1632902
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list