supply callback to PEM_read_bio_PrivateKey

OpenSSL 1.1.0i has changed the behaviour of their PEM APIs, so that empty passphrases are interpreted differently. This probabalistically breaks loading some keys, because the PEM format is terrible and doesn't include a proper MAC. Avoid this by providing a basic callback to avoid passing empty passphrases to OpenSSL in cases where one is required. Based on patch from Jakub Jelen in bz#2913; ok dtucker@
author: Damien Miller <djm@mindrot.org> 2018-10-11 10:29:29 +1100
committer: Damien Miller <djm@mindrot.org> 2018-10-11 10:29:29 +1100
commit: 12731158c75c8760a8bea06350eeb3e763fe1a07 (patch)
tree: c15f50b311052db4212680b829f40fe0298c0dde
parent: d1d301a1dd5d6cc3a9ed93ab7ab09dda4cb456e0 (diff)
1 files changed, 15 insertions, 1 deletions
diff --git a/sshkey.c b/sshkey.c
index e1e882b72..4a656f846 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -3914,6 +3914,20 @@ convert_libcrypto_error(void)
 }
 static int
+pem_passphrase_cb(char *buf, int size, int rwflag, void *u)
+{
+        char *p = (char *)u;
+        size_t len;
+        if (p == NULL || (len = strlen(p)) == 0)
+                return -1;
+        if (size < 0 || len > (size_t)size)
+                return -1;
+        memcpy(buf, p, len);
+        return (int)len;
+}
+static int
 sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type,
    const char *passphrase, struct sshkey **keyp)
 {
@@ -3934,7 +3948,7 @@ sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type,
        }
        clear_libcrypto_errors();
-        if ((pk = PEM_read_bio_PrivateKey(bio, NULL, NULL,
+        if ((pk = PEM_read_bio_PrivateKey(bio, NULL, pem_passphrase_cb,
            (char *)passphrase)) == NULL) {
               /*
                * libcrypto may return various ASN.1 errors when attempting
author	Damien Miller <djm@mindrot.org>	2018-10-11 10:29:29 +1100
committer	Damien Miller <djm@mindrot.org>	2018-10-11 10:29:29 +1100
commit	12731158c75c8760a8bea06350eeb3e763fe1a07 (patch)
tree	c15f50b311052db4212680b829f40fe0298c0dde
parent	d1d301a1dd5d6cc3a9ed93ab7ab09dda4cb456e0 (diff)

diff --git a/sshkey.c b/sshkey.c index e1e882b72..4a656f846 100644 --- a/sshkey.c +++ b/sshkey.c
@@ -3914,6 +3914,20 @@ convert_libcrypto_error(void)
3914	}	3914	}
3915		3915
3916	static int	3916	static int
		3917	pem_passphrase_cb(char buf, int size, int rwflag, void u)
		3918	{
		3919	char p = (char )u;
		3920	size_t len;
		3921
		3922	if (p == NULL \|\| (len = strlen(p)) == 0)
		3923	return -1;
		3924	if (size < 0 \|\| len > (size_t)size)
		3925	return -1;
		3926	memcpy(buf, p, len);
		3927	return (int)len;
		3928	}
		3929
		3930	static int
3917	sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type,	3931	sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type,
3918	const char passphrase, struct sshkey *keyp)	3932	const char passphrase, struct sshkey *keyp)
3919	{	3933	{
@@ -3934,7 +3948,7 @@ sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type,
3934	}	3948	}
3935		3949
3936	clear_libcrypto_errors();	3950	clear_libcrypto_errors();
3937	if ((pk = PEM_read_bio_PrivateKey(bio, NULL, NULL,	3951	if ((pk = PEM_read_bio_PrivateKey(bio, NULL, pem_passphrase_cb,
3938	(char *)passphrase)) == NULL) {	3952	(char *)passphrase)) == NULL) {
3939	/*	3953	/*
3940	* libcrypto may return various ASN.1 errors when attempting	3954	* libcrypto may return various ASN.1 errors when attempting