diff options
author | djm@openbsd.org <djm@openbsd.org> | 2018-10-09 05:42:23 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2018-10-09 16:45:45 +1100 |
commit | edbb6febccee084d212fdc0cb05b40cb1c646ab1 (patch) | |
tree | e98550d002bc10f90c0b9256e18af5107d64bf4a | |
parent | 2581333d564d8697837729b3d07d45738eaf5a54 (diff) |
upstream: Treat all PEM_read_bio_PrivateKey() errors when a passphrase
is specified as "incorrect passphrase" instead of trying to choose between
that and "invalid format".
libcrypto can return ASN1 parsing errors rather than the expected
decrypt error in certain infrequent cases when trying to decrypt/parse
PEM private keys when supplied with an invalid passphrase.
Report and repro recipe from Thomas Deutschmann in bz#2901
ok markus@
OpenBSD-Commit-ID: b1d4cd92395f9743f81c0d23aab2524109580870
-rw-r--r-- | sshkey.c | 13 |
1 files changed, 11 insertions, 2 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshkey.c,v 1.70 2018/09/14 04:17:44 djm Exp $ */ | 1 | /* $OpenBSD: sshkey.c,v 1.71 2018/10/09 05:42:23 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. | 4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. |
@@ -3936,7 +3936,16 @@ sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type, | |||
3936 | clear_libcrypto_errors(); | 3936 | clear_libcrypto_errors(); |
3937 | if ((pk = PEM_read_bio_PrivateKey(bio, NULL, NULL, | 3937 | if ((pk = PEM_read_bio_PrivateKey(bio, NULL, NULL, |
3938 | (char *)passphrase)) == NULL) { | 3938 | (char *)passphrase)) == NULL) { |
3939 | r = convert_libcrypto_error(); | 3939 | /* |
3940 | * libcrypto may return various ASN.1 errors when attempting | ||
3941 | * to parse a key with an incorrect passphrase. | ||
3942 | * Treat all format errors as "incorrect passphrase" if a | ||
3943 | * passphrase was supplied. | ||
3944 | */ | ||
3945 | if (passphrase != NULL && *passphrase != '\0') | ||
3946 | r = SSH_ERR_KEY_WRONG_PASSPHRASE; | ||
3947 | else | ||
3948 | r = convert_libcrypto_error(); | ||
3940 | goto out; | 3949 | goto out; |
3941 | } | 3950 | } |
3942 | if (EVP_PKEY_base_id(pk) == EVP_PKEY_RSA && | 3951 | if (EVP_PKEY_base_id(pk) == EVP_PKEY_RSA && |