diff options
-rw-r--r-- | sshkey.c | 13 |
1 files changed, 11 insertions, 2 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshkey.c,v 1.70 2018/09/14 04:17:44 djm Exp $ */ | 1 | /* $OpenBSD: sshkey.c,v 1.71 2018/10/09 05:42:23 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. | 4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. |
@@ -3936,7 +3936,16 @@ sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type, | |||
3936 | clear_libcrypto_errors(); | 3936 | clear_libcrypto_errors(); |
3937 | if ((pk = PEM_read_bio_PrivateKey(bio, NULL, NULL, | 3937 | if ((pk = PEM_read_bio_PrivateKey(bio, NULL, NULL, |
3938 | (char *)passphrase)) == NULL) { | 3938 | (char *)passphrase)) == NULL) { |
3939 | r = convert_libcrypto_error(); | 3939 | /* |
3940 | * libcrypto may return various ASN.1 errors when attempting | ||
3941 | * to parse a key with an incorrect passphrase. | ||
3942 | * Treat all format errors as "incorrect passphrase" if a | ||
3943 | * passphrase was supplied. | ||
3944 | */ | ||
3945 | if (passphrase != NULL && *passphrase != '\0') | ||
3946 | r = SSH_ERR_KEY_WRONG_PASSPHRASE; | ||
3947 | else | ||
3948 | r = convert_libcrypto_error(); | ||
3940 | goto out; | 3949 | goto out; |
3941 | } | 3950 | } |
3942 | if (EVP_PKEY_base_id(pk) == EVP_PKEY_RSA && | 3951 | if (EVP_PKEY_base_id(pk) == EVP_PKEY_RSA && |