From edbb6febccee084d212fdc0cb05b40cb1c646ab1 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 9 Oct 2018 05:42:23 +0000 Subject: upstream: Treat all PEM_read_bio_PrivateKey() errors when a passphrase is specified as "incorrect passphrase" instead of trying to choose between that and "invalid format". libcrypto can return ASN1 parsing errors rather than the expected decrypt error in certain infrequent cases when trying to decrypt/parse PEM private keys when supplied with an invalid passphrase. Report and repro recipe from Thomas Deutschmann in bz#2901 ok markus@ OpenBSD-Commit-ID: b1d4cd92395f9743f81c0d23aab2524109580870 --- sshkey.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) (limited to 'sshkey.c') diff --git a/sshkey.c b/sshkey.c index 63c01ea67..e1e882b72 100644 --- a/sshkey.c +++ b/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.70 2018/09/14 04:17:44 djm Exp $ */ +/* $OpenBSD: sshkey.c,v 1.71 2018/10/09 05:42:23 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -3936,7 +3936,16 @@ sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type, clear_libcrypto_errors(); if ((pk = PEM_read_bio_PrivateKey(bio, NULL, NULL, (char *)passphrase)) == NULL) { - r = convert_libcrypto_error(); + /* + * libcrypto may return various ASN.1 errors when attempting + * to parse a key with an incorrect passphrase. + * Treat all format errors as "incorrect passphrase" if a + * passphrase was supplied. + */ + if (passphrase != NULL && *passphrase != '\0') + r = SSH_ERR_KEY_WRONG_PASSPHRASE; + else + r = convert_libcrypto_error(); goto out; } if (EVP_PKEY_base_id(pk) == EVP_PKEY_RSA && -- cgit v1.2.3