[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

auth_fn segfaults when reading encrypted private key in new openssh format

I'm running into a crash with libssh 0.8.6 / 0.8.90 that appears when
reading an encrypted (passphrased) id_rsa in the new openssh private
key format. My code looks like this:

  ssh_key privkey = NULL;
  ssh_pki_import_privkey_file("path/to/id_rsa, NULL, my_auth_callback,
passfun, &privkey)

Here my_auth_callback prompts the user for a passphrase, copies that
into *buf and then returns SSH_OK. This works as expected when the
private key is encypted using the classic pkcs1 format, i.e. the one
that starts with:

  Proc-Type: 4,ENCRYPTED
  DEK-Info: DES-EDE3-CBC,E5E17B572446A169

However, keys generated with recent versions of ssh-keygen are using
the new bcrypt encrypted format, which starts with:


For these keys,  ssh_pki_import_privkey_file() segfaults immediately
after the my_auth_callback has returned the password.

Archive administrator: postmaster@lists.cynapses.org