[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
auth_fn segfaults when reading encrypted private key in new openssh format
[Thread Prev] | [Thread Next]
- Subject: auth_fn segfaults when reading encrypted private key in new openssh format
- From: Jeroen Ooms <jeroen@xxxxxxxxxxxx>
- Reply-to: libssh@xxxxxxxxxx
- Date: Mon, 25 Mar 2019 14:16:58 +0100
- To: libssh@xxxxxxxxxx
I'm running into a crash with libssh 0.8.6 / 0.8.90 that appears when
reading an encrypted (passphrased) id_rsa in the new openssh private
key format. My code looks like this:
ssh_key privkey = NULL;
ssh_pki_import_privkey_file("path/to/id_rsa, NULL, my_auth_callback,
passfun, &privkey)
Here my_auth_callback prompts the user for a passphrase, copies that
into *buf and then returns SSH_OK. This works as expected when the
private key is encypted using the classic pkcs1 format, i.e. the one
that starts with:
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,E5E17B572446A169
However, keys generated with recent versions of ssh-keygen are using
the new bcrypt encrypted format, which starts with:
-----BEGIN OPENSSH PRIVATE KEY-----
For these keys, ssh_pki_import_privkey_file() segfaults immediately
after the my_auth_callback has returned the password.
| Re: auth_fn segfaults when reading encrypted private key in new openssh format | Jakub Jelen <jjelen@xxxxxxxxxx> |
| Re: auth_fn segfaults when reading encrypted private key in new openssh format | Jakub Jelen <jjelen@xxxxxxxxxx> |