Re: auth_fn segfaults when reading encrypted private key in new openssh format

[Jakub Jelen <jjelen@xxxxxxxxxx>]

On Mon, 2019-03-25 at 14:16 +0100, Jeroen Ooms wrote:
> I'm running into a crash with libssh 0.8.6 / 0.8.90 that appears when
> reading an encrypted (passphrased) id_rsa in the new openssh private
> key format. My code looks like this:
> 
>   ssh_key privkey = NULL;
>   ssh_pki_import_privkey_file("path/to/id_rsa, NULL,
> my_auth_callback,
> passfun, &privkey)
> 
> Here my_auth_callback prompts the user for a passphrase, copies that
> into *buf and then returns SSH_OK. This works as expected when the
> private key is encypted using the classic pkcs1 format, i.e. the one
> that starts with:
> 
>   -----BEGIN RSA PRIVATE KEY-----
>   Proc-Type: 4,ENCRYPTED
>   DEK-Info: DES-EDE3-CBC,E5E17B572446A169
> 
> However, keys generated with recent versions of ssh-keygen are using
> the new bcrypt encrypted format, which starts with:
> 
>   -----BEGIN OPENSSH PRIVATE KEY-----
> 
> For these keys,  ssh_pki_import_privkey_file() segfaults immediately
> after the my_auth_callback has returned the password.

I just tried to write simple reproducer, but it works for me
flawlessly:

https://github.com/Jakuje/stuff/blob/master/readkey.c

The only thing that is missing from your example is passing the
userdata, but that should really not be a problem. Are you sure you are
not handling some memory wrongly?

Can you check if you can reproduce it with this simple source core or
adjust it to reproduce it?

Regards,
-- 
Jakub Jelen
Senior Software Engineer
Security Technologies
Red Hat, Inc.