crypto/ssh: ParseRawPrivateKeyWithPassphrase doesn't support PKCS#8 encrypted keys

[eurozulu]

What version of Go are you using (go version)?

go version go1.15.4 darwin/amd64

Does this issue reproduce with the latest release? Yes

What operating system and processor architecture are you using (go env)?

GOARCH="amd64"
GOOS="darwin"

go env Output

GO111MODULE=""
GOARCH="amd64"
GOBIN=""
GOCACHE="/Users/rob/Library/Caches/go-build"
GOENV="/Users/rob/Library/Application Support/go/env"
GOEXE=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="darwin"
GOINSECURE=""
GOMODCACHE="/Users/rob/development/go/pkg/mod"
GONOPROXY=""
GONOSUMDB=""
GOOS="darwin"
GOPATH="/Users/rob/development/go"
GOPRIVATE=""
GOPROXY="https://proxy.golang.org,direct"
GOROOT="/usr/local/Cellar/go/1.15.4/libexec"
GOSUMDB="sum.golang.org"
GOTMPDIR=""
GOTOOLDIR="/usr/local/Cellar/go/1.15.4/libexec/pkg/tool/darwin_amd64"
GCCGO="gccgo"

What did you do?

When decrypting a private key PEM block, using ssh package, there are two methods:
ParseRawPrivateKeyWithPassphrase.
ParseRawPrivateKey.

ParseRawPrivateKey accepts PEM blocks with type "PRIVATE KEY" (with no other qualifier) and decrypts using x509.ParsePKCS8PrivateKey however ParseRawPrivateKeyWithPassphrase does not. Both accept blocks with
"RSA PRIVATE KEY", "EC PRIVATE KEY", "DSA PRIVATE KEY" and "OPENSSH PRIVATE KEY" but ParseRawPrivateKeyWithPassphrase seems to be missing the 'case' for "PRIVATE KEY" on its own.
As methods perform the same task, just with the addition of decrypting, should they not be aligned in the keys they support?

https://play.golang.org/p/D_CtEEAqO7i

What did you expect to see?

ParseRawPrivateKeyWithPassphrase parses pem block of type "Private Key" using x509.ParsePKCS8PrivateKey

What did you see instead?

Error: ssh: unsupported key type "PRIVATE KEY"

Looking at ssh/keys.go line: 1172 a switch block for the types appears to be missing the "PRIVATE KEY" case, reflected in the ParseRawPrivateKey switch block.

Suggested fix is a simple insertion of:
case "PRIVATE KEY": return x509.ParsePKCS8PrivateKey(buf)

[toothrot]

/cc @FiloSottile

[FiloSottile]

That function supports two types of encryption: legacy PEM encryption, and the OpenSSH native encryption format. PKCS#8 specifies its own encryption format which we don't currently support. I'm not aware of any software that uses PEM legacy encryption with PKCS#8 encoding.

This is a duplicate of #8860, although it could also be fixed in x/crypto/ssh without exposing support in crypto/x509 by just implementing PKCS#8 encryption support. Retitled.