Skip to content

x/crypto/ssh: ParseRawPrivateKey should return PassphraseMissingError for ENCRYPTED PRIVATE KEY #71048

New issue
New issue
Open
Open
x/crypto/ssh: ParseRawPrivateKey should return PassphraseMissingError for ENCRYPTED PRIVATE KEY#71048
Labels
NeedsInvestigationSomeone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Milestone
 
Unreleased
@rgmz

Description

@rgmz
rgmz
opened on Dec 28, 2024

Go version

go1.23.4

Output of go env in your module/workspace:

N/A

What did you do?

I was validating a Box-generated private key using ssh.ParseRawPrivateKey and encountered an unexpected error.

Reproducer: https://go.dev/play/p/mX6cEyGa7FO

( The private key is inert and was generated with: openssl genpkey -algorithm RSA -aes256 -out encrypted_private_key.pem)

What did you see happen?

The function fails due to "ENCRYPTED PRIVATE KEY" not being a supported key type.

panic: ssh: unsupported key type "ENCRYPTED PRIVATE KEY"

What did you expect to see?

The function should actually return PassphraseMissingError, per the documentation:

If the private key is encrypted, it will return a PassphraseMissingError.
https://github.com/golang/crypto/blob/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909/ssh/keys.go#L1230-L1233

Metadata

Metadata

Assignees

No one assigned

    Labels

    NeedsInvestigationSomeone must examine and confirm this is a valid issue and not a duplicate of an existing one.

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions