Skip to content

sergeev917/openssh-openssl-bug-repro

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
1 branch 0 tags
Code

Latest commit

@sergeev917
sergeev917 pull openssh sources from github
7f12bcf Oct 10, 2018
pull openssh sources from github
7f12bcf

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
patches
import an upstream patch
October 9, 2018 10:12
Dockerfile
pull openssh sources from github
October 10, 2018 12:08
README.md
import an upstream patch
October 9, 2018 10:12
find_key_failure.sh
disambiguate log messages for nothing-found cases
October 9, 2018 10:08
find_misleading_msg.sh
disambiguate log messages for nothing-found cases
October 9, 2018 10:08
run.sh
use docker image id, not tag
September 21, 2018 16:56
tester.sh
check whether openssl utility fails too
September 21, 2018 16:55

README.md

Reproducer for openssh/openssl key loading bug

The reproducer uses docker to ensure clean and stable environment for tests. Use run.sh to perform docker image build (openssl and openssh are compiled from sources) and run search for key loading failures.

In the end it should look like:

$ ./run.sh

<...>

Successfully tagged openssh-bug-reproducer:latest
================================================================================
note: running version OpenSSH_7.8p1, OpenSSL 1.0.2p  14 Aug 2018
[attempt #401] found a broken key (passphrase = 12345678):

+ env DISPLAY= SSH_ASKPASS=/bin/false ssh-keygen -y -f testkey
Load key "testkey": invalid format
+ openssl ec -noout -text -in testkey -passin file:./passphrase
read EC key
Private-Key: (521 bit)
priv:
    67:10:72:5d:86:63:a2:21:9f:0c:78:a6:ce:3c:32:
    35:ef:65:46:eb:65:a6:7b:4c:44:fb:d5:73:44:c7:
    c5:d4:3b:32:59:75:8a:28:98:65:c7:05:be:b7:fd:
    f5:bb:a0:0e:cd:2a:86:2c:b3:fe:ce:50:12:72:8a:
    34:1f:25:60:12
pub:
    04:01:b3:97:12:e2:4f:98:5c:00:b3:05:6c:05:f3:
    52:a4:68:49:f6:24:2d:fe:ca:d4:bb:d2:17:89:c3:
    a5:ff:41:e1:32:4b:72:48:da:3b:ea:eb:d8:52:e1:
    01:3d:05:61:bc:cc:63:3a:07:45:bc:4c:85:2f:89:
    80:dc:1b:8c:4f:dd:6b:01:23:d3:cb:0e:61:ef:2c:
    f7:5b:ba:8e:e2:fe:c3:d7:78:0d:01:7c:d7:fb:9b:
    e3:bd:df:2a:32:e9:82:86:a6:3c:0c:0c:be:66:b9:
    7b:86:d3:89:e2:ef:7e:d5:f4:d2:e1:e9:e1:e8:37:
    fc:af:56:dc:9c:88:09:fc:6f:c9:17:36:f7
ASN1 OID: secp521r1
NIST CURVE: P-521
+ :
+ set +o xtrace

-----BEGIN EC PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,0883187A99FEF847EC8DBBEB3F3F5FBC

+TUjAkus5ipfi2xI5S88J8DK2ntXnmZNJdQ91MgzquIrQ1AN+ZMHZS0E+GMopsXQ
UAIAbePDbs+Yx+35BAYGp03jXpsFb8zNSLYzmOWE6rB7IapZZj9Z4yVzJQzOUVSL
bPsS2SxrS6BhnHXuPdVfrt7BAyDc8MTcrRx98zsCbjff7zaNKJ4LZ8SK9TVNyOP5
D7ub6trACSYo5sGglLX1i6X+mFVBZhbZb+ObakwVgme4lYhj2nF2vpNOzVu7WuQa
foT5bfg6zilE9alcs2r7R7R/fA9r/TzpWelFLj7tjDU=
-----END EC PRIVATE KEY-----
================================================================================
================================================================================
trying failed key with openssl-1.0.2o

+ ssh -V
OpenSSH_7.8p1, OpenSSL 1.0.2o  27 Mar 2018
+ env DISPLAY= SSH_ASKPASS=/bin/false ssh-keygen -y -f ./unloadable_1.0.2p.key
Load key "./unloadable_1.0.2p.key": incorrect passphrase supplied to decrypt private key
+ :
+ ssh-keygen -p -P 12345678 -N '' -f ./unloadable_1.0.2p.key
Your identification has been saved with the new passphrase.
+ set +o xtrace
================================================================================
================================================================================
[!] no misleading key load messages in 2000 tries
================================================================================

About

Bunch of scripts to demonstrate key loading bug.

Resources

Readme

Stars

0 stars

Watchers

1 watching

Forks

0 forks

Releases

No releases published

Packages

No packages published

Languages