bugzilla-daemon at bugzilla.mindrot.org
2017-Mar-25 15:24 UTC
[Bug 2699] New: PKCS#8 private keys with AES-128-CBC stopped working
https://bugzilla.mindrot.org/show_bug.cgi?id=2699 Bug ID: 2699 Summary: PKCS#8 private keys with AES-128-CBC stopped working Product: Portable OpenSSH Version: 7.5p1 Hardware: amd64 OS: Linux Status: NEW Severity: normal Priority: P5 Component: ssh-keygen Assignee: unassigned-bugs at mindrot.org Reporter: peter at lekensteyn.nl In older OpenSSH versions, the key derivation method was quite weak, but the encryption method could be changed (see https://security.stackexchange.com/a/39293). Basically: openssl pkcs8 -topk8 -in id_rsa -out keypk8.pem -v2 AES-128-CBC With the latest OpenSSH version, the key no longer functions. "ssh host" fails with "invalid format". Expected result (7.4p1): $ ssh-keygen -f keypk8.pem -y Enter passphrase: 1234 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDQ33ndDr5N/AI8y2PzrqGbadLeS5fSf2GsVJx2B2KxhazL2z5Oufin+wjJ1hW12/zWyQs/9CFYQFrife+PrMUOdLitsmlD3l4lBQ29+XKsmPabtINPJQ0n4dxgBGeFxTCd4lJwiysmVsXPnNrgQTcx2nirrIk1C7wSW9Ai9W3fZQ= Actual result (7.5p1): $ ssh-keygen -f keypk8.pem -y Enter passphrase: Load key "keypk8.pem": invalid format $ cat keypk8.pem -----BEGIN ENCRYPTED PRIVATE KEY----- MIICzzBJBgkqhkiG9w0BBQ0wPDAbBgkqhkiG9w0BBQwwDgQIjD0b5HeRJgcCAggA MB0GCWCGSAFlAwQBAgQQO0b81Wq1hf72ClU42A/MlgSCAoCtUR3Stws9u5+CE3B8 ewvZeDZRm1suk2vCrt1f/AMUTZv18hfJtreS3qcAJAUJbuzpC8B/xNLv/k2SfPkl pEX3hma9JNebVt6CwnFnxiSGqVthNuO7iprTnabTcwMZVJnx32YoqEa3rS/NWf+D kMSWHcuUSngreuL8XA3oWlzIcDDcEGY/gpLFvli4YXnBJe0fM/NBBm1QqTOWgNlB xCzbVwi58aELHt9OYzhYQOnNVFE3ZJxwzBQZA7+lsiwAPQZhCVFuoR5nbsHAGq4m ATb5Zl6kXqQFbyHnNimcuZPvNpNJ5AKpgSUDgGpDycxsp4a59noG9jKdlubrlvgl cXFsA3COBKB87edRgLDU2X2+XTrtGRtRBfwkt5Os3+4NQYGpI7s3KT/VCEAoQSgZ HKXLW6UjMtE/prNXiGlOCMlvWiBxJC1ZH4OsG6vVjmH7jX6xE4sxIER9ENezKGHC pcqP6qfne5O/gkKwd3IDMbsdNp2rislAP4baXk9lHbxVKTzbW1xPDHq5iXlcGuUZ q4Mgena5VUIIgPN1RTBFWwLVNHKlVJcM0w3+OVAK84/aX7NUyhLV6fZgi3jVSkaV aHDDAezvzUwwgm63du0hBZlWLkl2IY7b/SOsTaZV9bwiaLG4kmlMhwYQEKpTIgDA ZMJ/oQAWKgWqm7Vg4kW06ri7iKOoIWIIDINbgB1hiFVOdVOLFFDKBd/Rso6pCDlQ jHcrA4nwzsqKqFG3+NKRmUtaIwAekWTKgknlVu+nhGBA/PjOFnucyBY2hceJpLsK 9W7EgT2Y/QURyMRf9OE2rtV+8C01C0tyyIXxEleV941N9AeK4F2GMeL2/i/blyuN TVmf -----END ENCRYPTED PRIVATE KEY----- -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Mar-29 08:19 UTC
[Bug 2699] PKCS#8 private keys with AES-128-CBC stopped working
https://bugzilla.mindrot.org/show_bug.cgi?id=2699 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |djm at mindrot.org --- Comment #1 from Damien Miller <djm at mindrot.org> --- I can't replicate this on either OpenBSD or Linux (Ubuntu variant). I tried the key you provided and one that I generated: $ ssh-keygen -t rsa -f k -C '' -N '' Generating public/private rsa key pair. Your identification has been saved in k. Your public key has been saved in k.pub. The key fingerprint is: SHA256:m4QOVbZ5Q5sWhFIox47fgcUManmU2RNzIJJfYl9SmNw The key's randomart image is: +---[RSA 2048]----+ | .o+ at BX* | | o=X+&*E+ | | +BoBo+* | | ..o+.oo . | | ....S. | | o...o | | . o | | | | | +----[SHA256]-----+ $ openssl pkcs8 -topk8 -in k -out k.pem -v2 AES-128-CBC Enter Encryption Password: Verifying - Enter Encryption Password: $ chmod 0600 k.pem $ ssh-keygen -yf k.pem Enter passphrase: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD0cTGZ+1cqjei8PdYa7FoFUHYsUST7jTneMP+FktaD3RKqrkpKQdvTBfRqcYUeiwscgqmKa5KYvNvz2GXhO3Nk6Pe46MI9CC+bKoR/Gt+okQU54zua4TlmRRsPxQdGat6vtcD7bPeFcIpXLGt4troMs7VVSBgrVI1Z+QG2v41L85l360vsmo5mVDDKWODlG7D0QyulJpf9WVuAD9fAorBKh5hA2mcWLYiInD9uxsw3xst0nPnQdHXvTNkfF2u8LD6Hurh5ewYu58a8RSozCDqSn0s3F0Sm5oO4oJw+zd1QG/ljJ/fn2bPr2RCUx9L2CkjQcQAFZm13flx8tg77pJ+Z $ ./ssh-keygen -yf k.pem Enter passphrase: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD0cTGZ+1cqjei8PdYa7FoFUHYsUST7jTneMP+FktaD3RKqrkpKQdvTBfRqcYUeiwscgqmKa5KYvNvz2GXhO3Nk6Pe46MI9CC+bKoR/Gt+okQU54zua4TlmRRsPxQdGat6vtcD7bPeFcIpXLGt4troMs7VVSBgrVI1Z+QG2v41L85l360vsmo5mVDDKWODlG7D0QyulJpf9WVuAD9fAorBKh5hA2mcWLYiInD9uxsw3xst0nPnQdHXvTNkfF2u8LD6Hurh5ewYu58a8RSozCDqSn0s3F0Sm5oO4oJw+zd1QG/ljJ/fn2bPr2RCUx9L2CkjQcQAFZm13flx8tg77pJ+Z [djm at demiurge openssh]$ ssh -V OpenSSH_7.2p2, OpenSSL 1.0.1f 6 Jan 2014 [djm at demiurge openssh]$ ./ssh -V OpenSSH_7.5p1, OpenSSL 1.0.1f 6 Jan 2014 -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Mar-29 09:13 UTC
[Bug 2699] PKCS#8 private keys with AES-128-CBC stopped working
https://bugzilla.mindrot.org/show_bug.cgi?id=2699 --- Comment #2 from Peter Wu <peter at lekensteyn.nl> --- Perhaps the passphrase was wrongly entered (bad keyboard state?). It works now when the correct passphrase is typed in (rebooted in between). Can the error message can be improved? $ ssh-keygen -yf keypk8.pem Enter passphrase: 1233 Load key "keypk8.pem": invalid format $ ssh -V OpenSSH_7.5p1, OpenSSL 1.0.2k 26 Jan 2017 $ ssh-keygen -yf keypk8.pem Enter passphrase: 1233 Load key "keypk8.pem": incorrect passphrase supplied to decrypt private key $ ssh -V OpenSSH_7.2p2 Ubuntu-4ubuntu2.1, OpenSSL 1.0.2g 1 Mar 2016 -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Jun-09 04:38 UTC
[Bug 2699] PKCS#8 private keys with AES-128-CBC stopped working
https://bugzilla.mindrot.org/show_bug.cgi?id=2699 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED CC| |dtucker at zip.com.au Assignee|unassigned-bugs at mindrot.org |djm at mindrot.org Attachment #2990| |ok?(dtucker at zip.com.au) Flags| | --- Comment #3 from Damien Miller <djm at mindrot.org> --- Created attachment 2990 --> https://bugzilla.mindrot.org/attachment.cgi?id=2990&action=edit search first entry in libcrypto error stack for better error OpenSSL makes it unfortunately painful to determine the actual problem when it fails, by scattering root and proximal problems across an error stack. This patch searches deeper in the stack and prefers to return "wrong passphrase" errors when it finds them to other causes. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Jun-09 04:38 UTC
[Bug 2699] PKCS#8 private keys with AES-128-CBC stopped working
https://bugzilla.mindrot.org/show_bug.cgi?id=2699 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |2698 Referenced Bugs: https://bugzilla.mindrot.org/show_bug.cgi?id=2698 [Bug 2698] Tracking bug for OpenSSH 7.6 release -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Jun-09 04:43 UTC
[Bug 2699] PKCS#8 private keys with AES-128-CBC stopped working
https://bugzilla.mindrot.org/show_bug.cgi?id=2699 Darren Tucker <dtucker at zip.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #2990|ok?(dtucker at zip.com.au) |ok+ Flags| | --- Comment #4 from Darren Tucker <dtucker at zip.com.au> --- Comment on attachment 2990 --> https://bugzilla.mindrot.org/attachment.cgi?id=2990 search first entry in libcrypto error stack for better error looks reasonable but I don't know openssl that well. maybe you want get one of the libressl folks to look? -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Jun-09 06:40 UTC
[Bug 2699] PKCS#8 private keys with AES-128-CBC stopped working
https://bugzilla.mindrot.org/show_bug.cgi?id=2699 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution|--- |FIXED --- Comment #5 from Damien Miller <djm at mindrot.org> --- Patch applied. This will be in openssh 7.6 -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2018-Apr-06 02:26 UTC
[Bug 2699] PKCS#8 private keys with AES-128-CBC stopped working
https://bugzilla.mindrot.org/show_bug.cgi?id=2699 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #6 from Damien Miller <djm at mindrot.org> --- Close all resolved bugs after release of OpenSSH 7.7. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.