parse PEM keys with empty passphrase
Otherwise OpenSSL tries prompting for a passphrase!
This commit is contained in:
Ben Toews
Родитель
d19cb6f478
Коммит
4fe3b7e155
|
|
@ -17,11 +17,11 @@ module SSHData
|
|||
when OPENSSH_PEM_TYPE
|
||||
parse_openssh(key)
|
||||
when RSA_PEM_TYPE
|
||||
[RSA.from_openssl(OpenSSL::PKey::RSA.new(key))]
|
||||
[RSA.from_openssl(OpenSSL::PKey::RSA.new(key, ""))]
|
||||
when DSA_PEM_TYPE
|
||||
[DSA.from_openssl(OpenSSL::PKey::DSA.new(key))]
|
||||
[DSA.from_openssl(OpenSSL::PKey::DSA.new(key, ""))]
|
||||
when ECDSA_PEM_TYPE
|
||||
[ECDSA.from_openssl(OpenSSL::PKey::EC.new(key))]
|
||||
[ECDSA.from_openssl(OpenSSL::PKey::EC.new(key, ""))]
|
||||
when ENCRYPTED_PEM_TYPE
|
||||
raise DecryptError, "cannot decode encrypted private keys"
|
||||
else
|
||||
|
|
|
|||
|
|
@ -0,0 +1,15 @@
|
|||
-----BEGIN DSA PRIVATE KEY-----
|
||||
Proc-Type: 4,ENCRYPTED
|
||||
DEK-Info: AES-128-CBC,CF19675A47CDE014EA0C81A59C6B6269
|
||||
|
||||
k1xSi/SoTdSQkoTeEvNsTR211f2rwsn4fso5dGmVkIKVXJ6onPOeHBz+Z5P3Uj/a
|
||||
WHw6su+RZ4fjnOlKthhfTcuKawu+oq0RFKTkVzV+b43dEmNy8u5hn/VXVsg9Tubo
|
||||
PxI08zyhg3FkY4P0YjkQJCBZZbRzd9k/eciPhHU04d6EX0m2eDXjUP7U4EO86bK4
|
||||
o3nIeY6xnclci6+b4bo+pR1+z+9aChIB5wErsmlZtf2Lvpy3gpHrLXgaPl/Rpl2I
|
||||
IzosnT4QO0NOUtIgvnl8E0/L7NGiJ1cp9Drdt6Vx8mjbA2f3A8Uv0YbbF9PZiurv
|
||||
MuYuDi2D6LRrc1wWUSEQo51ExZZpHpzB7rgB99P2chl7R6Xwz8uAByeFA5nKtwzc
|
||||
Z/081h7v9UfLiAoCGc8oT26xuAvNSrTsRil/gegyR4tiwN5upYNNlWOu0SxszszG
|
||||
k32GIFZMxKnFBIzCOHHlMw7ZV8dm6bciJREn9IlLNlthoaQSylIHO6kIlhEFcUA8
|
||||
7csp0Q5y411C50dSSNx54l45KsXuUTZ9gMKHkVGPdpRLXyidOVna3puSvq6f+W30
|
||||
SdlnbFjV+r3EjzB5rzuDT8gTmPmwI5kgClaL1MuJWgg=
|
||||
-----END DSA PRIVATE KEY-----
|
||||
|
|
@ -1,12 +0,0 @@
|
|||
-----BEGIN DSA PRIVATE KEY-----
|
||||
MIIBvAIBAAKBgQDSwx37nLHNeA6cxRnBMAIlKBrOjOqxcwVlSpMRBjF2oK0xiDOs
|
||||
zE7dcVcBbeN1pdd7MHVLOqGDEvGVd6eNV2b6k/E8jRvOTala9YKckPGpox6rKDyb
|
||||
zxnCrrerF2qRXsdr7lHykTrtqIAhZK5GmySQ/m4bxNaygRUpkC+oHMq2FwIVAMek
|
||||
iy0RRX2MWGGD6DwguIiQEr/9AoGBAIfZ1/aVdO+OeX7zT43217OGO/x6OwGpxngQ
|
||||
fQyxK5j3z4FMlgtjm8V76rw5eAsqpXlhAnoS83knu4wdlfOKQpUXuAh5jmyKrwIn
|
||||
4RtCK5R7ayOnyEAtaR+hevTi2JOi/c4XiHO/t5jnrGFMmz4XOydTbW5SCYl1oTdY
|
||||
YWBWooIcAoGBAIhynnnIMFpixivZ1t3LI+GdvspmwxjnbdLv5AnqhMQPGfFizzPh
|
||||
sKpmL9CNZvMBNaQau8a0wZ7BCoGEaBQPWQ1iwaT2+LnMiCmapE/XxfSzCFqEwqoF
|
||||
CbqQ8CKnr6fZaapXURiONhWSOAbAnXc8j4mUxxfoy7UPTIv/rCju86zxAhRbH6bA
|
||||
Bud0+/LRywH0yG1kZvrpgQ==
|
||||
-----END DSA PRIVATE KEY-----
|
||||
|
|
@ -0,0 +1,12 @@
|
|||
-----BEGIN DSA PRIVATE KEY-----
|
||||
MIIBvAIBAAKBgQDxVX7EnH7JSoqL20g3eMhfZN0IeaIMHZdF2L8QFxwAUEr6oh2M
|
||||
3YTDS6iuhbT7W8TQgeUDD/2PPaHDeFVhyOKwHzlfdHwSl8eEcWRSYv6udVZoBfwW
|
||||
YApgWQloKw24noMpeFrBYITG9XtJ4zV6To9zXoNio/SXbHommjlirvnLKwIVAMw9
|
||||
7lVT+UR/yB6cHj7JFSrOaubjAoGBAOAt8s32b6NQBVHK3CIG5s1H/OEEQNNCzm37
|
||||
LdwINrWqAnS3s3jGR43JrXqRmRbhe2jbXr404xXHpKAJc0LsgYyw01JS0hJ/AFQo
|
||||
dDKkSTF2QWBV05h1em7+AGv8qz/bywO2HlAHtvDiBlq9gk2MYnqbTBbWHnCvEXtt
|
||||
mY1LA3ArAoGBAI5XYEdozb9XH0eFiMv1yPyrbPbM37Sp++OPLmvCzadJzbGGDvA7
|
||||
ymxopqJajV6lET+ZBavIKnKlWuJWYhDsoGfm59Jy3o5zKatjTDN3JJak2aGxYp+j
|
||||
Lvn6S95wOVDdPv5Df3AtBeNqRefnpxs2NjVewRGX82yO5qS0lM8htZTBAhQPwe3T
|
||||
xwl1zb83tbIYbtgcuwaw5g==
|
||||
-----END DSA PRIVATE KEY-----
|
||||
|
|
@ -0,0 +1,8 @@
|
|||
-----BEGIN EC PRIVATE KEY-----
|
||||
Proc-Type: 4,ENCRYPTED
|
||||
DEK-Info: AES-128-CBC,2866C4AEE9C2595C6082806F9D1622B5
|
||||
|
||||
vvetCE7TqlG74iCO3kR3f1MY9+pVMkkcsDToPxer7iDI+lnqgOjKUebuTDdjB6Vi
|
||||
6Hq0n6EeoaQdDfhcGvFamNPf/FGk9ptXIEztvC0T59xrxqgi4mkJgTMhAnyFRFn+
|
||||
jVywGSwcge/9xTjbJxcJfr4oqZty7JIZpEFyiBc+9Ww=
|
||||
-----END EC PRIVATE KEY-----
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
-----BEGIN EC PRIVATE KEY-----
|
||||
MHcCAQEEIHpEI9SWWiQlim7OZJ3kagzHnSPgNO6DN/i2ieZxJaHjoAoGCCqGSM49
|
||||
AwEHoUQDQgAE5wG5Z+MHZrXp/bL0Zn50t1M024hoQx6fwXbGS6DoI2dIFuIynsmc
|
||||
FdGuyGB4gfFtV1E7obHAGLivDqDhVEtRbw==
|
||||
-----END EC PRIVATE KEY-----
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
-----BEGIN EC PRIVATE KEY-----
|
||||
MHcCAQEEIA6w+3yQjVlJToULhwwuKfQkW5sphlGunAdxHYXYKcMSoAoGCCqGSM49
|
||||
AwEHoUQDQgAEVxneWIp1oQCiPlcQ/B/FBls1C167N2zGh8WzCeM8MrjDl4ir2SBx
|
||||
in2h+UX0zphNediQqI6NBt8hSBShPjOb2w==
|
||||
-----END EC PRIVATE KEY-----
|
||||
|
|
@ -35,9 +35,12 @@ ssh-keygen -ted25519 -N "" -f ./ed25519_leaf_for_rsa_ca
|
|||
ssh-keygen -s rsa_ca -z 123 -n p1,p2 -O clear -I my-ident -O critical:foo=bar -O extension:baz=qwer -O permit-X11-forwarding ed25519_leaf_for_rsa_ca.pub
|
||||
|
||||
# pem encoded keys
|
||||
openssl genrsa -out rsa.pem 2048
|
||||
openssl dsaparam -noout -out dsa.pem -genkey 1024
|
||||
openssl ecparam -noout -out ecdsa.pem -name prime256v1 -genkey
|
||||
openssl genrsa -out rsa.plaintext.pem 2048
|
||||
openssl rsa -aes-128-cbc -passout pass:mypass -in rsa.plaintext.pem -out rsa.encrypted.pem
|
||||
openssl dsaparam -noout -out dsa.plaintext.pem -genkey 1024
|
||||
openssl dsa -aes-128-cbc -passout pass:mypass -in dsa.plaintext.pem -out dsa.encrypted.pem
|
||||
openssl ecparam -noout -out ecdsa.plaintext.pem -name prime256v1 -genkey
|
||||
openssl ec -aes-128-cbc -passout pass:mypass -in ecdsa.plaintext.pem -out ecdsa.encrypted.pem
|
||||
chmod 400 *.pem
|
||||
|
||||
# Create a certificate with a bad signature. We use ed25519 because the
|
||||
|
|
|
|||
|
|
@ -0,0 +1,30 @@
|
|||
-----BEGIN RSA PRIVATE KEY-----
|
||||
Proc-Type: 4,ENCRYPTED
|
||||
DEK-Info: AES-128-CBC,B4D888F772E67B66E03C79A4744D73E2
|
||||
|
||||
VBXhsN26cPD3411FTHS8FCPv5efiq64w3ewaFO0g+iuor/AAXf9gCpe2g6njgIh9
|
||||
HnFkZ6zUd5pNCG4JBz//82SMT7gDzpZCETQw+cPP4jwd2JZFlj48KAqFmKxyUuLu
|
||||
O8X33qL5y+VP/OQYNyntsUphk2zMAZs4guU/jDoaNz8iHWLW03OxUBEnC3Dw1tJ8
|
||||
Utg+9Bmb2nO3dBaSMPoyAFY7ad3UHTpcbWbw+Jvhiqm5BFvDAwwKehsOAPpMqLeN
|
||||
Kdah9rfGchhKk6zAZwAyhRTZ3UcocZ778bd5nvs68kO32A6a3fRyZGVbFhA2KEcQ
|
||||
12kX/6u4hw1ROlvicTPsrniWSQLWewcbedpmvZGlXSbsb1dGtnBgdg9yIfWc/w+6
|
||||
DrJuq4+CWz1pfnMKM5VmbZyoNlgPawE0NwiGhA0gC+qnepWSaMV3OIDYzsLugz1H
|
||||
qjRThUdy+jeXDiGBTA3WLvR+x9dBaF15uis4DK9Q708VzyJH/QiPw1CSCycBu/Fa
|
||||
rFGcl3iJwTE7YWOzRCwoNUocBMzTY3LgGhk8NlaCWPRxhVhzQNXR71ddUdQSR9/J
|
||||
0nX7te9Sp8xjtVNT6ULqAr1Tq0Vwnq1Sx8xiFjVTeoTs/qdHMPLAjCrfBr6BAKhx
|
||||
zLOC3q0UTAguWfhoo/Ekv9eTegkSwuzUFJ9T3jFT6pdznfEKuvRe4rplcJQ6FEJO
|
||||
VT5wrhBszlA2vxN20Gnw4osbccHKYtibU2wkC+OOoMU2gQ2FNXxQ76lYs8T81yCU
|
||||
KoLUYtG1RqFajSnoen7OsmN0RU7rD5Hd7c5yznx/Npv0R4/yUhv7wfGIZ8auWknS
|
||||
GTPT9OX85k8KZnLvubVnVmfRi4IlcTg7DywpvR3cPBw+iMXHEhzn1RWg58Hmw92c
|
||||
21MBMtg1X+SKgwGWvwWnA3BcvDdjNK7DguJCDlqIQVdT64AXjrAx6MxtsNaJ+OVw
|
||||
hejaSQuOZaWIx1hW3MWeDWYYQaDeTcmZhKMtLImX7NiX/6WD/KjlugyH7eq9bl8R
|
||||
kzSyZDlvx0emkBb0crxoY3qq+f7oWMx7G+Frzwg4izk5VZjGLVPCKqvXtQ425HCT
|
||||
BE5JtCBK6nLiAQO3APSaRgZsAjzY65Yz9ZaITL3djA5C9npeS/zVhPr5TTcsCQpC
|
||||
ZQKDj89cO3Wpg4DVVpN4SyyLuRVHPzs/XfJy24YdaSCLBJF3UTGiD5MK5+vraJaD
|
||||
of7dj05VC5mN5e9tNW3O/D3ZdSSzEuYn0GECxDvO0HaSutL93RelwTDfYIhmgqTp
|
||||
uxe+9ur9MPl6dlE7bLvw509rnzsJEdpaaQQyJfL5kKWDHkjLVBuJ7HhJASucKWl5
|
||||
CvT3BH1tjuddoW5tXXx50VHS9ystC/0FRqaIr99eoxTtHSRVmEaCEPGBDdA2fgE/
|
||||
VoRPsVd2SECqmD1cGW2KvxCq+g6sOgyrH3CJkv4NAh/r1d9xuFAQVuGe1UXTbyYi
|
||||
54ouZlnSVygknL9jksPEZgOzqVKZlMcwPJJfAVIAJZWewpjMkDVmV2OJtx63idAB
|
||||
J/c9ws6jaibgoC3A98GHcknNik+tvF+x2uEjYvqW1fDmmrZsm62hUX3ZO3C19dbw
|
||||
-----END RSA PRIVATE KEY-----
|
||||
|
|
@ -1,27 +0,0 @@
|
|||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEowIBAAKCAQEAzIUnn7yhTJpepSKPeXad79+ffgGQmPLtmANr+SlySQjJ06Zl
|
||||
A/4xb7/CVawHsJ57CmFPoc6qkvrAL8W46LvPMjACoPwHVhI5RFtwbkvgi/yk7JGs
|
||||
ik2DWALb/X8q4NS97Fssr4a+R9KcV38I3kaJP1iumH53rFPv4T10Wm2to3mU7zYF
|
||||
gbjUJnIiv8eOSqI45K7nmPuZAjl/bZDqgEJgV0y0T3RzZjQ3RiFLaoZlwlIqyadV
|
||||
dnaCLx+yEUpdlDmOLKKhu6Yb7d31w325pDrqyCPQxwKNAjuHQTptDQ4Vd2aFpcaa
|
||||
wgEb1v6y++TWyCLbOZ9UspinP+wqEBD5PyVNGwIDAQABAoIBAAYHdt+So/6qHlgn
|
||||
6KrgAE/t+7mvOiAIKVDt6OTzf9b/V1PR9/BiMfrlYEk+RQvD4ESyEbLncMfcdIX0
|
||||
Ajt6LeWA3NL6Gw1ChEWrnGjj+76kuAfxU3DQUCrsCqgyc4UlQGQTXAHgqwNbBhje
|
||||
Odizo6AmcR81uzltUAkH0sJHsXK8OVWBLWE+wHvqFCP70LreQ60tMinuDoCjbc6C
|
||||
bPFudjd0EPzFFDd2cf5ulETdIbdHWZnnHjdWNWCPOO9E1K5HJV3XRdx2tAeGRdgj
|
||||
TNf1jwGBWS4BisAwC9SFCskkts0MaOtL9oeLw2bBzrM5+9f1m8BFL8xBOavelvx6
|
||||
kkG1g8ECgYEA6PYTCpl7lRGiHa9ksS2RpN5qfenPT9MRYjmF5Z5K7kYqCfg0QJDc
|
||||
QBc4gxR96sY1DenAFfK17vebTikkxkxOFYDNP/OJiuB2qW7N84Ecodrjt2xcG/lX
|
||||
VAYBFAMK1gwYHM4eNgMePy2bg+HGLuWPYX31XODibacZ9YCz0EurOiMCgYEA4L8I
|
||||
GMwhdMpFJabq/Ad3mFa2/BX3wav8VBGPmMcDrsP62v3u+YT1ME8qJbGKhg+VT5cx
|
||||
9xtIKm+esX1g9b4jK6/9LEjU8s+dtXxJWZTBI2tZLyulz63jI0F3+3dDYzoecmvy
|
||||
Wr2Ft8GbtAAO4N6sbMN9b/Fgou0PTy85ST7FJKkCgYBlCZTom/jFhohRZ6i8T49D
|
||||
elOlmKqZbGm1uE0icaz9+uBwwn2nIyzjfy67az/Re3W3OxJccpAFvM5W7/FLL/0N
|
||||
xnc+rVmSKhhNFAmu+uh4Kn9pJk4ss8/0WUZOb6NbgpNSqvLfairMK/OvF1TlMhsl
|
||||
pYOtbLvH4xmXKOLUDH2PEQKBgQC3uZLd6qoC9oOWZyC7zULoRyMpaq/yJC2PcBeq
|
||||
di69hLqioWnlktp5lo3G6J9sPnr56IjRD/1rq3nYcL19xuSrhx/5PsTOhgjP3v17
|
||||
fM5yrQPoOs8+ulDvdkqmSHXPPSi8syAZK8uPT3eAq3d+PqpH83ussm8kYZTdT6aO
|
||||
CQFSmQKBgE8h6rmw0fBxx8YGql0wCeGSXBi4wQUpEJvzfKfQw6h+e2GFH6jgxQjk
|
||||
1NDGVAZQtyW0UBvuGAvh+F5ki0JAeWiA3lSkq1Ygfr6HVa2FZVc4TBos8M4TshPN
|
||||
EzHypMy+QyOjTx+NofmsL5BXrycQNPbtOSdSlz1fQUzEnU9iD6dK
|
||||
-----END RSA PRIVATE KEY-----
|
||||
|
|
@ -0,0 +1,27 @@
|
|||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEpAIBAAKCAQEAp3ajAPP2/RJJMaJpDvNjd5L1/Le809y2rrLfGyfj5+OlzXKL
|
||||
TFY/mKRaGu+cJH77THwqzcjjPowr2fJ1g2zH/Jp5YFRdlZqVx3IM+bNKVzv65lK2
|
||||
PiQ15LS0UZAwa89jJGUG8a4JbmmB/r/3Tfr6UZ1vlxRJhRUfXcqhTOamgAOigaLM
|
||||
x9fSxWhXMF4I4mdQ2qr67vg+CWC0lZB+3Sc2X2PZKNpNdqsA0sE+ftRmBGVOfI8f
|
||||
8JGDi0aCrn7te9mK3Mf3FFLfpv2hVLXVFUbvU87U6DqNNVgyGN6V4bpNQSJaWQ+d
|
||||
vZiFdVLfpM6W5clHGpNPh4OCRXpBOAtfF6PZgwIDAQABAoIBAQCZS2h7ftghYZPO
|
||||
87ToErSCyOyUoj0gU3KHCQZifWmK5EDqiGgrQOiGeixha+WrIvI3WZJ1PeeHYhji
|
||||
MaiQ3gtTmLRzEcd5I0DoieaGzTDIGgfavuxEhjEvYpuN7kfk6LsAndp1cbMAd2Sg
|
||||
Jmnj4FM0UsHLsq56PJOx78Mn+huAIleELnkpa0WHSxoRL9khdVjrqiOmfo2Frpno
|
||||
k/vu7k1yAgFELDefalWD/KylOoFVMMjSM7WLcFsct8TA4rvS1LHqsGrkg/ifjrGp
|
||||
FS9b2WAZvLtZSxprCNIPN51rWaiLaikPT9bXhjTMElSV1bWP7jpbR/GZUvmNY6es
|
||||
kM//9rwBAoGBAN8taKBQU6n/XX0Gu+VCN1/UJ+QvU+qYsv+cce59DoybMMTbncAh
|
||||
0qMIZVSP/AG6/RvsLNBrGZInKGH6I5NIAi4rrGsDMwiMpzJ+025NS9gtja/MDniR
|
||||
bFf8Ns0XgCxXt1X7yPcQ9BVuwUkg00RXqyLHPxeJyKLbeP/u2ExKGENBAoGBAMAX
|
||||
m2Am7pJRJs4pdFmxzxUJXdjsFHxjNes4wusrcjjnvUolGeLMFJlEDR7w5a1yDmOk
|
||||
O6IsPbW7BTwmCcbfsGy0gu1N/0AyyIQ9qyFf222BR5NIC8U1m6PvWOfx9637Zawl
|
||||
UfVmKQK9leuwWedwxvGoj7v/NmfLGt73x1CW09/DAoGBAK9QonHc5/wQyEXgtlVf
|
||||
8NPsevG7Y/ZTwbkeEjnAL1+wwVzDEGbPqwG7JK6K9PH/C7mVi5alq06uSAC/WJbn
|
||||
6B6Q3D6sIrjClM0L59csDTpifnzslSmNQ0jSrdHqdhtfRHvc8H905+i2OkvR52Q2
|
||||
Yg9N6Xf6GowkUCbsXyl+wxSBAoGAd2G0hMttVa3tqg8FaoEhK/fIRXpjOPMHnYqH
|
||||
SVSVBlyvvZbVQaiH3MD4TpR0iZjq7G4zSZSpPXpfxIP3a4u1v7ln7UeeLS3ihJ02
|
||||
7+T9IE9KRnRuLEAm3HlyDaTJw20MQTJof1Tgg/2DYRkWpsnmOmYB/lqcW2FU7+Ga
|
||||
E7HJN7UCgYACx0+RjAnI40JzaZzl/m+eh9f06ChpphWoNqrohXjbm0/9tuxjxY8n
|
||||
b7JmjnvZgMrKTJQIxkSZyF9pU/aCGXOZt+2VI8zuaFEUe686tK+piu337GBjZnIT
|
||||
3LjbYETRsWE3FqJG1+KwpzVeZ2QSp9J+SMcNTREFPRzTnXzogwF37w==
|
||||
-----END RSA PRIVATE KEY-----
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
require_relative "./spec_helper"
|
||||
|
||||
describe SSHData::PrivateKey do
|
||||
(Dir["spec/fixtures/*for_rsa_ca"] + Dir["spec/fixtures/*.pem"]).each do |path|
|
||||
(Dir["spec/fixtures/*for_rsa_ca"] + Dir["spec/fixtures/*.plaintext.pem"]).each do |path|
|
||||
name = File.basename(path)
|
||||
|
||||
describe name do
|
||||
|
|
@ -29,6 +29,18 @@ describe SSHData::PrivateKey do
|
|||
end
|
||||
end
|
||||
|
||||
Dir["spec/fixtures/*.encrypted.pem"].each do |path|
|
||||
name = File.basename(path)
|
||||
|
||||
describe name do
|
||||
it "raises DecodeError parsing #{name}" do
|
||||
expect {
|
||||
described_class.parse(fixture(name))
|
||||
}.to raise_error(SSHData::DecryptError)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
it "raises on unknown PEM types" do
|
||||
expect {
|
||||
described_class.parse(<<-PEM.gsub(/^ /, ""))
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче