From c7a6c6833370f69322c47e73e9f4cfdedaf4e8f4 Mon Sep 17 00:00:00 2001 From: Alex Wilson Date: Mon, 29 Oct 2018 10:36:32 -0700 Subject: [PATCH] joyent/node-sshpk#58 des-ede3-cbc encrypted keys broken Reviewed by: Cody Peter Mello --- lib/utils.js | 2 +- package.json | 2 +- test/assets/3des.pem | 30 ++++++++++++++++++++++++++++++ test/assets/3des.pub | 1 + test/pem.js | 15 +++++++++++++++ 5 files changed, 48 insertions(+), 2 deletions(-) create mode 100644 test/assets/3des.pem create mode 100644 test/assets/3des.pub diff --git a/lib/utils.js b/lib/utils.js index e3066a6..ecaeb0a 100644 --- a/lib/utils.js +++ b/lib/utils.js @@ -87,7 +87,7 @@ function assertCompatible(obj, klass, needVer, name) { } var CIPHER_LEN = { - 'des-ede3-cbc': { key: 7, iv: 8 }, + 'des-ede3-cbc': { key: 24, iv: 8 }, 'aes-128-cbc': { key: 16, iv: 16 }, 'aes-256-cbc': { key: 32, iv: 16 } }; diff --git a/package.json b/package.json index 0166efe..720e4a5 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "sshpk", - "version": "1.15.1", + "version": "1.15.2", "description": "A library for finding and using SSH public keys", "main": "lib/index.js", "scripts": { diff --git a/test/assets/3des.pem b/test/assets/3des.pem new file mode 100644 index 0000000..aa46c41 --- /dev/null +++ b/test/assets/3des.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE3-CBC,91DE47E39A642704 + +T5h5N8sO/mT8zRfqVDc2Kmgy5Az9w63T91Gvl57XhAxd7jD2vZhbAdD3qdnYc9Ue +h4uve27OcJXQXHTUaAZY2ZR/9e9NFIkSnbEQHVzMa0W5I7v7JvN9Ms8z9WJuxd9k +9M8t6rYiLQXbdKG3RhEyS+m5O/tU1dxWakwIxlE9fpLcHWgEO2YEPwKjiM/WY0Uj ++eH02oaPIVIC6Eyni7CTCjkhgTn8xI+yHfIow94IUYg4OJNes27dhruH/nybPYPt +gW6eQfENrXZNTCzp3E71/WB/27JVI8eNkTtluoFTn8KAeiDNIB0b/KFpJoIFTgWX +ysYqiv6a5q7Q+mxEet+krZ40LBsh2cNLqJGCRh/nGU3Zs8hozyUfkhBMzjvLc36E +F2cqtjBGeds1kHvBAdbBBNLel11icRkTzIw0cMa1YulYdJARf+cgWugk+NVgEOpK +g3G6QymJiVm4DudbtTcmBqgfYju9bo8X1hkGB1w+eUZMjLDCv0ZfCZCKovpZorkD +PJa+y12fwEQ79NZxmfUKCBLVzO4n5Bh2MzWJZQSh3oLSP90fRyWS0Rq8l6N4z90m +RowD62laYR9zydLZX+gkjGiIEjNxwcEY/iuHi32ufONyFTTDUcidZ/RZJdd0zk5r +1t6FbrTcM0tIukN0behKri6jbTMd91DYSpO7xB+fKugfka+grYWyLeQc0brqbqNn +Pwt+FuM+qVoXe2FdY4cy/Jhqb/hYsvXuhPJ5IowN3QNnvsSduq0NwM2wXGNF+l8s +z40HsTZly5lVChold8EjbNi9xZLWRQL5UtPdacgr+U2NTqiM7Eup0YfU9wn50GNg +/pjzkTY8fpkio3mjkIRcfEfSnERYRnOP0zDMkd+bJdQcb0sjCpdxS8vXfFvLQ1Af +zBz5DLa1vq8Cc7C0vsLjBEC2LQygv0q9nU7fvg9TMuSQNXj0TJY3I2i8ZZHvyPVL +j4u6Pfpg0bjAYsnBoeyMzt7ii1wJk76e23SeZQxOz5+1z1L8J9NyzH4zZeTOSXqq +MZ1eW8tQRnYSnfyQVyXRyKHvH+aPYrMo3ElLfseRDdU0sikQ/XVneMOGQCI0+pCx +RIXpcnUgIcT2f3sCAQ+t0jmxWeirhLYpBMmAs3TLrdDyG5n/DReV6utXRSvJMC6/ +yWF5w4IGhvjkERFisugqPsMTXfW4xWHwq+MU6IU1TurRIJRZHPs3WgICPeCOJFBv +bQHvwtHmHZJ6ijIF+SPkTV0PoHxRXv8O2QsqiFSVp03FjImrShxeU2iIz3SzB3Di +gpaYyBhXQitMTNvtCAPPdFUHrpB5ZZ+qI3sStvMTMaSb8EpSU1H79L/7Olv6wtLx +w3PCtCaz56P0X8cZP57MSGt+E7x3+GKYNFC5znNyVthgKz66z/z33epzD2j2Zf4b +VvRE6W/RzHN2UOhnqdk6IX7SO7ynPO5Sx/bKL+ARVRD51NpOSzTUujBEoeB0ObFN +B4PWao7GOeh/WUTF83AYOtEk+J/8CYMNB1IClrpZszcCyAAkx26OdoOPAGMBD1V/ +HnE2S4h22855esmjQOggwNCtf0Tg6PG7+jhb8MwerYwaiqfn2hQpAz6ZKff2Qeh5 +-----END RSA PRIVATE KEY----- diff --git a/test/assets/3des.pub b/test/assets/3des.pub new file mode 100644 index 0000000..58ad875 --- /dev/null +++ b/test/assets/3des.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDLISAQ2h/VFo0tGe3irSmk3KU5x5IYtPke1yk8hSgd/AKbJlDuqPF3BfbEkmV/gA7EpxPhr5QkfcLCkAjWZhUJccn0Dmz6Ypd615IQrEPMS48wFl4yRSDaPyGcOi+lcgrgclcnTG9/vEqRfqw7y8aRZIq880nNoxHe/TQbeQuuGf0Zdts4t5YFbm8MkwCMSlY+DRSy462YZ4h7zBYOA6TDcSJvvHVGe937xqavMK2btj9wIij2qtCP4L23zDl2QCM+c9DxC+FvNY6fyNrePs2pbyZb2z3Bg+SR/J+hSqMUSYKLBYzQnG/c0T8xE59bk1P8jOeJGVgQGS6m9CSwVOgZ test diff --git a/test/pem.js b/test/pem.js index 3364f23..3aa6e6d 100644 --- a/test/pem.js +++ b/test/pem.js @@ -1,6 +1,8 @@ // Copyright 2011 Joyent, Inc. All rights reserved. var test = require('tape').test; +var path = require('path'); +var fs = require('fs'); var sshpk = require('../lib/index'); var Buffer = require('safer-buffer').Buffer; @@ -177,6 +179,8 @@ var ECDSA_PEM = '-----BEGIN PUBLIC KEY-----\n' + var RFC_AUTO = Buffer.from('AAAAC3NzaC1lZDI1NTE5AAAAIEi0pkfPe/+kbmnTSH0mfr0J' + '4Fq7M7bshFAKB6uCyLDm', 'base64'); +var testDir = path.join(__dirname, 'assets'); + ///--- Tests test('1024b pem to rsa ssh key', function(t) { @@ -341,3 +345,14 @@ test('encrypted ecdsa private key with pw', function(t) { t.equal(k.type, 'ecdsa'); t.end(); }); + +test('encrypted rsa private key (3des)', function (t) { + var keyPem = fs.readFileSync(path.join(testDir, '3des.pem')); + var key = sshpk.parsePrivateKey(keyPem, 'pem', + { passphrase: 'testing123' }); + t.equal(key.type, 'rsa'); + key.comment = 'test'; + var keySsh = fs.readFileSync(path.join(testDir, '3des.pub'), 'ascii'); + t.equal(key.toPublic().toString('ssh'), keySsh.trim()); + t.end(); +});