diff options
| author | Santhanam <santhanambr2002@gmail.com> | 2025-11-09 18:35:21 +0000 |
|---|---|---|
| committer | Gopher Robot <gobot@golang.org> | 2025-11-12 10:42:48 -0800 |
| commit | b4f2b62076abeee4e43fb59544dac565715fbf1e (patch) | |
| tree | 41f4314a090df2d17bb0f32bd9315fc1c0626386 /ssh/testdata | |
| parent | 79ec3a51fcc7fbd2691d56155d578225ccc542e2 (diff) | |
| download | go-x-crypto-b4f2b62076abeee4e43fb59544dac565715fbf1e.tar.xz | |
ssh: fix error message on unsupported cipher
Until now, when ssh keys using one of these[1] ciphers were passed, we were
giving a parse error "ssh: parse error in message type 0".
With this fix, we parse it successfully and return the correct error message.
[1] aes{128,256}-gcm@openssh.com and chacha20-poly1305@openssh.com
Fixes golang/go#52135
Change-Id: I3010fff43c48f29f21edb8d63f44e167861a054e
GitHub-Last-Rev: 14ac7e97306d41cba48053b9c60f2ffc7caded45
GitHub-Pull-Request: golang/crypto#324
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/709275
Reviewed-by: Nicola Murino <nicola.murino@gmail.com>
Reviewed-by: Michael Pratt <mpratt@google.com>
Reviewed-by: Junyang Shao <shaojunyang@google.com>
Auto-Submit: Nicola Murino <nicola.murino@gmail.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Diffstat (limited to 'ssh/testdata')
| -rw-r--r-- | ssh/testdata/keys.go | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/ssh/testdata/keys.go b/ssh/testdata/keys.go index 6e48841..adb4244 100644 --- a/ssh/testdata/keys.go +++ b/ssh/testdata/keys.go @@ -310,6 +310,53 @@ gbDGyT3bXMQtagvCwoW+/oMTKXiZP5jCJpEO8= }, } +var UnsupportedCipherData = []struct { + Name string + EncryptionKey string + PEMBytes []byte +} { + 0: { + Name: "ed25519-encrypted-chacha20-poly1305", + EncryptionKey: "password", + PEMBytes: []byte(`-----BEGIN OPENSSH PRIVATE KEY----- +b3BlbnNzaC1rZXktdjEAAAAAHWNoYWNoYTIwLXBvbHkxMzA1QG9wZW5zc2guY29tAAAABm +JjcnlwdAAAABgAAAAQdPyPIjXDRAVHskY0yp9SWwAAAGQAAAABAAAAMwAAAAtzc2gtZWQy +NTUxOQAAACBi6qXITEUrmNce/c2lfozxALlKH3o/6sll8G7wzl1lvQAAAJDNlW1sEkvnK0 +8EecF1vHdPk85yClbh3KkHv09mbGAX/Gk6cJpYEGgJSkO7OEF4kG9DVGGd17+TZbTnM4LD +vYAJZExx2XLgJFEtHCVmJjYzwxx7yC7+s6u/XjrSlZS60RHunOPKyq+C+s48sejXvmX+t5 +0ZoVCI8aftT0ycis3gvLU9sCwJ2UnF6kAV226Z4g2aLkuJbgCDTEcYCRD64K1r +-----END OPENSSH PRIVATE KEY----- +`), + }, + 1: { + Name: "ed25519-encrypted-aes128-gcm", + EncryptionKey: "password", + PEMBytes: []byte(`-----BEGIN OPENSSH PRIVATE KEY----- +b3BlbnNzaC1rZXktdjEAAAAAFmFlczEyOC1nY21Ab3BlbnNzaC5jb20AAAAGYmNyeXB0AA +AAGAAAABBeMJIOqiyFwNCvDv6f8tQeAAAAZAAAAAEAAAAzAAAAC3NzaC1lZDI1NTE5AAAA +IGYpUcb3tGp9kF6pppcUdq3EPMr85BaSUdhiXGbhS5YNAAAAkNBtMEu0UlLgToThuQc+4m +/o0DfFIERu0sspQivn5RJHCtulVKfU9BMiEnF0+LOMOABMlYesgLOtoMxwm4ZCSWH54kZk +vaFyyvvxY+RLDuWNQZCryffIA4+iLCUQR1EdxMDiJweKnGJuD64a+9xTJt47A3Vq4SYzji +EuVmM0FqS8lbT2ynYSe3va0Qyw13jEO5qbtCuyG+C5GejL7kX4Z64= +-----END OPENSSH PRIVATE KEY----- +`), + }, + 2: { + Name: "ed25519-encrypted-aes256-gcm", + EncryptionKey: "password", + PEMBytes: []byte(`-----BEGIN OPENSSH PRIVATE KEY----- +b3BlbnNzaC1rZXktdjEAAAAAFmFlczI1Ni1nY21Ab3BlbnNzaC5jb20AAAAGYmNyeXB0AA +AAGAAAABBR1p3vH2Wr/HPL+q20L2rjAAAAZAAAAAEAAAAzAAAAC3NzaC1lZDI1NTE5AAAA +IM3tT1xrAuOHcrBdoLRo/ojWZsAw2lHfF5hJgFEOts5MAAAAkH/YGrDhDw8u+F8e4P+84B +tAzvp55Lf1Yl7y34BrVmqlWqw/7boqahOp6iYJHNpcuanzc5T6s7Z3wSSYodbY1uvFOfbj +rtP6rIHQIY5J2C40WOYJN8IkZlkwDXwZY0qoE9699ZYmWdwsXRZ7QDhjd2W8ziyZBsttiB +kv2ceuJMLT04TrKc2+RUkj4CQYnz7p8EkgZlUozx8wBSxKFGnkP7k= +-----END OPENSSH PRIVATE KEY----- +`), + }, +} + + // SKData contains a list of PubKeys backed by U2F/FIDO2 Security Keys and their test data. var SKData = []struct { Name string |