Merge pull request #6845 from u3s/kuba/ssh/pkcs8_private_key/OTP-18446

ssh: accept PKCS#8 host key OTP-18446
author: Jakub Witczak <u3s@users.noreply.github.com> 2023-02-21 15:28:37 +0100
committer: GitHub <noreply@github.com> 2023-02-21 15:28:37 +0100
commit: f7fa8c139876d56d109b32ace08ca326e51a3429 (patch)
tree: 4e95413dae34b53639c8bb8240397cbbe711cda5
parent: a85b5c9db73af3fc1dfcbd5c2f75ffaa61ecbe1a (diff)
parent: 0351304bca23ee07956ba4fec5d7d82c41394294 (diff)
download: erlang-f7fa8c139876d56d109b32ace08ca326e51a3429.tar.gz
7 files changed, 77 insertions, 2 deletions
diff --git a/lib/ssh/doc/src/ssh_file.xml b/lib/ssh/doc/src/ssh_file.xml
index 2ef22db102..2ab7949352 100644
--- a/lib/ssh/doc/src/ssh_file.xml
+++ b/lib/ssh/doc/src/ssh_file.xml
@@ -260,7 +260,7 @@ key :: % encoded key from eg ssh_host_*.pub
 	  <item><seeerl marker="#FILE-ssh_host_dsa_key"><c>SYSDIR/ssh_host_dsa_key</c></seeerl></item>
 	  <item><seeerl marker="#FILE-ssh_host_ecdsa_key"><c>SYSDIR/ssh_host_ecdsa_key</c></seeerl></item>
           <item><seeerl marker="#FILE-ssh_host_ed25519_key"><c>SYSDIR/ssh_host_ed25519_key</c></seeerl></item>
-          <item><seeerl marker="#FILE-ssh_host_ed448_key"><c>SYSDIR/ssh_host_ed448_key</c>c></seeerl></item>
+          <item><seeerl marker="#FILE-ssh_host_ed448_key"><c>SYSDIR/ssh_host_ed448_key</c></seeerl></item>
 	</list>
       </desc>
     </func>
diff --git a/lib/ssh/src/ssh_file.erl b/lib/ssh/src/ssh_file.erl
index 10249d8488..a55b094f91 100644
--- a/lib/ssh/src/ssh_file.erl
+++ b/lib/ssh/src/ssh_file.erl
@@ -1052,6 +1052,7 @@ asn1_type(<<"RSA PUBLIC">>) -> 'RSAPublicKey';
 asn1_type(<<"DSA PRIVATE">>) -> 'DSAPrivateKey';
 asn1_type(<<"EC PRIVATE">>) -> 'ECPrivateKey';
 asn1_type(<<"OPENSSH PRIVATE">>) -> 'openssh-key-v1';
+asn1_type(<<"PRIVATE">>) -> 'PrivateKeyInfo';
 asn1_type(_) -> undefined.
 
 %%%================================================================
diff --git a/lib/ssh/test/ssh_pubkey_SUITE.erl b/lib/ssh/test/ssh_pubkey_SUITE.erl
index d03d4e61c5..7eca2619db 100644
--- a/lib/ssh/test/ssh_pubkey_SUITE.erl
+++ b/lib/ssh/test/ssh_pubkey_SUITE.erl
@@ -85,7 +85,8 @@
          ssh_hostkey_fingerprint_sha512/1,
          ssh_hostkey_fingerprint_list/1,
 
-         chk_known_hosts/1
+         chk_known_hosts/1,
+         ssh_hostkey_pkcs8/1
         ]).
 
 -include_lib("common_test/include/ct.hrl").
@@ -106,6 +107,7 @@ all() ->
      {group, option_space},
      {group, ssh_hostkey_fingerprint},
      {group, ssh_public_key_decode_encode},
+     {group, pkcs8},
      chk_known_hosts
     ].
 
@@ -146,6 +148,7 @@ groups() ->
      {old_format,  [], [check_dsa_disabled, check_rsa_sha1_disabled | ?tests_old++[{group,passphrase}] ]},
      {passphrase,  [], ?tests_old},
      {option_space,[], [{group,new_format}]},
+     {pkcs8, [], [ssh_hostkey_pkcs8]},
 
      {ssh_hostkey_fingerprint, [],
       [ssh_hostkey_fingerprint_md5_implicit,
@@ -192,6 +195,11 @@ init_per_group(old_format, Config) ->
     [{fmt,old_format},
      {key_src_dir,Dir} | Config];
 
+init_per_group(pkcs8, Config) ->
+    Dir = filename:join(proplists:get_value(data_dir,Config), "pkcs8"),
+    [{fmt,pkcs8},
+     {key_src_dir,Dir} | Config];
+
 init_per_group(option_space, Config) ->
     extend_optsL([client_opts,daemon_opts],
                  [{key_cb, {ssh_file, [{optimize, space}]}}],
@@ -237,6 +245,8 @@ end_per_group(_, Config) ->
     Config.
 
 %%%----------------------------------------------------------------
+init_per_testcase(ssh_hostkey_pkcs8, Config0) ->
+    setup_user_system_dir(rsa_sha2, rsa_sha2, Config0);
 init_per_testcase(connect_rsa_sha2_to_rsa_sha2, Config0) ->
     setup_user_system_dir(rsa_sha2, rsa_sha2, Config0);
 init_per_testcase(connect_rsa_sha1_to_dsa, Config0) ->
@@ -427,6 +437,12 @@ check_rsa_sha1_disabled(Config) ->
 %%%----------------------------------------------------------------
 
 %% Check of different host keys left to later
+ssh_hostkey_pkcs8(Config) ->
+    try_connect(Config).
+
+%%%----------------------------------------------------------------
+
+%% Check of different host keys left to later
 ssh_hostkey_fingerprint_md5_implicit(_Config) ->
     Expected = "4b:0b:63:de:0f:a7:3a:ab:2c:cc:2d:d1:21:37:1d:3a",
     Expected = ssh:hostkey_fingerprint(ssh_hostkey(rsa)).
diff --git a/lib/ssh/test/ssh_pubkey_SUITE_data/pkcs8/id_rsa b/lib/ssh/test/ssh_pubkey_SUITE_data/pkcs8/id_rsa
new file mode 100644
index 0000000000..b0453eb4e2
--- /dev/null
+++ b/lib/ssh/test/ssh_pubkey_SUITE_data/pkcs8/id_rsa
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC2d3XMIA8GTEQc
+UFCOm31M5jt6lGjN61ZYGnXBVBjEcyJynB7Y3C437cDpjmvbSWF1oSVVDTwMERwn
+XzixLG//7w8K7i6aJLKpHKtS91qnrQidmrUWDnQ4kx8AZxaN46nhSsf+cZ0nKp03
+ZjjR5WxeDimiDLsSUbdDmFE6ZsL2+k5OStvcqu/skUVfPe+FGTGJgIw3DyErxM7J
+72jUkLJXMiZkYbB1QD05k3g2LOiPqJ73QoJVGgj7YagTSA3Lgy3s/6U7IMHMV4ls
+aXShv1Lk/eCfIJVSaVXQRjV9KKM3wgg6PmWqwGkAO36w3eJiW1kmYKfnAM/+I5Gf
+o/TiNZTXAgMBAAECggEAeWdwfDmUZZdW9hPGFayFKSZCyuN1/BSqZYJteQ2QUR1d
+/S29JIMTSWkqovt87fGcI9ztbvKYUlsMBXJI0TGE75/KvXYOkcb7DKQjpdcofUoW
+4m4uMJe7Ym0ZAnaUviGNRXYxLS3A529mHZcpFRb2DHqV3tljmuO98P6mhRocfKCc
+3p/T4+LIGlRlov5lOP/oKkeILF1m04J/SjptTtNo81xne9/dCGTiOTXjS8QMslCc
+8Xyy0Go9Zr0d+YzsI2NYF2aFBce0fDwK0Xpptr0FEL8UxjHjeK0T2GSDqncmtKoA
+3+BnpEJcuiDqZBi20lX7LygtNe9uVPZjdz1iOeKAaQKBgQDZjj6yOwbDeXkedD0I
+25RC8lmCWhV381PDz9RdeRXVC50jq3OYwmdcDEIK23YNWU8GoUnvi7B1aljSfAUm
+yUSnixXpU+/ZOkGYA48MHpC1DxJeEVZDu+MFWHmTCXctQNUj40gAKhozJm5Lo33s
+Wnhr+Yq2CP65w6R+vXn4gXsv9QKBgQDWtd0BMEVCUug+6/dWCVTUsuBouz/erOgE
+f0PPA8/IQV1ZhBQK4wewv14R8Nkywb8Z5lsVyH8JHRHZC35mVzFxGJyGAzDfJ3Mg
+GoK8t7jjiUHPF0tYWpLmAKdKHmJqB7ZBGzT7pAP07XockRHoeYHBHoO3Ck/c3h0f
+EtclGMOuGwKBgQCXf8z9RMmS+lZz9LJEJtT6QdY/RghJPbOJWoMijJ29fJbzLgQT
+zt03ZnnfIbD13sl/bnYUUIyTV3l/KkpUFjivC9Y4Y/FUrpLbDy9gWzCeRV6fDyep
+h3+yS0huMltBsjI7CZ0sMCWKlSqdlb6tBttxJZeI6H6qUimM8NmtSk3EuQKBgAw+
+OIjt0LU0dwvHdsYQKCcswAEY1E6FO4GuJBa01+9KUuFc16u7QGACuYF6Y1gylgwL
+B5yZXy0M3EytDBsX07joN1yo5+uBm130RQovy7olxHvjjydNmtzEosVmMCRtpiXW
+QFItCxC3TeQ9HXFNJGn3rHkOfHlSrQRtlZkG7XmLAoGACVKIJSoI2Kvd913TATb4
+whzNqbdiyFCadLf9cST7sGZ+ZvtHF3CT3iU/9JpBhndu4IqgFPPk694GXhoR2LK8
+SoGR4mhRvPAUgvKjRE2dypQtytgA8gm1soofSjSdoJlSBQkaxfT8N0mwQTbsoyWN
+zUDUWl3epDaqpUsV8NOuy4E=
+-----END PRIVATE KEY-----
diff --git a/lib/ssh/test/ssh_pubkey_SUITE_data/pkcs8/id_rsa.pub b/lib/ssh/test/ssh_pubkey_SUITE_data/pkcs8/id_rsa.pub
new file mode 100644
index 0000000000..f7b1180aad
--- /dev/null
+++ b/lib/ssh/test/ssh_pubkey_SUITE_data/pkcs8/id_rsa.pub
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC2d3XMIA8GTEQcUFCOm31M5jt6lGjN61ZYGnXBVBjEcyJynB7Y3C437cDpjmvbSWF1oSVVDTwMERwnXzixLG//7w8K7i6aJLKpHKtS91qnrQidmrUWDnQ4kx8AZxaN46nhSsf+cZ0nKp03ZjjR5WxeDimiDLsSUbdDmFE6ZsL2+k5OStvcqu/skUVfPe+FGTGJgIw3DyErxM7J72jUkLJXMiZkYbB1QD05k3g2LOiPqJ73QoJVGgj7YagTSA3Lgy3s/6U7IMHMV4lsaXShv1Lk/eCfIJVSaVXQRjV9KKM3wgg6PmWqwGkAO36w3eJiW1kmYKfnAM/+I5Gfo/TiNZTX uabhnil@elxadlj3q32
diff --git a/lib/ssh/test/ssh_pubkey_SUITE_data/pkcs8/ssh_host_rsa_key b/lib/ssh/test/ssh_pubkey_SUITE_data/pkcs8/ssh_host_rsa_key
new file mode 100644
index 0000000000..0c01831fa6
--- /dev/null
+++ b/lib/ssh/test/ssh_pubkey_SUITE_data/pkcs8/ssh_host_rsa_key
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCuvOQFQAxi8Cyj
+iFHv2+Y1vE1sti3tChy6RuIJY6rb0dC+ptLOP85ITVCDoL9pNuCG92m/FtoW3dqp
+1augXQ+FVWgSwljvpsjtGyhsh73Mj9nd2RBGZbcjKMe+lUHDLzh8pnTkDwF3XSRx
+rUZ+tBeLsuQVnkVGPFqsXMyiMZV6xZxktqBOE8bRACNLDawb6iqXhigh5qBJ1/e3
+M44X7Ti9ymCoJG6CyxzDXuUjVHCrScze2FQGBJYNFuPOaRaj2Llalz1kpLXPgA0R
+P4jaEZbs8QDpcBckoLqchZ1UiJ7QY3TYL+aLjk3JM+fnYj9MkoUC0ihnx9uscR6l
+ftX8O3sNAgMBAAECggEADXIlja3fBiH7HV5ZB78BGPNzdcETCaF0knTv4c8Uj7O2
+f2Uw5YQNaIzifC57bCo33srdDUJB5+6Ma/MwMLfYgOcQihkAZPiNj4k+dBOB7GLJ
+XgPc973N+NujeyvbEpzomNbqOb5Z24iETGcL/KX5BdvvJya1p/Du/UJq0LRGD1tS
+0TycwcphU9rOffTCUd0+XpPJO0RehkIoyDY5PGu9rzTHkluhSotldfjVWpWaqqhq
+QQ7c04aWGsjMg4HzrqnLx35/rCKU3+tRwZ4wnAHxpOtg/EuQJiX08Z4wMwsBG+GM
+ybnd/pRAUOkvatjRemdqqtmpL0qtsmhNANaUyPc6IQKBgQDgUvd9trgVgbN/tP+b
+bFFILmqumvSA2fWZknmhRYaIcHCMAcLsRVZqlyOyRpztavOcgEmJXajPPFA6AjKa
+5g70tf3kbpveeuRaFVepSLIKSl0xIT9hV8CIxzdnRA3P4j9xsQ9Qpnuiwo9mbgFG
+lQ28nCPhW+3mNfBNmU+ZWak0dQKBgQDHaXGroc74attrQDODvChuedny5lm91n5C
+nGAaEfVHH3zrYoz65VisnvERSU1Nh8G12moldCcaWnOMY97OJmMnG/sCBZskDzRp
+e1Mf+gT0TQoyYZHMTZtA1HyRRkdTlLZ7S77HUNTK8qrIpJEHLFSnzCPlBkY84fgw
++8IdVkX5OQKBgCDnapARFi1paffoh7m3iLCqxlE4P3cLAYB2QMsMFLC8tXWD6KCZ
+hxR5eO30d55HmtYw5xh0GYfUU/w+SEf6SOVSMJyqMMjQg+BG0yXsmNjzkXncY5yW
+r5IgjpriG5iLmjzF+PYehXIZUcl3h05gHLS2vniW8G1dKhNn0oou4aflAoGAFTLh
+caR+8yuw7cLidxOunKf5gnf4fFTsETq8gKj+ETSIvCE66YUuGxO+ft7zB9XxwtpY
+RGkHqyaIeBk522J7UfIIiht8daXkJX6FxLV4h1wVRGvY6wYpBghQwcTd2kXJ7GuN
++XRfWr/XZgMQo9mTmk76VeOH3fsLvnFVHndIcwkCgYBLntA0osVpZm6egw26+80C
+PtnSrUmsW4sTB+eQbbyDn6i/fAgGKc+2WuvcdorqyfLSEcs+hE/59roFVFpCEPN5
+4oO7o+o0SQ2ehxY+Lv2XF+TnfUQlAc6BCBfK3tG6rROUFiznAaua1hcsoAa9x/LH
+0SgWzYqbWI0qq7pv91tBdw==
+-----END PRIVATE KEY-----
diff --git a/lib/ssh/test/ssh_pubkey_SUITE_data/pkcs8/ssh_host_rsa_key.pub b/lib/ssh/test/ssh_pubkey_SUITE_data/pkcs8/ssh_host_rsa_key.pub
new file mode 100644
index 0000000000..8e62458395
--- /dev/null
+++ b/lib/ssh/test/ssh_pubkey_SUITE_data/pkcs8/ssh_host_rsa_key.pub
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCuvOQFQAxi8CyjiFHv2+Y1vE1sti3tChy6RuIJY6rb0dC+ptLOP85ITVCDoL9pNuCG92m/FtoW3dqp1augXQ+FVWgSwljvpsjtGyhsh73Mj9nd2RBGZbcjKMe+lUHDLzh8pnTkDwF3XSRxrUZ+tBeLsuQVnkVGPFqsXMyiMZV6xZxktqBOE8bRACNLDawb6iqXhigh5qBJ1/e3M44X7Ti9ymCoJG6CyxzDXuUjVHCrScze2FQGBJYNFuPOaRaj2Llalz1kpLXPgA0RP4jaEZbs8QDpcBckoLqchZ1UiJ7QY3TYL+aLjk3JM+fnYj9MkoUC0ihnx9uscR6lftX8O3sN uabhnil@elxadlj3q32
author	Jakub Witczak <u3s@users.noreply.github.com>	2023-02-21 15:28:37 +0100
committer	GitHub <noreply@github.com>	2023-02-21 15:28:37 +0100
commit	f7fa8c139876d56d109b32ace08ca326e51a3429 (patch)
tree	4e95413dae34b53639c8bb8240397cbbe711cda5
parent	a85b5c9db73af3fc1dfcbd5c2f75ffaa61ecbe1a (diff)
parent	0351304bca23ee07956ba4fec5d7d82c41394294 (diff)
download	erlang-f7fa8c139876d56d109b32ace08ca326e51a3429.tar.gz