diff options
author | Jakub Witczak <u3s@users.noreply.github.com> | 2023-02-21 15:28:37 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-02-21 15:28:37 +0100 |
commit | f7fa8c139876d56d109b32ace08ca326e51a3429 (patch) | |
tree | 4e95413dae34b53639c8bb8240397cbbe711cda5 | |
parent | a85b5c9db73af3fc1dfcbd5c2f75ffaa61ecbe1a (diff) | |
parent | 0351304bca23ee07956ba4fec5d7d82c41394294 (diff) | |
download | erlang-f7fa8c139876d56d109b32ace08ca326e51a3429.tar.gz |
Merge pull request #6845 from u3s/kuba/ssh/pkcs8_private_key/OTP-18446
ssh: accept PKCS#8 host key
OTP-18446
-rw-r--r-- | lib/ssh/doc/src/ssh_file.xml | 2 | ||||
-rw-r--r-- | lib/ssh/src/ssh_file.erl | 1 | ||||
-rw-r--r-- | lib/ssh/test/ssh_pubkey_SUITE.erl | 18 | ||||
-rw-r--r-- | lib/ssh/test/ssh_pubkey_SUITE_data/pkcs8/id_rsa | 28 | ||||
-rw-r--r-- | lib/ssh/test/ssh_pubkey_SUITE_data/pkcs8/id_rsa.pub | 1 | ||||
-rw-r--r-- | lib/ssh/test/ssh_pubkey_SUITE_data/pkcs8/ssh_host_rsa_key | 28 | ||||
-rw-r--r-- | lib/ssh/test/ssh_pubkey_SUITE_data/pkcs8/ssh_host_rsa_key.pub | 1 |
7 files changed, 77 insertions, 2 deletions
diff --git a/lib/ssh/doc/src/ssh_file.xml b/lib/ssh/doc/src/ssh_file.xml index 2ef22db102..2ab7949352 100644 --- a/lib/ssh/doc/src/ssh_file.xml +++ b/lib/ssh/doc/src/ssh_file.xml @@ -260,7 +260,7 @@ key :: % encoded key from eg ssh_host_*.pub <item><seeerl marker="#FILE-ssh_host_dsa_key"><c>SYSDIR/ssh_host_dsa_key</c></seeerl></item> <item><seeerl marker="#FILE-ssh_host_ecdsa_key"><c>SYSDIR/ssh_host_ecdsa_key</c></seeerl></item> <item><seeerl marker="#FILE-ssh_host_ed25519_key"><c>SYSDIR/ssh_host_ed25519_key</c></seeerl></item> - <item><seeerl marker="#FILE-ssh_host_ed448_key"><c>SYSDIR/ssh_host_ed448_key</c>c></seeerl></item> + <item><seeerl marker="#FILE-ssh_host_ed448_key"><c>SYSDIR/ssh_host_ed448_key</c></seeerl></item> </list> </desc> </func> diff --git a/lib/ssh/src/ssh_file.erl b/lib/ssh/src/ssh_file.erl index 10249d8488..a55b094f91 100644 --- a/lib/ssh/src/ssh_file.erl +++ b/lib/ssh/src/ssh_file.erl @@ -1052,6 +1052,7 @@ asn1_type(<<"RSA PUBLIC">>) -> 'RSAPublicKey'; asn1_type(<<"DSA PRIVATE">>) -> 'DSAPrivateKey'; asn1_type(<<"EC PRIVATE">>) -> 'ECPrivateKey'; asn1_type(<<"OPENSSH PRIVATE">>) -> 'openssh-key-v1'; +asn1_type(<<"PRIVATE">>) -> 'PrivateKeyInfo'; asn1_type(_) -> undefined. %%%================================================================ diff --git a/lib/ssh/test/ssh_pubkey_SUITE.erl b/lib/ssh/test/ssh_pubkey_SUITE.erl index d03d4e61c5..7eca2619db 100644 --- a/lib/ssh/test/ssh_pubkey_SUITE.erl +++ b/lib/ssh/test/ssh_pubkey_SUITE.erl @@ -85,7 +85,8 @@ ssh_hostkey_fingerprint_sha512/1, ssh_hostkey_fingerprint_list/1, - chk_known_hosts/1 + chk_known_hosts/1, + ssh_hostkey_pkcs8/1 ]). -include_lib("common_test/include/ct.hrl"). @@ -106,6 +107,7 @@ all() -> {group, option_space}, {group, ssh_hostkey_fingerprint}, {group, ssh_public_key_decode_encode}, + {group, pkcs8}, chk_known_hosts ]. @@ -146,6 +148,7 @@ groups() -> {old_format, [], [check_dsa_disabled, check_rsa_sha1_disabled | ?tests_old++[{group,passphrase}] ]}, {passphrase, [], ?tests_old}, {option_space,[], [{group,new_format}]}, + {pkcs8, [], [ssh_hostkey_pkcs8]}, {ssh_hostkey_fingerprint, [], [ssh_hostkey_fingerprint_md5_implicit, @@ -192,6 +195,11 @@ init_per_group(old_format, Config) -> [{fmt,old_format}, {key_src_dir,Dir} | Config]; +init_per_group(pkcs8, Config) -> + Dir = filename:join(proplists:get_value(data_dir,Config), "pkcs8"), + [{fmt,pkcs8}, + {key_src_dir,Dir} | Config]; + init_per_group(option_space, Config) -> extend_optsL([client_opts,daemon_opts], [{key_cb, {ssh_file, [{optimize, space}]}}], @@ -237,6 +245,8 @@ end_per_group(_, Config) -> Config. %%%---------------------------------------------------------------- +init_per_testcase(ssh_hostkey_pkcs8, Config0) -> + setup_user_system_dir(rsa_sha2, rsa_sha2, Config0); init_per_testcase(connect_rsa_sha2_to_rsa_sha2, Config0) -> setup_user_system_dir(rsa_sha2, rsa_sha2, Config0); init_per_testcase(connect_rsa_sha1_to_dsa, Config0) -> @@ -427,6 +437,12 @@ check_rsa_sha1_disabled(Config) -> %%%---------------------------------------------------------------- %% Check of different host keys left to later +ssh_hostkey_pkcs8(Config) -> + try_connect(Config). + +%%%---------------------------------------------------------------- + +%% Check of different host keys left to later ssh_hostkey_fingerprint_md5_implicit(_Config) -> Expected = "4b:0b:63:de:0f:a7:3a:ab:2c:cc:2d:d1:21:37:1d:3a", Expected = ssh:hostkey_fingerprint(ssh_hostkey(rsa)). diff --git a/lib/ssh/test/ssh_pubkey_SUITE_data/pkcs8/id_rsa b/lib/ssh/test/ssh_pubkey_SUITE_data/pkcs8/id_rsa new file mode 100644 index 0000000000..b0453eb4e2 --- /dev/null +++ b/lib/ssh/test/ssh_pubkey_SUITE_data/pkcs8/id_rsa @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC2d3XMIA8GTEQc +UFCOm31M5jt6lGjN61ZYGnXBVBjEcyJynB7Y3C437cDpjmvbSWF1oSVVDTwMERwn +XzixLG//7w8K7i6aJLKpHKtS91qnrQidmrUWDnQ4kx8AZxaN46nhSsf+cZ0nKp03 +ZjjR5WxeDimiDLsSUbdDmFE6ZsL2+k5OStvcqu/skUVfPe+FGTGJgIw3DyErxM7J +72jUkLJXMiZkYbB1QD05k3g2LOiPqJ73QoJVGgj7YagTSA3Lgy3s/6U7IMHMV4ls +aXShv1Lk/eCfIJVSaVXQRjV9KKM3wgg6PmWqwGkAO36w3eJiW1kmYKfnAM/+I5Gf +o/TiNZTXAgMBAAECggEAeWdwfDmUZZdW9hPGFayFKSZCyuN1/BSqZYJteQ2QUR1d +/S29JIMTSWkqovt87fGcI9ztbvKYUlsMBXJI0TGE75/KvXYOkcb7DKQjpdcofUoW +4m4uMJe7Ym0ZAnaUviGNRXYxLS3A529mHZcpFRb2DHqV3tljmuO98P6mhRocfKCc +3p/T4+LIGlRlov5lOP/oKkeILF1m04J/SjptTtNo81xne9/dCGTiOTXjS8QMslCc +8Xyy0Go9Zr0d+YzsI2NYF2aFBce0fDwK0Xpptr0FEL8UxjHjeK0T2GSDqncmtKoA +3+BnpEJcuiDqZBi20lX7LygtNe9uVPZjdz1iOeKAaQKBgQDZjj6yOwbDeXkedD0I +25RC8lmCWhV381PDz9RdeRXVC50jq3OYwmdcDEIK23YNWU8GoUnvi7B1aljSfAUm +yUSnixXpU+/ZOkGYA48MHpC1DxJeEVZDu+MFWHmTCXctQNUj40gAKhozJm5Lo33s +Wnhr+Yq2CP65w6R+vXn4gXsv9QKBgQDWtd0BMEVCUug+6/dWCVTUsuBouz/erOgE +f0PPA8/IQV1ZhBQK4wewv14R8Nkywb8Z5lsVyH8JHRHZC35mVzFxGJyGAzDfJ3Mg +GoK8t7jjiUHPF0tYWpLmAKdKHmJqB7ZBGzT7pAP07XockRHoeYHBHoO3Ck/c3h0f +EtclGMOuGwKBgQCXf8z9RMmS+lZz9LJEJtT6QdY/RghJPbOJWoMijJ29fJbzLgQT +zt03ZnnfIbD13sl/bnYUUIyTV3l/KkpUFjivC9Y4Y/FUrpLbDy9gWzCeRV6fDyep +h3+yS0huMltBsjI7CZ0sMCWKlSqdlb6tBttxJZeI6H6qUimM8NmtSk3EuQKBgAw+ +OIjt0LU0dwvHdsYQKCcswAEY1E6FO4GuJBa01+9KUuFc16u7QGACuYF6Y1gylgwL +B5yZXy0M3EytDBsX07joN1yo5+uBm130RQovy7olxHvjjydNmtzEosVmMCRtpiXW +QFItCxC3TeQ9HXFNJGn3rHkOfHlSrQRtlZkG7XmLAoGACVKIJSoI2Kvd913TATb4 +whzNqbdiyFCadLf9cST7sGZ+ZvtHF3CT3iU/9JpBhndu4IqgFPPk694GXhoR2LK8 +SoGR4mhRvPAUgvKjRE2dypQtytgA8gm1soofSjSdoJlSBQkaxfT8N0mwQTbsoyWN +zUDUWl3epDaqpUsV8NOuy4E= +-----END PRIVATE KEY----- diff --git a/lib/ssh/test/ssh_pubkey_SUITE_data/pkcs8/id_rsa.pub b/lib/ssh/test/ssh_pubkey_SUITE_data/pkcs8/id_rsa.pub new file mode 100644 index 0000000000..f7b1180aad --- /dev/null +++ b/lib/ssh/test/ssh_pubkey_SUITE_data/pkcs8/id_rsa.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC2d3XMIA8GTEQcUFCOm31M5jt6lGjN61ZYGnXBVBjEcyJynB7Y3C437cDpjmvbSWF1oSVVDTwMERwnXzixLG//7w8K7i6aJLKpHKtS91qnrQidmrUWDnQ4kx8AZxaN46nhSsf+cZ0nKp03ZjjR5WxeDimiDLsSUbdDmFE6ZsL2+k5OStvcqu/skUVfPe+FGTGJgIw3DyErxM7J72jUkLJXMiZkYbB1QD05k3g2LOiPqJ73QoJVGgj7YagTSA3Lgy3s/6U7IMHMV4lsaXShv1Lk/eCfIJVSaVXQRjV9KKM3wgg6PmWqwGkAO36w3eJiW1kmYKfnAM/+I5Gfo/TiNZTX uabhnil@elxadlj3q32 diff --git a/lib/ssh/test/ssh_pubkey_SUITE_data/pkcs8/ssh_host_rsa_key b/lib/ssh/test/ssh_pubkey_SUITE_data/pkcs8/ssh_host_rsa_key new file mode 100644 index 0000000000..0c01831fa6 --- /dev/null +++ b/lib/ssh/test/ssh_pubkey_SUITE_data/pkcs8/ssh_host_rsa_key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCuvOQFQAxi8Cyj +iFHv2+Y1vE1sti3tChy6RuIJY6rb0dC+ptLOP85ITVCDoL9pNuCG92m/FtoW3dqp +1augXQ+FVWgSwljvpsjtGyhsh73Mj9nd2RBGZbcjKMe+lUHDLzh8pnTkDwF3XSRx +rUZ+tBeLsuQVnkVGPFqsXMyiMZV6xZxktqBOE8bRACNLDawb6iqXhigh5qBJ1/e3 +M44X7Ti9ymCoJG6CyxzDXuUjVHCrScze2FQGBJYNFuPOaRaj2Llalz1kpLXPgA0R +P4jaEZbs8QDpcBckoLqchZ1UiJ7QY3TYL+aLjk3JM+fnYj9MkoUC0ihnx9uscR6l +ftX8O3sNAgMBAAECggEADXIlja3fBiH7HV5ZB78BGPNzdcETCaF0knTv4c8Uj7O2 +f2Uw5YQNaIzifC57bCo33srdDUJB5+6Ma/MwMLfYgOcQihkAZPiNj4k+dBOB7GLJ +XgPc973N+NujeyvbEpzomNbqOb5Z24iETGcL/KX5BdvvJya1p/Du/UJq0LRGD1tS +0TycwcphU9rOffTCUd0+XpPJO0RehkIoyDY5PGu9rzTHkluhSotldfjVWpWaqqhq +QQ7c04aWGsjMg4HzrqnLx35/rCKU3+tRwZ4wnAHxpOtg/EuQJiX08Z4wMwsBG+GM +ybnd/pRAUOkvatjRemdqqtmpL0qtsmhNANaUyPc6IQKBgQDgUvd9trgVgbN/tP+b +bFFILmqumvSA2fWZknmhRYaIcHCMAcLsRVZqlyOyRpztavOcgEmJXajPPFA6AjKa +5g70tf3kbpveeuRaFVepSLIKSl0xIT9hV8CIxzdnRA3P4j9xsQ9Qpnuiwo9mbgFG +lQ28nCPhW+3mNfBNmU+ZWak0dQKBgQDHaXGroc74attrQDODvChuedny5lm91n5C +nGAaEfVHH3zrYoz65VisnvERSU1Nh8G12moldCcaWnOMY97OJmMnG/sCBZskDzRp +e1Mf+gT0TQoyYZHMTZtA1HyRRkdTlLZ7S77HUNTK8qrIpJEHLFSnzCPlBkY84fgw ++8IdVkX5OQKBgCDnapARFi1paffoh7m3iLCqxlE4P3cLAYB2QMsMFLC8tXWD6KCZ +hxR5eO30d55HmtYw5xh0GYfUU/w+SEf6SOVSMJyqMMjQg+BG0yXsmNjzkXncY5yW +r5IgjpriG5iLmjzF+PYehXIZUcl3h05gHLS2vniW8G1dKhNn0oou4aflAoGAFTLh +caR+8yuw7cLidxOunKf5gnf4fFTsETq8gKj+ETSIvCE66YUuGxO+ft7zB9XxwtpY +RGkHqyaIeBk522J7UfIIiht8daXkJX6FxLV4h1wVRGvY6wYpBghQwcTd2kXJ7GuN ++XRfWr/XZgMQo9mTmk76VeOH3fsLvnFVHndIcwkCgYBLntA0osVpZm6egw26+80C +PtnSrUmsW4sTB+eQbbyDn6i/fAgGKc+2WuvcdorqyfLSEcs+hE/59roFVFpCEPN5 +4oO7o+o0SQ2ehxY+Lv2XF+TnfUQlAc6BCBfK3tG6rROUFiznAaua1hcsoAa9x/LH +0SgWzYqbWI0qq7pv91tBdw== +-----END PRIVATE KEY----- diff --git a/lib/ssh/test/ssh_pubkey_SUITE_data/pkcs8/ssh_host_rsa_key.pub b/lib/ssh/test/ssh_pubkey_SUITE_data/pkcs8/ssh_host_rsa_key.pub new file mode 100644 index 0000000000..8e62458395 --- /dev/null +++ b/lib/ssh/test/ssh_pubkey_SUITE_data/pkcs8/ssh_host_rsa_key.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCuvOQFQAxi8CyjiFHv2+Y1vE1sti3tChy6RuIJY6rb0dC+ptLOP85ITVCDoL9pNuCG92m/FtoW3dqp1augXQ+FVWgSwljvpsjtGyhsh73Mj9nd2RBGZbcjKMe+lUHDLzh8pnTkDwF3XSRxrUZ+tBeLsuQVnkVGPFqsXMyiMZV6xZxktqBOE8bRACNLDawb6iqXhigh5qBJ1/e3M44X7Ti9ymCoJG6CyxzDXuUjVHCrScze2FQGBJYNFuPOaRaj2Llalz1kpLXPgA0RP4jaEZbs8QDpcBckoLqchZ1UiJ7QY3TYL+aLjk3JM+fnYj9MkoUC0ihnx9uscR6lftX8O3sN uabhnil@elxadlj3q32 |