In openssh_read(), we shouldn't ever return SSH2_WRONG_PASSPHRASE for

an unencrypted key. (The other import function, sshcom_read(), already
got this right.) Thanks to David Wedderwille for the report.

This is more than just an error-reporting mistake; it actually causes
Windows PuTTYgen to tight-loop on attempting to load a corrupt OpenSSH
key, because the 'wrong passphrase' return value causes the caller to
loop round and try again, but of course it knows the key is
unencrypted so it doesn't prompt for a different passphrase and just
tries again with no change...

[originally from svn r9643]

diff --git a/import.c b/import.c
index 2ba2f9a0e59d6b5b88460cebed47c8ff64bac494..bb863d778a45e33fe23e502df8bdfe2b9da3790d 100644 (file)
--- a/import.c
+++ b/import.c
@@ -592,12 +592,13 @@ struct ssh2_userkey *openssh_read(const Filename *filename, char *passphrase,
     
     p = key->keyblob;
 
-    /* Expect the SEQUENCE header. Take its absence as a failure to decrypt. */
+    /* Expect the SEQUENCE header. Take its absence as a failure to
+     * decrypt, if the key was encrypted. */
     ret = ber_read_id_len(p, key->keyblob_len, &id, &len, &flags);
     p += ret;
     if (ret < 0 || id != 16) {
        errmsg = "ASN.1 decoding failure";
-       retval = SSH2_WRONG_PASSPHRASE;
+        retval = key->encrypted ? SSH2_WRONG_PASSPHRASE : NULL;
        goto error;
     }
 
@@ -629,7 +630,7 @@ struct ssh2_userkey *openssh_read(const Filename *filename, char *passphrase,
        if (ret < 0 || id != 2 ||
            key->keyblob+key->keyblob_len-p < len) {
            errmsg = "ASN.1 decoding failure";
-           retval = SSH2_WRONG_PASSPHRASE;
+           retval = key->encrypted ? SSH2_WRONG_PASSPHRASE : NULL;
            goto error;
        }