From: nobu@...
Date: 2015-12-06T06:10:28+00:00
Subject: [ruby-core:71854] [Ruby trunk - Bug #11774] OpenSSL::PKey.read produces ArgumentError on invalid passphrases

Issue #11774 has been updated by Nobuyoshi Nakada.

Description updated

Seems that OpenSSL doesn't tell what kind failure happened.

----------------------------------------
Bug #11774: OpenSSL::PKey.read produces ArgumentError on invalid passphrases
https://bugs.ruby-lang.org/issues/11774#change-55258

* Author: Artem Yakimenko
* Status: Open
* Priority: Normal
* Assignee: 
* ruby -v: ruby 2.2.3p173 (2015-08-18 revision 51636) [x86_64-darwin15]
* Backport: 2.0.0: UNKNOWN, 2.1: UNKNOWN, 2.2: UNKNOWN
----------------------------------------
If we try to read out an RSA encrypted key with an invalid passphrase like so:

```ruby
require 'openssl'
OpenSSL::PKey.read(File.read("#{ENV['HOME']}/.ssh/id_rsa"), 'invalid')
```
We get an argument error:

```
ArgumentError: Could not parse PKey: no start line
from (pry):6:in `read'
```
However, if I understand the situation correctly, it should produce a decode error: `OpenSSL::PKey::RSAError`, as per the doc:
>
OpenSSL::PKey::RSAError
Generic exception that is raised if an operation on an RSA PKey fails unexpectedly or in case an instantiation of an instance of RSA fails due to non-conformant input data.

Reproduction:

1. Create a password protected ssh key (if none exists):

    ```
    ssh-keygen -t rsa -b 4096
    ```

2. Run the following snippet (assuming ~/.ssh/id_rsa is the key location)

    ```ruby
    require 'openssl'

    OpenSSL::PKey.read(File.read("#{ENV['HOME']}/.ssh/id_rsa"), 'invalid_passphrase')
    ```

Tested on:
MacOSX 10.11.1
OpenSSL 1.0.2d 9 Jul 2015
Ruby 2.1.7
Ruby 2.2.3



-- 
https://bugs.ruby-lang.org/