You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am writing a lambda function in aws using node.js to ssh to an ec2 instance. I want to use public key private key pairs so I don't have to embed a password in the code. I'm using simple-ssh as a wrapper library to ssh2 which in turn calls asn1 reader.js to parse the private key to verify its validity. There appears to be a problem with indexing through the first 8 bytes of the key which manifests itself in the method readString. The first 8 bytes are as follows: 30 82 04 bd 02 01 00 30. By the time readSting is called, the offset variable is 7 which causes the code to read the 8th byte which is 0x30. readString compares this value with the TAG value which is 0x02 and throws an error stating that the key is invalid because 0x30 doesn't match 0x02. If I load my private key into this website https://lapo.it/asn1js/ it can parse the key without fail. I also found some javascript code that also is consistent with how the first 8 bytes are indexed and successfully parses the key. I think that the offsets are being handled incorrectly in the code.
The text was updated successfully, but these errors were encountered:
I am writing a lambda function in aws using node.js to ssh to an ec2 instance. I want to use public key private key pairs so I don't have to embed a password in the code. I'm using simple-ssh as a wrapper library to ssh2 which in turn calls asn1 reader.js to parse the private key to verify its validity. There appears to be a problem with indexing through the first 8 bytes of the key which manifests itself in the method readString. The first 8 bytes are as follows: 30 82 04 bd 02 01 00 30. By the time readSting is called, the offset variable is 7 which causes the code to read the 8th byte which is 0x30. readString compares this value with the TAG value which is 0x02 and throws an error stating that the key is invalid because 0x30 doesn't match 0x02. If I load my private key into this website https://lapo.it/asn1js/ it can parse the key without fail. I also found some javascript code that also is consistent with how the first 8 bytes are indexed and successfully parses the key. I think that the offsets are being handled incorrectly in the code.
The text was updated successfully, but these errors were encountered: