Skip to content

BEGIN ENCRYPTED PRIVATE KEY is not supported #1535

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
Ben555555 opened this issue Nov 11, 2024 · 4 comments
Closed

BEGIN ENCRYPTED PRIVATE KEY is not supported #1535

Ben555555 opened this issue Nov 11, 2024 · 4 comments

Comments

@Ben555555
Copy link

Ben555555 commented Nov 11, 2024
edited
Loading

The documentation says "BEGIN ENCRYPTED PRIVATE KEY" is supported private key format. But when I use the following key the exception "Key 'ENCRYPTED' is not supported." is thrown.

-----BEGIN ENCRYPTED PRIVATE KEY-----
XYZ...
-----END ENCRYPTED PRIVATE KEY-----

When looking at the source code of "PrivateKeyFile.cs" it also looks like this simply is not supported:

private void Open(Stream privateKey, string passPhrase)
{
    if (privateKey is null)
    {
        throw new ArgumentNullException(nameof(privateKey));
    }

    Match privateKeyMatch;

    using (var sr = new StreamReader(privateKey))
    {
        var text = sr.ReadToEnd();
        privateKeyMatch = PrivateKeyRegex.Match(text);
    }

    if (!privateKeyMatch.Success)
    {
        throw new SshException("Invalid private key file.");
    }

    var keyName = privateKeyMatch.Result("${keyName}");
    var cipherName = privateKeyMatch.Result("${cipherName}");
    var salt = privateKeyMatch.Result("${salt}");
    var data = privateKeyMatch.Result("${data}");
...
    switch (keyName)
    {
        case "RSA":
...
            break;
        case "DSA":
...
            break;
        case "EC":
..
            break;
        case "OPENSSH":
...
            break;
        case "SSH2 ENCRYPTED":
...
            break;
        default:
            throw new NotSupportedException(string.Format(CultureInfo.CurrentCulture, "Key '{0}' is not supported.", keyName));
    }
}

First of all the variable keyName will contain "ENCRYPTED" and there is no case for that in the switch statement. So it wil throw the mentioned exception. Also if it was going to match with "RSA" the passPhrase would not be used?

So either the regex is wrong and extracts the wrong values or the implementation is simply missing and not true according to the documentation.

I'm using the version "2024.1.0" btw.
@Rob-Hague
Copy link
Collaborator

Hi, it is supported on the current develop branch and in the next imminent release. You can try it out from the CI feed at https://ci.appveyor.com/nuget/ssh-net e.g. version 2024.2.0-prerelease.1

@Ben555555
Copy link
Author

Ben555555 commented Nov 11, 2024
edited
Loading

@Rob-Hague Thanks it's working with this version.
Personally, I think it would be great if you could add these to the default prerelease nuget feed.

@Rob-Hague
Copy link
Collaborator

Cool, yep would like to do it just need to get the CI -> nuget link more automated

@Rob-Hague
Copy link
Collaborator

2024.2.0 published on nuget - closing now

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Rob-Hague @Ben555555