Fix removing encrypted ASN.1 keys from ssh-agent (#6804)

Contents of id_rsa-encrypted-asn1 are from TestOpenSSHKey::testDecryptRSAAES128CBC(). Closes #6788
2024-10-01 01:26:01 -04:00 · 2021-08-08 21:36:06 +08:00 · 2021-08-08 21:36:06 +08:00 · bc5d0df19e
commit bc5d0df19e
parent 0921bf2d61
4 changed files with 45 additions and 1 deletions
--- a/src/sshagent/KeeAgentSettings.cpp
+++ b/src/sshagent/KeeAgentSettings.cpp
@ -478,7 +478,7 @@ bool KeeAgentSettings::toOpenSSHKey(const QString& username,
        return false;
    }

-    if (key.encrypted() && decrypt) {
+    if (key.encrypted() && (decrypt || key.publicKey().isEmpty())) {
        if (!key.openKey(password)) {
            m_error = key.errorString();
            return false;
--- a/tests/TestSSHAgent.cpp
+++ b/tests/TestSSHAgent.cpp
@ -16,6 +16,7 @@
 */

 #include "TestSSHAgent.h"
+#include "config-keepassx-tests.h"
 #include "core/Config.h"
 #include "crypto/Crypto.h"
 #include "sshagent/KeeAgentSettings.h"
@ -211,6 +212,18 @@ void TestSSHAgent::testConfirmConstraint()
    QVERIFY(agent.checkIdentity(m_key, keyInAgent) && !keyInAgent);
 }

+void TestSSHAgent::testToOpenSSHKey()
+{
+    KeeAgentSettings settings;
+    settings.setSelectedType("file");
+    settings.setFileName(QString("%1/id_rsa-encrypted-asn1").arg(QString(KEEPASSX_TEST_DATA_DIR)));
+
+    OpenSSHKey key;
+    settings.toOpenSSHKey("username", "correctpassphrase", QString(), nullptr, key, false);
+
+    QVERIFY(!key.publicKey().isEmpty());
+}
+
 void TestSSHAgent::cleanupTestCase()
 {
    if (m_agentProcess.state() != QProcess::NotRunning) {
--- a/tests/TestSSHAgent.h
+++ b/tests/TestSSHAgent.h
@ -34,6 +34,7 @@ private slots:
    void testRemoveOnClose();
    void testLifetimeConstraint();
    void testConfirmConstraint();
+    void testToOpenSSHKey();
    void cleanupTestCase();

 private:
--- a/tests/data/id_rsa-encrypted-asn1
+++ b/tests/data/id_rsa-encrypted-asn1
@ -0,0 +1,30 @@
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: AES-128-CBC,804E4D214D1263FF94E3743FE799DBB4
+
+lM9TDfOTbiRhaGGDh7Hn+rqw8CCWcYBZYu7smyYLdnWKXKPmbne8CQFZBAS1FJwZ
+6Mj6n075yFGyzN9/OfeqKiUA4adlbwLbGwB+yyKsC2FlsvRIEr4hup02WWM47vHj
+DS4TRmNkE7MKFLhpNCyt5OGGM45s+/lwVTw51K0Hm99TBd72IrX4jfY9ZxAVbL3l
+aTohL8x6oOTe7q318QgJoFi+DjJhDWLGLLJ7fBqD2imz2fmrY4j8Jpw2sDe1rj82
+gMqqNG3FrfN0S4uYlWYH5pAh+BUcB1UdmTU/rV5wJMK1oUytmZv/J2+X/0k3Y93F
+aw6JWOy28OizW+TQXvv8gREWsp5PEclqUZhhGQbVbCQCiDOxg+xiXNySdRH1IqjR
+zQiKgD4SPzkxQekExPaIQT/KutWZdMNYybEqooCx8YyeDoN31z7Wa2rv6OulOn/j
+wJFvyd2PT/6brHKI4ky8RYroDf4FbVYKfyEW5CSAg2OyL/tY/kSPgy/k0WT7fDwq
+dPSuYM9yeWNL6kAhDqDOv8+s3xvOVEljktBvQvItQwVLmHszC3E2AcnaxzdblKPu
+e3+mBT80NXHjERK2ht+/9JYseK1ujNbNAaG8SbKfU3FF0VlyJ0QW6TuIEdpNnymT
+0fm0cDfKNaoeJIFnBRZhgIOJAic9DM0cTe/vSG69DaUYsaQPp36al7Fbux3GpFHS
+OtJEySYGro/6zvJ9dDIEfIGZjA3RaMt6+DuyJZXQdT2RNXa9j60xW7dXh0En4n82
+JUKTxYhDPLS5c8BzpJqoopxpKwElmrJ7Y3xpd6z2vIlD8ftuZrkk6siTMNQ2s7MI
+Xl332O+0H4k7uSfczHPOOw36TFhNjGQAP0b7O+0/RVG0ttOIoAn7ZkX3nfdbtG5B
+DWKvDaopvrcC2/scQ5uLUnqnBiGw1XiYpdg5ang7knHNzHZAIekVaYYZigpCAKp+
+OtoaDeUEzqFhYVmF8ad1fgvC9ZUsuxS4XUHCKl0H6CJcvW9MJPVbveqYoK+j9qKd
+iMIkQBP1kE2rzGZVGUkZTpM9LVD9nP0nsbr6E8BatFcNgRirsg2BTJglNpXlCmY6
+ldzJ/ELBbzoXIn+0wTGai0o4eBPx55baef69JfPuZqEB9pLNE+mHstrqIwcfqYu4
+M+Vzun1QshRMj9a1PVkIHfs1fLeebI4QCHO0vJlc9K4iYPM4rsDNO3YaAgGRuARS
+f3McGiGFxkv5zxe8i05ZBnn+exE77jpRKxd223jAMe2wu4WiFB7ZVo4Db6b5Oo2T
+TPh3VuY7TNMEKkcUi+mGLKjroocQ5j8WQYlfnyOaTalUVQDzOTNb67QIIoiszR0U
+AXGyxHj0QtotZFoPME+AbS9Zqy3SgSOuIzPBPU5zS4uoKNdD5NPE5YAuafCjsDy
+MT4DVy+cPOQYUK022S7T2nsA1btmvUvD5LL2Mc8VuKsWOn/7FKZua6OCfipt6oX0
+1tzYrw0/ALK+CIdVdYIiPPfxGZkr+JSLOOg7u50tpmen9GzxgNTv63miygwUAIDF
+u0GbQwOueoA453/N75FcXOgrbqTdivyadUbRP+l7YJk/SfIytyJMOigejp+Z1lzF
+-----END RSA PRIVATE KEY-----