Skip to content

Commit

Permalink
Merge pull request src-d#759 from mdelillo/invalid-ssh-key
Browse files Browse the repository at this point in the history 
plumbing: ssh, return error when creating public keys from invalid PEM
  • Loading branch information
@mcuadros
mcuadros committed Feb 25, 2018
2 parents 721449a + 779c88d commit defd0b8
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 0 deletions.
3 changes: 3 additions & 0 deletions plumbing/transport/ssh/auth_method.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -124,6 +124,9 @@ type PublicKeys struct {
// (PKCS#1), DSA (OpenSSL), and ECDSA private keys.
func NewPublicKeys(user string, pemBytes []byte, password string) (*PublicKeys, error) {
block, _ := pem.Decode(pemBytes)
if block == nil {
return nil, errors.New("invalid PEM data")
}
if x509.IsEncryptedPEMBlock(block) {
key, err := x509.DecryptPEMBlock(block, []byte(password))
if err != nil {
Expand Down
6 changes: 6 additions & 0 deletions plumbing/transport/ssh/auth_method_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -143,3 +143,9 @@ func (*SuiteCommon) TestNewPublicKeysFromFile(c *C) {
c.Assert(err, IsNil)
c.Assert(auth, NotNil)
}

func (*SuiteCommon) TestNewPublicKeysWithInvalidPEM(c *C) {
auth, err := NewPublicKeys("foo", []byte("bar"), "")
c.Assert(err, NotNil)
c.Assert(auth, IsNil)
}

0 comments on commit defd0b8

Please sign in to comment.