Page MenuHomePhabricator

Correctly identify more SSH private key problems as "formatting" or "passphrase" related

Authored by epriestley on Nov 13 2019, 6:17 PM.
Referenced Files
F13328153: D20905.diff
Sun, Jun 16, 5:32 AM
Sun, Jun 16, 3:03 AM
F13326561: D20905.id49825.diff
Sat, Jun 15, 7:39 AM
F13326505: D20905.id49826.diff
Sat, Jun 15, 7:07 AM
Sat, Jun 8, 11:45 PM
F13298119: D20905.diff
Fri, Jun 7, 6:19 AM
F13295923: D20905.id49825.diff
Thu, Jun 6, 9:03 AM
F13293637: D20905.id49825.diff
Wed, Jun 5, 10:28 AM



Ref T13454. Fixes T13006. When a user provide us with an SSH private key and (possibly) a passphrase:

  1. Try to verify that they're correct by extracting the public key.
  2. If that fails, try to figure out why it didn't work.

Our success in step (2) will vary depending on what the problem is, and we may end up falling through to a very generic error, but the outcome should generally be better than the old approach.

Previously, we had a very unsophisticated test for the text "ENCRYPTED" in the key body and questionable handling of the results: for example, providing a passphrase when a key did not require one did not raise an error.

Test Plan

Created and edited credentials with:

  • Valid, passphrase-free keys.
  • Valid, passphrased keys with the right passphrase.
  • Valid, passphrase-free keys with a passphrase ("surplus passphrase" error).
  • Valid, passphrased keys with no passphrase ("missing passphrase" error).
  • Valid, passphrased keys with an invalid passphrase ("invalid passphrase" error).
  • Invalid keys ("format" error).

The precision of these errors will vary depending on how helpful "ssh-keygen" is.

Diff Detail

rP Phabricator
Lint Passed
Tests Passed
Build Status
Buildable 23653
Build 32516: Run Core Tests
Build 32515: arc lint + arc unit