diff --git a/go.mod b/go.mod
index cbbbfb7bf9ab42b98b1f58753a283d3cceef87ee..b6d478aeb500ca3ae74a5dad68e7def4baba2c3a 100644
--- a/go.mod
+++ b/go.mod
@@ -7,7 +7,7 @@ require (
github.com/gophercloud/gophercloud v0.15.1-0.20210205220151-18b16b34db5c
github.com/gophercloud/utils v0.0.0-20210209042946-13abf2251886
github.com/howeyc/gopass v0.0.0-20190910152052-7cb4b85ec19c
- github.com/kayrus/putty v1.0.3
+ github.com/kayrus/putty v1.0.4
github.com/spf13/cobra v1.0.0
github.com/spf13/viper v1.7.1
golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a
diff --git a/go.sum b/go.sum
index 1c5fc2b733e0b672a3e35a4c2184790e60cffaa2..0c832421416033add15c2ef9853adffda1d949f2 100644
--- a/go.sum
+++ b/go.sum
@@ -111,8 +111,8 @@ github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCV
github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w=
-github.com/kayrus/putty v1.0.3 h1:MUOf/9ePOjQZSIYFsBR5j1RKyFAQsOy0HI07YkYIJ08=
-github.com/kayrus/putty v1.0.3/go.mod h1:1vlXyu9tPZalhOmO/eUZ9Nn+wphKTlfaZaH5yDwLMsc=
+github.com/kayrus/putty v1.0.4 h1:C9Kmk97PX+ymItSPHgVFTYJtwoN8WEhZCfRDA5ZzJsQ=
+github.com/kayrus/putty v1.0.4/go.mod h1:1vlXyu9tPZalhOmO/eUZ9Nn+wphKTlfaZaH5yDwLMsc=
github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q=
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
diff --git a/vendor/github.com/kayrus/putty/putty.go b/vendor/github.com/kayrus/putty/putty.go
index 3014419f41be62b1a055666bba8e71d93fbb8e70..393e3091cb6ad52202521d42c016e69d67f594de 100644
--- a/vendor/github.com/kayrus/putty/putty.go
+++ b/vendor/github.com/kayrus/putty/putty.go
@@ -331,9 +331,13 @@ func decodeFields(r reader) (*Key, error) {
} else {
k.PrivateKey = v
}
- case "`Private-Hash",
+ case "Private-Hash",
"Private-MAC":
// read hash or signature
+ if k.Version == 0 {
+ return nil, fmt.Errorf("cannot read %q without a header: %v", h, err)
+ }
+
k.PrivateMac, err = hex.DecodeString(string(b))
if err != nil {
return nil, fmt.Errorf("failed to decode the %q hex string: %v", h, err)
@@ -500,6 +504,8 @@ func (k Key) deriveKeys(password []byte) ([]byte, []byte, []byte, error) {
h = argon2.IDKey(password, k.Argon2Salt, k.Argon2Passes, k.Argon2Memory, k.Argon2Parallelism, argon2KeyLength)
case "Argon2i":
h = argon2.Key(password, k.Argon2Salt, k.Argon2Passes, k.Argon2Memory, k.Argon2Parallelism, argon2KeyLength)
+ case "":
+ return nil, nil, nil, nil
default:
return nil, nil, nil, fmt.Errorf("%q argon2 key deriviation is not supported", k.KeyDerivation)
}
@@ -515,20 +521,13 @@ func (k Key) deriveKeys(password []byte) ([]byte, []byte, []byte, error) {
// decrypt decrypts the key, when it is encrypted. and validates its signature
func (k *Key) decrypt(password []byte) error {
- var (
- err error
- cipherKey,
- cipherIV,
- macKey []byte
- )
+ cipherKey, cipherIV, macKey, err := k.deriveKeys(password)
+ if err != nil {
+ return err
+ }
// decrypt the key, when it is encrypted
if !k.decrypted && k.Encryption != "none" {
- cipherKey, cipherIV, macKey, err = k.deriveKeys(password)
- if err != nil {
- return err
- }
-
err = decryptCBC(cipherKey, cipherIV, macKey, k.PrivateKey)
if err != nil {
return err
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 4799d509175f271bf965846575459ba24003f888..ab54bd55969375476ce74a64297a927c8b4fe7e1 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -39,7 +39,7 @@ github.com/hashicorp/hcl/json/token
github.com/howeyc/gopass
# github.com/inconshreveable/mousetrap v1.0.0
github.com/inconshreveable/mousetrap
-# github.com/kayrus/putty v1.0.3
+# github.com/kayrus/putty v1.0.4
## explicit
github.com/kayrus/putty
# github.com/magiconair/properties v1.8.1