[Bug]: failed to decrypt JWK

[BoxedBrain]

Steps to Reproduce

When trying to create a certificate, I need to enter the password. This was generated before by step-ca and looks like this: OF'Wix)Z_Y1"Z'G[OL|vB9<X<doibdTz

Your Environment

• step Version: Smallstep CLI/0.25.0 (windows/amd64) Release Date: 2023-09-27T05:35:24Z
• step-ca Version: Smallstep CA/0.25.0 (linux/amd64) Release Date: 2023-09-27 06:17 UTC

Expected Behavior

Generated password should work

Actual Behavior

C:\dev\test>step ca certificate localhost srv.crt srv.key --provisioner=removed
✔ Provisioner: removed (JWK) [kid: ...removed...]
✔ Please enter the password to decrypt the provisioner key:
✔ Please enter the password to decrypt the provisioner key:
✔ Please enter the password to decrypt the provisioner key: █
failed to decrypt JWK: invalid password

Additional Context

Manually creating a 'simple' password e.g.: test123 works as expected.

Contributing

Vote on this issue by adding a 👍 reaction. To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).

[hslatman]

@BoxedBrain does the password work if you provide it using a file or while escaping it on the command line? I suspect some character is problematic while providing it interactively.

[BoxedBrain]

@hslatman yes, providing it using --provisioner-password-file=pw.txt works as expected. Also, I had the same problem with different generated passwords.