Invalid encoding for signature: redundant leading 0s #354
Comments
This was referenced Aug 31, 2017
|
If you have a unit test case to reproduce this that would be great. |
|
@charlesrgould Can you craft some unit test case that fails so that we can make work of solving this? thanks! |
|
I've been trying to do just that. On our devices it's intermittent. The code logs in to the device several times in short succession, using username-password auth. Occasionally we see this exception about the key exchange messing up. Do you have any insight (or guess) as to what could be the problem? Feel free to close the two tickets I created if I fail to generate a test case within the next few weeks. |
|
I assume it's a genuine bug, also given the other kinoed reports, so
closing it is not my first option ;). However I'm not sure where the bug
is, nor how to reproduce.
Op 7 sep. 2017 11:38 p.m. schreef "charlesrgould" <notifications@github.com
…:
I've been trying to do just that. On our devices it's intermittent. The
code logs in to the device several times in short succession, using
username-password auth. Occasionally we see this exception about the key
exchange messing up. Do you have any insight (or guess) as to what could be
the problem?
Feel free to close the two tickets I created if I fail to generate a test
case within the next few weeks.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#354 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAHLo1H7cxvIpal0u9ZcFK2KBgW01D-Nks5sgGJjgaJpZM4PJTKz>
.
|
hierynomus
added a commit
that referenced
this issue
Sep 29, 2017
CCLiu
added a commit
to CCLiu/sshj
that referenced
this issue
Jan 11, 2018
* Check whether filename is a child of the current file (Fixes hierynomus#341) * Fixed codacy * Updated README release notes * Removed oraclejdk7 as that is no longer supported on trusty, added openjdk * Added gradle caching to travis config * Removed use of DataTypeConverter as that is no longer in default JDK9 * Removed build of broken openJDK7 in favour of using animal-sniffer to detect java 1.6 compatibility * Improved test stability * Correctly determine KeyType for ECDSA public key (Fixes hierynomus#356) * fixed build * Fixed Java9 build? * Disambiguated signature initialization * Removed deprecated method * Organised imports * Added 'out/' to gitignore * Added support for new-style fingerprints (hierynomus#365) * Added support for new-style fingerprints * Fixed codacy warnings * Fix decoding signature bytes (Fixes hierynomus#355, hierynomus#354) (hierynomus#361) * Fix for signature verify in DSA * Cleaned up signature verification * Fixed import * Ignored erroneous pmd warnings * Updated JavaDoc * Extracted ASN.1/DER encoding to method (hierynomus#368) * Update net.i2p.crypto:eddsa to 0.2.0 (hierynomus#372) * Update net.i2p.crypto:eddsa to 0.2.0 * Update net.i2p.crypto.eddsa to 0.2.0 * Update net.i2p.crypto.eddsa to 0.2.0 * Update net.i2p.crypto.eddsa to 0.2.0 * Log security provider registration failures (hierynomus#374) * Migrate remaining block ciphers * Updated README for v0.23.0 release * Using new release plugin * Updated build plugins * Fix escaping in WildcardHostMatcher (hierynomus#382) * Escape '[' and ']' in WildcardHostMatcher * Anchoring regex to match entire string (Fixes hierynomus#381) * Updated builds to include CodeCov * - Experimenting with travis * - fix ip for online testing * - account for different working dir * - yaml-yaml * - double before_install * - still -d * - try common format * - Fixed server keys - Use sshj branding * - grr, ip * - minor improvements * - eh? * - switch username back * - orly? * - desperation * - One more time * Upgraded gradle to cope with java9 * Separated out integration tests * Fixed length bug in putString (Fixes hierynomus#187) * Removed docker from travis yml as it is included in gradle build now * Added integration test to travis * Update AndroidConfig (hierynomus#389) * Add EdDSA signature for AndroidConfig. * Initialize KeyExchange- and FileKeyProviderFactories with registered "bouncyCastle" (in fact, SpongyCastle is registered). See hierynomus#308 for discussion. * Added integration test for append scenario (Fixes hierynomus#390) * Fixed headers
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Related bugs:
Synopsis:
Security fix in Java 8u121 exposed an encoding issue in some SSH libraries. In other words, these libraries were relying on buggy code in the JDK. Now that it's fixed in the JDK, these libraries mess up. Specifically: redundant 0s should be stripped from the signature.
Environment:
The text was updated successfully, but these errors were encountered: