mina-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Goldstein Lyor (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (SSHD-491) SSHD fails to correctly verify ECDSA P-521 public keys
Date Mon, 15 Jun 2015 05:54:00 GMT

    [ https://issues.apache.org/jira/browse/SSHD-491?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14585460#comment-14585460
] 

Goldstein Lyor commented on SSHD-491:
-------------------------------------

I figured out the problem - the P-521 DER encoding contains a length of > 127 therefore
the _SignatureECDSA#sign()_ decodes it incorrectly. Please note that if you attach a patch
then you should also fix _SignatureECDSA#verify()_ since it is likely encoding P-521 incorrectly
as well.

> SSHD fails to correctly verify ECDSA P-521 public keys
> ------------------------------------------------------
>
>                 Key: SSHD-491
>                 URL: https://issues.apache.org/jira/browse/SSHD-491
>             Project: MINA SSHD
>          Issue Type: Bug
>    Affects Versions: 0.14.0
>            Reporter: Norman Ma
>            Assignee: Goldstein Lyor
>         Attachments: ecdsa_sha2_nistp521_bug_junit.patch
>
>
> When using ECDSA public keys with SSHD, keys generated with the NIST P-256 and P-384
curves behave as expected, but keys generated with the P-521 curve always fail validation
("invalid signature format").



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message