mina-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Goldstein Lyor (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (SSHD-737) "Invalid encoding: redundant leading 0s" when establishing session
Date Tue, 12 Sep 2017 11:18:00 GMT

    [ https://issues.apache.org/jira/browse/SSHD-737?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16162810#comment-16162810
] 

Goldstein Lyor commented on SSHD-737:
-------------------------------------

P.S. I remember we solve a similar issue for RSA keys and leading zeroes - see {{AbstractDH#stripLeadingZeroes}}
that was introduced as part of SSHD-330 - perhaps something similar is required for DSA signature...

> "Invalid encoding: redundant leading 0s" when establishing session
> ------------------------------------------------------------------
>
>                 Key: SSHD-737
>                 URL: https://issues.apache.org/jira/browse/SSHD-737
>             Project: MINA SSHD
>          Issue Type: Bug
>    Affects Versions: 0.14.0
>            Reporter: Grzegorz Grzybek
>            Assignee: Goldstein Lyor
>             Fix For: 1.4.0
>
>
> Probably related to https://bugs.openjdk.java.net/browse/JDK-8175251. I'm getting:
> {noformat}
> 2017-04-03 12:57:52,932 | INFO  | d]-nio2-thread-1 | ClientSessionImpl              
 | 33 - org.apache.sshd.core - 0.14.0 | Client session created
> 2017-04-03 12:57:52,932 | DEBUG | d]-nio2-thread-1 | ClientSessionImpl              
 | 33 - org.apache.sshd.core - 0.14.0 | Send SSH_MSG_KEXINIT
> 2017-04-03 12:57:52,932 | TRACE | d]-nio2-thread-1 | ClientSessionImpl              
 | 33 - org.apache.sshd.core - 0.14.0 | Sending packet #0: 14 5c dd 49 7d 80 20 9d 4b d8 c9
11 ac 42 34 81 08 00 00 00 9b 64 69 66 66 69 65 2d 68 65 6c 6c 6d 61 6e 2d 67 72 6f 75 70
2d 65 78 63 68 61 6e 67 65 2d 73 68 61 32 35 36 2c 64 69 66 66 69 65 2d 68 65 6c 6c 6d 61
6e 2d 67 72 6f 75 70 2d 65 78 63 68 61 6e 67 65 2d 73 68 61 31 2c 65 63 64 68 2d 73 68 61
32 2d 6e 69 73 74 70 32 35 36 2c 65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74 70 33 38 34 2c
65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74 70 35 32 31 2c 64 69 66 66 69 65 2d 68 65 6c 6c
6d 61 6e 2d 67 72 6f 75 70 31 2d 73 68 61 31 00 00 00 4b 65 63 64 73 61 2d 73 68 61 32 2d
6e 69 73 74 70 32 35 36 2c 65 63 64 73 61 2d 73 68 61 32 2d 6e 69 73 74 70 33 38 34 2c 65
63 64 73 61 2d 73 68 61 32 2d 6e 69 73 74 70 35 32 31 2c 73 73 68 2d 64 73 73 2c 73 73 68
2d 72 73 61 00 00 00 36 61 65 73 31 32 38 2d 63 74 72 2c 61 72 63 66 6f 75 72 31 32 38 2c
61 65 73 31 32 38 2d 63 62 63 2c 33 64 65 73 2d 63 62 63 2c 62 6c 6f 77 66 69 73 68 2d 63
62 63 00 00 00 36 61 65 73 31 32 38 2d 63 74 72 2c 61 72 63 66 6f 75 72 31 32 38 2c 61 65
73 31 32 38 2d 63 62 63 2c 33 64 65 73 2d 63 62 63 2c 62 6c 6f 77 66 69 73 68 2d 63 62 63
00 00 00 47 68 6d 61 63 2d 73 68 61 32 2d 32 35 36 2c 68 6d 61 63 2d 73 68 61 32 2d 35 31
32 2c 68 6d 61 63 2d 73 68 61 31 2c 68 6d 61 63 2d 6d 64 35 2c 68 6d 61 63 2d 73 68 61 31
2d 39 36 2c 68 6d 61 63 2d 6d 64 35 2d 39 36 00 00 00 47 68 6d 61 63 2d 73 68 61 32 2d 32
35 36 2c 68 6d 61 63 2d 73 68 61 32 2d 35 31 32 2c 68 6d 61 63 2d 73 68 61 31 2c 68 6d 61
63 2d 6d 64 35 2c 68 6d 61 63 2d 73 68 61 31 2d 39 36 2c 68 6d 61 63 2d 6d 64 35 2d 39 36
00 00 00 04 6e 6f 6e 65 00 00 00 04 6e 6f 6e 65 00 00 00 00 00 00 00 00 00 00 00 00 00
> 2017-04-03 12:57:52,933 | DEBUG | 3)-192.168.0.220 | ClientUserAuthServiceOld       
 | 33 - org.apache.sshd.core - 0.14.0 | Trying authentication with org.apache.sshd.client.auth.deprecated.UserAuthPassword@30ed5323
> 2017-04-03 12:57:52,933 | DEBUG | 3)-192.168.0.220 | ClientUserAuthServiceOld       
 | 33 - org.apache.sshd.core - 0.14.0 | waiting to send authentication
> 2017-04-03 12:57:52,933 | INFO  | d]-nio2-thread-1 | ClientSessionImpl              
 | 33 - org.apache.sshd.core - 0.14.0 | Server version string: SSH-2.0-SSHD-CORE-0.14.0
> 2017-04-03 12:57:52,947 | TRACE | d]-nio2-thread-2 | ClientSessionImpl              
 | 33 - org.apache.sshd.core - 0.14.0 | Received packet #1: 14 7b 0e 99 05 b0 83 3c be 6a
22 3b 2b a1 c3 0b cb 00 00 00 9b 64 69 66 66 69 65 2d 68 65 6c 6c 6d 61 6e 2d 67 72 6f 75
70 2d 65 78 63 68 61 6e 67 65 2d 73 68 61 32 35 36 2c 64 69 66 66 69 65 2d 68 65 6c 6c 6d
61 6e 2d 67 72 6f 75 70 2d 65 78 63 68 61 6e 67 65 2d 73 68 61 31 2c 65 63 64 68 2d 73 68
61 32 2d 6e 69 73 74 70 32 35 36 2c 65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74 70 33 38 34
2c 65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74 70 35 32 31 2c 64 69 66 66 69 65 2d 68 65 6c
6c 6d 61 6e 2d 67 72 6f 75 70 31 2d 73 68 61 31 00 00 00 07 73 73 68 2d 64 73 73 00 00 00
0a 61 65 73 31 32 38 2d 63 74 72 00 00 00 0a 61 65 73 31 32 38 2d 63 74 72 00 00 00 09 68
6d 61 63 2d 73 68 61 31 00 00 00 09 68 6d 61 63 2d 73 68 61 31 00 00 00 04 6e 6f 6e 65 00
00 00 04 6e 6f 6e 65 00 00 00 00 00 00 00 00 00 00 00 00 00
> 2017-04-03 12:57:52,947 | DEBUG | d]-nio2-thread-2 | ClientSessionImpl              
 | 33 - org.apache.sshd.core - 0.14.0 | Received SSH_MSG_KEXINIT
> 2017-04-03 12:57:52,947 | TRACE | d]-nio2-thread-2 | ClientSessionImpl              
 | 33 - org.apache.sshd.core - 0.14.0 | Kex: negotiate(kex algorithms) guess=diffie-hellman-group-exchange-sha256
(client: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group1-sha1
/ server: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group1-sha1
> 2017-04-03 12:57:52,947 | TRACE | d]-nio2-thread-2 | ClientSessionImpl              
 | 33 - org.apache.sshd.core - 0.14.0 | Kex: negotiate(server host key algorithms) guess=ssh-dss
(client: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-dss,ssh-rsa / server:
ssh-dss
> 2017-04-03 12:57:52,947 | TRACE | d]-nio2-thread-2 | ClientSessionImpl              
 | 33 - org.apache.sshd.core - 0.14.0 | Kex: negotiate(encryption algorithms (client to server))
guess=aes128-ctr (client: aes128-ctr,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc / server:
aes128-ctr
> 2017-04-03 12:57:52,947 | TRACE | d]-nio2-thread-2 | ClientSessionImpl              
 | 33 - org.apache.sshd.core - 0.14.0 | Kex: negotiate(encryption algorithms (server to client))
guess=aes128-ctr (client: aes128-ctr,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc / server:
aes128-ctr
> 2017-04-03 12:57:52,947 | TRACE | d]-nio2-thread-2 | ClientSessionImpl              
 | 33 - org.apache.sshd.core - 0.14.0 | Kex: negotiate(mac algorithms (client to server))
guess=hmac-sha1 (client: hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96
/ server: hmac-sha1
> 2017-04-03 12:57:52,947 | TRACE | d]-nio2-thread-2 | ClientSessionImpl              
 | 33 - org.apache.sshd.core - 0.14.0 | Kex: negotiate(mac algorithms (server to client))
guess=hmac-sha1 (client: hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96
/ server: hmac-sha1
> 2017-04-03 12:57:52,947 | TRACE | d]-nio2-thread-2 | ClientSessionImpl              
 | 33 - org.apache.sshd.core - 0.14.0 | Kex: negotiate(compression algorithms (client to server))
guess=none (client: none / server: none
> 2017-04-03 12:57:52,947 | TRACE | d]-nio2-thread-2 | ClientSessionImpl              
 | 33 - org.apache.sshd.core - 0.14.0 | Kex: negotiate(compression algorithms (server to client))
guess=none (client: none / server: none
> 2017-04-03 12:57:52,947 | TRACE | d]-nio2-thread-2 | ClientSessionImpl              
 | 33 - org.apache.sshd.core - 0.14.0 | Kex: negotiate(languages (client to server)) guess=
(client:  / server: 
> 2017-04-03 12:57:52,948 | TRACE | d]-nio2-thread-2 | ClientSessionImpl              
 | 33 - org.apache.sshd.core - 0.14.0 | Kex: negotiate(languages (server to client)) guess=
(client:  / server: 
> 2017-04-03 12:57:52,948 | DEBUG | d]-nio2-thread-2 | ClientSessionImpl              
 | 33 - org.apache.sshd.core - 0.14.0 | Kex: server->client aes128-ctr hmac-sha1 none
> 2017-04-03 12:57:52,948 | DEBUG | d]-nio2-thread-2 | ClientSessionImpl              
 | 33 - org.apache.sshd.core - 0.14.0 | Kex: client->server aes128-ctr hmac-sha1 none
> 2017-04-03 12:57:52,948 | DEBUG | d]-nio2-thread-2 | DHGEX256                       
 | 33 - org.apache.sshd.core - 0.14.0 | Send SSH_MSG_KEX_DH_GEX_REQUEST
> 2017-04-03 12:57:52,948 | TRACE | d]-nio2-thread-2 | ClientSessionImpl              
 | 33 - org.apache.sshd.core - 0.14.0 | Sending packet #1: 22 00 00 04 00 00 00 10 00 00 00
20 00
> 2017-04-03 12:57:52,978 | TRACE | d]-nio2-thread-3 | ClientSessionImpl              
 | 33 - org.apache.sshd.core - 0.14.0 | Received packet #2: 1f 00 00 00 81 00 f7 29 60 31
d2 9f d5 76 a7 8c 44 b0 d5 33 a3 7a dc 00 46 c3 ee 1d 4a 47 33 2c be c5 94 d8 7a 9a 36 39
a7 92 5a 5b 88 bd 11 7a 03 7b 8b db 55 58 d4 cc 15 bc 02 8f ae 24 88 97 e5 24 00 c6 22 61
34 d0 96 f7 81 fd fc a5 05 5f f3 01 59 01 d6 ac e7 e1 4a 96 10 9d 62 27 61 5f 3f d9 99 01
39 e3 cb 94 53 fb 35 df 99 5e df dd 84 1e 0d 38 f3 e8 1e ca c1 57 e8 a8 04 b1 05 cc 47 4e
dc 87 85 43 00 00 00 01 02
> 2017-04-03 12:57:52,978 | DEBUG | d]-nio2-thread-3 | DHGEX256                       
 | 33 - org.apache.sshd.core - 0.14.0 | Received SSH_MSG_KEX_DH_GEX_GROUP
> 2017-04-03 12:57:52,981 | DEBUG | d]-nio2-thread-3 | DHGEX256                       
 | 33 - org.apache.sshd.core - 0.14.0 | Send SSH_MSG_KEX_DH_GEX_INIT
> 2017-04-03 12:57:52,981 | TRACE | d]-nio2-thread-3 | ClientSessionImpl              
 | 33 - org.apache.sshd.core - 0.14.0 | Sending packet #2: 20 00 00 00 81 00 83 b2 01 57 0f
c5 1b f2 bd 5a 48 9b 24 ce e3 5f 66 c5 5c 23 cf 39 62 c6 6e 1b 8a 3e 4b d4 d8 ef 70 c5 07
02 3f 98 5b fa cf 16 56 7f 32 aa bc 08 fd fe 53 1c 7e 8f 9e f1 b9 5b 16 56 7d 49 89 86 56
05 0b c0 89 07 1a 40 fa b4 95 c6 fe ed f0 89 15 ae 38 21 21 3a 12 dc 30 58 ff b1 23 72 1b
32 22 55 c4 04 d8 6b 5d 43 63 95 68 1b c5 ee 28 3b a1 4c 81 a9 83 4f c8 5f ce 77 70 a7 a6
c9 5d 03
> 2017-04-03 12:57:52,986 | TRACE | d]-nio2-thread-4 | ClientSessionImpl              
 | 33 - org.apache.sshd.core - 0.14.0 | Received packet #3: 21 00 00 01 b2 00 00 00 07 73
73 68 2d 64 73 73 00 00 00 81 00 fd 7f 53 81 1d 75 12 29 52 df 4a 9c 2e ec e4 e7 f6 11 b7
52 3c ef 44 00 c3 1e 3f 80 b6 51 26 69 45 5d 40 22 51 fb 59 3d 8d 58 fa bf c5 f5 ba 30 f6
cb 9b 55 6c d7 81 3b 80 1d 34 6f f2 66 60 b7 6b 99 50 a5 a4 9f 9f e8 04 7b 10 22 c2 4f bb
a9 d7 fe b7 c6 1b f8 3b 57 e7 c6 a8 a6 15 0f 04 fb 83 f6 d3 c5 1e c3 02 35 54 13 5a 16 91
32 f6 75 f3 ae 2b 61 d7 2a ef f2 22 03 19 9d d1 48 01 c7 00 00 00 15 00 97 60 50 8f 15 23
0b cc b2 92 b9 82 a2 eb 84 0b f0 58 1c f5 00 00 00 81 00 f7 e1 a0 85 d6 9b 3d de cb bc ab
5c 36 b8 57 b9 79 94 af bb fa 3a ea 82 f9 57 4c 0b 3d 07 82 67 51 59 57 8e ba d4 59 4f e6
71 07 10 81 80 b4 49 16 71 23 e8 4c 28 16 13 b7 cf 09 32 8c c8 a6 e1 3c 16 7a 8b 54 7c 8d
28 e0 a3 ae 1e 2b b3 a6 75 91 6e a3 7f 0b fa 21 35 62 f1 fb 62 7a 01 24 3b cc a4 f1 be a8
51 90 89 a8 83 df e1 5a e5 9f 06 92 8b 66 5e 80 7b 55 25 64 01 4c 3b fe cf 49 2a 00 00 00
80 49 e0 84 51 a8 5f 4b 24 d4 74 a6 81 5f f7 c6 14 44 e1 ef ff fd ed ad 8a e4 74 a0 9f 0d
dd 0a 42 b6 ee c7 74 3b ea ba db 02 8b 27 3c 96 74 9b 65 9b c4 25 b9 4e 58 4f d9 0d 3a b5
72 69 4f 06 31 b5 9f 20 f4 db f7 f7 4a 24 c3 05 51 d4 41 27 fd 55 db 7e 01 78 66 8d 82 ca
1a a3 4e bd d7 de 45 62 af 43 85 6b dd ec 41 41 74 c0 81 af 33 b4 6a 5b 24 50 0e 89 09 65
6d 43 36 cb 9c 89 83 3b b6 00 00 00 80 3b 41 1b 65 7c ad b9 64 2b 5c 75 76 0f c1 03 0c f4
d2 a7 da 73 21 bb 2e d4 a9 29 64 cd 32 78 f8 3f b5 32 22 c1 21 60 3d 33 75 d3 63 b3 15 11
f3 79 84 26 f7 02 56 0d 22 ae ac 89 66 c6 0d 99 1f 12 dc 74 bd 17 e9 26 e8 4b 92 1a ee eb
0c b6 9d 8c 9d d6 70 05 5c 11 3e 02 ac 26 1e 2a 0a 04 69 10 7c a0 4a 03 43 42 b7 b1 c7 01
6c a4 4f e8 7a b3 bd 47 e5 bc 26 06 87 60 e0 d0 0a e9 b6 35 73 00 00 00 37 00 00 00 07 73
73 68 2d 64 73 73 00 00 00 28 5f e9 49 68 89 5e fb 90 c0 11 d3 90 c5 12 94 09 a5 6c 32 10
00 75 21 e7 f2 e1 e3 99 03 b4 17 d6 89 12 6b b9 b4 e7 4f 2f
> 2017-04-03 12:57:52,987 | DEBUG | d]-nio2-thread-4 | DHGEX256                       
 | 33 - org.apache.sshd.core - 0.14.0 | Received SSH_MSG_KEX_DH_GEX_REPLY
> 2017-04-03 12:57:52,990 | WARN  | d]-nio2-thread-4 | ClientSessionImpl              
 | 33 - org.apache.sshd.core - 0.14.0 | Exception caught
> java.security.SignatureException: Invalid encoding for signature
> 	at sun.security.provider.DSA.engineVerify(DSA.java:283)[:1.8.0_121]
> 	at sun.security.provider.DSA.engineVerify(DSA.java:244)[:1.8.0_121]
> 	at java.security.Signature$Delegate.engineVerify(Signature.java:1219)[:1.8.0_121]
> 	at java.security.Signature.verify(Signature.java:652)[:1.8.0_121]
> 	at org.apache.sshd.common.signature.AbstractSignatureDSA.verify(AbstractSignatureDSA.java:88)[33:org.apache.sshd.core:0.14.0]
> 	at org.apache.sshd.client.kex.DHGEX.next(DHGEX.java:163)[33:org.apache.sshd.core:0.14.0]
> 	at org.apache.sshd.common.session.AbstractSession.doHandleMessage(AbstractSession.java:425)[33:org.apache.sshd.core:0.14.0]
> 	at org.apache.sshd.common.session.AbstractSession.handleMessage(AbstractSession.java:326)[33:org.apache.sshd.core:0.14.0]
> 	at org.apache.sshd.client.session.ClientSessionImpl.handleMessage(ClientSessionImpl.java:306)[33:org.apache.sshd.core:0.14.0]
> 	at org.apache.sshd.common.session.AbstractSession.decode(AbstractSession.java:780)[33:org.apache.sshd.core:0.14.0]
> 	at org.apache.sshd.common.session.AbstractSession.messageReceived(AbstractSession.java:308)[33:org.apache.sshd.core:0.14.0]
> 	at org.apache.sshd.common.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:54)[33:org.apache.sshd.core:0.14.0]
> 	at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:184)[33:org.apache.sshd.core:0.14.0]
> 	at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:170)[33:org.apache.sshd.core:0.14.0]
> 	at org.apache.sshd.common.io.nio2.Nio2CompletionHandler$1.run(Nio2CompletionHandler.java:32)
> 	at java.security.AccessController.doPrivileged(Native Method)[:1.8.0_121]
> 	at org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:30)[33:org.apache.sshd.core:0.14.0]
> 	at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126)[:1.8.0_121]
> 	at sun.nio.ch.Invoker$2.run(Invoker.java:218)[:1.8.0_121]
> 	at sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112)[:1.8.0_121]
> 	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)[:1.8.0_121]
> 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)[:1.8.0_121]
> 	at java.lang.Thread.run(Thread.java:745)[:1.8.0_121]
> Caused by: java.io.IOException: Invalid encoding: redundant leading 0s
> 	at sun.security.util.DerInputBuffer.getBigInteger(DerInputBuffer.java:152)[:1.8.0_121]
> 	at sun.security.util.DerValue.getBigInteger(DerValue.java:512)[:1.8.0_121]
> 	at sun.security.provider.DSA.engineVerify(DSA.java:281)[:1.8.0_121]
> 	... 22 more
> 2017-04-03 12:57:52,992 | DEBUG | d]-nio2-thread-4 | ClientSessionImpl              
 | 33 - org.apache.sshd.core - 0.14.0 | Closing ClientSessionImpl[view23480697227273_1@localhost/127.0.0.1:8101]
immediately
> 2017-04-03 12:57:52,992 | DEBUG | d]-nio2-thread-4 | ClientUserAuthService          
 | 33 - org.apache.sshd.core - 0.14.0 | Closing org.apache.sshd.client.session.ClientUserAuthService@76d1fdf
immediately
> 2017-04-03 12:57:52,992 | DEBUG | d]-nio2-thread-4 | ClientUserAuthServiceOld       
 | 33 - org.apache.sshd.core - 0.14.0 | Closing org.apache.sshd.client.session.ClientUserAuthServiceOld@70195e66
immediately
> {noformat}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message