[
https://issues.apache.org/jira/browse/SSHD-710?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16031437#comment-16031437
]
Markus Woschank edited comment on SSHD-710 at 5/31/17 4:17 PM:
---------------------------------------------------------------
Now we are getting somewhere!
Yes, the test fails, but the reason for this is: The test (and therefor
EdDSASecurityProvider.recoverEDDSAPublicKey) never derive (calculate) the
public key but instead use the supposed "sk" data and return it as public key.
But the parser wrongfully took the pk as sk! So yes, the reason why the test
worked in the first place is because it testet pk==pk.
was (Author: mwoschank):
Now we are getting somewhere!
Yes, the test fails, but the reason for this is: The test (and therefor
EdDSASecurityProvider.recoverEDDSAPublicKey) never derive (calculate) the
public key but instead use the opposed "sk" data and return it as public key.
But the parser wrongfully took the pk as sk! So yes, the reason why test worked
in the first place is because it testet pk==pk.
> Cannot connect standard OpenSSH client/server using ed25519 keys
> ----------------------------------------------------------------
>
> Key: SSHD-710
> URL: https://issues.apache.org/jira/browse/SSHD-710
> Project: MINA SSHD
> Issue Type: New Feature
> Affects Versions: 1.4.0
> Reporter: Goldstein Lyor
> Assignee: Goldstein Lyor
> Labels: security
>
> It seems that if the SSHD client is using an _ed25519_ identity or the SSHD
> server presents an _ed25519_ key, then the generated signature is wrong
> either when (client) public key authentication is executed or (server) KEX.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
