Re: [JSch-users] SignatureDSA: incorrect conversion from mpint to ASN.1

Wed, 06 Sep 2017 01:16:28 -0700 

On 03-09-17 20:20, Jurrie Overgoor wrote:
We are using Apache VFS, which in turn uses JSCH to connect to SFTP. Recently, my team and I stumbled upon a bug in JSCH which presents itself when using Java 8 and SHA1withDSA. We are using JSCH 0.1.53, but I tried 0.1.54 and the bug is still present. Other users appear to be hitting this bug as well: https://sourceforge.net/p/jsch/bugs/111/ 


I traced the problem down to SignatureDSA.java, which does conversion 
from ASN.1 to mpint and from mpint to ASN.1. When verifying a hash, a 
conversion from mpint to ASN.1 is done, just before the hash is passed 
on to Java to actually do the verification. In the conversion from 
mpint to ASN.1 I believe things are not done correctly. Leading 0x00 
bytes are not stripped from the ASN.1 INTEGER as they should be. 
Please note that Java 6 allows leading 0s, but Java 7 and 8 do not. 
So, an IOException is thrown with message "Invalid encoding: redundant 
leading 0s".



So, when either r or s are integers that can be represented in less 
than 20 bytes, we see redundant leading 0s. Sadly, r and s are 
dependent on a random value k. So I whipped up a quick test that does 
signatureDSA.sign() and signatureDSA.verify() over and over again. I 
can reproduce the problem this way. I can not seem to trigger an error 
when using SignatureRSA (representing SHA1withRSA) or SignatureECDSA 
(representing SHA256withECDSA).



Now, as I'm by no means an expert on this matter, I'd like to ask this 
list if my observations are correct :)



I made changes to SignatureDSA and am currently testing. Things seem 
to work fine now. I can try to create a patch if it would be handy?


Hello everyone,


My alternative implementation of SignatureDSA.java is available as a 
Maven artifact. It's available at https://github.com/Jurrie/jsch-111-bugfix

Please let me know if it helped you, or if something is wrong.

With kind regards,

Jurrie

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
JSch-users mailing list
JSch-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jsch-users






















					Reply via email to