[jira] [Commented] (SSHD-869) java.security.SignatureException: error decoding signature bytes.
[ https://issues.apache.org/jira/browse/SSHD-869?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16705241#comment-16705241 ] Aruna Potti commented on SSHD-869: -- [~lgoldstein] :(Our product really does not use MINA directly, we use Open Daylight and it has dependency on MINA. Some how Open Daylight latest version also not using 2.1.0 or any other MINA latest versions. I am not sure why they are not upgrading their MINA version. So we are stuck with your 0.14.0 version. We really need a work around like if there is way to fix the sshkeys with leading zeros? or any other standard way of generating ssh keys that would not use leading zeros to fill the bytes. > java.security.SignatureException: error decoding signature bytes. > - > > Key: SSHD-869 > URL: https://issues.apache.org/jira/browse/SSHD-869 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 0.14.0 >Reporter: Aruna Potti >Priority: Major > > Below exception is seen with some ssh keys. I need a fix/workaround in 0.14.0 > version as I can not upgrade the version in my product. > > Exception caught > java.security.SignatureException: error decoding signature bytes. > at > org.bouncycastle.jcajce.provider.asymmetric.dsa.DSASigner.engineVerify(Unknown > Source)[bcprov-jdk15on-1.59.jar:1.59.0] > at > java.security.Signature$Delegate.engineVerify(Signature.java:1219)[:1.8.0_66] > at java.security.Signature.verify(Signature.java:652)[:1.8.0_66] > at > org.apache.sshd.common.signature.AbstractSignatureDSA.verify(AbstractSignatureDSA.java:88)[53:org.apache.sshd.core:0.14.0] > at > org.apache.sshd.client.kex.DHGEX.next(DHGEX.java:163)[53:org.apache.sshd.core:0.14.0] > at > org.apache.sshd.common.session.AbstractSession.doHandleMessage(AbstractSession.java:425)[53:org.apache.sshd.core:0.14.0] > at > org.apache.sshd.common.session.AbstractSession.handleMessage(AbstractSession.java:326)[53:org.apache.sshd.core:0.14.0] > at > org.apache.sshd.client.session.ClientSessionImpl.handleMessage(ClientSessionImpl.java:306)[53:org.apache.sshd.core:0.14.0] > at > org.apache.sshd.common.session.AbstractSession.decode(AbstractSession.java:780)[53:org.apache.sshd.core:0.14.0] > at > org.apache.sshd.common.session.AbstractSession.messageReceived(AbstractSession.java:308)[53:org.apache.sshd.core:0.14.0] > at > org.apache.sshd.common.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:54)[53:org.apache.sshd.core:0.14.0] > at > org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:184)[53:org.apache.sshd.core:0.14.0] > at > org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:170)[53:org.apache.sshd.core:0.14.0] > at > org.apache.sshd.common.io.nio2.Nio2CompletionHandler$1.run(Nio2CompletionHandler.java:32) > at java.security.AccessController.doPrivileged(Native > Method)[:1.8.0_66] > at > org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:30)[53:org.apache.sshd.core:0.14.0] > at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126)[:1.8.0_66] > at sun.nio.ch.Invoker$2.run(Invoker.java:218)[:1.8.0_66] > at > sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112)[:1.8.0_66] > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)[:1.8.0_66] > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)[:1.8.0_66] > at java.lang.Thread.run(Thread.java:745)[:1.8.0_66] -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SSHD-873) BuiltinCiphers.aes256cbc.getBlockSize() returns wrong value
[ https://issues.apache.org/jira/browse/SSHD-873?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16704908#comment-16704908 ] Thomas Wolf commented on SSHD-873: -- Do we need a getKeyBytesCount()? There's already getKeySize() that returns the size in bits. > BuiltinCiphers.aes256cbc.getBlockSize() returns wrong value > --- > > Key: SSHD-873 > URL: https://issues.apache.org/jira/browse/SSHD-873 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 2.0.0 >Reporter: Thomas Wolf >Assignee: Goldstein Lyor >Priority: Minor > > As far as I know AES always has a block size of 16. BuiltinCiphers returns 32 > for aes256, and 24 for aes192. That's not the block size, it's the key size > in bytes. > Maybe I misunderstand something? -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (SSHD-873) BuiltinCiphers.aes256cbc.getBlockSize() returns wrong value
[ https://issues.apache.org/jira/browse/SSHD-873?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Goldstein Lyor reassigned SSHD-873: --- Assignee: Goldstein Lyor > BuiltinCiphers.aes256cbc.getBlockSize() returns wrong value > --- > > Key: SSHD-873 > URL: https://issues.apache.org/jira/browse/SSHD-873 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 2.0.0 >Reporter: Thomas Wolf >Assignee: Goldstein Lyor >Priority: Minor > > As far as I know AES always has a block size of 16. BuiltinCiphers returns 32 > for aes256, and 24 for aes192. That's not the block size, it's the key size > in bytes. > Maybe I misunderstand something? -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Work started] (SSHD-873) BuiltinCiphers.aes256cbc.getBlockSize() returns wrong value
[ https://issues.apache.org/jira/browse/SSHD-873?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Work on SSHD-873 started by Goldstein Lyor. --- > BuiltinCiphers.aes256cbc.getBlockSize() returns wrong value > --- > > Key: SSHD-873 > URL: https://issues.apache.org/jira/browse/SSHD-873 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 2.0.0 >Reporter: Thomas Wolf >Assignee: Goldstein Lyor >Priority: Minor > > As far as I know AES always has a block size of 16. BuiltinCiphers returns 32 > for aes256, and 24 for aes192. That's not the block size, it's the key size > in bytes. > Maybe I misunderstand something? -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SSHD-873) BuiltinCiphers.aes256cbc.getBlockSize() returns wrong value
[
https://issues.apache.org/jira/browse/SSHD-873?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16704818#comment-16704818
]
Goldstein Lyor commented on SSHD-873:
-
You are right - the name is mis-leading - it should be {{getKeyBytesCount()}}.
Will change it accordingly, and in order to avoid confusion will add
{{getCipherBlockSize()}} method. Thanks for bringing this to our attention.
> BuiltinCiphers.aes256cbc.getBlockSize() returns wrong value
> ---
>
> Key: SSHD-873
> URL: https://issues.apache.org/jira/browse/SSHD-873
> Project: MINA SSHD
> Issue Type: Bug
>Affects Versions: 2.0.0
>Reporter: Thomas Wolf
>Assignee: Goldstein Lyor
>Priority: Minor
>
> As far as I know AES always has a block size of 16. BuiltinCiphers returns 32
> for aes256, and 24 for aes192. That's not the block size, it's the key size
> in bytes.
> Maybe I misunderstand something?
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Created] (SSHD-873) BuiltinCiphers.aes256cbc.getBlockSize() returns wrong value
Thomas Wolf created SSHD-873: Summary: BuiltinCiphers.aes256cbc.getBlockSize() returns wrong value Key: SSHD-873 URL: https://issues.apache.org/jira/browse/SSHD-873 Project: MINA SSHD Issue Type: Bug Affects Versions: 2.0.0 Reporter: Thomas Wolf As far as I know AES always has a block size of 16. BuiltinCiphers returns 32 for aes256, and 24 for aes192. That's not the block size, it's the key size in bytes. Maybe I misunderstand something? -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SSHD-708) Add support for password encrypted ed25519 private key files
[ https://issues.apache.org/jira/browse/SSHD-708?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16704569#comment-16704569 ] Goldstein Lyor commented on SSHD-708: - Good news, it seems we can use either the artifact or just the specific class code (my favorite) since their license (as is currently shown on the website) is compatible with Apache policy. Please go ahead and publish a PR for it (I wish I could do it myself but am currently swamped). > Add support for password encrypted ed25519 private key files > > > Key: SSHD-708 > URL: https://issues.apache.org/jira/browse/SSHD-708 > Project: MINA SSHD > Issue Type: Improvement >Affects Versions: 1.4.0 >Reporter: Goldstein Lyor >Priority: Minor > > The current code supports only reading un-encrypted private key files -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SSHD-869) java.security.SignatureException: error decoding signature bytes.
[ https://issues.apache.org/jira/browse/SSHD-869?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16704491#comment-16704491 ] Goldstein Lyor commented on SSHD-869: - I am sure there is, but it was so ago that I don't remember where or how this was done :(. I strongly (re-)recommend you upgrade to 2.1.0 > java.security.SignatureException: error decoding signature bytes. > - > > Key: SSHD-869 > URL: https://issues.apache.org/jira/browse/SSHD-869 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 0.14.0 >Reporter: Aruna Potti >Priority: Major > > Below exception is seen with some ssh keys. I need a fix/workaround in 0.14.0 > version as I can not upgrade the version in my product. > > Exception caught > java.security.SignatureException: error decoding signature bytes. > at > org.bouncycastle.jcajce.provider.asymmetric.dsa.DSASigner.engineVerify(Unknown > Source)[bcprov-jdk15on-1.59.jar:1.59.0] > at > java.security.Signature$Delegate.engineVerify(Signature.java:1219)[:1.8.0_66] > at java.security.Signature.verify(Signature.java:652)[:1.8.0_66] > at > org.apache.sshd.common.signature.AbstractSignatureDSA.verify(AbstractSignatureDSA.java:88)[53:org.apache.sshd.core:0.14.0] > at > org.apache.sshd.client.kex.DHGEX.next(DHGEX.java:163)[53:org.apache.sshd.core:0.14.0] > at > org.apache.sshd.common.session.AbstractSession.doHandleMessage(AbstractSession.java:425)[53:org.apache.sshd.core:0.14.0] > at > org.apache.sshd.common.session.AbstractSession.handleMessage(AbstractSession.java:326)[53:org.apache.sshd.core:0.14.0] > at > org.apache.sshd.client.session.ClientSessionImpl.handleMessage(ClientSessionImpl.java:306)[53:org.apache.sshd.core:0.14.0] > at > org.apache.sshd.common.session.AbstractSession.decode(AbstractSession.java:780)[53:org.apache.sshd.core:0.14.0] > at > org.apache.sshd.common.session.AbstractSession.messageReceived(AbstractSession.java:308)[53:org.apache.sshd.core:0.14.0] > at > org.apache.sshd.common.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:54)[53:org.apache.sshd.core:0.14.0] > at > org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:184)[53:org.apache.sshd.core:0.14.0] > at > org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:170)[53:org.apache.sshd.core:0.14.0] > at > org.apache.sshd.common.io.nio2.Nio2CompletionHandler$1.run(Nio2CompletionHandler.java:32) > at java.security.AccessController.doPrivileged(Native > Method)[:1.8.0_66] > at > org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:30)[53:org.apache.sshd.core:0.14.0] > at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126)[:1.8.0_66] > at sun.nio.ch.Invoker$2.run(Invoker.java:218)[:1.8.0_66] > at > sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112)[:1.8.0_66] > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)[:1.8.0_66] > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)[:1.8.0_66] > at java.lang.Thread.run(Thread.java:745)[:1.8.0_66] -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Comment Edited] (SSHD-708) Add support for password encrypted ed25519 private key files
[ https://issues.apache.org/jira/browse/SSHD-708?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16704485#comment-16704485 ] Goldstein Lyor edited comment on SSHD-708 at 11/30/18 9:45 AM: --- I would like to propose separating this into 2 different issues # Having some proof-of-concept this is possible - if you could publish a PR using the artifact mentioned it would be great. Personally I prefer copying just the one class if that is all that is needed. Please remember to add a unit test using a file with a known password (we usually use "super secret passphrase"). # The legal stuff - I will pass along this request to people who are more knowledgeable than me in this and see what they say. My own +lay man+ opinion is that it should not prove a problem since it seems to be using a BSD license - however, as I have said, I would rather have the Apache legal team look at it. This way, even if we run into some legal issues, we have at least a possible solution that we can offer our users - show them how this can be achieved - provided their legal policy allows them. was (Author: lgoldstein): I would like to propose separating this into 2 different issues # Having some proof-of-concept this is possible - if you could publish a PR using the artifact mentioned it would be great. Please remember to add a unit test using a file with a known password (we usually use "super secret passphrase"). # The legal stuff - I will pass along this request to people who are more knowledgeable than me in this and see what they say. My own +lay man+ opinion is that it should not prove a problem since it seems to be using a BSD license - however, as I have said, I would rather have the Apache legal team look at it. This way, even if we run into some legal issues, we have at least a possible solution that we can offer our users - show them how this can be achieved - provided their legal policy allows them. > Add support for password encrypted ed25519 private key files > > > Key: SSHD-708 > URL: https://issues.apache.org/jira/browse/SSHD-708 > Project: MINA SSHD > Issue Type: Improvement >Affects Versions: 1.4.0 >Reporter: Goldstein Lyor >Priority: Minor > > The current code supports only reading un-encrypted private key files -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (SSHD-708) Add support for password encrypted ed25519 private key files
[ https://issues.apache.org/jira/browse/SSHD-708?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16704485#comment-16704485 ] Goldstein Lyor commented on SSHD-708: - I would like to propose separating this into 2 different issues # Having some proof-of-concept this is possible - if you could publish a PR using the artifact mentioned it would be great. Please remember to add a unit test using a file with a known password (we usually use "super secret passphrase"). # The legal stuff - I will pass along this request to people who are more knowledgeable than me in this and see what they say. My own +lay man+ opinion is that it should not prove a problem since it seems to be using a BSD license - however, as I have said, I would rather have the Apache legal team look at it. This way, even if we run into some legal issues, we have at least a possible solution that we can offer our users - show them how this can be achieved - provided their legal policy allows them. > Add support for password encrypted ed25519 private key files > > > Key: SSHD-708 > URL: https://issues.apache.org/jira/browse/SSHD-708 > Project: MINA SSHD > Issue Type: Improvement >Affects Versions: 1.4.0 >Reporter: Goldstein Lyor >Priority: Minor > > The current code supports only reading un-encrypted private key files -- This message was sent by Atlassian JIRA (v7.6.3#76005)
