[jira] [Commented] (SSHD-997) Replace EdDSA-Java library with new ed25519-elisabeth implementation
[ https://issues.apache.org/jira/browse/SSHD-997?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17112474#comment-17112474 ] Lyor Goldstein commented on SSHD-997: - Thanks for the diagnosis and pull request - I have reviewed it and have no comments. I will put it through the build process and then merge it in if there are no problems. > Replace EdDSA-Java library with new ed25519-elisabeth implementation > > > Key: SSHD-997 > URL: https://issues.apache.org/jira/browse/SSHD-997 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 2.4.0 >Reporter: David Ostrovsky >Priority: Minor > Time Spent: 10m > Remaining Estimate: 0h > > Recent addition to the SSHD library revealed issues with seed attribute in > EdDSA-Java library: > {code:java} > +private boolean compare(KeyPair a, KeyPair b) { > +if ("EDDSA".equals(data.algorithm)) { > +// Bug in net.i2p.crypto.eddsa and in sshd? Both also compare the > +// seed of the private key, but for a generated key, this is some > +// random value, while it is all zeroes for a key read from a > file. > +return KeyUtils.compareKeys(a.getPublic(), b.getPublic()) > +&& Objects.equals(((EdDSAKey) > a.getPrivate()).getParams(), > +((EdDSAKey) b.getPrivate()).getParams()); > +} > {code} > The corresponding issue: [1] upstream pointing to the new library: > [1] https://github.com/str4d/ed25519-java/issues/30#issuecomment-573389252 > [2] https://github.com/cryptography-cafe/ed25519-elisabeth -- This message was sent by Atlassian Jira (v8.3.4#803005) - To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org
[jira] [Commented] (SSHD-997) Replace EdDSA-Java library with new ed25519-elisabeth implementation
[ https://issues.apache.org/jira/browse/SSHD-997?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17112427#comment-17112427 ] Thomas Wolf commented on SSHD-997: -- Pull request: https://github.com/apache/mina-sshd/pull/135 > Replace EdDSA-Java library with new ed25519-elisabeth implementation > > > Key: SSHD-997 > URL: https://issues.apache.org/jira/browse/SSHD-997 > Project: MINA SSHD > Issue Type: New Feature >Affects Versions: 2.4.0 >Reporter: David Ostrovsky >Priority: Minor > Time Spent: 10m > Remaining Estimate: 0h > > Recent addition to the SSHD library revealed issues with seed attribute in > EdDSA-Java library: > {code:java} > +private boolean compare(KeyPair a, KeyPair b) { > +if ("EDDSA".equals(data.algorithm)) { > +// Bug in net.i2p.crypto.eddsa and in sshd? Both also compare the > +// seed of the private key, but for a generated key, this is some > +// random value, while it is all zeroes for a key read from a > file. > +return KeyUtils.compareKeys(a.getPublic(), b.getPublic()) > +&& Objects.equals(((EdDSAKey) > a.getPrivate()).getParams(), > +((EdDSAKey) b.getPrivate()).getParams()); > +} > {code} > The corresponding issue: [1] upstream pointing to the new library: > [1] https://github.com/str4d/ed25519-java/issues/30#issuecomment-573389252 > [2] https://github.com/cryptography-cafe/ed25519-elisabeth -- This message was sent by Atlassian Jira (v8.3.4#803005) - To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org
[jira] [Commented] (SSHD-997) Replace EdDSA-Java library with new ed25519-elisabeth implementation
[ https://issues.apache.org/jira/browse/SSHD-997?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17112365#comment-17112365 ] Thomas Wolf commented on SSHD-997: -- I think I know why it is all zeroes for a key read from a file. Check {{OpenSSHEd25519PrivateKeyEntryDecoder}}, lines 103ff: {code:java} byte[] sk = Arrays.copyOf(keypair, SK_SIZE); EdDSAPrivateKey privateKey; try { // create the private key EdDSAParameterSpec params = EdDSANamedCurveTable.getByName(EdDSASecurityProviderUtils.CURVE_ED25519_SHA512); privateKey = generatePrivateKey(new EdDSAPrivateKeySpec(sk, params)); } finally { // get rid of sensitive data a.s.a.p Arrays.fill(sk, (byte) 0); } {code} sshd clears the SK read from the file. But that SK is the same object as {{privateKey.seed}}; it is _not_ copied during generatePrivateKey. The key still works with sshd (I use ed25519 keys with sshd in JGit daily), but this breaks round-tripping: reading a key from a file and writing it again will produce a different file. (And of course it also breaks {{KeyUtils.compareKeys()}}.) The fix in sshd is to remove the {{try-finally}} and the {{Arrays.fill(sk, (byte) 0);}}. A fix in i2p would be to make sure that the private key generated from a spec does not reference any arrays passed in externally, but to copy the data such that the key is the sole owner. So this is actually not a "minor feature" but actually a "bug". > Replace EdDSA-Java library with new ed25519-elisabeth implementation > > > Key: SSHD-997 > URL: https://issues.apache.org/jira/browse/SSHD-997 > Project: MINA SSHD > Issue Type: New Feature >Affects Versions: 2.4.0 >Reporter: David Ostrovsky >Priority: Minor > > Recent addition to the SSHD library revealed issues with seed attribute in > EdDSA-Java library: > {code:java} > +private boolean compare(KeyPair a, KeyPair b) { > +if ("EDDSA".equals(data.algorithm)) { > +// Bug in net.i2p.crypto.eddsa and in sshd? Both also compare the > +// seed of the private key, but for a generated key, this is some > +// random value, while it is all zeroes for a key read from a > file. > +return KeyUtils.compareKeys(a.getPublic(), b.getPublic()) > +&& Objects.equals(((EdDSAKey) > a.getPrivate()).getParams(), > +((EdDSAKey) b.getPrivate()).getParams()); > +} > {code} > The corresponding issue: [1] upstream pointing to the new library: > [1] https://github.com/str4d/ed25519-java/issues/30#issuecomment-573389252 > [2] https://github.com/cryptography-cafe/ed25519-elisabeth -- This message was sent by Atlassian Jira (v8.3.4#803005) - To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org
[jira] [Commented] (SSHD-997) Replace EdDSA-Java library with new ed25519-elisabeth implementation
[ https://issues.apache.org/jira/browse/SSHD-997?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17109541#comment-17109541 ] Lyor Goldstein commented on SSHD-997: - Perhaps a more appropriate approach would be to examine and fix {quote} Both also compare the seed of the private key, but for a generated key, this is some random value, while it is all zeroes for a key read from a file. {quote} > Replace EdDSA-Java library with new ed25519-elisabeth implementation > > > Key: SSHD-997 > URL: https://issues.apache.org/jira/browse/SSHD-997 > Project: MINA SSHD > Issue Type: New Feature >Affects Versions: 2.4.0 >Reporter: David Ostrovsky >Priority: Minor > > Recent addition to the SSHD library revealed issues with seed attribute in > EdDSA-Java library: > {code:java} > +private boolean compare(KeyPair a, KeyPair b) { > +if ("EDDSA".equals(data.algorithm)) { > +// Bug in net.i2p.crypto.eddsa and in sshd? Both also compare the > +// seed of the private key, but for a generated key, this is some > +// random value, while it is all zeroes for a key read from a > file. > +return KeyUtils.compareKeys(a.getPublic(), b.getPublic()) > +&& Objects.equals(((EdDSAKey) > a.getPrivate()).getParams(), > +((EdDSAKey) b.getPrivate()).getParams()); > +} > {code} > The corresponding issue: [1] upstream pointing to the new library: > [1] https://github.com/str4d/ed25519-java/issues/30#issuecomment-573389252 > [2] https://github.com/cryptography-cafe/ed25519-elisabeth -- This message was sent by Atlassian Jira (v8.3.4#803005) - To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org
[jira] [Commented] (SSHD-997) Replace EdDSA-Java library with new ed25519-elisabeth implementation
[ https://issues.apache.org/jira/browse/SSHD-997?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17109540#comment-17109540 ] Lyor Goldstein commented on SSHD-997: - I have looked over the code and it does not seem to be proper replacement - it lacks the necessary classes required to allows us to use it as a {{SecurityProvider}}. Furthermore it's keys do not properly implement {{java.security.Private/PublicKey}} and/or {{java.security.Signature}}. Until it does, I don't think we can afford to write our own provider wrapper for it > Replace EdDSA-Java library with new ed25519-elisabeth implementation > > > Key: SSHD-997 > URL: https://issues.apache.org/jira/browse/SSHD-997 > Project: MINA SSHD > Issue Type: New Feature >Affects Versions: 2.4.0 >Reporter: David Ostrovsky >Priority: Major > > Recent addition to the SSHD library revealed issues with seed attribute in > EdDSA-Java library: > {code:java} > +private boolean compare(KeyPair a, KeyPair b) { > +if ("EDDSA".equals(data.algorithm)) { > +// Bug in net.i2p.crypto.eddsa and in sshd? Both also compare the > +// seed of the private key, but for a generated key, this is some > +// random value, while it is all zeroes for a key read from a > file. > +return KeyUtils.compareKeys(a.getPublic(), b.getPublic()) > +&& Objects.equals(((EdDSAKey) > a.getPrivate()).getParams(), > +((EdDSAKey) b.getPrivate()).getParams()); > +} > {code} > The corresponding issue: [1] upstream pointing to the new library: > [1] https://github.com/str4d/ed25519-java/issues/30#issuecomment-573389252 > [2] https://github.com/cryptography-cafe/ed25519-elisabeth -- This message was sent by Atlassian Jira (v8.3.4#803005) - To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org