hierynomus/sshj

ECDSA key's fingerprint is sometimes incorrect

martonsereg opened this issue · 18 comments

Hi,

we are using sshj to connect through ssh from java code to newly created VMs in the cloud and we've noticed that sometimes the fingerprint of the ECDSA public key returned by sshj is different from the one we are expecting (generated with ssh-keygen on VM startup), so our code won't accept it and won't make the ssh connection.

After some debugging it seems that the key is read incorrectly in some cases, check the following example (I've added the keypair to this gist: https://gist.github.com/martonsereg/63b5108f7c484155becb):

It reads the same keypair with sshj and jsch and prints out the fingerprints and the differences in the public key byte arrays.

// load sshj keyfile
OpenSSHKeyFile keyFile = new OpenSSHKeyFile();
keyFile.init(new File("/tmp/test_ecdsa"));

// load jsch keypair
KeyPair jschKeyPair = KeyPair.load(new JSch(), "/tmp/test_ecdsa", "/tmp/test_ecdsa.pub");

// print fingerprints
System.out.println(SecurityUtils.getFingerprint(keyFile.getPublic()));
System.out.println(jschKeyPair.getFingerPrint());
// compare it with `ssh-keygen -lf /tmp/test_ecdsa.pub` - it equals the jsch fingerprint

// compare public key bytes
byte[] sshjbytes = new Buffer.PlainBuffer().putPublicKey(keyFile.getPublic()).getCompactData();
byte[] jschbytes = jschKeyPair.getPublicKeyBlob();

StringBuilder result = new StringBuilder();

for (int i = 0; i < jschbytes.length; i++) {
    if (i < sshjbytes.length && jschbytes[i] != sshjbytes[i]){
        result.append(i).append(" ")
        .append(jschbytes[i]).append(" ").append(sshjbytes[i])
                .append("\n");
    }
}

System.out.println(result.toString());

Note that this code produces the same results with jsch and sshj (and ssh-keygen) in most cases but for the attached keypair for example the result is different.

Marton

Hi Marton,

Thanks for reporting. Which version of sshj did you try this with? Could you try whether the current master fixes this?
If it is not fixed yet in master I will definitely have a look into this soon.

I can confirm we have seen this as well. Tested against the current master.

Ok, damn, I know there was a bug in Bouncy, but the current master resolved that... Will take a look, thx for reporting!

Using bcprov-jdk15on-1.51 here.

I've used 0.11.0 first, but tried it now with the latest master and I can confirm that the issue is still the same.

Started work on this in the ecdsa_fix branch.

@martonsereg @dkocher Current master should fix this :)

🚀 Will run our integration tests.

Thanks let me know!

Thanks, it is now working correctly on master. When should we expect the next release that will contain this change?

Soon :) No exact date yet. I prefer to also implement ed25519 keys in this release.

Could you update the version to the next snapshot version in the build file.

I can confirm the issue is resolved.

I wouldn't mind if you can cut another release without the ed25519.

ed25519 is almost done :) Shame to go without it ;)

2015-11-20 12:02 GMT+01:00 David Kocher notifications@github.com:

I wouldn't mind if you can cut another release without the ed25519.


Reply to this email directly or view it on GitHub
#225 (comment).

Already pushed to central?

Yes: http://repo1.maven.org/maven2/com/hierynomus/sshj/0.15.0/

2015-11-20 15:32 GMT+01:00 David Kocher notifications@github.com:

Already pushed to central?


Reply to this email directly or view it on GitHub
#225 (comment).