[jira] [Created] (SSHD-1231) Public key authentication: wrong signature algorithm used (ed25519 key with ssh-rsa signature)

Wed, 01 Dec 2021 15:09:07 -0800 

Thomas Wolf created SSHD-1231:
---------------------------------

             Summary: Public key authentication: wrong signature algorithm used 
(ed25519 key with ssh-rsa signature)
                 Key: SSHD-1231
                 URL: https://issues.apache.org/jira/browse/SSHD-1231
             Project: MINA SSHD
          Issue Type: Bug
    Affects Versions: 2.7.0
            Reporter: Thomas Wolf


See [Eclipse bug 577545|https://bugs.eclipse.org/bugs/show_bug.cgi?id=577545]. 
The following scenario

# Client tries authenticating with a wrong RSA key with signature rsa-sha2-512
# Server rejects the authentication attempt
# Client tries the next key (an ed25519 key), but unfortunately with the wrong 
signature algorithm (ss-rsa)

authentication fails with

{noformat}
Exception in thread "main" org.apache.sshd.common.SshException: 
DefaultAuthFuture[ssh-connection]: Failed (InvalidKeyException) to execute: 
Supplied key (net.i2p.crypto.eddsa.EdDSAPrivateKey) is not a RSAPrivateKey 
instance
        at 
org.apache.sshd.common.future.AbstractSshFuture.lambda$verifyResult$1(AbstractSshFuture.java:131)
        at 
org.apache.sshd.common.future.AbstractSshFuture.formatExceptionMessage(AbstractSshFuture.java:185)
        at 
org.apache.sshd.common.future.AbstractSshFuture.verifyResult(AbstractSshFuture.java:130)
        at 
org.apache.sshd.client.future.DefaultAuthFuture.verify(DefaultAuthFuture.java:39)
        at 
org.apache.sshd.client.future.DefaultAuthFuture.verify(DefaultAuthFuture.java:32)
        at 
org.apache.sshd.common.future.VerifiableFuture.verify(VerifiableFuture.java:43)
        at ch.paranor.thomas.TestClient.testAuth(TestClient.java:44)
        at ch.paranor.thomas.TestClient.main(TestClient.java:58)
Caused by: java.security.InvalidKeyException: Supplied key 
(net.i2p.crypto.eddsa.EdDSAPrivateKey) is not a RSAPrivateKey instance
        at 
org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown
 Source)
        at java.security.Signature$Delegate.engineInitSign(Signature.java:1177)
        at java.security.Signature.initSign(Signature.java:530)
        at 
org.apache.sshd.common.signature.AbstractSignature.initSigner(AbstractSignature.java:104)
        at 
org.apache.sshd.client.auth.pubkey.KeyPairIdentity.sign(KeyPairIdentity.java:81)
        at 
org.apache.sshd.client.auth.pubkey.UserAuthPublicKey.appendSignature(UserAuthPublicKey.java:363)
        at 
org.apache.sshd.client.auth.pubkey.UserAuthPublicKey.processAuthDataRequest(UserAuthPublicKey.java:333)
{noformat}

Work-arounds:

* Place RSA keys last in the sequence of keys to be tried
* Or ensure only actually working keys are used



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to