[jira] [Commented] (SSHD-330) Handshake fails (wrong shared secret) 1 out of 256 times
[ https://issues.apache.org/jira/browse/SSHD-330?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14610218#comment-14610218 ] Goldstein Lyor commented on SSHD-330: - Improved _AbstractDH#stripLeadingZeros_ to clone the array only if 1st byte is non-zero Handshake fails (wrong shared secret) 1 out of 256 times Key: SSHD-330 URL: https://issues.apache.org/jira/browse/SSHD-330 Project: MINA SSHD Issue Type: Bug Affects Versions: 0.11.0 Reporter: Pasi Eronen Assignee: Guillaume Nodet Fix For: 0.12.0, 0.9.1 The shared secret returned by KeyAgreement.generateSecret() is a byte array, which can (by chance, roughly 1 out of 256 times) begin with zero byte. In SSH, the shared secret is an integer, so we need to strip the leading zero(es). Some JCE providers might strip leading zeroes, though. SunJCE used to do this in Java 6, I think, but not anymore in Java 7 -- and there was an almost identical bug (handshake fails 1 out of 256 times) in Java's SSL/TLS implementation in early Java 7 versions (see http://bugs.java.com/view_bug.do?bug_id=8014618). Pull request here: https://github.com/apache/mina-sshd/pull/5 How to reproduce with OpenSSH client (assuming Mina SSH server running in port 9922): for x in {1..500}; do sshpass -p wrong ssh -p9922 -oKexAlgorithms=diffie-hellman-group-exchange-sha1 someuser@localhost; done for x in {1..500}; do sshpass -p wrong ssh -p9922 -oKexAlgorithms=ecdh-sha2-nistp256 someuser@localhost; done -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (SSHD-330) Handshake fails (wrong shared secret) 1 out of 256 times
[ https://issues.apache.org/jira/browse/SSHD-330?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14133631#comment-14133631 ] ASF GitHub Bot commented on SSHD-330: - Github user pasieronen closed the pull request at: https://github.com/apache/mina-sshd/pull/5 Handshake fails (wrong shared secret) 1 out of 256 times Key: SSHD-330 URL: https://issues.apache.org/jira/browse/SSHD-330 Project: MINA SSHD Issue Type: Bug Affects Versions: 0.11.0 Reporter: Pasi Eronen Assignee: Guillaume Nodet Fix For: 0.12.0 The shared secret returned by KeyAgreement.generateSecret() is a byte array, which can (by chance, roughly 1 out of 256 times) begin with zero byte. In SSH, the shared secret is an integer, so we need to strip the leading zero(es). Some JCE providers might strip leading zeroes, though. SunJCE used to do this in Java 6, I think, but not anymore in Java 7 -- and there was an almost identical bug (handshake fails 1 out of 256 times) in Java's SSL/TLS implementation in early Java 7 versions (see http://bugs.java.com/view_bug.do?bug_id=8014618). Pull request here: https://github.com/apache/mina-sshd/pull/5 How to reproduce with OpenSSH client (assuming Mina SSH server running in port 9922): for x in {1..500}; do sshpass -p wrong ssh -p9922 -oKexAlgorithms=diffie-hellman-group-exchange-sha1 someuser@localhost; done for x in {1..500}; do sshpass -p wrong ssh -p9922 -oKexAlgorithms=ecdh-sha2-nistp256 someuser@localhost; done -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (SSHD-330) Handshake fails (wrong shared secret) 1 out of 256 times
[ https://issues.apache.org/jira/browse/SSHD-330?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14032188#comment-14032188 ] Guillaume Nodet commented on SSHD-330: -- Thx for the patch ! Handshake fails (wrong shared secret) 1 out of 256 times Key: SSHD-330 URL: https://issues.apache.org/jira/browse/SSHD-330 Project: MINA SSHD Issue Type: Bug Affects Versions: 0.11.0 Reporter: Pasi Eronen Assignee: Guillaume Nodet Fix For: 0.12.0 The shared secret returned by KeyAgreement.generateSecret() is a byte array, which can (by chance, roughly 1 out of 256 times) begin with zero byte. In SSH, the shared secret is an integer, so we need to strip the leading zero(es). Some JCE providers might strip leading zeroes, though. SunJCE used to do this in Java 6, I think, but not anymore in Java 7 -- and there was an almost identical bug (handshake fails 1 out of 256 times) in Java's SSL/TLS implementation in early Java 7 versions (see http://bugs.java.com/view_bug.do?bug_id=8014618). Pull request here: https://github.com/apache/mina-sshd/pull/5 How to reproduce with OpenSSH client (assuming Mina SSH server running in port 9922): for x in {1..500}; do sshpass -p wrong ssh -p9922 -oKexAlgorithms=diffie-hellman-group-exchange-sha1 someuser@localhost; done for x in {1..500}; do sshpass -p wrong ssh -p9922 -oKexAlgorithms=ecdh-sha2-nistp256 someuser@localhost; done -- This message was sent by Atlassian JIRA (v6.2#6252)
[jira] [Commented] (SSHD-330) Handshake fails (wrong shared secret) 1 out of 256 times
[ https://issues.apache.org/jira/browse/SSHD-330?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14028968#comment-14028968 ] ASF GitHub Bot commented on SSHD-330: - GitHub user pasieronen opened a pull request: https://github.com/apache/mina-sshd/pull/5 SSHD-330 Strip leading zero(es) from the shared secret You can merge this pull request into a Git repository by running: $ git pull https://github.com/pasieronen/mina-sshd SSHD-330-shared-secret-zeroes Alternatively you can review and apply these changes as the patch at: https://github.com/apache/mina-sshd/pull/5.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #5 commit e7ebbc6bf1e13ac0da00b75b12814cc7827eb18d Author: Pasi Eronen p...@iki.fi Date: 2014-06-12T09:27:33Z Strip leading zero(es) from the shared secret Handshake fails (wrong shared secret) 1 out of 256 times Key: SSHD-330 URL: https://issues.apache.org/jira/browse/SSHD-330 Project: MINA SSHD Issue Type: Bug Affects Versions: 0.11.0 Reporter: Pasi Eronen The shared secret returned by KeyAgreement.generateSecret() is a byte array, which can (by chance, roughly 1 out of 256 times) begin with zero byte. In SSH, the shared secret is an integer, so we need to strip the leading zero(es). Some JCE providers might strip leading zeroes, though. SunJCE used to do this in Java 6, I think, but not anymore in Java 7 -- and there was an almost identical bug (handshake fails 1 out of 256 times) in Java's SSL/TLS implementation in early Java 7 versions (see http://bugs.java.com/view_bug.do?bug_id=8014618). How to reproduce with OpenSSH client (assuming Mina SSH server running in port 9922): for x in {1..500}; do sshpass -p wrong ssh -p9922 -oKexAlgorithms=diffie-hellman-group-exchange-sha1 someuser@localhost; done for x in {1..500}; do sshpass -p wrong ssh -p9922 -oKexAlgorithms=ecdh-sha2-nistp256 someuser@localhost; done -- This message was sent by Atlassian JIRA (v6.2#6252)