Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Duplicate
-
None
-
None
-
None
Description
in class org.apache.sshd.client.kex.DHGEXClient
String keyAlg = KeyUtils.getKeyType(serverKey); // when chosen rsa-sha2-512, the keyAlg wouldb be ras-ssh,getKeyType form sig would be better.
if (GenericUtils.isEmpty(keyAlg))
buffer = new ByteArrayBuffer();
buffer.putBytes(v_c);
buffer.putBytes(v_s);
buffer.putBytes(i_c);
buffer.putBytes(i_s);
buffer.putBytes(k_s);
buffer.putInt(min);
buffer.putInt(prf);
buffer.putInt(max);
buffer.putMPInt(getP());
buffer.putMPInt(g);
buffer.putMPInt(getE());
buffer.putMPInt(f);
buffer.putMPInt(k);
hash.update(buffer.array(), 0, buffer.available());
h = hash.digest();
Signature verif = ValidateUtils.checkNotNull(
NamedFactory.create(session.getSignatureFactories(), keyAlg), // session.getSignatureFactories() would be [rsa-sha2-512], not macth keyAlg, so the return value would b null, the conection could not be created.
"No verifier located for algorithm=%s", keyAlg);
verif.initVerifier(session, serverKey);
verif.update(session, h);
if (!verif.verify(session, sig)) {
Attachments
Issue Links
- duplicates
-
SSHD-1163 Wrong server key algorithm choose
- Resolved