[SSHD-934] Invalid public key encoding of certain ecdsa-sha2-nistpX host keys - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 1.2.0, 2.1.0
Fix Version/s: 2.4.0
Labels:
None

Description

There appears to be an error in encoding the public part of certain ECDSA host key values. The bug has been found to affect the ecdsa-sha2-nistpX host key algorithms.

The bug affects the different ECDSA host key types to different degrees. Usually when one generates a host key value it will work okay. However, if one repeatedly generates new host key values then eventually a value will be generated for which the encoding is not calculated correctly:

For ecdsa-sha2-nistp512: within ~10 repetitions
For ecdsa-sha2-nistp256: within ~200 repetitions
For ecdsa-sha2-nistp384: within ~1000 repetitions

The attached Junit test code fragment was used to generate the above statistics.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

ECDSA-encode-decode-junit-fragment.txt
24/Jul/19 12:57
4 kB
Louis Berube

Activity

People

Assignee:: Lyor Goldstein

Reporter:: Louis Berube

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 24/Jul/19 13:02

Updated:: 08/Jun/20 13:33

Resolved:: 31/Jul/19 04:46