Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
1.2.0, 2.1.0
-
None
Description
There appears to be an error in encoding the public part of certain ECDSA host key values. The bug has been found to affect the ecdsa-sha2-nistpX host key algorithms.
The bug affects the different ECDSA host key types to different degrees. Usually when one generates a host key value it will work okay. However, if one repeatedly generates new host key values then eventually a value will be generated for which the encoding is not calculated correctly:
- For ecdsa-sha2-nistp512: within ~10 repetitions
- For ecdsa-sha2-nistp256: within ~200 repetitions
- For ecdsa-sha2-nistp384: within ~1000 repetitions
The attached Junit test code fragment was used to generate the above statistics.