You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@mina.apache.org by "Pasi Eronen (JIRA)" <ji...@apache.org> on 2014/06/12 11:28:01 UTC

[jira] [Created] (SSHD-330) Handshake fails (wrong shared secret) 1 out of 256 times

Pasi Eronen created SSHD-330:
--------------------------------

             Summary: Handshake fails (wrong shared secret) 1 out of 256 times
                 Key: SSHD-330
                 URL: https://issues.apache.org/jira/browse/SSHD-330
             Project: MINA SSHD
          Issue Type: Bug
    Affects Versions: 0.11.0
            Reporter: Pasi Eronen



The shared secret returned by KeyAgreement.generateSecret() is a byte array, which can (by chance, roughly 1 out of 256 times) begin with zero byte. In SSH, the shared secret is an integer, so we need to strip the leading zero(es).

Some JCE providers might strip leading zeroes, though. SunJCE used to do this in Java 6, I think, but not anymore in Java 7 -- and there was an almost identical bug (handshake fails 1 out of 256 times) in Java's SSL/TLS implementation in early Java 7 versions (see http://bugs.java.com/view_bug.do?bug_id=8014618).

How to reproduce with OpenSSH client (assuming Mina SSH server running in port 9922):

for x in {1..500}; do sshpass -p wrong ssh -p9922 -oKexAlgorithms=diffie-hellman-group-exchange-sha1 someuser@localhost; done 

for x in {1..500}; do sshpass -p wrong ssh -p9922 -oKexAlgorithms=ecdh-sha2-nistp256 someuser@localhost; done 




--
This message was sent by Atlassian JIRA
(v6.2#6252)