Invalid encoding for signature: redundant leading 0s

[charego]

Related bugs:

1. https://sourceforge.net/p/jsch/bugs/111/
2. https://bugs.openjdk.java.net/browse/JDK-8174719

Synopsis:

Security fix in Java 8u121 exposed an encoding issue in some SSH libraries. In other words, these libraries were relying on buggy code in the JDK. Now that it's fixed in the JDK, these libraries mess up. Specifically: redundant 0s should be stripped from the signature.

Environment:

• Java 8u144
• sshj 0.21.1
• connecting to Cisco devices (IOS XRs)

ERROR [net.schmizz.concurrent.Promise] <<kex done>> woke to: net.schmizz.sshj.transport.TransportException: Invalid encoding for signature
...
Caused by: net.schmizz.sshj.transport.TransportException: Invalid encoding for signature
    at net.schmizz.sshj.transport.TransportException$1.chain(TransportException.java:33)
    at net.schmizz.sshj.transport.TransportException$1.chain(TransportException.java:27)
    at net.schmizz.concurrent.Promise.deliverError(Promise.java:96)
    at net.schmizz.concurrent.Event.deliverError(Event.java:74)
    at net.schmizz.concurrent.ErrorDeliveryUtil.alertEvents(ErrorDeliveryUtil.java:34)
    at net.schmizz.sshj.transport.KeyExchanger.notifyError(KeyExchanger.java:386)
    at net.schmizz.sshj.transport.TransportImpl.die(TransportImpl.java:600)
    at net.schmizz.sshj.transport.Reader.run(Reader.java:67)
Caused by: net.schmizz.sshj.common.SSHException: Invalid encoding for signature
    at net.schmizz.sshj.common.SSHException$1.chain(SSHException.java:36)
    at net.schmizz.sshj.common.SSHException$1.chain(SSHException.java:29)
    at net.schmizz.sshj.transport.TransportImpl.die(TransportImpl.java:595)
    ... 1 common frames omitted
Caused by: net.schmizz.sshj.common.SSHRuntimeException: Invalid encoding for signature
    at net.schmizz.sshj.signature.SignatureDSA.verify(SignatureDSA.java:102)
    at net.schmizz.sshj.transport.kex.AbstractDHG.next(AbstractDHG.java:85)
    at net.schmizz.sshj.transport.KeyExchanger.handle(KeyExchanger.java:358)
    at net.schmizz.sshj.transport.TransportImpl.handle(TransportImpl.java:503)
    at net.schmizz.sshj.transport.Decoder.decode(Decoder.java:102)
    at net.schmizz.sshj.transport.Decoder.received(Decoder.java:170)
    at net.schmizz.sshj.transport.Reader.run(Reader.java:59)
Caused by: java.security.SignatureException: Invalid encoding for signature
    at sun.security.provider.DSA.engineVerify(DSA.java:283)
    at sun.security.provider.DSA.engineVerify(DSA.java:244)
    at java.security.Signature$Delegate.engineVerify(Signature.java:1219)
    at java.security.Signature.verify(Signature.java:652)
    at net.schmizz.sshj.signature.SignatureDSA.verify(SignatureDSA.java:100)
    ... 6 common frames omitted
Caused by: java.io.IOException: Invalid encoding: redundant leading 0s
    at sun.security.util.DerInputBuffer.getBigInteger(DerInputBuffer.java:152)
    at sun.security.util.DerValue.getBigInteger(DerValue.java:512)
    at sun.security.provider.DSA.engineVerify(DSA.java:281)
    ... 10 common frames omitted

[hierynomus]

If you have a unit test case to reproduce this that would be great.

[hierynomus]

@charlesrgould Can you craft some unit test case that fails so that we can make work of solving this? thanks!

[charego]

I've been trying to do just that. On our devices it's intermittent. The code logs in to the device several times in short succession, using username-password auth. Occasionally we see this exception about the key exchange messing up. Do you have any insight (or guess) as to what could be the problem?

Feel free to close the two tickets I created if I fail to generate a test case within the next few weeks.

[hierynomus]

I assume it's a genuine bug, also given the other kinoed reports, so closing it is not my first option ;). However I'm not sure where the bug is, nor how to reproduce. Op 7 sep. 2017 11:38 p.m. schreef "charlesrgould" <notifications@github.com

…

: I've been trying to do just that. On our devices it's intermittent. The code logs in to the device several times in short succession, using username-password auth. Occasionally we see this exception about the key exchange messing up. Do you have any insight (or guess) as to what could be the problem? Feel free to close the two tickets I created if I fail to generate a test case within the next few weeks. — You are receiving this because you commented. Reply to this email directly, view it on GitHub <#354 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AAHLo1H7cxvIpal0u9ZcFK2KBgW01D-Nks5sgGJjgaJpZM4PJTKz> .