Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reading OpenSshCertificates from a buffer is broken. #618

Closed
tomaswolf opened this issue Oct 7, 2024 · 0 comments · Fixed by #619
Closed

Reading OpenSshCertificates from a buffer is broken. #618

tomaswolf opened this issue Oct 7, 2024 · 0 comments · Fixed by #619
Assignees
@tomaswolf
Labels
bug An issue describing a bug in the code
Milestone
2.14.1

Comments

@tomaswolf
Copy link
Member

tomaswolf commented Oct 7, 2024
edited
Loading

Version

2.14.0

Bug description

Writing an OpenSshCertificate to a Buffer and then reading it back from there corrupts the OpenSshCertificate.getMessage(), which is supposed to be the bytes signed by the signature.

Buffer.getPublicKey(() simply sets the message to all bytes read so far since offset zero. This is may include bytes before the raw public key. This renders getMessage() useless as it cannot be used for verifying the signature.

Actual behavior

After

OpenSshCertificate initial = ...;
Buffer buf = new ByteArrayBuffer();
buf.putPublicKey(initial);
PublicKey readBack = buf.getPublicKey();

readBack.getMessage() would contain the extra 4 bytes for the overall public key length and signature verification of the readBack certificate fails if getMessage() is used.

Expected behavior

getMessage() correctly returns exactly the bytes of the raw certificate (including the key_type string), minus the signature.

Relevant log output

No response

Other information

No response
@tomaswolf tomaswolf self-assigned this Oct 7, 2024
@tomaswolf tomaswolf added this to the 2.14.1 milestone Oct 7, 2024
@tomaswolf tomaswolf added the bug An issue describing a bug in the code label Oct 7, 2024
tomaswolf added a commit to tomaswolf/mina-sshd that referenced this issue Oct 7, 2024
@tomaswolf
apacheGH-618: Fix reading an OpenSshCertificate from a Buffer
dfa9b06 
Buffer.getBytesConsumed() is broken. It'll return wrong data for buffers
created on a slice of an array not starting at zero. Using it in
OpenSSHCertPublicKeyParser will return data before the raw certificate
in the buffer if that raw certificate is not the first thing in the
buffer.

Fix this by adding a Buffer.getBytesConsumed(int from) method, and use
that in OpenSSHCertPublicKeyParser.

Bug: apache#618
@tomaswolf tomaswolf mentioned this issue Oct 7, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tomaswolf tomaswolf

Labels
bug An issue describing a bug in the code
Projects
None yet
Milestone
2.14.1
Development

Successfully merging a pull request may close this issue.

GH-618: Fix reading an OpenSshCertificate from a Buffer tomaswolf/mina-sshd
1 participant
@tomaswolf