Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Possible issue with negotiating rsa-sha2-512 #608

Closed
fmeum opened this issue Jun 23, 2020 · 1 comment · Fixed by #622
Closed

Possible issue with negotiating rsa-sha2-512 #608

fmeum opened this issue Jun 23, 2020 · 1 comment · Fixed by #622

Comments

@fmeum
Copy link
Contributor

fmeum commented Jun 23, 2020

Steps to reproduce:

  1. Set configured key algorithms to contain KeyAlgorithms.RSASHA256().
  2. Try to connect to github.com (or bitbucket.org).
  3. The following exception (truncated to the part that is sshj-related) is thrown:
     Caused by: net.schmizz.sshj.transport.TransportException: Expected 'rsa-sha2-256' key algorithm, but got: ssh-rsa
        at net.schmizz.sshj.transport.TransportException$1.chain(TransportException.java:33)
        at net.schmizz.sshj.transport.TransportException$1.chain(TransportException.java:27)
        at net.schmizz.concurrent.Promise.deliverError(Promise.java:95)
        at net.schmizz.concurrent.Event.deliverError(Event.java:74)
        at net.schmizz.concurrent.ErrorDeliveryUtil.alertEvents(ErrorDeliveryUtil.java:34)
        at net.schmizz.sshj.transport.KeyExchanger.notifyError(KeyExchanger.java:398)
        at net.schmizz.sshj.transport.TransportImpl.die(TransportImpl.java:613)
        at net.schmizz.sshj.transport.Reader.run(Reader.java:66)
     Caused by: net.schmizz.sshj.common.SSHException: Expected 'rsa-sha2-256' key algorithm, but got: ssh-rsa
        at net.schmizz.sshj.common.SSHException$1.chain(SSHException.java:36)
        at net.schmizz.sshj.common.SSHException$1.chain(SSHException.java:29)
        at net.schmizz.sshj.transport.TransportImpl.die(TransportImpl.java:608)
        at net.schmizz.sshj.transport.Reader.run(Reader.java:66) 
     Caused by: net.schmizz.sshj.common.SSHRuntimeException: Expected 'rsa-sha2-256' key algorithm, but got: ssh-rsa
        at net.schmizz.sshj.signature.AbstractSignature.extractSig(AbstractSignature.java:107)
        at net.schmizz.sshj.signature.SignatureRSA.verify(SignatureRSA.java:119)
        at net.schmizz.sshj.transport.kex.AbstractDHG.next(AbstractDHG.java:85)
        at net.schmizz.sshj.transport.KeyExchanger.handle(KeyExchanger.java:370)
        at net.schmizz.sshj.transport.TransportImpl.handle(TransportImpl.java:514)
        at net.schmizz.sshj.transport.Decoder.decodeMte(Decoder.java:159)
        at net.schmizz.sshj.transport.Decoder.decode(Decoder.java:79)
        at net.schmizz.sshj.transport.Decoder.received(Decoder.java:231)
        at net.schmizz.sshj.transport.Reader.run(Reader.java:60)

When using KeyAlgorithms.SSHRSA() or the 0.29.0 release, everything works fine.

It seems that GitHub is sending an ssh-rsa signature in the key exchange even though sshj believes that it successfully negotiated rsa-sha2-256 as the server host key signature algorithm. When connecting to GitHub with OpenSSH, it successfully negotiates rsa-sha2-512, so this is not simply due to missing support on GitHub.

@fmeum
Copy link
Contributor Author

fmeum commented Jul 20, 2020

This turned out to be a spec deviation by GitHub's SSH server implementation: They send ssh-rsa signatures even though rsa-sha2-512 was negotiated if the client does not indicate support for SSH_MSG_EXT_INFO by offering the (fake) kex algorithm ext-info-c. This violates https://tools.ietf.org/html/rfc8332#section-3.1.

Since working around this issue is quite simple and should improve overall compatibility, I have created #622.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

1 participant