|
From: | Casey Marshall |
Subject: | Re: [cp-patches] DiffieHellman and RSA |
Date: | Wed, 28 Sep 2005 21:12:27 -0700 |
On Sep 28, 2005, at 11:03 AM, Thomas Fitzsimmons wrote:
On Tue, 2005-09-27 at 19:37 -0700, Casey Marshall wrote:On Sep 27, 2005, at 5:44 PM, Thomas Fitzsimmons wrote:OK, your latest fixes get Eclipse a little farther. Now I'm seeing this: org.eclipse.team.internal.ccvs.ssh2.CVSSSH2ServerConnection $SSH2IOException: verify: false [...] Any idea?Yeah, and this is where I could get to trying to run a stand-alone shell. There's a bug in our RSA signature class, apparently, so the server's signature is being rejected in the SSH key exchange. It's baffling. From what I can tell the RSA decryption is correct (I get the correct binary structure out of the signature) but the hashes (SHA1) are different. I've even confirmed that SHA-1 isn't theproblem, because I get the same hash if I run SHA-1 on the data by hand.Could this be a problem with the key transfers, and not the key calculations? An io/nio/net bug perhaps?
It's the Diffie Hellman implementation, actually, which unfortunately happened to be pretty wrong.
Attached is a fixed version; I'll check this in sometime this week, unless someone else wants to do it. This gets jsch further, but it still fails on some missing algorithms (probably KeyFactory, for DESede, HmacMD5, etc., which are very easy to implement).
DiffieHellmanImpl.java
Description: Binary data
[Prev in Thread] | Current Thread | [Next in Thread] |