[Bug 2799] RSA Signatures using SHA2 provided by different ssh-agent are not properly verified

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Mon Mar 19 23:51:38 AEDT 2018


https://bugzilla.mindrot.org/show_bug.cgi?id=2799

--- Comment #9 from Jakub Jelen <jjelen at redhat.com> ---
Thank you for having a look into that and working on this patch. All
the features you mention would be very desirable.

FYI, the gnome-keyring developer dropped its ssh-agent implementation
and instead wrap standard ssh-agent [1] to enhance the interface with
their functionality.

I also tried to contact the PuTTY/Pageant developers about this issue,
but without any success. Are there any other specific agents, that are
causing problems with SHA2 signatures?

Some comments to the patch:

+               /*
+                * PKCS#11 tokens may not support all signature
algorithms,
+                * so check what we get back.
+                */

I don't think this should be a big problem. The PKCS#11 module gets
just a hash that it is supposed to sign with RSA PKCS#1.5 mechanism.
The hashing is done already by the ssh and you have complete control of
this. The only thing that happens sometimes is that the tokens use some
logic to make sure the passed value is a hash and not arbitrary data
(assuming based on the length?). I saw this behavior with YubiHSM. I
believe this is the only case when it might fail (if token does not
know SHA2 sizes?) and where the usage of other hash might help.

Otherwise the patch looks reasonable from my read-through. 

[1] https://bugzilla.gnome.org/show_bug.cgi?id=775981

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list