You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In SFTP Adapter, we are using JSch library version 0.2.8. For key authentication, when using the below ECDSA key:
(EC private key (256 bits): 60648790853872629831500092524651691193896539865613526930205224977005897401959
Domain Parameters: Named Curve: 1.2.840.10045.3.1.7
Public Key:
(df1fae258444f0c7fb774f6788e3f5058eab416fa392c8b45337468b56a5d8ec, 481557b0d76f912c834f64b23592ddbef4ed9e7db494279af96a9f2877b130d3)
)
Then it fails with following error:
failed to parse key
java.lang.ArrayIndexOutOfBoundsException: while trying to load from index 110 of a byte (or boolean) array with length 109, loaded from local variable 'plain'
at com.jcraft.jsch.KeyPairECDSA.parse(KeyPairECDSA.java:283)
at com.jcraft.jsch.KeyPair.load(KeyPair.java:1113)
at com.jcraft.jsch.IdentityFile.newInstance(IdentityFile.java:44)
at com.jcraft.jsch.JSch.addIdentity(JSch.java:514)
Exception received: com.jcraft.jsch.JSchException: invalid privatekey
To check the length of the key, I added some log statements and can see that the key length which is sent from SFTP Adapter is 109. Please have a look at the below trace statements:
For parsing the ECDSA key, I have used the below code in SFTP adapter:
PrivateKeyInfo info = PrivateKeyInfo.getInstance(
(ASN1Sequence) ASN1Primitive.fromByteArray(((Key)o).getEncoded()));
if (o instanceof ECPrivateKey)
byte[] keyBytes = info.parsePrivateKey().toASN1Primitive().getEncoded();
Could you please check if the key length sent from the SFTP Adapter is incorrect or if it is not being compared correctly in KeyPairECDSA.java?
I also have seen that some fix for ECDSA key has been released with JSch version jsch-0.2.22.
Regards,
Anamika
The text was updated successfully, but these errors were encountered:
Hi,
In SFTP Adapter, we are using JSch library version 0.2.8. For key authentication, when using the below ECDSA key:
(EC private key (256 bits): 60648790853872629831500092524651691193896539865613526930205224977005897401959
Domain Parameters: Named Curve: 1.2.840.10045.3.1.7
Public Key:
(df1fae258444f0c7fb774f6788e3f5058eab416fa392c8b45337468b56a5d8ec, 481557b0d76f912c834f64b23592ddbef4ed9e7db494279af96a9f2877b130d3)
)
Then it fails with following error:
failed to parse key
java.lang.ArrayIndexOutOfBoundsException: while trying to load from index 110 of a byte (or boolean) array with length 109, loaded from local variable 'plain'
at com.jcraft.jsch.KeyPairECDSA.parse(KeyPairECDSA.java:283)
at com.jcraft.jsch.KeyPair.load(KeyPair.java:1113)
at com.jcraft.jsch.IdentityFile.newInstance(IdentityFile.java:44)
at com.jcraft.jsch.JSch.addIdentity(JSch.java:514)
Exception received: com.jcraft.jsch.JSchException: invalid privatekey
To check the length of the key, I added some log statements and can see that the key length which is sent from SFTP Adapter is 109. Please have a look at the below trace statements:
ECDSA Private Key Length: 109 bytes
ECDSA Private Key Length (DERSequence): 111 bytes
Encoded Key Length: 109
Parsed Key (HEX): 2D2D2D2D2D424547494E2045432050524956415445204B45592D2D2D2D2D0A4D47734341514545494959562F38697258575656706E2B724C4A7A3556764E33734261794B6C765A436E58487A54313565555A6E6F5551445167414533782B750A4A595245384D66376430396E694F50314259367251572B6A6B736930557A64476931616C324F78494656657731322B524C494E505A4C49316B74322B394F32650A666253554A3572356170386F6437457730773D3D0A2D2D2D2D2D454E442045432050524956415445204B45592D2D2D2D2D
For parsing the ECDSA key, I have used the below code in SFTP adapter:
PrivateKeyInfo info = PrivateKeyInfo.getInstance(
(ASN1Sequence) ASN1Primitive.fromByteArray(((Key)o).getEncoded()));
if (o instanceof ECPrivateKey)
byte[] keyBytes = info.parsePrivateKey().toASN1Primitive().getEncoded();
Could you please check if the key length sent from the SFTP Adapter is incorrect or if it is not being compared correctly in KeyPairECDSA.java?
I also have seen that some fix for ECDSA key has been released with JSch version jsch-0.2.22.
Regards,
Anamika
The text was updated successfully, but these errors were encountered: