Skip to content

Commit

Permalink
Merge pull request #740 from ikucuze/master
Browse files Browse the repository at this point in the history 
fix(739) SignatureECDSAN destroying private key
  • Loading branch information
@mwiede
mwiede authored Jan 8, 2025
2 parents 323a82a + 6156ad3 commit b7e92bf
Showing 1 changed file with 9 additions and 2 deletions.
11 changes: 9 additions & 2 deletions src/main/java/com/jcraft/jsch/KeyPairECDSA.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -345,13 +345,16 @@ public int getKeySize() {

@Override
public byte[] getSignature(byte[] data) {
byte[] keyCopy = null;
try {
Class<? extends SignatureECDSA> c =
Class.forName(JSch.getConfig("ecdsa-sha2-" + Util.byte2str(name)))
.asSubclass(SignatureECDSA.class);
SignatureECDSA ecdsa = c.getDeclaredConstructor().newInstance();
ecdsa.init();
ecdsa.setPrvKey(prv_array);
// https://github.com/mwiede/jsch/issues/739 : prv_array could be destroyed by ecdsa signing
keyCopy = Arrays.copyOf(prv_array, prv_array.length);
ecdsa.setPrvKey(keyCopy);

ecdsa.update(data);
byte[] sig = ecdsa.sign();
Expand All @@ -364,6 +367,8 @@ public byte[] getSignature(byte[] data) {
if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
instLogger.getLogger().log(Logger.ERROR, "failed to generate signature", e);
}
} finally {
Util.bzero(keyCopy);
}
return null;
}
Expand All @@ -390,7 +395,9 @@ public Signature getVerifier() {
r_array = tmp[0];
s_array = tmp[1];
}
ecdsa.setPubKey(r_array, s_array);
// https://github.com/mwiede/jsch/issues/739 : keys could be destroyed by ecdsa verification
ecdsa.setPubKey(Arrays.copyOf(r_array, r_array.length),
Arrays.copyOf(s_array, s_array.length));
return ecdsa;
} catch (Exception e) {
if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
Expand Down

0 comments on commit b7e92bf

Please sign in to comment.