mirrored from https://www.bouncycastle.org/repositories/bc-java
-
Notifications
You must be signed in to change notification settings - Fork 1.2k
-
When using the Bouncy Castle FIPS 2.1.1 provider with JSch (mwiede fork) on Java 8, ED25519 keys cannot be used successfully. Other algorithms work as expected, but attempts with ED25519 result in failures.
Steps to Reproduce:
-
Configure Java 8 with the BC FIPS 2.1.1 provider.
-
Use JSch (mwiede fork) to connect to an SSH server with an ED25519 key.
-
Attempt authentication.
Expected Behavior:
Authentication with ED25519 keys should succeed when using the BC FIPS provider.
Actual Behavior:
Authentication fails with ED25519 keys. Other algorithms (e.g., RSA, ECDSA) succeed.
Environment:
-
Java version: 1.8.x
-
Bouncy Castle FIPS provider: 2.1.1
-
JSch (mwiede fork)
-
OS: Mac OS, Windows
This issue seems specific to the interaction between JSch (mwiede fork) and the BC FIPS provider when ED25519 is used. Non-FIPS providers and other algorithms work correctly.
Here is the log that I am getting:
Provider initialized
Ed25519 provider: BCFIPS
Ed25519 provider info: BouncyCastle Security Provider (FIPS edition) v2.1.1
ssh-ed25519: com.jcraft.jsch.bc.SignatureEd25519
Connecting to 10.153.198.173...
JSch Log [level 1]: Connecting to 10.153.198.173 port 22
JSch Log [level 1]: Connection established
JSch Log [level 1]: Remote version string: SSH-2.0-OpenSSH_9.9
JSch Log [level 1]: Local version string: SSH-2.0-JSCH_2.27.2
JSch Log [level 1]: CheckCiphers: chacha20-poly1305@openssh.com
JSch Log [level 1]: CheckKexes: mlkem768x25519-sha256,mlkem768nistp256-sha256,mlkem1024nistp384-sha384,sntrup761x25519-sha512,sntrup761x25519-sha512@openssh.com,curve25519-sha256,curve25519-sha256@libssh.org,curve448-sha512
JSch Log [level 1]: mlkem768x25519-sha256 is not available.
JSch Log [level 1]: mlkem768nistp256-sha256 is not available.
JSch Log [level 1]: mlkem1024nistp384-sha384 is not available.
JSch Log [level 1]: sntrup761x25519-sha512 is not available.
JSch Log [level 1]: sntrup761x25519-sha512@openssh.com is not available.
JSch Log [level 1]: curve25519-sha256 is not available.
JSch Log [level 1]: curve25519-sha256@libssh.org is not available.
JSch Log [level 1]: curve448-sha512 is not available.
JSch Log [level 0]: kex proposal before removing unavailable algos is: mlkem768x25519-sha256,curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
JSch Log [level 0]: kex proposal after removing unavailable algos is: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
JSch Log [level 1]: CheckSignatures: ssh-ed25519,ssh-ed448
JSch Log [level 1]: ssh-ed25519 is not available.
JSch Log [level 1]: ssh-ed448 is not available.
JSch Log [level 0]: server_host_key proposal before removing unavailable algos is: ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
JSch Log [level 0]: server_host_key proposal after removing unavailable algos is: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
JSch Log [level 0]: server_host_key proposal before known_host reordering is: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
JSch Log [level 0]: server_host_key proposal after known_host reordering is: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
JSch Log [level 1]: SSH_MSG_KEXINIT sent
JSch Log [level 1]: SSH_MSG_KEXINIT received
JSch Log [level 1]: Doing strict KEX
JSch Log [level 1]: ext-info messaging supported by server
JSch Log [level 1]: server proposal: KEX algorithms: diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,curve25519-sha256,curve25519-sha256@libssh.org,ext-info-s,kex-strict-s-v00@openssh.com
JSch Log [level 1]: server proposal: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
JSch Log [level 1]: server proposal: ciphers c2s: aes256-ctr,aes192-ctr,aes128-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
JSch Log [level 1]: server proposal: ciphers s2c: aes256-ctr,aes192-ctr,aes128-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
JSch Log [level 1]: server proposal: MACs c2s: hmac-sha2-512,hmac-sha2-256,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com
JSch Log [level 1]: server proposal: MACs s2c: hmac-sha2-512,hmac-sha2-256,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com
JSch Log [level 1]: server proposal: compression c2s: none,zlib@openssh.com
JSch Log [level 1]: server proposal: compression s2c: none,zlib@openssh.com
JSch Log [level 1]: server proposal: languages c2s:
JSch Log [level 1]: server proposal: languages s2c:
JSch Log [level 1]: client proposal: KEX algorithms: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c,kex-strict-c-v00@openssh.com
JSch Log [level 1]: client proposal: host key algorithms: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256
JSch Log [level 1]: client proposal: ciphers c2s: aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr
JSch Log [level 1]: client proposal: ciphers s2c: aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr
JSch Log [level 1]: client proposal: MACs c2s: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
JSch Log [level 1]: client proposal: MACs s2c: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
JSch Log [level 1]: client proposal: compression c2s: none
JSch Log [level 1]: client proposal: compression s2c: none
JSch Log [level 1]: client proposal: languages c2s:
JSch Log [level 1]: client proposal: languages s2c:
JSch Log [level 1]: kex: algorithm: ecdh-sha2-nistp256
JSch Log [level 1]: kex: host key algorithm: ecdsa-sha2-nistp256
JSch Log [level 1]: kex: server->client cipher: aes128-gcm@openssh.com MAC: <implicit> compression: none
JSch Log [level 1]: kex: client->server cipher: aes128-gcm@openssh.com MAC: <implicit> compression: none
JSch Log [level 1]: SSH_MSG_KEX_ECDH_INIT sent
JSch Log [level 1]: expecting SSH_MSG_KEX_ECDH_REPLY
JSch Log [level 1]: ssh_ecdsa_verify: ecdsa-sha2-nistp256 signature true
JSch Log [level 2]: Permanently added '10.153.198.173' (ECDSA) to the list of known hosts.
JSch Log [level 1]: Reset outgoing sequence number after sending SSH_MSG_NEWKEYS for strict KEX
JSch Log [level 1]: SSH_MSG_NEWKEYS sent
JSch Log [level 1]: SSH_MSG_NEWKEYS received
JSch Log [level 1]: Reset incoming sequence number after receiving SSH_MSG_NEWKEYS for strict KEX
JSch Log [level 1]: SSH_MSG_EXT_INFO sent
JSch Log [level 1]: SSH_MSG_SERVICE_REQUEST sent
JSch Log [level 1]: SSH_MSG_EXT_INFO received
JSch Log [level 1]: server-sig-algs=<ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ssh-ed25519@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-dss,ssh-rsa>
JSch Log [level 1]: SSH_MSG_SERVICE_ACCEPT received
JSch Log [level 1]: SSH_MSG_EXT_INFO received
JSch Log [level 1]: server-sig-algs=<ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ssh-ed25519@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-dss,ssh-rsa>
JSch Log [level 1]: Authentications that can continue: publickey
JSch Log [level 1]: Next authentication method: publickey
JSch Log [level 0]: PubkeyAcceptedAlgorithms = ssh-ed25519
JSch Log [level 0]: Signature algorithms unavailable for non-agent identities = [ssh-ed25519, ssh-ed448]
JSch Log [level 0]: PubkeyAcceptedAlgorithms in server-sig-algs = [ssh-ed25519]
JSch Log [level 0]: ssh-ed25519 not available for identity /Users/joelvega/.ssh/id_ed25519
And here is the code for the app that I am using to test: https://github.com/jogevego/vm-connector
Beta Was this translation helpful? Give feedback.
All reactions
Replies: 1 comment
-
Sorry, I'm not familiar with the internals of JSch how is it looking for Ed25519 in the provider?
Beta Was this translation helpful? Give feedback.
All reactions
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment