You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi. First off, thanks for your work on this library.
I'm seeing an issue where generateKeyPairSync can produce key pairs where either the private or public key cannot be successfully parsed by parseKey. This program reproduces the issue:
Commenting out the block that throws parsedPublicKey may be needed to quickly see cases where parsing the private key also generates an error.
I am not sure whether the issue is exactly in parsing the key or generating it, but I did notice that generateKeyPair will strip leading zero bytes from the public key, if the public key from the Node.js standard library starts with a zero:
My brief read of https://datatracker.ietf.org/doc/html/rfc8709#section-4 is that this can be incorrect if it strips the public key length to less than 32 bytes, but my understanding of the specification may be incorrect.
I did notice that feeding the generated keys with the stripped public keys to https://github.com/TritonDataCenter/node-sshpk parses successfully; I am not sure if that is an implementation detail of that library.
The text was updated successfully, but these errors were encountered:
Hi. First off, thanks for your work on this library.
I'm seeing an issue where
generateKeyPairSync
can produce key pairs where either the private or public key cannot be successfully parsed byparseKey
. This program reproduces the issue:Commenting out the block that throws
parsedPublicKey
may be needed to quickly see cases where parsing the private key also generates an error.I am not sure whether the issue is exactly in parsing the key or generating it, but I did notice that
generateKeyPair
will strip leading zero bytes from the public key, if the public key from the Node.js standard library starts with a zero:ssh2/lib/keygen.js
Lines 290 to 297 in a56e70e
My brief read of https://datatracker.ietf.org/doc/html/rfc8709#section-4 is that this can be incorrect if it strips the public key length to less than 32 bytes, but my understanding of the specification may be incorrect.
I did notice that feeding the generated keys with the stripped public keys to https://github.com/TritonDataCenter/node-sshpk parses successfully; I am not sure if that is an implementation detail of that library.
The text was updated successfully, but these errors were encountered: