From 6156ad329d6709db69b3cba8072b11cd8e9c9df7 Mon Sep 17 00:00:00 2001 From: Olivier LE TIEC Date: Tue, 7 Jan 2025 13:14:17 +0100 Subject: [PATCH] fix(739) SignatureECDSAN destroying private key --- src/main/java/com/jcraft/jsch/KeyPairECDSA.java | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/src/main/java/com/jcraft/jsch/KeyPairECDSA.java b/src/main/java/com/jcraft/jsch/KeyPairECDSA.java index c3221353..a55791d8 100644 --- a/src/main/java/com/jcraft/jsch/KeyPairECDSA.java +++ b/src/main/java/com/jcraft/jsch/KeyPairECDSA.java @@ -345,13 +345,16 @@ public int getKeySize() { @Override public byte[] getSignature(byte[] data) { + byte[] keyCopy = null; try { Class c = Class.forName(JSch.getConfig("ecdsa-sha2-" + Util.byte2str(name))) .asSubclass(SignatureECDSA.class); SignatureECDSA ecdsa = c.getDeclaredConstructor().newInstance(); ecdsa.init(); - ecdsa.setPrvKey(prv_array); + // https://github.com/mwiede/jsch/issues/739 : prv_array could be destroyed by ecdsa signing + keyCopy = Arrays.copyOf(prv_array, prv_array.length); + ecdsa.setPrvKey(keyCopy); ecdsa.update(data); byte[] sig = ecdsa.sign(); @@ -364,6 +367,8 @@ public byte[] getSignature(byte[] data) { if (instLogger.getLogger().isEnabled(Logger.ERROR)) { instLogger.getLogger().log(Logger.ERROR, "failed to generate signature", e); } + } finally { + Util.bzero(keyCopy); } return null; } @@ -390,7 +395,9 @@ public Signature getVerifier() { r_array = tmp[0]; s_array = tmp[1]; } - ecdsa.setPubKey(r_array, s_array); + // https://github.com/mwiede/jsch/issues/739 : keys could be destroyed by ecdsa verification + ecdsa.setPubKey(Arrays.copyOf(r_array, r_array.length), + Arrays.copyOf(s_array, s_array.length)); return ecdsa; } catch (Exception e) { if (instLogger.getLogger().isEnabled(Logger.ERROR)) {