Recent changes to patches

#10 ecdsa 384 and 521 key verification broken

Bernhard Falk — Fri, 04 Feb 2022 14:52:02 -0000

Hello !
Can you give me a hint how to applicate the patch using the "patch" comand in linux terminal ? Or is there an other way to get a patched JSCH ?
Thanks in advance
Bernhard

Unix line-end in PPK files

Lorinczy Zsigmond — Thu, 18 Jun 2020 19:56:02 -0000

Hi, I'd like to offer a patch for KeyPair.java that allows handling PPK-files with Unix-style lineends (LF-only). (Actually, it works this with CR-only, LF-only, LCFR, CRLF lineends -- not EBCDIC though)

#10 ecdsa 384 and 521 key verification broken

Vineeth Chinmay Karra — Thu, 14 Mar 2019 09:36:22 -0000

Hello.
Do you have any similar patch for ecdsa-sha2-nistp256 host key algorithm?

Allow users to set alternate password encodings

Sophie Stratton — Wed, 06 Mar 2019 17:17:40 -0000

It'd be really useful to expose the existing function in Util.java and allow different password encodings than UTF-8 to be set.

Added support for 256 bit HMAC

Dylan Katz — Wed, 06 Feb 2019 18:56:19 -0000

I am unsure if you're actively accepting patches for this project, but I figured I'd submit this anyways. This change enables support for 256 bit HMAC if JCE supports >= 256 bit AES keys (which is now default behavior).
One caveat to this is it requires larger buffer sizes for packets sent, so that is now controlled via constant in Channel, which needs to be at least 112 to support the larger MAC.

ecdsa 384 and 521 key verification broken

Iger — Thu, 13 Apr 2017 13:59:44 -0000

Hello!

Due to a hardcoded string in com.jcraft.jsch.jce.SignatureECDSA Jsch is unable to connect to any SSH server, providing ecdsa-sha2-nistp384 or ecdsa-sha2-nistp521 keys.

Attached is a proposed patch.

Cheers,
Ilya German

Fix crash on corrupt known_hosts file

Robin Neatherway — Tue, 28 Mar 2017 09:03:22 -0000

The exception is raised in the case where a server host key is bad. In
my case the system administrator had accidentally included the key
type twice:

server.company.com,10.0.0.1 ssh-rsa ssh-rsa <key>

And ssh-rsa was treated as a key. This fails because it is not valid
Base64. My proposed patch treats this line as an invalid line and
continues, like JSch does in other cases.

$ diff -u ./src/main/java/com/jcraft/jsch/KnownHosts.java ./src/main/java/com/jcraft/jsch/KnownHosts2.java
--- ./src/main/java/com/jcraft/jsch/KnownHosts.java 2017-03-28 09:55:32.131080050 +0100
+++ ./src/main/java/com/jcraft/jsch/KnownHosts2.java    2017-03-28 09:57:26.322732339 +0100
@@ -215,12 +215,14 @@
    //System.err.println(host);
    //System.err.println("|"+key+"|");

-   HostKey hk = null;
-        hk = new HashedHostKey(marker, host, type, 
-                               Util.fromBase64(Util.str2byte(key), 0, 
-                                               key.length()), comment);
-   pool.addElement(hk);
-      }
+        try {
+          pool.addElement(new HashedHostKey(marker, host, type, 
+                                            Util.fromBase64(Util.str2byte(key), 0, 
+                                                            key.length()), comment));
+        } catch (JSchException e) {
+          addInvalidLine(Util.byte2str(buf, 0, bufl));
+        }
+
       if(error){
    throw new JSchException("KnownHosts: invalid format");
       }

#8 Memory leak in LocalIdentityRepository

Alexsey — Sun, 13 Mar 2016 21:15:23 -0000

Thank you! I also got out of memory leaks, I hope your decision will help.

#7 Enable DH-SHA2 key exchange

Antonio Eugenio Burriel — Mon, 02 Mar 2015 18:25:28 -0000

None, sorry. I only identified the problem and proposed a solution.
That's a question for the maintainer, Atsuhiko Yamanaka.
Meanwhile yo can download the source, apply the attached patch and build yourself.

#7 Enable DH-SHA2 key exchange

yp43X@ — Mon, 02 Mar 2015 08:57:39 -0000

Dear Antonio

Any idea of a possible release day for this patch?

Thank you in advance