search

TritonDataCenter / java-http-signature

Library for performing RSA signed HTTP requests in Java
Mozilla Public License 2.0
16 stars 12 forks source link

support post 6.7 openssh fingerprints #28

Closed cburroughs closed 7 years ago

cburroughs commented 7 years ago

Pre-6.7 OpenSSH used hex encoded md5 as a key fingerprint. This was changed to be the base64 encoded sha256 with a prefix (SHA256). Triton and Manta only have server side support for the un-prefixed md5 fingerprint.

Following the approach of the node tooling in PUBAPI-1146, break apart the key fingerprint specified by the user from what is sent to the server. Instead validate the user fingerprint, and calculate our own fingerprint to send to the server. In the long run this simplifies the API (fewer things to pass around) and helps give better errors to the user sooner (instead of waiting for an error from the server).

The details of how OpenSSH serializes fingerprints is based on the implementation in node-sshpk.

ref #10

cburroughs commented 7 years ago

Performance Comparison

master
Benchmark                                  (hash)  (providerCode)   Mode  Cnt     Score   Error  Units
BenchmarkDSASigner.signHeaderThroughput    SHA256          stdlib  thrpt   50  2058.896 ± 4.611  ops/s
BenchmarkECDSASigner.signHeaderThroughput  SHA256          stdlib  thrpt   50  2939.279 ± 6.145  ops/s
BenchmarkRSASigner.signHeaderThroughput    SHA256          stdlib  thrpt   50   169.108 ± 2.775  ops/s
BenchmarkRSASigner.signHeaderThroughput    SHA256   native.jnagmp  thrpt   50   726.071 ± 2.569  ops/s

finger
Benchmark                                  (hash)  (providerCode)   Mode  Cnt     Score   Error  Units
BenchmarkDSASigner.signHeaderThroughput    SHA256          stdlib  thrpt   50  2040.975 ± 4.386  ops/s
BenchmarkECDSASigner.signHeaderThroughput  SHA256          stdlib  thrpt   50  2879.544 ± 6.881  ops/s
BenchmarkRSASigner.signHeaderThroughput    SHA256          stdlib  thrpt   50   165.684 ± 0.297  ops/s
BenchmarkRSASigner.signHeaderThroughput    SHA256   native.jnagmp  thrpt   50   723.925 ± 2.734  ops/s

So we get a just barely measurable performance hit from the repeated fingerprint calculations. We could mitigate that with a cache, but we already have a cache for the entire signature.

Testing

I'll be the first to admit that "grab the last $MAGIC_NUMBER bytes is not the most elegant approach. I've compared the fingerprint calculated here to ssh-keygen (using KeyFingerprinterIntegrationCycle) with 100,000 iterations for each key type/size. So while not pretty, it works in all of the ways I have thought to test it.