Mercurial > 510Connectbot
annotate src/ch/ethz/ssh2/channel/AuthAgentForwardThread.java @ 431:a0bff4b39512
Added tag stable-1.9.0-9 for changeset 47de9ffed872
author | Carl Byington <carl@five-ten-sg.com> |
---|---|
date | Fri, 26 Dec 2014 10:35:50 -0800 |
parents | b40bc65fa09a |
children |
rev | line source |
---|---|
294
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1 /* |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
2 * ConnectBot: simple, powerful, open-source SSH client for Android |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
3 * Copyright 2007 Kenny Root, Jeffrey Sharkey |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
4 * |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
5 * Licensed under the Apache License, Version 2.0 (the "License"); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
6 * you may not use this file except in compliance with the License. |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
7 * You may obtain a copy of the License at |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
8 * |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
9 * http://www.apache.org/licenses/LICENSE-2.0 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
10 * |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
11 * Unless required by applicable law or agreed to in writing, software |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
12 * distributed under the License is distributed on an "AS IS" BASIS, |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
14 * See the License for the specific language governing permissions and |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
15 * limitations under the License. |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
16 */ |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
17 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
18 package ch.ethz.ssh2.channel; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
19 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
20 import java.io.IOException; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
21 import java.io.InputStream; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
22 import java.io.OutputStream; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
23 import java.math.BigInteger; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
24 import java.security.KeyFactory; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
25 import java.security.KeyPair; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
26 import java.security.NoSuchAlgorithmException; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
27 import java.security.PrivateKey; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
28 import java.security.PublicKey; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
29 import java.security.interfaces.DSAPrivateKey; |
302
beaccc9df37b
add ecdsa key support everywhere
Carl Byington <carl@five-ten-sg.com>
parents:
300
diff
changeset
|
30 import java.security.interfaces.ECPrivateKey; |
294
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
31 import java.security.interfaces.RSAPrivateKey; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
32 import java.security.spec.DSAPrivateKeySpec; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
33 import java.security.spec.DSAPublicKeySpec; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
34 import java.security.spec.ECParameterSpec; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
35 import java.security.spec.ECPoint; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
36 import java.security.spec.ECPrivateKeySpec; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
37 import java.security.spec.ECPublicKeySpec; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
38 import java.security.spec.InvalidKeySpecException; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
39 import java.security.spec.KeySpec; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
40 import java.security.spec.RSAPrivateCrtKeySpec; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
41 import java.security.spec.RSAPublicKeySpec; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
42 import java.util.Map; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
43 import java.util.Map.Entry; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
44 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
45 import ch.ethz.ssh2.AuthAgentCallback; |
344
b40bc65fa09a
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
307
diff
changeset
|
46 import ch.ethz.ssh2.crypto.SecureRandomFix; |
294
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
47 import ch.ethz.ssh2.log.Logger; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
48 import ch.ethz.ssh2.packets.TypesReader; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
49 import ch.ethz.ssh2.packets.TypesWriter; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
50 import ch.ethz.ssh2.signature.DSASHA1Verify; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
51 import ch.ethz.ssh2.signature.ECDSASHA2Verify; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
52 import ch.ethz.ssh2.signature.RSASHA1Verify; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
53 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
54 /** |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
55 * AuthAgentForwardThread. |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
56 * |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
57 * @author Kenny Root |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
58 * @version $Id$ |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
59 */ |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
60 public class AuthAgentForwardThread extends Thread implements IChannelWorkerThread { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
61 private static final byte[] SSH_AGENT_FAILURE = {0, 0, 0, 1, 5}; // 5 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
62 private static final byte[] SSH_AGENT_SUCCESS = {0, 0, 0, 1, 6}; // 6 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
63 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
64 private static final int SSH2_AGENTC_REQUEST_IDENTITIES = 11; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
65 private static final int SSH2_AGENT_IDENTITIES_ANSWER = 12; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
66 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
67 private static final int SSH2_AGENTC_SIGN_REQUEST = 13; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
68 private static final int SSH2_AGENT_SIGN_RESPONSE = 14; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
69 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
70 private static final int SSH2_AGENTC_ADD_IDENTITY = 17; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
71 private static final int SSH2_AGENTC_REMOVE_IDENTITY = 18; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
72 private static final int SSH2_AGENTC_REMOVE_ALL_IDENTITIES = 19; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
73 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
74 // private static final int SSH_AGENTC_ADD_SMARTCARD_KEY = 20; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
75 // private static final int SSH_AGENTC_REMOVE_SMARTCARD_KEY = 21; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
76 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
77 private static final int SSH_AGENTC_LOCK = 22; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
78 private static final int SSH_AGENTC_UNLOCK = 23; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
79 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
80 private static final int SSH2_AGENTC_ADD_ID_CONSTRAINED = 25; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
81 // private static final int SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED = 26; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
82 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
83 // Constraints for adding keys |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
84 private static final int SSH_AGENT_CONSTRAIN_LIFETIME = 1; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
85 private static final int SSH_AGENT_CONSTRAIN_CONFIRM = 2; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
86 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
87 // Flags for signature requests |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
88 // private static final int SSH_AGENT_OLD_SIGNATURE = 1; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
89 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
90 private static final Logger log = Logger.getLogger(RemoteAcceptThread.class); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
91 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
92 AuthAgentCallback authAgent; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
93 OutputStream os; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
94 InputStream is; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
95 Channel c; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
96 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
97 byte[] buffer = new byte[Channel.CHANNEL_BUFFER_SIZE]; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
98 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
99 public AuthAgentForwardThread(Channel c, AuthAgentCallback authAgent) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
100 this.c = c; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
101 this.authAgent = authAgent; |
295
deb5fb087b6f
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
294
diff
changeset
|
102 log.debug("AuthAgentForwardThread started"); |
294
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
103 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
104 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
105 @Override |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
106 public void run() { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
107 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
108 c.cm.registerThread(this); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
109 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
110 catch (IOException e) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
111 stopWorking(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
112 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
113 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
114 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
115 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
116 c.cm.sendOpenConfirmation(c); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
117 is = c.getStdoutStream(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
118 os = c.getStdinStream(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
119 int totalSize = 4; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
120 int readSoFar = 0; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
121 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
122 while (true) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
123 int len; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
124 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
125 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
126 len = is.read(buffer, readSoFar, buffer.length - readSoFar); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
127 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
128 catch (IOException e) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
129 stopWorking(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
130 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
131 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
132 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
133 if (len <= 0) |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
134 break; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
135 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
136 readSoFar += len; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
137 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
138 if (readSoFar >= 4) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
139 TypesReader tr = new TypesReader(buffer, 0, 4); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
140 totalSize = tr.readUINT32() + 4; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
141 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
142 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
143 if (totalSize == readSoFar) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
144 TypesReader tr = new TypesReader(buffer, 4, readSoFar - 4); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
145 int messageType = tr.readByte(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
146 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
147 switch (messageType) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
148 case SSH2_AGENTC_REQUEST_IDENTITIES: |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
149 sendIdentities(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
150 break; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
151 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
152 case SSH2_AGENTC_ADD_IDENTITY: |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
153 addIdentity(tr, false); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
154 break; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
155 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
156 case SSH2_AGENTC_ADD_ID_CONSTRAINED: |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
157 addIdentity(tr, true); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
158 break; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
159 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
160 case SSH2_AGENTC_REMOVE_IDENTITY: |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
161 removeIdentity(tr); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
162 break; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
163 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
164 case SSH2_AGENTC_REMOVE_ALL_IDENTITIES: |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
165 removeAllIdentities(tr); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
166 break; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
167 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
168 case SSH2_AGENTC_SIGN_REQUEST: |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
169 processSignRequest(tr); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
170 break; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
171 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
172 case SSH_AGENTC_LOCK: |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
173 processLockRequest(tr); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
174 break; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
175 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
176 case SSH_AGENTC_UNLOCK: |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
177 processUnlockRequest(tr); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
178 break; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
179 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
180 default: |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
181 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
182 break; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
183 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
184 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
185 readSoFar = 0; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
186 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
187 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
188 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
189 c.cm.closeChannel(c, "EOF on both streams reached.", true); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
190 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
191 catch (IOException e) { |
295
deb5fb087b6f
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
294
diff
changeset
|
192 log.debug("IOException in agent forwarder: " + e.getMessage()); |
294
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
193 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
194 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
195 is.close(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
196 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
197 catch (IOException e1) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
198 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
199 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
200 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
201 os.close(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
202 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
203 catch (IOException e2) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
204 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
205 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
206 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
207 c.cm.closeChannel(c, "IOException in agent forwarder (" + e.getMessage() + ")", true); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
208 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
209 catch (IOException e3) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
210 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
211 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
212 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
213 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
214 public void stopWorking() { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
215 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
216 /* This will lead to an IOException in the is.read() call */ |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
217 is.close(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
218 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
219 catch (IOException e) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
220 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
221 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
222 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
223 /** |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
224 * @return whether the agent is locked |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
225 */ |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
226 private boolean failWhenLocked() throws IOException { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
227 if (authAgent.isAgentLocked()) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
228 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
229 return true; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
230 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
231 else |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
232 return false; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
233 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
234 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
235 private void sendIdentities() throws IOException { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
236 Map<String, byte[]> keys = null; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
237 TypesWriter tw = new TypesWriter(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
238 tw.writeByte(SSH2_AGENT_IDENTITIES_ANSWER); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
239 int numKeys = 0; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
240 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
241 if (!authAgent.isAgentLocked()) |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
242 keys = authAgent.retrieveIdentities(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
243 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
244 if (keys != null) |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
245 numKeys = keys.size(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
246 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
247 tw.writeUINT32(numKeys); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
248 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
249 if (keys != null) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
250 for (Entry<String, byte[]> entry : keys.entrySet()) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
251 byte[] keyBytes = entry.getValue(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
252 tw.writeString(keyBytes, 0, keyBytes.length); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
253 tw.writeString(entry.getKey()); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
254 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
255 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
256 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
257 sendPacket(tw.getBytes()); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
258 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
259 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
260 /** |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
261 * @param tr |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
262 */ |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
263 private void addIdentity(TypesReader tr, boolean checkConstraints) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
264 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
265 if (failWhenLocked()) |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
266 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
267 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
268 String type = tr.readString(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
269 String comment; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
270 String keyType; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
271 KeySpec pubSpec; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
272 KeySpec privSpec; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
273 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
274 if (type.equals("ssh-rsa")) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
275 keyType = "RSA"; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
276 BigInteger n = tr.readMPINT(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
277 BigInteger e = tr.readMPINT(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
278 BigInteger d = tr.readMPINT(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
279 BigInteger iqmp = tr.readMPINT(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
280 BigInteger p = tr.readMPINT(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
281 BigInteger q = tr.readMPINT(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
282 comment = tr.readString(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
283 // Derive the extra values Java needs. |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
284 BigInteger dmp1 = d.mod(p.subtract(BigInteger.ONE)); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
285 BigInteger dmq1 = d.mod(q.subtract(BigInteger.ONE)); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
286 pubSpec = new RSAPublicKeySpec(n, e); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
287 privSpec = new RSAPrivateCrtKeySpec(n, e, d, p, q, dmp1, dmq1, iqmp); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
288 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
289 else if (type.equals("ssh-dss")) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
290 keyType = "DSA"; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
291 BigInteger p = tr.readMPINT(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
292 BigInteger q = tr.readMPINT(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
293 BigInteger g = tr.readMPINT(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
294 BigInteger y = tr.readMPINT(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
295 BigInteger x = tr.readMPINT(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
296 comment = tr.readString(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
297 pubSpec = new DSAPublicKeySpec(y, p, q, g); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
298 privSpec = new DSAPrivateKeySpec(x, p, q, g); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
299 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
300 else if (type.equals("ecdsa-sha2-nistp256")) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
301 keyType = "EC"; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
302 String curveName = tr.readString(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
303 byte[] groupBytes = tr.readByteString(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
304 BigInteger exponent = tr.readMPINT(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
305 comment = tr.readString(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
306 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
307 if (!"nistp256".equals(curveName)) { |
295
deb5fb087b6f
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
294
diff
changeset
|
308 log.debug("Invalid curve name for ecdsa-sha2-nistp256: " + curveName); |
294
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
309 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
310 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
311 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
312 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
313 ECParameterSpec nistp256 = ECDSASHA2Verify.EllipticCurves.nistp256; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
314 ECPoint group = ECDSASHA2Verify.decodeECPoint(groupBytes, nistp256.getCurve()); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
315 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
316 if (group == null) { |
300
349847b2e318
add ecdsa key support everywhere
Carl Byington <carl@five-ten-sg.com>
parents:
298
diff
changeset
|
317 log.debug("No groupfor ecdsa-sha2-nistp256: "); |
294
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
318 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
319 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
320 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
321 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
322 pubSpec = new ECPublicKeySpec(group, nistp256); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
323 privSpec = new ECPrivateKeySpec(exponent, nistp256); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
324 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
325 else { |
295
deb5fb087b6f
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
294
diff
changeset
|
326 log.debug("Unknown key type: " + type); |
294
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
327 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
328 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
329 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
330 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
331 PublicKey pubKey; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
332 PrivateKey privKey; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
333 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
334 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
335 KeyFactory kf = KeyFactory.getInstance(keyType); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
336 pubKey = kf.generatePublic(pubSpec); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
337 privKey = kf.generatePrivate(privSpec); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
338 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
339 catch (NoSuchAlgorithmException ex) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
340 // TODO: log error |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
341 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
342 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
343 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
344 catch (InvalidKeySpecException ex) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
345 // TODO: log error |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
346 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
347 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
348 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
349 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
350 KeyPair pair = new KeyPair(pubKey, privKey); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
351 boolean confirmUse = false; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
352 int lifetime = 0; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
353 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
354 if (checkConstraints) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
355 while (tr.remain() > 0) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
356 int constraint = tr.readByte(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
357 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
358 if (constraint == SSH_AGENT_CONSTRAIN_CONFIRM) |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
359 confirmUse = true; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
360 else if (constraint == SSH_AGENT_CONSTRAIN_LIFETIME) |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
361 lifetime = tr.readUINT32(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
362 else { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
363 // Unknown constraint. Bail. |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
364 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
365 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
366 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
367 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
368 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
369 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
370 if (authAgent.addIdentity(pair, comment, confirmUse, lifetime)) |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
371 os.write(SSH_AGENT_SUCCESS); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
372 else |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
373 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
374 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
375 catch (IOException e) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
376 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
377 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
378 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
379 catch (IOException e1) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
380 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
381 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
382 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
383 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
384 /** |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
385 * @param tr |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
386 */ |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
387 private void removeIdentity(TypesReader tr) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
388 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
389 if (failWhenLocked()) |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
390 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
391 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
392 byte[] publicKey = tr.readByteString(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
393 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
394 if (authAgent.removeIdentity(publicKey)) |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
395 os.write(SSH_AGENT_SUCCESS); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
396 else |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
397 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
398 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
399 catch (IOException e) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
400 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
401 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
402 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
403 catch (IOException e1) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
404 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
405 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
406 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
407 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
408 /** |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
409 * @param tr |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
410 */ |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
411 private void removeAllIdentities(TypesReader tr) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
412 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
413 if (failWhenLocked()) |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
414 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
415 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
416 if (authAgent.removeAllIdentities()) |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
417 os.write(SSH_AGENT_SUCCESS); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
418 else |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
419 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
420 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
421 catch (IOException e) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
422 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
423 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
424 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
425 catch (IOException e1) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
426 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
427 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
428 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
429 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
430 private void processSignRequest(TypesReader tr) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
431 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
432 if (failWhenLocked()) |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
433 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
434 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
435 byte[] publicKeyBytes = tr.readByteString(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
436 byte[] challenge = tr.readByteString(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
437 int flags = tr.readUINT32(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
438 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
439 if (flags != 0) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
440 // We don't understand any flags; abort! |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
441 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
442 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
443 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
444 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
445 KeyPair pair = authAgent.getKeyPair(publicKeyBytes); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
446 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
447 if (pair == null) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
448 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
449 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
450 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
451 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
452 byte[] response; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
453 PrivateKey privKey = pair.getPrivate(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
454 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
455 if (privKey instanceof RSAPrivateKey) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
456 byte[] signature = RSASHA1Verify.generateSignature(challenge, |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
457 (RSAPrivateKey) privKey); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
458 response = RSASHA1Verify.encodeSSHRSASignature(signature); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
459 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
460 else if (privKey instanceof DSAPrivateKey) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
461 byte[] signature = DSASHA1Verify.generateSignature(challenge, |
344
b40bc65fa09a
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
307
diff
changeset
|
462 (DSAPrivateKey) privKey, new SecureRandomFix()); |
303
a218d9cd725b
add ecdsa key support everywhere
Carl Byington <carl@five-ten-sg.com>
parents:
302
diff
changeset
|
463 response = DSASHA1Verify.encodeSSHDSASignature(signature); |
294
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
464 } |
298
ab3a99f11a36
add ecdsa key support everywhere
Carl Byington <carl@five-ten-sg.com>
parents:
295
diff
changeset
|
465 else if (privKey instanceof ECPrivateKey) { |
302
beaccc9df37b
add ecdsa key support everywhere
Carl Byington <carl@five-ten-sg.com>
parents:
300
diff
changeset
|
466 ECPrivateKey pk = (ECPrivateKey) privKey; |
304
abad243cb341
add ecdsa key support everywhere
Carl Byington <carl@five-ten-sg.com>
parents:
303
diff
changeset
|
467 byte[] signature = ECDSASHA2Verify.generateSignature(challenge, pk); |
abad243cb341
add ecdsa key support everywhere
Carl Byington <carl@five-ten-sg.com>
parents:
303
diff
changeset
|
468 response = ECDSASHA2Verify.encodeSSHECDSASignature(signature, pk.getParams()); |
298
ab3a99f11a36
add ecdsa key support everywhere
Carl Byington <carl@five-ten-sg.com>
parents:
295
diff
changeset
|
469 } |
294
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
470 else { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
471 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
472 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
473 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
474 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
475 TypesWriter tw = new TypesWriter(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
476 tw.writeByte(SSH2_AGENT_SIGN_RESPONSE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
477 tw.writeString(response, 0, response.length); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
478 sendPacket(tw.getBytes()); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
479 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
480 catch (IOException e) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
481 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
482 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
483 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
484 catch (IOException e1) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
485 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
486 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
487 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
488 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
489 /** |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
490 * @param tr |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
491 */ |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
492 private void processLockRequest(TypesReader tr) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
493 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
494 if (failWhenLocked()) |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
495 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
496 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
497 String lockPassphrase = tr.readString(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
498 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
499 if (!authAgent.setAgentLock(lockPassphrase)) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
500 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
501 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
502 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
503 else |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
504 os.write(SSH_AGENT_SUCCESS); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
505 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
506 catch (IOException e) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
507 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
508 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
509 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
510 catch (IOException e1) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
511 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
512 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
513 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
514 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
515 /** |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
516 * @param tr |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
517 */ |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
518 private void processUnlockRequest(TypesReader tr) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
519 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
520 String unlockPassphrase = tr.readString(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
521 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
522 if (authAgent.requestAgentUnlock(unlockPassphrase)) |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
523 os.write(SSH_AGENT_SUCCESS); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
524 else |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
525 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
526 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
527 catch (IOException e) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
528 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
529 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
530 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
531 catch (IOException e1) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
532 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
533 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
534 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
535 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
536 /** |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
537 * @param tw |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
538 * @throws IOException |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
539 */ |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
540 private void sendPacket(byte[] message) throws IOException { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
541 TypesWriter packet = new TypesWriter(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
542 packet.writeUINT32(message.length); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
543 packet.writeBytes(message); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
544 os.write(packet.getBytes()); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
545 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
546 } |