annotate src/ch/ethz/ssh2/channel/AuthAgentForwardThread.java @ 431:a0bff4b39512

Added tag stable-1.9.0-9 for changeset 47de9ffed872
author Carl Byington <carl@five-ten-sg.com>
date Fri, 26 Dec 2014 10:35:50 -0800
parents b40bc65fa09a
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
294
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1 /*
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
2 * ConnectBot: simple, powerful, open-source SSH client for Android
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
3 * Copyright 2007 Kenny Root, Jeffrey Sharkey
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
4 *
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
5 * Licensed under the Apache License, Version 2.0 (the "License");
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
6 * you may not use this file except in compliance with the License.
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
7 * You may obtain a copy of the License at
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
8 *
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
9 * http://www.apache.org/licenses/LICENSE-2.0
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
10 *
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
11 * Unless required by applicable law or agreed to in writing, software
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
12 * distributed under the License is distributed on an "AS IS" BASIS,
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
14 * See the License for the specific language governing permissions and
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
15 * limitations under the License.
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
16 */
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
17
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
18 package ch.ethz.ssh2.channel;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
19
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
20 import java.io.IOException;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
21 import java.io.InputStream;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
22 import java.io.OutputStream;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
23 import java.math.BigInteger;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
24 import java.security.KeyFactory;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
25 import java.security.KeyPair;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
26 import java.security.NoSuchAlgorithmException;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
27 import java.security.PrivateKey;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
28 import java.security.PublicKey;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
29 import java.security.interfaces.DSAPrivateKey;
302
beaccc9df37b add ecdsa key support everywhere
Carl Byington <carl@five-ten-sg.com>
parents: 300
diff changeset
30 import java.security.interfaces.ECPrivateKey;
294
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
31 import java.security.interfaces.RSAPrivateKey;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
32 import java.security.spec.DSAPrivateKeySpec;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
33 import java.security.spec.DSAPublicKeySpec;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
34 import java.security.spec.ECParameterSpec;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
35 import java.security.spec.ECPoint;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
36 import java.security.spec.ECPrivateKeySpec;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
37 import java.security.spec.ECPublicKeySpec;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
38 import java.security.spec.InvalidKeySpecException;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
39 import java.security.spec.KeySpec;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
40 import java.security.spec.RSAPrivateCrtKeySpec;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
41 import java.security.spec.RSAPublicKeySpec;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
42 import java.util.Map;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
43 import java.util.Map.Entry;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
44
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
45 import ch.ethz.ssh2.AuthAgentCallback;
344
b40bc65fa09a compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents: 307
diff changeset
46 import ch.ethz.ssh2.crypto.SecureRandomFix;
294
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
47 import ch.ethz.ssh2.log.Logger;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
48 import ch.ethz.ssh2.packets.TypesReader;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
49 import ch.ethz.ssh2.packets.TypesWriter;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
50 import ch.ethz.ssh2.signature.DSASHA1Verify;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
51 import ch.ethz.ssh2.signature.ECDSASHA2Verify;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
52 import ch.ethz.ssh2.signature.RSASHA1Verify;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
53
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
54 /**
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
55 * AuthAgentForwardThread.
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
56 *
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
57 * @author Kenny Root
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
58 * @version $Id$
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
59 */
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
60 public class AuthAgentForwardThread extends Thread implements IChannelWorkerThread {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
61 private static final byte[] SSH_AGENT_FAILURE = {0, 0, 0, 1, 5}; // 5
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
62 private static final byte[] SSH_AGENT_SUCCESS = {0, 0, 0, 1, 6}; // 6
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
63
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
64 private static final int SSH2_AGENTC_REQUEST_IDENTITIES = 11;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
65 private static final int SSH2_AGENT_IDENTITIES_ANSWER = 12;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
66
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
67 private static final int SSH2_AGENTC_SIGN_REQUEST = 13;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
68 private static final int SSH2_AGENT_SIGN_RESPONSE = 14;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
69
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
70 private static final int SSH2_AGENTC_ADD_IDENTITY = 17;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
71 private static final int SSH2_AGENTC_REMOVE_IDENTITY = 18;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
72 private static final int SSH2_AGENTC_REMOVE_ALL_IDENTITIES = 19;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
73
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
74 // private static final int SSH_AGENTC_ADD_SMARTCARD_KEY = 20;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
75 // private static final int SSH_AGENTC_REMOVE_SMARTCARD_KEY = 21;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
76
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
77 private static final int SSH_AGENTC_LOCK = 22;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
78 private static final int SSH_AGENTC_UNLOCK = 23;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
79
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
80 private static final int SSH2_AGENTC_ADD_ID_CONSTRAINED = 25;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
81 // private static final int SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED = 26;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
82
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
83 // Constraints for adding keys
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
84 private static final int SSH_AGENT_CONSTRAIN_LIFETIME = 1;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
85 private static final int SSH_AGENT_CONSTRAIN_CONFIRM = 2;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
86
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
87 // Flags for signature requests
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
88 // private static final int SSH_AGENT_OLD_SIGNATURE = 1;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
89
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
90 private static final Logger log = Logger.getLogger(RemoteAcceptThread.class);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
91
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
92 AuthAgentCallback authAgent;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
93 OutputStream os;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
94 InputStream is;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
95 Channel c;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
96
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
97 byte[] buffer = new byte[Channel.CHANNEL_BUFFER_SIZE];
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
98
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
99 public AuthAgentForwardThread(Channel c, AuthAgentCallback authAgent) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
100 this.c = c;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
101 this.authAgent = authAgent;
295
deb5fb087b6f start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 294
diff changeset
102 log.debug("AuthAgentForwardThread started");
294
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
103 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
104
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
105 @Override
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
106 public void run() {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
107 try {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
108 c.cm.registerThread(this);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
109 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
110 catch (IOException e) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
111 stopWorking();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
112 return;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
113 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
114
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
115 try {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
116 c.cm.sendOpenConfirmation(c);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
117 is = c.getStdoutStream();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
118 os = c.getStdinStream();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
119 int totalSize = 4;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
120 int readSoFar = 0;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
121
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
122 while (true) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
123 int len;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
124
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
125 try {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
126 len = is.read(buffer, readSoFar, buffer.length - readSoFar);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
127 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
128 catch (IOException e) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
129 stopWorking();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
130 return;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
131 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
132
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
133 if (len <= 0)
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
134 break;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
135
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
136 readSoFar += len;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
137
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
138 if (readSoFar >= 4) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
139 TypesReader tr = new TypesReader(buffer, 0, 4);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
140 totalSize = tr.readUINT32() + 4;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
141 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
142
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
143 if (totalSize == readSoFar) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
144 TypesReader tr = new TypesReader(buffer, 4, readSoFar - 4);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
145 int messageType = tr.readByte();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
146
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
147 switch (messageType) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
148 case SSH2_AGENTC_REQUEST_IDENTITIES:
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
149 sendIdentities();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
150 break;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
151
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
152 case SSH2_AGENTC_ADD_IDENTITY:
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
153 addIdentity(tr, false);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
154 break;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
155
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
156 case SSH2_AGENTC_ADD_ID_CONSTRAINED:
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
157 addIdentity(tr, true);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
158 break;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
159
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
160 case SSH2_AGENTC_REMOVE_IDENTITY:
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
161 removeIdentity(tr);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
162 break;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
163
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
164 case SSH2_AGENTC_REMOVE_ALL_IDENTITIES:
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
165 removeAllIdentities(tr);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
166 break;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
167
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
168 case SSH2_AGENTC_SIGN_REQUEST:
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
169 processSignRequest(tr);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
170 break;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
171
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
172 case SSH_AGENTC_LOCK:
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
173 processLockRequest(tr);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
174 break;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
175
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
176 case SSH_AGENTC_UNLOCK:
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
177 processUnlockRequest(tr);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
178 break;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
179
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
180 default:
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
181 os.write(SSH_AGENT_FAILURE);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
182 break;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
183 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
184
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
185 readSoFar = 0;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
186 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
187 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
188
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
189 c.cm.closeChannel(c, "EOF on both streams reached.", true);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
190 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
191 catch (IOException e) {
295
deb5fb087b6f start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 294
diff changeset
192 log.debug("IOException in agent forwarder: " + e.getMessage());
294
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
193
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
194 try {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
195 is.close();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
196 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
197 catch (IOException e1) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
198 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
199
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
200 try {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
201 os.close();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
202 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
203 catch (IOException e2) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
204 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
205
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
206 try {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
207 c.cm.closeChannel(c, "IOException in agent forwarder (" + e.getMessage() + ")", true);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
208 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
209 catch (IOException e3) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
210 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
211 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
212 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
213
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
214 public void stopWorking() {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
215 try {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
216 /* This will lead to an IOException in the is.read() call */
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
217 is.close();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
218 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
219 catch (IOException e) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
220 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
221 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
222
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
223 /**
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
224 * @return whether the agent is locked
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
225 */
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
226 private boolean failWhenLocked() throws IOException {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
227 if (authAgent.isAgentLocked()) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
228 os.write(SSH_AGENT_FAILURE);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
229 return true;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
230 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
231 else
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
232 return false;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
233 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
234
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
235 private void sendIdentities() throws IOException {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
236 Map<String, byte[]> keys = null;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
237 TypesWriter tw = new TypesWriter();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
238 tw.writeByte(SSH2_AGENT_IDENTITIES_ANSWER);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
239 int numKeys = 0;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
240
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
241 if (!authAgent.isAgentLocked())
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
242 keys = authAgent.retrieveIdentities();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
243
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
244 if (keys != null)
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
245 numKeys = keys.size();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
246
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
247 tw.writeUINT32(numKeys);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
248
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
249 if (keys != null) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
250 for (Entry<String, byte[]> entry : keys.entrySet()) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
251 byte[] keyBytes = entry.getValue();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
252 tw.writeString(keyBytes, 0, keyBytes.length);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
253 tw.writeString(entry.getKey());
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
254 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
255 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
256
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
257 sendPacket(tw.getBytes());
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
258 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
259
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
260 /**
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
261 * @param tr
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
262 */
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
263 private void addIdentity(TypesReader tr, boolean checkConstraints) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
264 try {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
265 if (failWhenLocked())
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
266 return;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
267
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
268 String type = tr.readString();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
269 String comment;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
270 String keyType;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
271 KeySpec pubSpec;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
272 KeySpec privSpec;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
273
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
274 if (type.equals("ssh-rsa")) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
275 keyType = "RSA";
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
276 BigInteger n = tr.readMPINT();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
277 BigInteger e = tr.readMPINT();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
278 BigInteger d = tr.readMPINT();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
279 BigInteger iqmp = tr.readMPINT();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
280 BigInteger p = tr.readMPINT();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
281 BigInteger q = tr.readMPINT();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
282 comment = tr.readString();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
283 // Derive the extra values Java needs.
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
284 BigInteger dmp1 = d.mod(p.subtract(BigInteger.ONE));
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
285 BigInteger dmq1 = d.mod(q.subtract(BigInteger.ONE));
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
286 pubSpec = new RSAPublicKeySpec(n, e);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
287 privSpec = new RSAPrivateCrtKeySpec(n, e, d, p, q, dmp1, dmq1, iqmp);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
288 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
289 else if (type.equals("ssh-dss")) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
290 keyType = "DSA";
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
291 BigInteger p = tr.readMPINT();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
292 BigInteger q = tr.readMPINT();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
293 BigInteger g = tr.readMPINT();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
294 BigInteger y = tr.readMPINT();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
295 BigInteger x = tr.readMPINT();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
296 comment = tr.readString();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
297 pubSpec = new DSAPublicKeySpec(y, p, q, g);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
298 privSpec = new DSAPrivateKeySpec(x, p, q, g);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
299 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
300 else if (type.equals("ecdsa-sha2-nistp256")) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
301 keyType = "EC";
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
302 String curveName = tr.readString();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
303 byte[] groupBytes = tr.readByteString();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
304 BigInteger exponent = tr.readMPINT();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
305 comment = tr.readString();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
306
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
307 if (!"nistp256".equals(curveName)) {
295
deb5fb087b6f start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 294
diff changeset
308 log.debug("Invalid curve name for ecdsa-sha2-nistp256: " + curveName);
294
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
309 os.write(SSH_AGENT_FAILURE);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
310 return;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
311 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
312
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
313 ECParameterSpec nistp256 = ECDSASHA2Verify.EllipticCurves.nistp256;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
314 ECPoint group = ECDSASHA2Verify.decodeECPoint(groupBytes, nistp256.getCurve());
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
315
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
316 if (group == null) {
300
349847b2e318 add ecdsa key support everywhere
Carl Byington <carl@five-ten-sg.com>
parents: 298
diff changeset
317 log.debug("No groupfor ecdsa-sha2-nistp256: ");
294
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
318 os.write(SSH_AGENT_FAILURE);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
319 return;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
320 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
321
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
322 pubSpec = new ECPublicKeySpec(group, nistp256);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
323 privSpec = new ECPrivateKeySpec(exponent, nistp256);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
324 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
325 else {
295
deb5fb087b6f start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 294
diff changeset
326 log.debug("Unknown key type: " + type);
294
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
327 os.write(SSH_AGENT_FAILURE);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
328 return;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
329 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
330
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
331 PublicKey pubKey;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
332 PrivateKey privKey;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
333
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
334 try {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
335 KeyFactory kf = KeyFactory.getInstance(keyType);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
336 pubKey = kf.generatePublic(pubSpec);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
337 privKey = kf.generatePrivate(privSpec);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
338 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
339 catch (NoSuchAlgorithmException ex) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
340 // TODO: log error
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
341 os.write(SSH_AGENT_FAILURE);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
342 return;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
343 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
344 catch (InvalidKeySpecException ex) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
345 // TODO: log error
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
346 os.write(SSH_AGENT_FAILURE);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
347 return;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
348 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
349
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
350 KeyPair pair = new KeyPair(pubKey, privKey);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
351 boolean confirmUse = false;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
352 int lifetime = 0;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
353
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
354 if (checkConstraints) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
355 while (tr.remain() > 0) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
356 int constraint = tr.readByte();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
357
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
358 if (constraint == SSH_AGENT_CONSTRAIN_CONFIRM)
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
359 confirmUse = true;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
360 else if (constraint == SSH_AGENT_CONSTRAIN_LIFETIME)
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
361 lifetime = tr.readUINT32();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
362 else {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
363 // Unknown constraint. Bail.
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
364 os.write(SSH_AGENT_FAILURE);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
365 return;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
366 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
367 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
368 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
369
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
370 if (authAgent.addIdentity(pair, comment, confirmUse, lifetime))
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
371 os.write(SSH_AGENT_SUCCESS);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
372 else
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
373 os.write(SSH_AGENT_FAILURE);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
374 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
375 catch (IOException e) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
376 try {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
377 os.write(SSH_AGENT_FAILURE);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
378 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
379 catch (IOException e1) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
380 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
381 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
382 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
383
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
384 /**
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
385 * @param tr
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
386 */
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
387 private void removeIdentity(TypesReader tr) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
388 try {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
389 if (failWhenLocked())
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
390 return;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
391
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
392 byte[] publicKey = tr.readByteString();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
393
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
394 if (authAgent.removeIdentity(publicKey))
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
395 os.write(SSH_AGENT_SUCCESS);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
396 else
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
397 os.write(SSH_AGENT_FAILURE);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
398 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
399 catch (IOException e) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
400 try {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
401 os.write(SSH_AGENT_FAILURE);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
402 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
403 catch (IOException e1) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
404 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
405 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
406 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
407
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
408 /**
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
409 * @param tr
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
410 */
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
411 private void removeAllIdentities(TypesReader tr) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
412 try {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
413 if (failWhenLocked())
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
414 return;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
415
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
416 if (authAgent.removeAllIdentities())
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
417 os.write(SSH_AGENT_SUCCESS);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
418 else
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
419 os.write(SSH_AGENT_FAILURE);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
420 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
421 catch (IOException e) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
422 try {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
423 os.write(SSH_AGENT_FAILURE);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
424 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
425 catch (IOException e1) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
426 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
427 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
428 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
429
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
430 private void processSignRequest(TypesReader tr) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
431 try {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
432 if (failWhenLocked())
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
433 return;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
434
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
435 byte[] publicKeyBytes = tr.readByteString();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
436 byte[] challenge = tr.readByteString();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
437 int flags = tr.readUINT32();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
438
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
439 if (flags != 0) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
440 // We don't understand any flags; abort!
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
441 os.write(SSH_AGENT_FAILURE);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
442 return;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
443 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
444
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
445 KeyPair pair = authAgent.getKeyPair(publicKeyBytes);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
446
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
447 if (pair == null) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
448 os.write(SSH_AGENT_FAILURE);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
449 return;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
450 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
451
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
452 byte[] response;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
453 PrivateKey privKey = pair.getPrivate();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
454
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
455 if (privKey instanceof RSAPrivateKey) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
456 byte[] signature = RSASHA1Verify.generateSignature(challenge,
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
457 (RSAPrivateKey) privKey);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
458 response = RSASHA1Verify.encodeSSHRSASignature(signature);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
459 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
460 else if (privKey instanceof DSAPrivateKey) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
461 byte[] signature = DSASHA1Verify.generateSignature(challenge,
344
b40bc65fa09a compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents: 307
diff changeset
462 (DSAPrivateKey) privKey, new SecureRandomFix());
303
a218d9cd725b add ecdsa key support everywhere
Carl Byington <carl@five-ten-sg.com>
parents: 302
diff changeset
463 response = DSASHA1Verify.encodeSSHDSASignature(signature);
294
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
464 }
298
ab3a99f11a36 add ecdsa key support everywhere
Carl Byington <carl@five-ten-sg.com>
parents: 295
diff changeset
465 else if (privKey instanceof ECPrivateKey) {
302
beaccc9df37b add ecdsa key support everywhere
Carl Byington <carl@five-ten-sg.com>
parents: 300
diff changeset
466 ECPrivateKey pk = (ECPrivateKey) privKey;
304
abad243cb341 add ecdsa key support everywhere
Carl Byington <carl@five-ten-sg.com>
parents: 303
diff changeset
467 byte[] signature = ECDSASHA2Verify.generateSignature(challenge, pk);
abad243cb341 add ecdsa key support everywhere
Carl Byington <carl@five-ten-sg.com>
parents: 303
diff changeset
468 response = ECDSASHA2Verify.encodeSSHECDSASignature(signature, pk.getParams());
298
ab3a99f11a36 add ecdsa key support everywhere
Carl Byington <carl@five-ten-sg.com>
parents: 295
diff changeset
469 }
294
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
470 else {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
471 os.write(SSH_AGENT_FAILURE);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
472 return;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
473 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
474
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
475 TypesWriter tw = new TypesWriter();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
476 tw.writeByte(SSH2_AGENT_SIGN_RESPONSE);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
477 tw.writeString(response, 0, response.length);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
478 sendPacket(tw.getBytes());
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
479 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
480 catch (IOException e) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
481 try {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
482 os.write(SSH_AGENT_FAILURE);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
483 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
484 catch (IOException e1) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
485 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
486 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
487 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
488
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
489 /**
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
490 * @param tr
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
491 */
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
492 private void processLockRequest(TypesReader tr) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
493 try {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
494 if (failWhenLocked())
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
495 return;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
496
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
497 String lockPassphrase = tr.readString();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
498
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
499 if (!authAgent.setAgentLock(lockPassphrase)) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
500 os.write(SSH_AGENT_FAILURE);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
501 return;
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
502 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
503 else
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
504 os.write(SSH_AGENT_SUCCESS);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
505 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
506 catch (IOException e) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
507 try {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
508 os.write(SSH_AGENT_FAILURE);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
509 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
510 catch (IOException e1) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
511 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
512 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
513 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
514
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
515 /**
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
516 * @param tr
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
517 */
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
518 private void processUnlockRequest(TypesReader tr) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
519 try {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
520 String unlockPassphrase = tr.readString();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
521
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
522 if (authAgent.requestAgentUnlock(unlockPassphrase))
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
523 os.write(SSH_AGENT_SUCCESS);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
524 else
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
525 os.write(SSH_AGENT_FAILURE);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
526 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
527 catch (IOException e) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
528 try {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
529 os.write(SSH_AGENT_FAILURE);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
530 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
531 catch (IOException e1) {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
532 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
533 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
534 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
535
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
536 /**
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
537 * @param tw
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
538 * @throws IOException
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
539 */
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
540 private void sendPacket(byte[] message) throws IOException {
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
541 TypesWriter packet = new TypesWriter();
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
542 packet.writeUINT32(message.length);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
543 packet.writeBytes(message);
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
544 os.write(packet.getBytes());
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
545 }
c41a399da303 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
546 }