510Connectbot: src/ch/ethz/ssh2/KnownHosts.java annotate

annotate src/ch/ethz/ssh2/KnownHosts.java @ 298:ab3a99f11a36 ganymed

add ecdsa key support everywhere

author	Carl Byington <carl@five-ten-sg.com>
date	Tue, 29 Jul 2014 18:01:08 -0700
parents	db9b028016de
children	4c3a4e88c027

rev	line source
273 91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	1 /*
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	2 * Copyright (c) 2006-2011 Christian Plattner. All rights reserved.
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	3 * Please refer to the LICENSE.txt for licensing details.
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	4 */
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	5
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	6 package ch.ethz.ssh2;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	7
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	8 import java.io.BufferedReader;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	9 import java.io.CharArrayReader;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	10 import java.io.CharArrayWriter;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	11 import java.io.File;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	12 import java.io.FileReader;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	13 import java.io.IOException;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	14 import java.io.RandomAccessFile;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	15 import java.net.InetAddress;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	16 import java.net.UnknownHostException;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	17 import java.security.DigestException;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	18 import java.security.SecureRandom;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	19 import java.util.ArrayList;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	20 import java.util.LinkedList;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	21 import java.util.List;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	22
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	23 import ch.ethz.ssh2.crypto.Base64;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	24 import ch.ethz.ssh2.crypto.digest.Digest;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	25 import ch.ethz.ssh2.crypto.digest.HMAC;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	26 import ch.ethz.ssh2.crypto.digest.MD5;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	27 import ch.ethz.ssh2.crypto.digest.SHA1;
286 4656869af8fe start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: 285 diff changeset	28 import java.security.KeyPair;
4656869af8fe start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: 285 diff changeset	29 import java.security.PrivateKey;
285 486df527ddc5 start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: 284 diff changeset	30 import java.security.PublicKey;
278 d7e088fa2123 start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: 273 diff changeset	31 import java.security.interfaces.DSAPublicKey;
285 486df527ddc5 start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: 284 diff changeset	32 import java.security.interfaces.ECPublicKey;
486df527ddc5 start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: 284 diff changeset	33 import java.security.interfaces.RSAPublicKey;
273 91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	34 import ch.ethz.ssh2.signature.DSASHA1Verify;
285 486df527ddc5 start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: 284 diff changeset	35 import ch.ethz.ssh2.signature.ECDSASHA2Verify;
273 91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	36 import ch.ethz.ssh2.signature.RSASHA1Verify;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	37 import ch.ethz.ssh2.util.StringEncoder;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	38
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	39 /**
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	40 * The <code>KnownHosts</code> class is a handy tool to verify received server hostkeys
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	41 * based on the information in <code>known_hosts</code> files (the ones used by OpenSSH).
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	42 * <p/>
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	43 * It offers basically an in-memory database for known_hosts entries, as well as some
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	44 * helper functions. Entries from a <code>known_hosts</code> file can be loaded at construction time.
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	45 * It is also possible to add more keys later (e.g., one can parse different
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	46 * <code>known_hosts<code> files).
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	47 * <p/>
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	48 * It is a thread safe implementation, therefore, you need only to instantiate one
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	49 * <code>KnownHosts</code> for your whole application.
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	50 *
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	51 * @author Christian Plattner
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	52 * @version $Id: KnownHosts.java 152 2014-04-28 11:02:23Z dkocher@sudo.ch $
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	53 */
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	54
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	55 public class KnownHosts {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	56 public static final int HOSTKEY_IS_OK = 0;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	57 public static final int HOSTKEY_IS_NEW = 1;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	58 public static final int HOSTKEY_HAS_CHANGED = 2;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	59
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	60 private class KnownHostsEntry {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	61 String[] patterns;
286 4656869af8fe start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: 285 diff changeset	62 PublicKey key;
273 91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	63
286 4656869af8fe start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: 285 diff changeset	64 KnownHostsEntry(String[] patterns, PublicKey key) {
273 91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	65 this.patterns = patterns;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	66 this.key = key;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	67 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	68 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	69
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	70 private final LinkedList<KnownHostsEntry> publicKeys = new LinkedList<KnownHosts.KnownHostsEntry>();
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	71
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	72 public KnownHosts() {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	73 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	74
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	75 public KnownHosts(char[] knownHostsData) throws IOException {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	76 initialize(knownHostsData);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	77 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	78
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	79 public KnownHosts(String knownHosts) throws IOException {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	80 initialize(new File(knownHosts));
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	81 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	82
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	83 public KnownHosts(File knownHosts) throws IOException {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	84 initialize(knownHosts);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	85 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	86
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	87 /**
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	88 * Adds a single public key entry to the database. Note: this will NOT add the public key
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	89 * to any physical file (e.g., "~/.ssh/known_hosts") - use <code>addHostkeyToFile()</code> for that purpose.
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	90 * This method is designed to be used in a {@link ServerHostKeyVerifier}.
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	91 *
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	92 * @param hostnames a list of hostname patterns - at least one most be specified. Check out the
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	93 * OpenSSH sshd man page for a description of the pattern matching algorithm.
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	94 * @param serverHostKeyAlgorithm as passed to the {@link ServerHostKeyVerifier}.
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	95 * @param serverHostKey as passed to the {@link ServerHostKeyVerifier}.
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	96 * @throws IOException
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	97 */
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	98 public void addHostkey(String hostnames[], String serverHostKeyAlgorithm, byte[] serverHostKey) throws IOException {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	99 if(hostnames == null) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	100 throw new IllegalArgumentException("hostnames may not be null");
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	101 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	102
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	103 if("ssh-rsa".equals(serverHostKeyAlgorithm)) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	104 RSAPublicKey rpk = RSASHA1Verify.decodeSSHRSAPublicKey(serverHostKey);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	105
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	106 synchronized(publicKeys) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	107 publicKeys.add(new KnownHostsEntry(hostnames, rpk));
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	108 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	109 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	110 else if("ssh-dss".equals(serverHostKeyAlgorithm)) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	111 DSAPublicKey dpk = DSASHA1Verify.decodeSSHDSAPublicKey(serverHostKey);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	112
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	113 synchronized(publicKeys) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	114 publicKeys.add(new KnownHostsEntry(hostnames, dpk));
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	115 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	116 }
298 ab3a99f11a36 add ecdsa key support everywhere Carl Byington <carl@five-ten-sg.com> parents: 287 diff changeset	117 else if (serverHostKeyAlgorithm.startsWith("ecdsa-")) {
ab3a99f11a36 add ecdsa key support everywhere Carl Byington <carl@five-ten-sg.com> parents: 287 diff changeset	118 ECPublicKey epk = ECDSASHA2Verify.decodeSSHECDSAPublicKey(serverHostKey);
ab3a99f11a36 add ecdsa key support everywhere Carl Byington <carl@five-ten-sg.com> parents: 287 diff changeset	119
ab3a99f11a36 add ecdsa key support everywhere Carl Byington <carl@five-ten-sg.com> parents: 287 diff changeset	120 synchronized(publicKeys) {
ab3a99f11a36 add ecdsa key support everywhere Carl Byington <carl@five-ten-sg.com> parents: 287 diff changeset	121 publicKeys.add(new KnownHostsEntry(hostnames, epk));
ab3a99f11a36 add ecdsa key support everywhere Carl Byington <carl@five-ten-sg.com> parents: 287 diff changeset	122 }
ab3a99f11a36 add ecdsa key support everywhere Carl Byington <carl@five-ten-sg.com> parents: 287 diff changeset	123 }
273 91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	124 else {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	125 throw new IOException(String.format("Unknown host key type %s", serverHostKeyAlgorithm));
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	126 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	127 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	128
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	129 /**
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	130 * Parses the given known_hosts data and adds entries to the database.
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	131 *
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	132 * @param knownHostsData
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	133 * @throws IOException
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	134 */
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	135 public void addHostkeys(char[] knownHostsData) throws IOException {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	136 initialize(knownHostsData);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	137 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	138
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	139 /**
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	140 * Parses the given known_hosts file and adds entries to the database.
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	141 *
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	142 * @param knownHosts
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	143 * @throws IOException
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	144 */
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	145 public void addHostkeys(File knownHosts) throws IOException {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	146 initialize(knownHosts);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	147 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	148
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	149 /**
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	150 * Generate the hashed representation of the given hostname. Useful for adding entries
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	151 * with hashed hostnames to a known_hosts file. (see -H option of OpenSSH key-gen).
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	152 *
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	153 * @param hostname
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	154 * @return the hashed representation, e.g., "\|1\|cDhrv7zwEUV3k71CEPHnhHZezhA=\|Xo+2y6rUXo2OIWRAYhBOIijbJMA="
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	155 */
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	156 public static String createHashedHostname(String hostname) throws IOException {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	157 SHA1 sha1 = new SHA1();
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	158
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	159 byte[] salt = new byte[sha1.getDigestLength()];
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	160
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	161 new SecureRandom().nextBytes(salt);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	162
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	163 byte[] hash;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	164 try {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	165 hash = hmacSha1Hash(salt, hostname);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	166 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	167 catch(IOException e) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	168 throw new IOException(e);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	169 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	170
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	171 String base64_salt = new String(Base64.encode(salt));
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	172 String base64_hash = new String(Base64.encode(hash));
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	173
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	174 return String.format("\|1\|%s\|%s", base64_salt, base64_hash);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	175 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	176
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	177 private static byte[] hmacSha1Hash(byte[] salt, String hostname) throws IOException {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	178 SHA1 sha1 = new SHA1();
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	179
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	180 if(salt.length != sha1.getDigestLength()) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	181 throw new IllegalArgumentException("Salt has wrong length (" + salt.length + ")");
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	182 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	183 try {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	184 HMAC hmac = new HMAC(sha1, salt, salt.length);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	185
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	186 hmac.update(StringEncoder.GetBytes(hostname));
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	187
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	188 byte[] dig = new byte[hmac.getDigestLength()];
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	189
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	190 hmac.digest(dig);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	191
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	192 return dig;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	193 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	194 catch(DigestException e) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	195 throw new IOException(e);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	196 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	197 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	198
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	199 private boolean checkHashed(String entry, String hostname) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	200 if(entry.startsWith("\|1\|") == false) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	201 return false;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	202 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	203
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	204 int delim_idx = entry.indexOf('\|', 3);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	205
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	206 if(delim_idx == -1) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	207 return false;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	208 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	209
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	210 String salt_base64 = entry.substring(3, delim_idx);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	211 String hash_base64 = entry.substring(delim_idx + 1);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	212
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	213 byte[] salt;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	214 byte[] hash;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	215
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	216 try {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	217 salt = Base64.decode(salt_base64.toCharArray());
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	218 hash = Base64.decode(hash_base64.toCharArray());
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	219 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	220 catch(IOException e) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	221 return false;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	222 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	223
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	224 SHA1 sha1 = new SHA1();
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	225
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	226 if(salt.length != sha1.getDigestLength()) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	227 return false;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	228 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	229
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	230 byte[] dig = new byte[0];
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	231 try {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	232 dig = hmacSha1Hash(salt, hostname);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	233 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	234 catch(IOException e) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	235 return false;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	236 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	237
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	238 for(int i = 0; i < dig.length; i++) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	239 if(dig[i] != hash[i]) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	240 return false;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	241 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	242 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	243
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	244 return true;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	245 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	246
286 4656869af8fe start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: 285 diff changeset	247 private int checkKey(String remoteHostname, PublicKey remoteKey) {
273 91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	248 int result = HOSTKEY_IS_NEW;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	249
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	250 synchronized(publicKeys) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	251 for(KnownHostsEntry ke : publicKeys) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	252 if(hostnameMatches(ke.patterns, remoteHostname) == false) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	253 continue;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	254 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	255
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	256 boolean res = matchKeys(ke.key, remoteKey);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	257
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	258 if(res == true) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	259 return HOSTKEY_IS_OK;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	260 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	261
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	262 result = HOSTKEY_HAS_CHANGED;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	263 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	264 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	265 return result;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	266 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	267
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	268 private List<Object> getAllKeys(String hostname) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	269 List<Object> keys = new ArrayList<Object>();
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	270
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	271 synchronized(publicKeys) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	272 for(KnownHostsEntry ke : publicKeys) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	273 if(hostnameMatches(ke.patterns, hostname) == false) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	274 continue;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	275 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	276
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	277 keys.add(ke.key);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	278 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	279 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	280
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	281 return keys;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	282 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	283
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	284 /**
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	285 * Try to find the preferred order of hostkey algorithms for the given hostname.
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	286 * Based on the type of hostkey that is present in the internal database
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	287 * (i.e., either <code>ssh-rsa</code> or <code>ssh-dss</code>)
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	288 * an ordered list of hostkey algorithms is returned which can be passed
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	289 * to <code>Connection.setServerHostKeyAlgorithms</code>.
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	290 *
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	291 * @param hostname
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	292 * @return <code>null</code> if no key for the given hostname is present or
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	293 * there are keys of multiple types present for the given hostname. Otherwise,
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	294 * an array with hostkey algorithms is returned (i.e., an array of length 2).
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	295 */
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	296 public String[] getPreferredServerHostkeyAlgorithmOrder(String hostname) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	297 String[] algos = recommendHostkeyAlgorithms(hostname);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	298
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	299 if(algos != null) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	300 return algos;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	301 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	302
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	303 InetAddress[] ipAdresses;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	304
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	305 try {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	306 ipAdresses = InetAddress.getAllByName(hostname);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	307 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	308 catch(UnknownHostException e) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	309 return null;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	310 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	311
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	312 for(int i = 0; i < ipAdresses.length; i++) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	313 algos = recommendHostkeyAlgorithms(ipAdresses[i].getHostAddress());
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	314
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	315 if(algos != null) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	316 return algos;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	317 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	318 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	319
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	320 return null;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	321 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	322
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	323 private boolean hostnameMatches(String[] hostpatterns, String hostname) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	324 boolean isMatch = false;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	325 boolean negate;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	326
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	327 hostname = hostname.toLowerCase();
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	328
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	329 for(int k = 0; k < hostpatterns.length; k++) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	330 if(hostpatterns[k] == null) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	331 continue;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	332 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	333
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	334 String pattern;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	335
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	336 /* In contrast to OpenSSH we also allow negated hash entries (as well as hashed
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	337 * entries in lines with multiple entries).
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	338 */
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	339
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	340 if((hostpatterns[k].length() > 0) && (hostpatterns[k].charAt(0) == '!')) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	341 pattern = hostpatterns[k].substring(1);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	342 negate = true;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	343 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	344 else {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	345 pattern = hostpatterns[k];
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	346 negate = false;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	347 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	348
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	349 /* Optimize, no need to check this entry */
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	350
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	351 if((isMatch) && (negate == false)) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	352 continue;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	353 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	354
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	355 /* Now compare */
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	356
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	357 if(pattern.charAt(0) == '\|') {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	358 if(checkHashed(pattern, hostname)) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	359 if(negate) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	360 return false;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	361 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	362 isMatch = true;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	363 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	364 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	365 else {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	366 pattern = pattern.toLowerCase();
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	367
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	368 if((pattern.indexOf('?') != -1) \|\| (pattern.indexOf('*') != -1)) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	369 if(pseudoRegex(pattern.toCharArray(), 0, hostname.toCharArray(), 0)) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	370 if(negate) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	371 return false;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	372 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	373 isMatch = true;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	374 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	375 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	376 else if(pattern.compareTo(hostname) == 0) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	377 if(negate) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	378 return false;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	379 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	380 isMatch = true;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	381 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	382 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	383 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	384
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	385 return isMatch;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	386 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	387
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	388 private void initialize(char[] knownHostsData) throws IOException {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	389 BufferedReader br = new BufferedReader(new CharArrayReader(knownHostsData));
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	390
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	391 while(true) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	392 String line = br.readLine();
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	393
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	394 if(line == null) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	395 break;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	396 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	397
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	398 line = line.trim();
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	399
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	400 if(line.startsWith("#")) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	401 continue;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	402 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	403
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	404 String[] arr = line.split(" ");
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	405
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	406 if(arr.length >= 3) {
298 ab3a99f11a36 add ecdsa key support everywhere Carl Byington <carl@five-ten-sg.com> parents: 287 diff changeset	407 if((arr[1].compareTo("ssh-rsa") == 0) \|\|
ab3a99f11a36 add ecdsa key support everywhere Carl Byington <carl@five-ten-sg.com> parents: 287 diff changeset	408 (arr[1].compareTo("ssh-dss") == 0) \|\|
ab3a99f11a36 add ecdsa key support everywhere Carl Byington <carl@five-ten-sg.com> parents: 287 diff changeset	409 (arr[1].startsWith("ecdsa-sha2-") == 0)) {
273 91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	410 String[] hostnames = arr[0].split(",");
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	411
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	412 byte[] msg = Base64.decode(arr[2].toCharArray());
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	413
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	414 try {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	415 addHostkey(hostnames, arr[1], msg);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	416 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	417 catch(IOException e) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	418 continue;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	419 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	420 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	421 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	422 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	423 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	424
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	425 private void initialize(File knownHosts) throws IOException {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	426 char[] buff = new char[512];
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	427
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	428 CharArrayWriter cw = new CharArrayWriter();
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	429
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	430 knownHosts.createNewFile();
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	431
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	432 FileReader fr = new FileReader(knownHosts);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	433
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	434 while(true) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	435 int len = fr.read(buff);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	436 if(len < 0) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	437 break;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	438 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	439 cw.write(buff, 0, len);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	440 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	441
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	442 fr.close();
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	443
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	444 initialize(cw.toCharArray());
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	445 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	446
284 4ec87de11e71 start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: 278 diff changeset	447 private final boolean matchKeys(PublicKey key1, PublicKey key2) {
4ec87de11e71 start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: 278 diff changeset	448 return key1.equals(key2);
273 91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	449 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	450
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	451 private boolean pseudoRegex(char[] pattern, int i, char[] match, int j) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	452 /* This matching logic is equivalent to the one present in OpenSSH 4.1 */
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	453
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	454 while(true) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	455 /* Are we at the end of the pattern? */
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	456
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	457 if(pattern.length == i) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	458 return (match.length == j);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	459 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	460
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	461 if(pattern[i] == '*') {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	462 i++;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	463
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	464 if(pattern.length == i) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	465 return true;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	466 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	467
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	468 if((pattern[i] != '*') && (pattern[i] != '?')) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	469 while(true) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	470 if((pattern[i] == match[j]) && pseudoRegex(pattern, i + 1, match, j + 1)) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	471 return true;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	472 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	473 j++;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	474 if(match.length == j) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	475 return false;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	476 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	477 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	478 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	479
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	480 while(true) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	481 if(pseudoRegex(pattern, i, match, j)) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	482 return true;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	483 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	484 j++;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	485 if(match.length == j) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	486 return false;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	487 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	488 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	489 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	490
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	491 if(match.length == j) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	492 return false;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	493 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	494
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	495 if((pattern[i] != '?') && (pattern[i] != match[j])) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	496 return false;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	497 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	498
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	499 i++;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	500 j++;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	501 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	502 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	503
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	504 private String[] recommendHostkeyAlgorithms(String hostname) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	505 String preferredAlgo = null;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	506
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	507 List<Object> keys = getAllKeys(hostname);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	508
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	509 for(Object key : keys) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	510 String thisAlgo;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	511
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	512 if(key instanceof RSAPublicKey) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	513 thisAlgo = "ssh-rsa";
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	514 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	515 else if(key instanceof DSAPublicKey) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	516 thisAlgo = "ssh-dss";
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	517 }
298 ab3a99f11a36 add ecdsa key support everywhere Carl Byington <carl@five-ten-sg.com> parents: 287 diff changeset	518 else if (key instanceof ECPublicKey) {
ab3a99f11a36 add ecdsa key support everywhere Carl Byington <carl@five-ten-sg.com> parents: 287 diff changeset	519 ECPublicKey ecPub = (ECPublicKey) pk;
ab3a99f11a36 add ecdsa key support everywhere Carl Byington <carl@five-ten-sg.com> parents: 287 diff changeset	520 String keyType = ECDSASHA2Verify.getCurveName(ecPub.getParams().getCurve().getField().getFieldSize());
ab3a99f11a36 add ecdsa key support everywhere Carl Byington <carl@five-ten-sg.com> parents: 287 diff changeset	521 thisAlgo = ECDSASHA2Verify.ECDSA_SHA2_PREFIX + keyType;
ab3a99f11a36 add ecdsa key support everywhere Carl Byington <carl@five-ten-sg.com> parents: 287 diff changeset	522 }
273 91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	523 else {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	524 continue;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	525 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	526
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	527 if(preferredAlgo != null) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	528 /* If we find different key types, then return null */
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	529
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	530 if(preferredAlgo.compareTo(thisAlgo) != 0) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	531 return null;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	532 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	533 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	534 else {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	535 preferredAlgo = thisAlgo;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	536 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	537 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	538
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	539 /* If we did not find anything that we know of, return null */
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	540
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	541 if(preferredAlgo == null) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	542 return null;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	543 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	544
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	545 /* Now put the preferred algo to the start of the array.
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	546 * You may ask yourself why we do it that way - basically, we could just
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	547 * return only the preferred algorithm: since we have a saved key of that
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	548 * type (sent earlier from the remote host), then that should work out.
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	549 * However, imagine that the server is (for whatever reasons) not offering
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	550 * that type of hostkey anymore (e.g., "ssh-rsa" was disabled and
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	551 * now "ssh-dss" is being used). If we then do not let the server send us
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	552 * a fresh key of the new type, then we shoot ourself into the foot:
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	553 * the connection cannot be established and hence the user cannot decide
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	554 * if he/she wants to accept the new key.
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	555 */
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	556
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	557 if(preferredAlgo.equals("ssh-rsa")) {
298 ab3a99f11a36 add ecdsa key support everywhere Carl Byington <carl@five-ten-sg.com> parents: 287 diff changeset	558 return new String[]{"ssh-rsa", "ssh-dss", "ecdsa-sha2-nistp256"};
273 91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	559 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	560
298 ab3a99f11a36 add ecdsa key support everywhere Carl Byington <carl@five-ten-sg.com> parents: 287 diff changeset	561 return new String[]{"ssh-dss", "ssh-rsa", "ecdsa-sha2-nistp256"};
273 91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	562 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	563
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	564 /**
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	565 * Checks the internal hostkey database for the given hostkey.
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	566 * If no matching key can be found, then the hostname is resolved to an IP address
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	567 * and the search is repeated using that IP address.
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	568 *
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	569 * @param hostname the server's hostname, will be matched with all hostname patterns
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	570 * @param serverHostKeyAlgorithm type of hostkey, either <code>ssh-rsa</code> or <code>ssh-dss</code>
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	571 * @param serverHostKey the key blob
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	572 * @return <ul>
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	573 * <li><code>HOSTKEY_IS_OK</code>: the given hostkey matches an entry for the given hostname</li>
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	574 * <li><code>HOSTKEY_IS_NEW</code>: no entries found for this hostname and this type of hostkey</li>
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	575 * <li><code>HOSTKEY_HAS_CHANGED</code>: hostname is known, but with another key of the same type
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	576 * (man-in-the-middle attack?)</li>
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	577 * </ul>
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	578 * @throws IOException if the supplied key blob cannot be parsed or does not match the given hostkey type.
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	579 */
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	580 public int verifyHostkey(String hostname, String serverHostKeyAlgorithm, byte[] serverHostKey) throws IOException {
287 db9b028016de start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: 286 diff changeset	581 PublicKey remoteKey;
273 91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	582
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	583 if("ssh-rsa".equals(serverHostKeyAlgorithm)) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	584 remoteKey = RSASHA1Verify.decodeSSHRSAPublicKey(serverHostKey);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	585 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	586 else if("ssh-dss".equals(serverHostKeyAlgorithm)) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	587 remoteKey = DSASHA1Verify.decodeSSHDSAPublicKey(serverHostKey);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	588 }
287 db9b028016de start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: 286 diff changeset	589 else if (serverHostKeyAlgorithm.startsWith("ecdsa-sha2-")) {
db9b028016de start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: 286 diff changeset	590 remoteKey = ECDSASHA2Verify.decodeSSHECDSAPublicKey(serverHostKey);
db9b028016de start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: 286 diff changeset	591 }
273 91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	592 else {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	593 throw new IllegalArgumentException("Unknown hostkey type " + serverHostKeyAlgorithm);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	594 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	595
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	596 int result = checkKey(hostname, remoteKey);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	597
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	598 if(result == HOSTKEY_IS_OK) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	599 return result;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	600 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	601
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	602 InetAddress[] ipAdresses;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	603
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	604 try {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	605 ipAdresses = InetAddress.getAllByName(hostname);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	606 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	607 catch(UnknownHostException e) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	608 return result;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	609 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	610
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	611 for(int i = 0; i < ipAdresses.length; i++) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	612 int newresult = checkKey(ipAdresses[i].getHostAddress(), remoteKey);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	613
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	614 if(newresult == HOSTKEY_IS_OK) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	615 return newresult;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	616 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	617
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	618 if(newresult == HOSTKEY_HAS_CHANGED) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	619 result = HOSTKEY_HAS_CHANGED;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	620 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	621 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	622
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	623 return result;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	624 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	625
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	626 /**
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	627 * Adds a single public key entry to the a known_hosts file.
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	628 * This method is designed to be used in a {@link ServerHostKeyVerifier}.
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	629 *
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	630 * @param knownHosts the file where the publickey entry will be appended.
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	631 * @param hostnames a list of hostname patterns - at least one most be specified. Check out the
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	632 * OpenSSH sshd man page for a description of the pattern matching algorithm.
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	633 * @param serverHostKeyAlgorithm as passed to the {@link ServerHostKeyVerifier}.
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	634 * @param serverHostKey as passed to the {@link ServerHostKeyVerifier}.
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	635 * @throws IOException
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	636 */
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	637 public static void addHostkeyToFile(File knownHosts, String[] hostnames, String serverHostKeyAlgorithm,
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	638 byte[] serverHostKey) throws IOException {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	639 if((hostnames == null) \|\| (hostnames.length == 0)) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	640 throw new IllegalArgumentException("Need at least one hostname specification");
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	641 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	642
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	643 if((serverHostKeyAlgorithm == null) \|\| (serverHostKey == null)) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	644 throw new IllegalArgumentException();
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	645 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	646
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	647 CharArrayWriter writer = new CharArrayWriter();
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	648
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	649 for(int i = 0; i < hostnames.length; i++) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	650 if(i != 0) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	651 writer.write(',');
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	652 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	653 writer.write(hostnames[i]);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	654 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	655
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	656 writer.write(' ');
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	657 writer.write(serverHostKeyAlgorithm);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	658 writer.write(' ');
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	659 writer.write(Base64.encode(serverHostKey));
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	660 writer.write("\n");
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	661
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	662 char[] entry = writer.toCharArray();
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	663
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	664 RandomAccessFile raf = new RandomAccessFile(knownHosts, "rw");
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	665
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	666 long len = raf.length();
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	667
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	668 if(len > 0) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	669 raf.seek(len - 1);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	670 int last = raf.read();
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	671 if(last != '\n') {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	672 raf.write('\n');
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	673 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	674 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	675
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	676 raf.write(StringEncoder.GetBytes(new String(entry)));
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	677 raf.close();
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	678 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	679
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	680 /**
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	681 * Generates a "raw" fingerprint of a hostkey.
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	682 *
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	683 * @param type either "md5" or "sha1"
298 ab3a99f11a36 add ecdsa key support everywhere Carl Byington <carl@five-ten-sg.com> parents: 287 diff changeset	684 * @param keyType either "ssh-rsa" or "ssh-dss" or "ecdsa-sha2..."
273 91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	685 * @param hostkey the hostkey
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	686 * @return the raw fingerprint
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	687 */
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	688 static private byte[] rawFingerPrint(String type, String keyType, byte[] hostkey) throws IOException {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	689 Digest dig;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	690
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	691 if("md5".equals(type)) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	692 dig = new MD5();
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	693 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	694 else if("sha1".equals(type)) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	695 dig = new SHA1();
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	696 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	697 else {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	698 throw new IllegalArgumentException("Unknown hash type " + type);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	699 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	700
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	701 if("ssh-rsa".equals(keyType)) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	702 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	703 else if("ssh-dss".equals(keyType)) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	704 }
298 ab3a99f11a36 add ecdsa key support everywhere Carl Byington <carl@five-ten-sg.com> parents: 287 diff changeset	705 else if (keyType.startsWith("ecdsa-sha2-") {
ab3a99f11a36 add ecdsa key support everywhere Carl Byington <carl@five-ten-sg.com> parents: 287 diff changeset	706 }
273 91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	707 else {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	708 throw new IllegalArgumentException("Unknown key type " + keyType);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	709 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	710
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	711 if(hostkey == null) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	712 throw new IllegalArgumentException("hostkey is null");
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	713 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	714
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	715 dig.update(hostkey);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	716 byte[] res = new byte[dig.getDigestLength()];
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	717 try {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	718 dig.digest(res);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	719 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	720 catch(DigestException e) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	721 throw new IOException(e);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	722 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	723 return res;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	724 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	725
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	726 /**
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	727 * Convert a raw fingerprint to hex representation (XX:YY:ZZ...).
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	728 *
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	729 * @param fingerprint raw fingerprint
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	730 * @return the hex representation
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	731 */
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	732 static private String rawToHexFingerprint(byte[] fingerprint) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	733 final char[] alpha = "0123456789abcdef".toCharArray();
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	734
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	735 StringBuilder sb = new StringBuilder();
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	736
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	737 for(int i = 0; i < fingerprint.length; i++) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	738 if(i != 0) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	739 sb.append(':');
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	740 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	741 int b = fingerprint[i] & 0xff;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	742 sb.append(alpha[b >> 4]);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	743 sb.append(alpha[b & 15]);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	744 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	745
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	746 return sb.toString();
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	747 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	748
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	749 /**
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	750 * Convert a raw fingerprint to bubblebabble representation.
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	751 *
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	752 * @param raw raw fingerprint
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	753 * @return the bubblebabble representation
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	754 */
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	755 static private String rawToBubblebabbleFingerprint(byte[] raw) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	756 final char[] v = "aeiouy".toCharArray();
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	757 final char[] c = "bcdfghklmnprstvzx".toCharArray();
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	758
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	759 StringBuilder sb = new StringBuilder();
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	760
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	761 int seed = 1;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	762
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	763 int rounds = (raw.length / 2) + 1;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	764
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	765 sb.append('x');
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	766
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	767 for(int i = 0; i < rounds; i++) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	768 if(((i + 1) < rounds) \|\| ((raw.length) % 2 != 0)) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	769 sb.append(v[(((raw[2 * i] >> 6) & 3) + seed) % 6]);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	770 sb.append(c[(raw[2 * i] >> 2) & 15]);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	771 sb.append(v[((raw[2 * i] & 3) + (seed / 6)) % 6]);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	772
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	773 if((i + 1) < rounds) {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	774 sb.append(c[(((raw[(2 * i) + 1])) >> 4) & 15]);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	775 sb.append('-');
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	776 sb.append(c[(((raw[(2 * i) + 1]))) & 15]);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	777 // As long as seed >= 0, seed will be >= 0 afterwards
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	778 seed = ((seed * 5) + (((raw[2 * i] & 0xff) * 7) + (raw[(2 * i) + 1] & 0xff))) % 36;
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	779 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	780 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	781 else {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	782 sb.append(v[seed % 6]); // seed >= 0, therefore index positive
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	783 sb.append('x');
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	784 sb.append(v[seed / 6]);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	785 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	786 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	787
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	788 sb.append('x');
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	789
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	790 return sb.toString();
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	791 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	792
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	793 /**
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	794 * Convert a ssh2 key-blob into a human readable hex fingerprint.
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	795 * Generated fingerprints are identical to those generated by OpenSSH.
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	796 * <p/>
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	797 * Example fingerprint: d0:cb:76:19:99:5a:03:fc:73:10:70:93:f2:44:63:47.
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	798 *
298 ab3a99f11a36 add ecdsa key support everywhere Carl Byington <carl@five-ten-sg.com> parents: 287 diff changeset	799 * @param keytype either "ssh-rsa" or "ssh-dss" or "ecdsa-sha2..."
273 91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	800 * @param publickey key blob
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	801 * @return Hex fingerprint
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	802 */
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	803 public static String createHexFingerprint(String keytype, byte[] publickey) throws IOException {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	804 byte[] raw = rawFingerPrint("md5", keytype, publickey);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	805 return rawToHexFingerprint(raw);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	806 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	807
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	808 /**
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	809 * Convert a ssh2 key-blob into a human readable bubblebabble fingerprint.
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	810 * The used bubblebabble algorithm (taken from OpenSSH) generates fingerprints
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	811 * that are easier to remember for humans.
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	812 * <p/>
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	813 * Example fingerprint: xofoc-bubuz-cazin-zufyl-pivuk-biduk-tacib-pybur-gonar-hotat-lyxux.
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	814 *
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	815 * @param keytype either "ssh-rsa" or "ssh-dss"
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	816 * @param publickey key data
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	817 * @return Bubblebabble fingerprint
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	818 */
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	819 public static String createBubblebabbleFingerprint(String keytype, byte[] publickey) throws IOException {
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	820 byte[] raw = rawFingerPrint("sha1", keytype, publickey);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	821 return rawToBubblebabbleFingerprint(raw);
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	822 }
91a31873c42a start conversion from trilead to ganymed Carl Byington <carl@five-ten-sg.com> parents: diff changeset	823 }

Mercurial > 510Connectbot

annotate src/ch/ethz/ssh2/KnownHosts.java @ 298:ab3a99f11a36 ganymed