annotate src/ch/ethz/ssh2/auth/AuthenticationManager.java @ 302:beaccc9df37b ganymed

add ecdsa key support everywhere
author Carl Byington <carl@five-ten-sg.com>
date Tue, 29 Jul 2014 20:23:00 -0700
parents 4ec87de11e71
children d2b303406d63
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
273
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1 /*
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
2 * Copyright (c) 2006-2011 Christian Plattner. All rights reserved.
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
3 * Please refer to the LICENSE.txt for licensing details.
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
4 */
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
5 package ch.ethz.ssh2.auth;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
6
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
7 import java.io.IOException;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
8 import java.io.InterruptedIOException;
280
51d5f434ef6b start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 278
diff changeset
9 import java.security.KeyPair;
51d5f434ef6b start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 278
diff changeset
10 import java.security.PrivateKey;
273
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
11 import java.security.SecureRandom;
280
51d5f434ef6b start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 278
diff changeset
12 import java.security.interfaces.DSAPrivateKey;
51d5f434ef6b start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 278
diff changeset
13 import java.security.interfaces.DSAPublicKey;
51d5f434ef6b start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 278
diff changeset
14 import java.security.interfaces.ECPrivateKey;
51d5f434ef6b start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 278
diff changeset
15 import java.security.interfaces.ECPublicKey;
51d5f434ef6b start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 278
diff changeset
16 import java.security.interfaces.RSAPrivateKey;
51d5f434ef6b start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 278
diff changeset
17 import java.security.interfaces.RSAPublicKey;
273
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
18 import java.util.HashSet;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
19 import java.util.Set;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
20 import java.util.concurrent.ArrayBlockingQueue;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
21 import java.util.concurrent.BlockingQueue;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
22
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
23 import ch.ethz.ssh2.InteractiveCallback;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
24 import ch.ethz.ssh2.PacketTypeException;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
25 import ch.ethz.ssh2.crypto.PEMDecoder;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
26 import ch.ethz.ssh2.packets.PacketServiceAccept;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
27 import ch.ethz.ssh2.packets.PacketServiceRequest;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
28 import ch.ethz.ssh2.packets.PacketUserauthBanner;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
29 import ch.ethz.ssh2.packets.PacketUserauthFailure;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
30 import ch.ethz.ssh2.packets.PacketUserauthInfoRequest;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
31 import ch.ethz.ssh2.packets.PacketUserauthInfoResponse;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
32 import ch.ethz.ssh2.packets.PacketUserauthRequestInteractive;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
33 import ch.ethz.ssh2.packets.PacketUserauthRequestNone;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
34 import ch.ethz.ssh2.packets.PacketUserauthRequestPassword;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
35 import ch.ethz.ssh2.packets.PacketUserauthRequestPublicKey;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
36 import ch.ethz.ssh2.packets.Packets;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
37 import ch.ethz.ssh2.packets.TypesWriter;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
38 import ch.ethz.ssh2.signature.DSASHA1Verify;
280
51d5f434ef6b start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 278
diff changeset
39 import ch.ethz.ssh2.signature.ECDSASHA2Verify;
273
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
40 import ch.ethz.ssh2.signature.RSASHA1Verify;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
41 import ch.ethz.ssh2.transport.ClientTransportManager;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
42 import ch.ethz.ssh2.transport.MessageHandler;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
43
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
44 /**
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
45 * @author Christian Plattner
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
46 * @version $Id: AuthenticationManager.java 161 2014-05-01 18:01:55Z dkocher@sudo.ch $
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
47 */
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
48 public class AuthenticationManager implements MessageHandler {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
49 private ClientTransportManager tm;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
50
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
51 private final BlockingQueue<byte[]> packets
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
52 = new ArrayBlockingQueue<byte[]>(5);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
53
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
54 private boolean connectionClosed = false;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
55
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
56 private String banner;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
57
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
58 private Set<String> remainingMethods
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
59 = new HashSet<String>();
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
60
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
61 private boolean isPartialSuccess = false;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
62
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
63 private boolean authenticated = false;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
64 private boolean initDone = false;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
65
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
66 public AuthenticationManager(ClientTransportManager tm) {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
67 this.tm = tm;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
68 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
69
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
70 private byte[] deQueue() throws IOException {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
71 if(connectionClosed) {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
72 throw tm.getReasonClosedCause();
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
73 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
74 // Wait for packet
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
75 try {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
76 return packets.take();
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
77 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
78 catch(InterruptedException e) {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
79 throw new InterruptedIOException(e.getMessage());
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
80 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
81 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
82
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
83 byte[] getNextMessage() throws IOException {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
84 while(true) {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
85 byte[] message = deQueue();
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
86 switch(message[0]) {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
87 case Packets.SSH_MSG_USERAUTH_BANNER:
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
88 // The server may send an SSH_MSG_USERAUTH_BANNER message at any
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
89 // time after this authentication protocol starts and before
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
90 // authentication is successful.
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
91 PacketUserauthBanner sb = new PacketUserauthBanner(message);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
92 banner = sb.getBanner();
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
93 break;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
94 default:
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
95 return message;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
96 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
97 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
98 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
99
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
100 public Set<String> getRemainingMethods(String user) throws IOException {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
101 initialize(user);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
102 return remainingMethods;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
103 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
104
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
105 public String getBanner() {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
106 return banner;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
107 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
108
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
109 public boolean getPartialSuccess() {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
110 return isPartialSuccess;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
111 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
112
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
113 private boolean initialize(String user) throws IOException {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
114 if(initDone == false) {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
115 tm.registerMessageHandler(this, 0, 255);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
116
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
117 PacketServiceRequest sr = new PacketServiceRequest("ssh-userauth");
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
118 tm.sendMessage(sr.getPayload());
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
119
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
120 final PacketServiceAccept accept = new PacketServiceAccept(this.getNextMessage());
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
121
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
122 PacketUserauthRequestNone auth = new PacketUserauthRequestNone("ssh-connection", user);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
123 tm.sendMessage(auth.getPayload());
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
124
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
125 byte[] message = this.getNextMessage();
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
126 initDone = true;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
127 switch(message[0]) {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
128 case Packets.SSH_MSG_USERAUTH_SUCCESS:
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
129 authenticated = true;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
130 tm.removeMessageHandler(this);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
131 return true;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
132 case Packets.SSH_MSG_USERAUTH_FAILURE:
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
133 PacketUserauthFailure puf = new PacketUserauthFailure(message);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
134 remainingMethods = puf.getAuthThatCanContinue();
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
135 isPartialSuccess = puf.isPartialSuccess();
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
136 return false;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
137 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
138 throw new PacketTypeException(message[0]);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
139 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
140 return authenticated;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
141 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
142
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
143 public boolean authenticatePublicKey(String user, AgentProxy proxy) throws IOException {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
144 initialize(user);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
145
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
146 boolean success;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
147 for(AgentIdentity identity : proxy.getIdentities()) {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
148 success = authenticatePublicKey(user, identity);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
149 if(success) {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
150 return true;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
151 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
152 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
153 return false;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
154 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
155
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
156 private boolean authenticatePublicKey(String user, AgentIdentity identity) throws IOException {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
157 if(!remainingMethods.contains("publickey")) {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
158 throw new IOException("Authentication method not supported");
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
159 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
160
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
161 byte[] pubKeyBlob = identity.getPublicKeyBlob();
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
162 if(pubKeyBlob == null) {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
163 return false;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
164 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
165
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
166 TypesWriter tw = new TypesWriter();
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
167 byte[] H = tm.getSessionIdentifier();
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
168
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
169 tw.writeString(H, 0, H.length);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
170 tw.writeByte(Packets.SSH_MSG_USERAUTH_REQUEST);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
171 tw.writeString(user);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
172 tw.writeString("ssh-connection");
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
173 tw.writeString("publickey");
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
174 tw.writeBoolean(true);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
175 tw.writeString(identity.getAlgName());
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
176 tw.writeString(pubKeyBlob, 0, pubKeyBlob.length);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
177
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
178 byte[] msg = tw.getBytes();
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
179 byte[] response = identity.sign(msg);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
180
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
181 PacketUserauthRequestPublicKey ua = new PacketUserauthRequestPublicKey(
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
182 "ssh-connection", user, identity.getAlgName(), pubKeyBlob, response);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
183 tm.sendMessage(ua.getPayload());
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
184
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
185 byte[] message = getNextMessage();
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
186 final int type = message[0];
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
187 switch(type) {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
188 case Packets.SSH_MSG_USERAUTH_SUCCESS:
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
189 authenticated = true;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
190 tm.removeMessageHandler(this);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
191 return true;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
192 case Packets.SSH_MSG_USERAUTH_FAILURE:
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
193 PacketUserauthFailure puf = new PacketUserauthFailure(message);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
194
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
195 remainingMethods = puf.getAuthThatCanContinue();
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
196 isPartialSuccess = puf.isPartialSuccess();
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
197
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
198 return false;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
199 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
200 throw new PacketTypeException(type);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
201 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
202
283
3855f58ffd2b start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 282
diff changeset
203 public boolean authenticatePublicKey(String user, char[] PEMPrivateKey, String password, SecureRandom rnd)
3855f58ffd2b start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 282
diff changeset
204 throws IOException {
3855f58ffd2b start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 282
diff changeset
205 KeyPair pair = PEMDecoder.decode(PEMPrivateKey, password);
3855f58ffd2b start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 282
diff changeset
206 return authenticatePublicKey(user, pair, rnd);
3855f58ffd2b start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 282
diff changeset
207 }
3855f58ffd2b start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 282
diff changeset
208
3855f58ffd2b start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 282
diff changeset
209 public boolean authenticatePublicKey(String user, KeyPair pair, SecureRandom rnd)
282
c3019725b123 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 280
diff changeset
210 throws IOException {
c3019725b123 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 280
diff changeset
211 PrivateKey key = pair.getPrivate();
273
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
212 try {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
213 initialize(user);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
214
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
215 if(!remainingMethods.contains("publickey")) {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
216 throw new IOException("Authentication method publickey not supported by the server at this stage.");
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
217 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
218
282
c3019725b123 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 280
diff changeset
219 if (key instanceof DSAPrivateKey) {
273
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
220 DSAPrivateKey pk = (DSAPrivateKey) key;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
221
282
c3019725b123 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 280
diff changeset
222 byte[] pk_enc = DSASHA1Verify.encodeSSHDSAPublicKey((DSAPublicKey) pair.getPublic());
273
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
223
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
224 TypesWriter tw = new TypesWriter();
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
225
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
226 byte[] H = tm.getSessionIdentifier();
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
227
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
228 tw.writeString(H, 0, H.length);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
229 tw.writeByte(Packets.SSH_MSG_USERAUTH_REQUEST);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
230 tw.writeString(user);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
231 tw.writeString("ssh-connection");
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
232 tw.writeString("publickey");
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
233 tw.writeBoolean(true);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
234 tw.writeString("ssh-dss");
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
235 tw.writeString(pk_enc, 0, pk_enc.length);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
236
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
237 byte[] msg = tw.getBytes();
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
238
284
4ec87de11e71 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 283
diff changeset
239 byte[] ds = DSASHA1Verify.generateSignature(msg, pk, rnd);
273
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
240
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
241 byte[] ds_enc = DSASHA1Verify.encodeSSHDSASignature(ds);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
242
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
243 PacketUserauthRequestPublicKey ua = new PacketUserauthRequestPublicKey("ssh-connection", user,
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
244 "ssh-dss", pk_enc, ds_enc);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
245 tm.sendMessage(ua.getPayload());
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
246 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
247 else if(key instanceof RSAPrivateKey) {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
248 RSAPrivateKey pk = (RSAPrivateKey) key;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
249
282
c3019725b123 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 280
diff changeset
250 byte[] pk_enc = RSASHA1Verify.encodeSSHRSAPublicKey((RSAPublicKey) pair.getPublic());
273
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
251
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
252 TypesWriter tw = new TypesWriter();
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
253 {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
254 byte[] H = tm.getSessionIdentifier();
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
255
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
256 tw.writeString(H, 0, H.length);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
257 tw.writeByte(Packets.SSH_MSG_USERAUTH_REQUEST);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
258 tw.writeString(user);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
259 tw.writeString("ssh-connection");
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
260 tw.writeString("publickey");
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
261 tw.writeBoolean(true);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
262 tw.writeString("ssh-rsa");
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
263 tw.writeString(pk_enc, 0, pk_enc.length);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
264 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
265
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
266 byte[] msg = tw.getBytes();
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
267
284
4ec87de11e71 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 283
diff changeset
268 byte[] ds = RSASHA1Verify.generateSignature(msg, pk);
273
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
269
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
270 byte[] rsa_sig_enc = RSASHA1Verify.encodeSSHRSASignature(ds);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
271
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
272 PacketUserauthRequestPublicKey ua = new PacketUserauthRequestPublicKey("ssh-connection", user,
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
273 "ssh-rsa", pk_enc, rsa_sig_enc);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
274 tm.sendMessage(ua.getPayload());
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
275 }
282
c3019725b123 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 280
diff changeset
276 else if (key instanceof ECPrivateKey) {
c3019725b123 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 280
diff changeset
277 ECPrivateKey pk = (ECPrivateKey) key;
c3019725b123 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 280
diff changeset
278 final String algo = ECDSASHA2Verify.ECDSA_SHA2_PREFIX
c3019725b123 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 280
diff changeset
279 + ECDSASHA2Verify.getCurveName(pk.getParams());
c3019725b123 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 280
diff changeset
280 byte[] pk_enc = ECDSASHA2Verify.encodeSSHECDSAPublicKey((ECPublicKey) pair.getPublic());
c3019725b123 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 280
diff changeset
281 TypesWriter tw = new TypesWriter();
c3019725b123 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 280
diff changeset
282 {
c3019725b123 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 280
diff changeset
283 byte[] H = tm.getSessionIdentifier();
c3019725b123 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 280
diff changeset
284 tw.writeString(H, 0, H.length);
c3019725b123 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 280
diff changeset
285 tw.writeByte(Packets.SSH_MSG_USERAUTH_REQUEST);
c3019725b123 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 280
diff changeset
286 tw.writeString(user);
c3019725b123 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 280
diff changeset
287 tw.writeString("ssh-connection");
c3019725b123 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 280
diff changeset
288 tw.writeString("publickey");
c3019725b123 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 280
diff changeset
289 tw.writeBoolean(true);
c3019725b123 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 280
diff changeset
290 tw.writeString(algo);
c3019725b123 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 280
diff changeset
291 tw.writeString(pk_enc, 0, pk_enc.length);
c3019725b123 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 280
diff changeset
292 }
c3019725b123 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 280
diff changeset
293 byte[] msg = tw.getBytes();
c3019725b123 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 280
diff changeset
294 byte[] ds = ECDSASHA2Verify.generateSignature(msg, pk);
c3019725b123 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 280
diff changeset
295 byte[] ec_sig_enc = ECDSASHA2Verify.encodeSSHECDSASignature(ds, pk.getParams());
c3019725b123 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 280
diff changeset
296 PacketUserauthRequestPublicKey ua = new PacketUserauthRequestPublicKey("ssh-connection", user,
c3019725b123 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 280
diff changeset
297 algo, pk_enc, ec_sig_enc);
c3019725b123 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 280
diff changeset
298 tm.sendMessage(ua.getPayload());
c3019725b123 start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents: 280
diff changeset
299 }
273
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
300 else {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
301 throw new IOException("Unknown private key type returned by the PEM decoder.");
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
302 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
303 byte[] message = getNextMessage();
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
304 final int type = message[0];
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
305 switch(type) {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
306 case Packets.SSH_MSG_USERAUTH_SUCCESS:
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
307 authenticated = true;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
308 tm.removeMessageHandler(this);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
309 return true;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
310 case Packets.SSH_MSG_USERAUTH_FAILURE:
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
311 PacketUserauthFailure puf = new PacketUserauthFailure(message);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
312
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
313 remainingMethods = puf.getAuthThatCanContinue();
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
314 isPartialSuccess = puf.isPartialSuccess();
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
315
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
316 return false;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
317 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
318 throw new PacketTypeException(type);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
319 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
320 catch(IOException e) {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
321 tm.close(e);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
322 throw e;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
323 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
324 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
325
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
326 public boolean authenticateNone(String user) throws IOException {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
327 try {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
328 initialize(user);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
329 return authenticated;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
330 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
331 catch(IOException e) {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
332 tm.close(e);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
333 throw e;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
334 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
335 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
336
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
337 public boolean authenticatePassword(String user, String pass) throws IOException {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
338 try {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
339 initialize(user);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
340
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
341 if(!remainingMethods.contains("password")) {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
342 throw new IOException("Authentication method not supported");
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
343 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
344
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
345 PacketUserauthRequestPassword ua = new PacketUserauthRequestPassword("ssh-connection", user, pass);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
346 tm.sendMessage(ua.getPayload());
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
347
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
348 byte[] message = getNextMessage();
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
349 final int type = message[0];
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
350 switch(type) {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
351 case Packets.SSH_MSG_USERAUTH_SUCCESS:
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
352 authenticated = true;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
353 tm.removeMessageHandler(this);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
354 return true;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
355 case Packets.SSH_MSG_USERAUTH_FAILURE:
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
356 PacketUserauthFailure puf = new PacketUserauthFailure(message);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
357 remainingMethods = puf.getAuthThatCanContinue();
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
358 isPartialSuccess = puf.isPartialSuccess();
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
359 return false;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
360 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
361 throw new PacketTypeException(type);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
362 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
363 catch(IOException e) {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
364 tm.close(e);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
365 throw e;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
366 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
367 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
368
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
369 public boolean authenticateInteractive(String user, String[] submethods, InteractiveCallback cb) throws IOException {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
370 try {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
371 initialize(user);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
372
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
373 if(!remainingMethods.contains("keyboard-interactive")) {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
374 throw new IOException(
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
375 "Authentication method keyboard-interactive not supported by the server at this stage.");
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
376 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
377
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
378 PacketUserauthRequestInteractive ua = new PacketUserauthRequestInteractive("ssh-connection", user,
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
379 submethods);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
380
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
381 tm.sendMessage(ua.getPayload());
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
382
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
383 while(true) {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
384 byte[] message = getNextMessage();
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
385 final int type = message[0];
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
386 switch(type) {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
387 case Packets.SSH_MSG_USERAUTH_SUCCESS:
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
388 authenticated = true;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
389 tm.removeMessageHandler(this);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
390 return true;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
391 case Packets.SSH_MSG_USERAUTH_FAILURE:
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
392 PacketUserauthFailure puf = new PacketUserauthFailure(message);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
393
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
394 remainingMethods = puf.getAuthThatCanContinue();
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
395 isPartialSuccess = puf.isPartialSuccess();
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
396
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
397 return false;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
398 case Packets.SSH_MSG_USERAUTH_INFO_REQUEST:
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
399 PacketUserauthInfoRequest info = new PacketUserauthInfoRequest(message);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
400 String[] responses;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
401 try {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
402 responses = cb.replyToChallenge(info.getName(), info.getInstruction(), info.getNumPrompts(),
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
403 info.getPrompt(), info.getEcho());
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
404 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
405 catch(Exception e) {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
406 throw new IOException("Exception in callback.", e);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
407 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
408 PacketUserauthInfoResponse puir = new PacketUserauthInfoResponse(responses);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
409 tm.sendMessage(puir.getPayload());
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
410 continue;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
411 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
412 throw new PacketTypeException(type);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
413 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
414 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
415 catch(IOException e) {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
416 tm.close(e);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
417 throw e;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
418 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
419 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
420
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
421 @Override
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
422 public void handleFailure(final IOException failure) {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
423 connectionClosed = true;
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
424 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
425
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
426 @Override
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
427 public void handleMessage(byte[] message) throws IOException {
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
428 packets.add(message);
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
429 }
91a31873c42a start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
430 }