comparison src/ch/ethz/ssh2/transport/ServerKexManager.java @ 302:beaccc9df37b ganymed

add ecdsa key support everywhere
author Carl Byington <carl@five-ten-sg.com>
date Tue, 29 Jul 2014 20:23:00 -0700
parents ab3a99f11a36
children d2b303406d63
comparison
equal deleted inserted replaced
301:ca5dd224a87b 302:beaccc9df37b
174 kxs.dhx.setE(dhi.getE()); 174 kxs.dhx.setE(dhi.getE());
175 175
176 byte[] hostKey = null; 176 byte[] hostKey = null;
177 177
178 if (kxs.np.server_host_key_algo.startsWith("ecdsa-sha2-")) { 178 if (kxs.np.server_host_key_algo.startsWith("ecdsa-sha2-")) {
179 hostKey = ECDSASHA2Verify.encodeSSHECDSAPublicKey((ECDSAPublicKey)kxs.local_ec_key.getPublic()); 179 hostKey = ECDSASHA2Verify.encodeSSHECDSAPublicKey((ECPublicKey)kxs.local_ec_key.getPublic());
180 } 180 }
181 181
182 if(kxs.np.server_host_key_algo.equals("ssh-rsa")) { 182 if(kxs.np.server_host_key_algo.equals("ssh-rsa")) {
183 hostKey = RSASHA1Verify.encodeSSHRSAPublicKey((RSAPublicKey)kxs.local_rsa_key.getPublic()); 183 hostKey = RSASHA1Verify.encodeSSHRSAPublicKey((RSAPublicKey)kxs.local_rsa_key.getPublic());
184 } 184 }
198 kxs.K = kxs.dhx.getK(); 198 kxs.K = kxs.dhx.getK();
199 199
200 byte[] signature = null; 200 byte[] signature = null;
201 201
202 if (kxs.np.server_host_key_algo.startsWith("ecdsa-sha2-")) { 202 if (kxs.np.server_host_key_algo.startsWith("ecdsa-sha2-")) {
203 byte[] es = ECDSASHA2Verify.generateSignature(kxs.H, (ECDSAPrivateKey)kxs.local_ec_key.getPrivate()); 203 ECPrivateKey pk = (ECPrivateKey)kxs.local_ec_key.getPrivate();
204 signature = ECDSASHA2Verify.encodeSSHECDSASignature(es); 204 byte[] es = ECDSASHA2Verify.generateSignature(kxs.H, pk);
205 signature = ECDSASHA2Verify.encodeSSHECDSASignature(es, pk.getParams());
205 } 206 }
206 207
207 if (kxs.np.server_host_key_algo.equals("ssh-rsa")) { 208 if (kxs.np.server_host_key_algo.equals("ssh-rsa")) {
208 byte[] rs = RSASHA1Verify.generateSignature(kxs.H, (RSAPrivateKey)kxs.local_rsa_key.getPrivate()); 209 byte[] rs = RSASHA1Verify.generateSignature(kxs.H, (RSAPrivateKey)kxs.local_rsa_key.getPrivate());
209 signature = RSASHA1Verify.encodeSSHRSASignature(rs); 210 signature = RSASHA1Verify.encodeSSHRSASignature(rs);