Mercurial > 510Connectbot

diff src/ch/ethz/ssh2/KnownHosts.java @ 298:ab3a99f11a36 ganymed

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
add ecdsa key support everywhere
author Carl Byington <carl@five-ten-sg.com>
date Tue, 29 Jul 2014 18:01:08 -0700
parents db9b028016de
children 4c3a4e88c027
line wrap: on
line diff
--- a/src/ch/ethz/ssh2/KnownHosts.java	Tue Jul 29 16:43:12 2014 -0700
+++ b/src/ch/ethz/ssh2/KnownHosts.java	Tue Jul 29 18:01:08 2014 -0700
@@ -114,6 +114,13 @@
                 publicKeys.add(new KnownHostsEntry(hostnames, dpk));
             }
         }
+        else if (serverHostKeyAlgorithm.startsWith("ecdsa-")) {
+            ECPublicKey epk = ECDSASHA2Verify.decodeSSHECDSAPublicKey(serverHostKey);
+
+            synchronized(publicKeys) {
+                publicKeys.add(new KnownHostsEntry(hostnames, epk));
+            }
+        }
         else {
             throw new IOException(String.format("Unknown host key type %s", serverHostKeyAlgorithm));
         }
@@ -397,7 +404,9 @@
             String[] arr = line.split(" ");
 
             if(arr.length >= 3) {
-                if((arr[1].compareTo("ssh-rsa") == 0) || (arr[1].compareTo("ssh-dss") == 0)) {
+                if((arr[1].compareTo("ssh-rsa") == 0) ||
+                   (arr[1].compareTo("ssh-dss") == 0) ||
+                   (arr[1].startsWith("ecdsa-sha2-") == 0)) {
                     String[] hostnames = arr[0].split(",");
 
                     byte[] msg = Base64.decode(arr[2].toCharArray());
@@ -506,6 +515,11 @@
             else if(key instanceof DSAPublicKey) {
                 thisAlgo = "ssh-dss";
             }
+            else if (key instanceof ECPublicKey) {
+                ECPublicKey ecPub = (ECPublicKey) pk;
+                String keyType = ECDSASHA2Verify.getCurveName(ecPub.getParams().getCurve().getField().getFieldSize());
+                thisAlgo = ECDSASHA2Verify.ECDSA_SHA2_PREFIX + keyType;
+            }
             else {
                 continue;
             }
@@ -541,10 +555,10 @@
 				   */
 
         if(preferredAlgo.equals("ssh-rsa")) {
-            return new String[]{"ssh-rsa", "ssh-dss"};
+            return new String[]{"ssh-rsa", "ssh-dss", "ecdsa-sha2-nistp256"};
         }
 
-        return new String[]{"ssh-dss", "ssh-rsa"};
+        return new String[]{"ssh-dss", "ssh-rsa", "ecdsa-sha2-nistp256"};
     }
 
     /**
@@ -667,7 +681,7 @@
      * Generates a "raw" fingerprint of a hostkey.
      *
      * @param type    either "md5" or "sha1"
-     * @param keyType either "ssh-rsa" or "ssh-dss"
+     * @param keyType either "ssh-rsa" or "ssh-dss" or "ecdsa-sha2..."
      * @param hostkey the hostkey
      * @return the raw fingerprint
      */
@@ -688,6 +702,8 @@
         }
         else if("ssh-dss".equals(keyType)) {
         }
+        else if (keyType.startsWith("ecdsa-sha2-") {
+        }
         else {
             throw new IllegalArgumentException("Unknown key type " + keyType);
         }
@@ -780,7 +796,7 @@
      * <p/>
      * Example fingerprint: d0:cb:76:19:99:5a:03:fc:73:10:70:93:f2:44:63:47.
      *
-     * @param keytype   either "ssh-rsa" or "ssh-dss"
+     * @param keytype   either "ssh-rsa" or "ssh-dss" or "ecdsa-sha2..."
      * @param publickey key blob
      * @return Hex fingerprint
      */