Mercurial > 510Connectbot
diff src/ch/ethz/ssh2/transport/ServerKexManager.java @ 298:ab3a99f11a36 ganymed
add ecdsa key support everywhere
| author | Carl Byington <carl@five-ten-sg.com> |
|---|---|
| date | Tue, 29 Jul 2014 18:01:08 -0700 |
| parents | db9b028016de |
| children | beaccc9df37b |
line wrap: on
line diff
--- a/src/ch/ethz/ssh2/transport/ServerKexManager.java Tue Jul 29 16:43:12 2014 -0700 +++ b/src/ch/ethz/ssh2/transport/ServerKexManager.java Tue Jul 29 18:01:08 2014 -0700 @@ -79,6 +79,7 @@ kxs = new KexState(); kxs.local_dsa_key = nextKEXdsakey; kxs.local_rsa_key = nextKEXrsakey; + kxs.local_ec_key = nextKEXeckey; kxs.dhgexParameters = nextKEXdhgexParameters; kip = new PacketKexInit(nextKEXcryptoWishList, rnd); kxs.localKEX = kip; @@ -174,6 +175,10 @@ byte[] hostKey = null; + if (kxs.np.server_host_key_algo.startsWith("ecdsa-sha2-")) { + hostKey = ECDSASHA2Verify.encodeSSHECDSAPublicKey((ECDSAPublicKey)kxs.local_ec_key.getPublic()); + } + if(kxs.np.server_host_key_algo.equals("ssh-rsa")) { hostKey = RSASHA1Verify.encodeSSHRSAPublicKey((RSAPublicKey)kxs.local_rsa_key.getPublic()); } @@ -194,12 +199,17 @@ byte[] signature = null; - if(kxs.np.server_host_key_algo.equals("ssh-rsa")) { + if (kxs.np.server_host_key_algo.startsWith("ecdsa-sha2-")) { + byte[] es = ECDSASHA2Verify.generateSignature(kxs.H, (ECDSAPrivateKey)kxs.local_ec_key.getPrivate()); + signature = ECDSASHA2Verify.encodeSSHECDSASignature(es); + } + + if (kxs.np.server_host_key_algo.equals("ssh-rsa")) { byte[] rs = RSASHA1Verify.generateSignature(kxs.H, (RSAPrivateKey)kxs.local_rsa_key.getPrivate()); signature = RSASHA1Verify.encodeSSHRSASignature(rs); } - if(kxs.np.server_host_key_algo.equals("ssh-dss")) { + if (kxs.np.server_host_key_algo.equals("ssh-dss")) { byte[] ds = DSASHA1Verify.generateSignature(kxs.H, (DSAPrivateKey)kxs.local_dsa_key.getPrivate(), rnd); signature = DSASHA1Verify.encodeSSHDSASignature(ds); }