# HG changeset patch # User Carl Byington # Date 1405732136 25200 # Node ID 4ec87de11e7178756891d5b21122c28107087286 # Parent 3855f58ffd2b844d1e58941ed5ffc916ed4a378f start conversion from trilead to ganymed diff -r 3855f58ffd2b -r 4ec87de11e71 src/ch/ethz/ssh2/KnownHosts.java --- a/src/ch/ethz/ssh2/KnownHosts.java Fri Jul 18 17:32:11 2014 -0700 +++ b/src/ch/ethz/ssh2/KnownHosts.java Fri Jul 18 18:08:56 2014 -0700 @@ -430,46 +430,8 @@ initialize(cw.toCharArray()); } - private boolean matchKeys(Object key1, Object key2) { - if((key1 instanceof RSAPublicKey) && (key2 instanceof RSAPublicKey)) { - RSAPublicKey savedRSAKey = (RSAPublicKey) key1; - RSAPublicKey remoteRSAKey = (RSAPublicKey) key2; - - if(savedRSAKey.getE().equals(remoteRSAKey.getE()) == false) { - return false; - } - - if(savedRSAKey.getN().equals(remoteRSAKey.getN()) == false) { - return false; - } - - return true; - } - - if((key1 instanceof DSAPublicKey) && (key2 instanceof DSAPublicKey)) { - DSAPublicKey savedDSAKey = (DSAPublicKey) key1; - DSAPublicKey remoteDSAKey = (DSAPublicKey) key2; - - if(savedDSAKey.getG().equals(remoteDSAKey.getG()) == false) { - return false; - } - - if(savedDSAKey.getP().equals(remoteDSAKey.getP()) == false) { - return false; - } - - if(savedDSAKey.getQ().equals(remoteDSAKey.getQ()) == false) { - return false; - } - - if(savedDSAKey.getY().equals(remoteDSAKey.getY()) == false) { - return false; - } - - return true; - } - - return false; + private final boolean matchKeys(PublicKey key1, PublicKey key2) { + return key1.equals(key2); } private boolean pseudoRegex(char[] pattern, int i, char[] match, int j) { diff -r 3855f58ffd2b -r 4ec87de11e71 src/ch/ethz/ssh2/auth/AuthenticationManager.java --- a/src/ch/ethz/ssh2/auth/AuthenticationManager.java Fri Jul 18 17:32:11 2014 -0700 +++ b/src/ch/ethz/ssh2/auth/AuthenticationManager.java Fri Jul 18 18:08:56 2014 -0700 @@ -236,7 +236,7 @@ byte[] msg = tw.getBytes(); - DSASignature ds = DSASHA1Verify.generateSignature(msg, pk, rnd); + byte[] ds = DSASHA1Verify.generateSignature(msg, pk, rnd); byte[] ds_enc = DSASHA1Verify.encodeSSHDSASignature(ds); @@ -265,7 +265,7 @@ byte[] msg = tw.getBytes(); - RSASignature ds = RSASHA1Verify.generateSignature(msg, pk); + byte[] ds = RSASHA1Verify.generateSignature(msg, pk); byte[] rsa_sig_enc = RSASHA1Verify.encodeSSHRSASignature(ds); diff -r 3855f58ffd2b -r 4ec87de11e71 src/ch/ethz/ssh2/log/Logger.java --- a/src/ch/ethz/ssh2/log/Logger.java Fri Jul 18 17:32:11 2014 -0700 +++ b/src/ch/ethz/ssh2/log/Logger.java Fri Jul 18 18:08:56 2014 -0700 @@ -18,7 +18,7 @@ { private java.util.logging.Logger delegate; - public static volatile boolean enabled = false; + public static boolean enabled = false; public static Logger getLogger(Class x) { @@ -30,6 +30,10 @@ this.delegate = java.util.logging.Logger.getLogger(x.getName()); } + public final boolean isEnabled() { + return enabled; + } + public boolean isDebugEnabled() { return enabled && delegate.isLoggable(Level.FINER); diff -r 3855f58ffd2b -r 4ec87de11e71 src/ch/ethz/ssh2/transport/ClientKexManager.java --- a/src/ch/ethz/ssh2/transport/ClientKexManager.java Fri Jul 18 17:32:11 2014 -0700 +++ b/src/ch/ethz/ssh2/transport/ClientKexManager.java Fri Jul 18 18:08:56 2014 -0700 @@ -55,8 +55,14 @@ } protected boolean verifySignature(byte[] sig, byte[] hostkey) throws IOException { - if(kxs.np.server_host_key_algo.equals("ssh-rsa")) { - RSASignature rs = RSASHA1Verify.decodeSSHRSASignature(sig); + if (kxs.np.server_host_key_algo.startsWith("ecdsa-sha2-")) { + byte[] rs = ECDSASHA2Verify.decodeSSHECDSASignature(sig); + ECPublicKey epk = ECDSASHA2Verify.decodeSSHECDSAPublicKey(hostkey); + log.log(50, "Verifying ecdsa signature"); + return ECDSASHA2Verify.verifySignature(kxs.H, rs, epk); + } + if (kxs.np.server_host_key_algo.equals("ssh-rsa")) { + byte[] rs = RSASHA1Verify.decodeSSHRSASignature(sig); RSAPublicKey rpk = RSASHA1Verify.decodeSSHRSAPublicKey(hostkey); log.debug("Verifying ssh-rsa signature"); @@ -64,8 +70,8 @@ return RSASHA1Verify.verifySignature(kxs.H, rs, rpk); } - if(kxs.np.server_host_key_algo.equals("ssh-dss")) { - DSASignature ds = DSASHA1Verify.decodeSSHDSASignature(sig); + if (kxs.np.server_host_key_algo.equals("ssh-dss")) { + byte[] ds = DSASHA1Verify.decodeSSHDSASignature(sig); DSAPublicKey dpk = DSASHA1Verify.decodeSSHDSAPublicKey(hostkey); log.debug("Verifying ssh-dss signature"); diff -r 3855f58ffd2b -r 4ec87de11e71 src/ch/ethz/ssh2/transport/KexState.java --- a/src/ch/ethz/ssh2/transport/KexState.java Fri Jul 18 17:32:11 2014 -0700 +++ b/src/ch/ethz/ssh2/transport/KexState.java Fri Jul 18 18:08:56 2014 -0700 @@ -37,7 +37,6 @@ public DhGroupExchange dhgx; public DHGexParameters dhgexParameters; - public DSAPrivateKey local_dsa_key; - public RSAPrivateKey local_rsa_key; - public ECPrivateKey local_ec_key; + public KeyPair local_dsa_key; + public KeyPair local_rsa_key; } diff -r 3855f58ffd2b -r 4ec87de11e71 src/ch/ethz/ssh2/transport/ServerKexManager.java --- a/src/ch/ethz/ssh2/transport/ServerKexManager.java Fri Jul 18 17:32:11 2014 -0700 +++ b/src/ch/ethz/ssh2/transport/ServerKexManager.java Fri Jul 18 18:08:56 2014 -0700 @@ -167,11 +167,11 @@ byte[] hostKey = null; if(kxs.np.server_host_key_algo.equals("ssh-rsa")) { - hostKey = RSASHA1Verify.encodeSSHRSAPublicKey(kxs.local_rsa_key.getPublicKey()); + hostKey = RSASHA1Verify.encodeSSHRSAPublicKey(kxs.local_rsa_key.getPublic()); } if(kxs.np.server_host_key_algo.equals("ssh-dss")) { - hostKey = DSASHA1Verify.encodeSSHDSAPublicKey(kxs.local_dsa_key.getPublicKey()); + hostKey = DSASHA1Verify.encodeSSHDSAPublicKey(kxs.local_dsa_key.getPublic()); } try { @@ -187,12 +187,12 @@ byte[] signature = null; if(kxs.np.server_host_key_algo.equals("ssh-rsa")) { - RSASignature rs = RSASHA1Verify.generateSignature(kxs.H, kxs.local_rsa_key); + byte[] rs = RSASHA1Verify.generateSignature(kxs.H, kxs.local_rsa_key); signature = RSASHA1Verify.encodeSSHRSASignature(rs); } if(kxs.np.server_host_key_algo.equals("ssh-dss")) { - DSASignature ds = DSASHA1Verify.generateSignature(kxs.H, kxs.local_dsa_key, rnd); + byte[] ds = DSASHA1Verify.generateSignature(kxs.H, kxs.local_dsa_key, rnd); signature = DSASHA1Verify.encodeSSHDSASignature(ds); } diff -r 3855f58ffd2b -r 4ec87de11e71 src/ch/ethz/ssh2/transport/TransportManager.java --- a/src/ch/ethz/ssh2/transport/TransportManager.java Fri Jul 18 17:32:11 2014 -0700 +++ b/src/ch/ethz/ssh2/transport/TransportManager.java Fri Jul 18 18:08:56 2014 -0700 @@ -296,7 +296,7 @@ * @param rsa may be null if this is a client connection * @throws IOException */ - public void forceKeyExchange(CryptoWishList cwl, DHGexParameters dhgex, DSAPrivateKey dsa, RSAPrivateKey rsa) + public void forceKeyExchange(CryptoWishList cwl, DHGexParameters dhgex, KeyPair dsa, KeyPair rsa) throws IOException { synchronized(connectionSemaphore) { if(connectionClosed) {