changeset 284:4ec87de11e71 ganymed

start conversion from trilead to ganymed
author Carl Byington <carl@five-ten-sg.com>
date Fri, 18 Jul 2014 18:08:56 -0700
parents 3855f58ffd2b
children 486df527ddc5
files src/ch/ethz/ssh2/KnownHosts.java src/ch/ethz/ssh2/auth/AuthenticationManager.java src/ch/ethz/ssh2/log/Logger.java src/ch/ethz/ssh2/transport/ClientKexManager.java src/ch/ethz/ssh2/transport/KexState.java src/ch/ethz/ssh2/transport/ServerKexManager.java src/ch/ethz/ssh2/transport/TransportManager.java
diffstat 7 files changed, 26 insertions(+), 55 deletions(-) [+]
line wrap: on
line diff
--- a/src/ch/ethz/ssh2/KnownHosts.java	Fri Jul 18 17:32:11 2014 -0700
+++ b/src/ch/ethz/ssh2/KnownHosts.java	Fri Jul 18 18:08:56 2014 -0700
@@ -430,46 +430,8 @@
         initialize(cw.toCharArray());
     }
 
-    private boolean matchKeys(Object key1, Object key2) {
-        if((key1 instanceof RSAPublicKey) && (key2 instanceof RSAPublicKey)) {
-            RSAPublicKey savedRSAKey = (RSAPublicKey) key1;
-            RSAPublicKey remoteRSAKey = (RSAPublicKey) key2;
-
-            if(savedRSAKey.getE().equals(remoteRSAKey.getE()) == false) {
-                return false;
-            }
-
-            if(savedRSAKey.getN().equals(remoteRSAKey.getN()) == false) {
-                return false;
-            }
-
-            return true;
-        }
-
-        if((key1 instanceof DSAPublicKey) && (key2 instanceof DSAPublicKey)) {
-            DSAPublicKey savedDSAKey = (DSAPublicKey) key1;
-            DSAPublicKey remoteDSAKey = (DSAPublicKey) key2;
-
-            if(savedDSAKey.getG().equals(remoteDSAKey.getG()) == false) {
-                return false;
-            }
-
-            if(savedDSAKey.getP().equals(remoteDSAKey.getP()) == false) {
-                return false;
-            }
-
-            if(savedDSAKey.getQ().equals(remoteDSAKey.getQ()) == false) {
-                return false;
-            }
-
-            if(savedDSAKey.getY().equals(remoteDSAKey.getY()) == false) {
-                return false;
-            }
-
-            return true;
-        }
-
-        return false;
+    private final boolean matchKeys(PublicKey key1, PublicKey key2) {
+        return key1.equals(key2);
     }
 
     private boolean pseudoRegex(char[] pattern, int i, char[] match, int j) {
--- a/src/ch/ethz/ssh2/auth/AuthenticationManager.java	Fri Jul 18 17:32:11 2014 -0700
+++ b/src/ch/ethz/ssh2/auth/AuthenticationManager.java	Fri Jul 18 18:08:56 2014 -0700
@@ -236,7 +236,7 @@
 
                 byte[] msg = tw.getBytes();
 
-                DSASignature ds = DSASHA1Verify.generateSignature(msg, pk, rnd);
+                byte[] ds = DSASHA1Verify.generateSignature(msg, pk, rnd);
 
                 byte[] ds_enc = DSASHA1Verify.encodeSSHDSASignature(ds);
 
@@ -265,7 +265,7 @@
 
                 byte[] msg = tw.getBytes();
 
-                RSASignature ds = RSASHA1Verify.generateSignature(msg, pk);
+                byte[] ds = RSASHA1Verify.generateSignature(msg, pk);
 
                 byte[] rsa_sig_enc = RSASHA1Verify.encodeSSHRSASignature(ds);
 
--- a/src/ch/ethz/ssh2/log/Logger.java	Fri Jul 18 17:32:11 2014 -0700
+++ b/src/ch/ethz/ssh2/log/Logger.java	Fri Jul 18 18:08:56 2014 -0700
@@ -18,7 +18,7 @@
 {
 	private java.util.logging.Logger delegate;
 
-	public static volatile boolean enabled = false;
+	public static boolean enabled = false;
 
 	public static Logger getLogger(Class<?> x)
 	{
@@ -30,6 +30,10 @@
 		this.delegate = java.util.logging.Logger.getLogger(x.getName());
 	}
 
+    public final boolean isEnabled() {
+        return enabled;
+    }
+
 	public boolean isDebugEnabled()
 	{
 		return enabled && delegate.isLoggable(Level.FINER);
--- a/src/ch/ethz/ssh2/transport/ClientKexManager.java	Fri Jul 18 17:32:11 2014 -0700
+++ b/src/ch/ethz/ssh2/transport/ClientKexManager.java	Fri Jul 18 18:08:56 2014 -0700
@@ -55,8 +55,14 @@
     }
 
     protected boolean verifySignature(byte[] sig, byte[] hostkey) throws IOException {
-        if(kxs.np.server_host_key_algo.equals("ssh-rsa")) {
-            RSASignature rs = RSASHA1Verify.decodeSSHRSASignature(sig);
+        if (kxs.np.server_host_key_algo.startsWith("ecdsa-sha2-")) {
+            byte[] rs = ECDSASHA2Verify.decodeSSHECDSASignature(sig);
+            ECPublicKey epk = ECDSASHA2Verify.decodeSSHECDSAPublicKey(hostkey);
+            log.log(50, "Verifying ecdsa signature");
+            return ECDSASHA2Verify.verifySignature(kxs.H, rs, epk);
+        }
+        if (kxs.np.server_host_key_algo.equals("ssh-rsa")) {
+            byte[] rs = RSASHA1Verify.decodeSSHRSASignature(sig);
             RSAPublicKey rpk = RSASHA1Verify.decodeSSHRSAPublicKey(hostkey);
 
             log.debug("Verifying ssh-rsa signature");
@@ -64,8 +70,8 @@
             return RSASHA1Verify.verifySignature(kxs.H, rs, rpk);
         }
 
-        if(kxs.np.server_host_key_algo.equals("ssh-dss")) {
-            DSASignature ds = DSASHA1Verify.decodeSSHDSASignature(sig);
+        if (kxs.np.server_host_key_algo.equals("ssh-dss")) {
+            byte[] ds = DSASHA1Verify.decodeSSHDSASignature(sig);
             DSAPublicKey dpk = DSASHA1Verify.decodeSSHDSAPublicKey(hostkey);
 
             log.debug("Verifying ssh-dss signature");
--- a/src/ch/ethz/ssh2/transport/KexState.java	Fri Jul 18 17:32:11 2014 -0700
+++ b/src/ch/ethz/ssh2/transport/KexState.java	Fri Jul 18 18:08:56 2014 -0700
@@ -37,7 +37,6 @@
 	public DhGroupExchange dhgx;
 	public DHGexParameters dhgexParameters;
 
-	public DSAPrivateKey local_dsa_key;
-	public RSAPrivateKey local_rsa_key;
-	public ECPrivateKey  local_ec_key;
+	public KeyPair local_dsa_key;
+	public KeyPair local_rsa_key;
 }
--- a/src/ch/ethz/ssh2/transport/ServerKexManager.java	Fri Jul 18 17:32:11 2014 -0700
+++ b/src/ch/ethz/ssh2/transport/ServerKexManager.java	Fri Jul 18 18:08:56 2014 -0700
@@ -167,11 +167,11 @@
                 byte[] hostKey = null;
 
                 if(kxs.np.server_host_key_algo.equals("ssh-rsa")) {
-                    hostKey = RSASHA1Verify.encodeSSHRSAPublicKey(kxs.local_rsa_key.getPublicKey());
+                    hostKey = RSASHA1Verify.encodeSSHRSAPublicKey(kxs.local_rsa_key.getPublic());
                 }
 
                 if(kxs.np.server_host_key_algo.equals("ssh-dss")) {
-                    hostKey = DSASHA1Verify.encodeSSHDSAPublicKey(kxs.local_dsa_key.getPublicKey());
+                    hostKey = DSASHA1Verify.encodeSSHDSAPublicKey(kxs.local_dsa_key.getPublic());
                 }
 
                 try {
@@ -187,12 +187,12 @@
                 byte[] signature = null;
 
                 if(kxs.np.server_host_key_algo.equals("ssh-rsa")) {
-                    RSASignature rs = RSASHA1Verify.generateSignature(kxs.H, kxs.local_rsa_key);
+                    byte[] rs = RSASHA1Verify.generateSignature(kxs.H, kxs.local_rsa_key);
                     signature = RSASHA1Verify.encodeSSHRSASignature(rs);
                 }
 
                 if(kxs.np.server_host_key_algo.equals("ssh-dss")) {
-                    DSASignature ds = DSASHA1Verify.generateSignature(kxs.H, kxs.local_dsa_key, rnd);
+                    byte[] ds = DSASHA1Verify.generateSignature(kxs.H, kxs.local_dsa_key, rnd);
                     signature = DSASHA1Verify.encodeSSHDSASignature(ds);
                 }
 
--- a/src/ch/ethz/ssh2/transport/TransportManager.java	Fri Jul 18 17:32:11 2014 -0700
+++ b/src/ch/ethz/ssh2/transport/TransportManager.java	Fri Jul 18 18:08:56 2014 -0700
@@ -296,7 +296,7 @@
      * @param rsa   may be null if this is a client connection
      * @throws IOException
      */
-    public void forceKeyExchange(CryptoWishList cwl, DHGexParameters dhgex, DSAPrivateKey dsa, RSAPrivateKey rsa)
+    public void forceKeyExchange(CryptoWishList cwl, DHGexParameters dhgex, KeyPair dsa, KeyPair rsa)
             throws IOException {
         synchronized(connectionSemaphore) {
             if(connectionClosed) {