changeset 282:c3019725b123 ganymed

start conversion from trilead to ganymed
author Carl Byington <carl@five-ten-sg.com>
date Fri, 18 Jul 2014 17:19:41 -0700
parents b4ca341c318d
children 3855f58ffd2b
files src/ch/ethz/ssh2/auth/AuthenticationManager.java src/ch/ethz/ssh2/transport/ClientKexManager.java
diffstat 2 files changed, 31 insertions(+), 8 deletions(-) [+]
line wrap: on
line diff
--- a/src/ch/ethz/ssh2/auth/AuthenticationManager.java	Fri Jul 18 17:07:38 2014 -0700
+++ b/src/ch/ethz/ssh2/auth/AuthenticationManager.java	Fri Jul 18 17:19:41 2014 -0700
@@ -200,8 +200,9 @@
         throw new PacketTypeException(type);
     }
 
-    public boolean authenticatePublicKey(String user, char[] PEMPrivateKey, String password, SecureRandom rnd)
-            throws IOException {
+    public boolean authenticatePublicKey(String user, KeyPair pair, String password, SecureRandom rnd)
+    throws IOException {
+        PrivateKey key = pair.getPrivate();
         try {
             initialize(user);
 
@@ -209,12 +210,10 @@
                 throw new IOException("Authentication method publickey not supported by the server at this stage.");
             }
 
-            Object key = PEMDecoder.decode(PEMPrivateKey, password);
-
-            if(key instanceof DSAPrivateKey) {
+            if (key instanceof DSAPrivateKey) {
                 DSAPrivateKey pk = (DSAPrivateKey) key;
 
-                byte[] pk_enc = DSASHA1Verify.encodeSSHDSAPublicKey(pk.getPublicKey());
+                byte[] pk_enc = DSASHA1Verify.encodeSSHDSAPublicKey((DSAPublicKey) pair.getPublic());
 
                 TypesWriter tw = new TypesWriter();
 
@@ -242,7 +241,7 @@
             else if(key instanceof RSAPrivateKey) {
                 RSAPrivateKey pk = (RSAPrivateKey) key;
 
-                byte[] pk_enc = RSASHA1Verify.encodeSSHRSAPublicKey(pk.getPublicKey());
+                byte[] pk_enc = RSASHA1Verify.encodeSSHRSAPublicKey((RSAPublicKey) pair.getPublic());
 
                 TypesWriter tw = new TypesWriter();
                 {
@@ -268,6 +267,30 @@
                         "ssh-rsa", pk_enc, rsa_sig_enc);
                 tm.sendMessage(ua.getPayload());
             }
+            else if (key instanceof ECPrivateKey) {
+                ECPrivateKey pk = (ECPrivateKey) key;
+                final String algo = ECDSASHA2Verify.ECDSA_SHA2_PREFIX
+                                    + ECDSASHA2Verify.getCurveName(pk.getParams());
+                byte[] pk_enc = ECDSASHA2Verify.encodeSSHECDSAPublicKey((ECPublicKey) pair.getPublic());
+                TypesWriter tw = new TypesWriter();
+                {
+                    byte[] H = tm.getSessionIdentifier();
+                    tw.writeString(H, 0, H.length);
+                    tw.writeByte(Packets.SSH_MSG_USERAUTH_REQUEST);
+                    tw.writeString(user);
+                    tw.writeString("ssh-connection");
+                    tw.writeString("publickey");
+                    tw.writeBoolean(true);
+                    tw.writeString(algo);
+                    tw.writeString(pk_enc, 0, pk_enc.length);
+                }
+                byte[] msg = tw.getBytes();
+                byte[] ds = ECDSASHA2Verify.generateSignature(msg, pk);
+                byte[] ec_sig_enc = ECDSASHA2Verify.encodeSSHECDSASignature(ds, pk.getParams());
+                PacketUserauthRequestPublicKey ua = new PacketUserauthRequestPublicKey("ssh-connection", user,
+                        algo, pk_enc, ec_sig_enc);
+                tm.sendMessage(ua.getPayload());
+            }
             else {
                 throw new IOException("Unknown private key type returned by the PEM decoder.");
             }
--- a/src/ch/ethz/ssh2/transport/ClientKexManager.java	Fri Jul 18 17:07:38 2014 -0700
+++ b/src/ch/ethz/ssh2/transport/ClientKexManager.java	Fri Jul 18 17:19:41 2014 -0700
@@ -32,7 +32,7 @@
 import java.security.interfaces.ECPublicKey;
 import java.security.interfaces.RSAPublicKey;
 import ch.ethz.ssh2.signature.DSASHA1Verify;
-import ch.ethz.ssh2.signature.ECDSASHA2Verify.java;
+import ch.ethz.ssh2.signature.ECDSASHA2Verify;
 import ch.ethz.ssh2.signature.RSASHA1Verify;
 
 /**