Mercurial > 510Connectbot
annotate src/ch/ethz/ssh2/channel/AuthAgentForwardThread.java @ 304:abad243cb341 ganymed
add ecdsa key support everywhere
author | Carl Byington <carl@five-ten-sg.com> |
---|---|
date | Tue, 29 Jul 2014 20:28:01 -0700 |
parents | a218d9cd725b |
children | 071eccdff8ea |
rev | line source |
---|---|
294
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1 /* |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
2 * ConnectBot: simple, powerful, open-source SSH client for Android |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
3 * Copyright 2007 Kenny Root, Jeffrey Sharkey |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
4 * |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
5 * Licensed under the Apache License, Version 2.0 (the "License"); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
6 * you may not use this file except in compliance with the License. |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
7 * You may obtain a copy of the License at |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
8 * |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
9 * http://www.apache.org/licenses/LICENSE-2.0 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
10 * |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
11 * Unless required by applicable law or agreed to in writing, software |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
12 * distributed under the License is distributed on an "AS IS" BASIS, |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
14 * See the License for the specific language governing permissions and |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
15 * limitations under the License. |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
16 */ |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
17 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
18 package ch.ethz.ssh2.channel; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
19 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
20 import java.io.IOException; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
21 import java.io.InputStream; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
22 import java.io.OutputStream; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
23 import java.math.BigInteger; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
24 import java.security.KeyFactory; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
25 import java.security.KeyPair; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
26 import java.security.NoSuchAlgorithmException; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
27 import java.security.PrivateKey; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
28 import java.security.PublicKey; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
29 import java.security.SecureRandom; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
30 import java.security.interfaces.DSAPrivateKey; |
302
beaccc9df37b
add ecdsa key support everywhere
Carl Byington <carl@five-ten-sg.com>
parents:
300
diff
changeset
|
31 import java.security.interfaces.ECPrivateKey; |
294
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
32 import java.security.interfaces.RSAPrivateKey; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
33 import java.security.spec.DSAPrivateKeySpec; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
34 import java.security.spec.DSAPublicKeySpec; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
35 import java.security.spec.ECParameterSpec; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
36 import java.security.spec.ECPoint; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
37 import java.security.spec.ECPrivateKeySpec; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
38 import java.security.spec.ECPublicKeySpec; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
39 import java.security.spec.InvalidKeySpecException; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
40 import java.security.spec.KeySpec; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
41 import java.security.spec.RSAPrivateCrtKeySpec; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
42 import java.security.spec.RSAPublicKeySpec; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
43 import java.util.Map; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
44 import java.util.Map.Entry; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
45 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
46 import ch.ethz.ssh2.AuthAgentCallback; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
47 import ch.ethz.ssh2.log.Logger; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
48 import ch.ethz.ssh2.packets.TypesReader; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
49 import ch.ethz.ssh2.packets.TypesWriter; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
50 import ch.ethz.ssh2.signature.DSASHA1Verify; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
51 import ch.ethz.ssh2.signature.ECDSASHA2Verify; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
52 import ch.ethz.ssh2.signature.RSASHA1Verify; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
53 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
54 /** |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
55 * AuthAgentForwardThread. |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
56 * |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
57 * @author Kenny Root |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
58 * @version $Id$ |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
59 */ |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
60 public class AuthAgentForwardThread extends Thread implements IChannelWorkerThread { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
61 private static final byte[] SSH_AGENT_FAILURE = {0, 0, 0, 1, 5}; // 5 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
62 private static final byte[] SSH_AGENT_SUCCESS = {0, 0, 0, 1, 6}; // 6 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
63 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
64 private static final int SSH2_AGENTC_REQUEST_IDENTITIES = 11; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
65 private static final int SSH2_AGENT_IDENTITIES_ANSWER = 12; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
66 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
67 private static final int SSH2_AGENTC_SIGN_REQUEST = 13; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
68 private static final int SSH2_AGENT_SIGN_RESPONSE = 14; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
69 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
70 private static final int SSH2_AGENTC_ADD_IDENTITY = 17; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
71 private static final int SSH2_AGENTC_REMOVE_IDENTITY = 18; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
72 private static final int SSH2_AGENTC_REMOVE_ALL_IDENTITIES = 19; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
73 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
74 // private static final int SSH_AGENTC_ADD_SMARTCARD_KEY = 20; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
75 // private static final int SSH_AGENTC_REMOVE_SMARTCARD_KEY = 21; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
76 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
77 private static final int SSH_AGENTC_LOCK = 22; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
78 private static final int SSH_AGENTC_UNLOCK = 23; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
79 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
80 private static final int SSH2_AGENTC_ADD_ID_CONSTRAINED = 25; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
81 // private static final int SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED = 26; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
82 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
83 // Constraints for adding keys |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
84 private static final int SSH_AGENT_CONSTRAIN_LIFETIME = 1; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
85 private static final int SSH_AGENT_CONSTRAIN_CONFIRM = 2; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
86 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
87 // Flags for signature requests |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
88 // private static final int SSH_AGENT_OLD_SIGNATURE = 1; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
89 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
90 private static final Logger log = Logger.getLogger(RemoteAcceptThread.class); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
91 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
92 AuthAgentCallback authAgent; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
93 OutputStream os; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
94 InputStream is; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
95 Channel c; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
96 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
97 byte[] buffer = new byte[Channel.CHANNEL_BUFFER_SIZE]; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
98 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
99 public AuthAgentForwardThread(Channel c, AuthAgentCallback authAgent) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
100 this.c = c; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
101 this.authAgent = authAgent; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
102 |
295
deb5fb087b6f
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
294
diff
changeset
|
103 log.debug("AuthAgentForwardThread started"); |
294
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
104 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
105 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
106 @Override |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
107 public void run() { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
108 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
109 c.cm.registerThread(this); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
110 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
111 catch (IOException e) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
112 stopWorking(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
113 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
114 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
115 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
116 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
117 c.cm.sendOpenConfirmation(c); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
118 is = c.getStdoutStream(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
119 os = c.getStdinStream(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
120 int totalSize = 4; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
121 int readSoFar = 0; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
122 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
123 while (true) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
124 int len; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
125 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
126 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
127 len = is.read(buffer, readSoFar, buffer.length - readSoFar); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
128 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
129 catch (IOException e) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
130 stopWorking(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
131 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
132 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
133 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
134 if (len <= 0) |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
135 break; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
136 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
137 readSoFar += len; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
138 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
139 if (readSoFar >= 4) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
140 TypesReader tr = new TypesReader(buffer, 0, 4); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
141 totalSize = tr.readUINT32() + 4; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
142 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
143 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
144 if (totalSize == readSoFar) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
145 TypesReader tr = new TypesReader(buffer, 4, readSoFar - 4); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
146 int messageType = tr.readByte(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
147 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
148 switch (messageType) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
149 case SSH2_AGENTC_REQUEST_IDENTITIES: |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
150 sendIdentities(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
151 break; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
152 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
153 case SSH2_AGENTC_ADD_IDENTITY: |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
154 addIdentity(tr, false); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
155 break; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
156 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
157 case SSH2_AGENTC_ADD_ID_CONSTRAINED: |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
158 addIdentity(tr, true); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
159 break; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
160 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
161 case SSH2_AGENTC_REMOVE_IDENTITY: |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
162 removeIdentity(tr); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
163 break; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
164 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
165 case SSH2_AGENTC_REMOVE_ALL_IDENTITIES: |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
166 removeAllIdentities(tr); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
167 break; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
168 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
169 case SSH2_AGENTC_SIGN_REQUEST: |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
170 processSignRequest(tr); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
171 break; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
172 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
173 case SSH_AGENTC_LOCK: |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
174 processLockRequest(tr); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
175 break; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
176 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
177 case SSH_AGENTC_UNLOCK: |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
178 processUnlockRequest(tr); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
179 break; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
180 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
181 default: |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
182 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
183 break; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
184 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
185 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
186 readSoFar = 0; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
187 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
188 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
189 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
190 c.cm.closeChannel(c, "EOF on both streams reached.", true); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
191 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
192 catch (IOException e) { |
295
deb5fb087b6f
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
294
diff
changeset
|
193 log.debug("IOException in agent forwarder: " + e.getMessage()); |
294
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
194 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
195 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
196 is.close(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
197 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
198 catch (IOException e1) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
199 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
200 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
201 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
202 os.close(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
203 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
204 catch (IOException e2) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
205 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
206 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
207 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
208 c.cm.closeChannel(c, "IOException in agent forwarder (" + e.getMessage() + ")", true); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
209 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
210 catch (IOException e3) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
211 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
212 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
213 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
214 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
215 public void stopWorking() { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
216 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
217 /* This will lead to an IOException in the is.read() call */ |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
218 is.close(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
219 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
220 catch (IOException e) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
221 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
222 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
223 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
224 /** |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
225 * @return whether the agent is locked |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
226 */ |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
227 private boolean failWhenLocked() throws IOException { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
228 if (authAgent.isAgentLocked()) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
229 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
230 return true; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
231 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
232 else |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
233 return false; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
234 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
235 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
236 private void sendIdentities() throws IOException { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
237 Map<String, byte[]> keys = null; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
238 TypesWriter tw = new TypesWriter(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
239 tw.writeByte(SSH2_AGENT_IDENTITIES_ANSWER); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
240 int numKeys = 0; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
241 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
242 if (!authAgent.isAgentLocked()) |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
243 keys = authAgent.retrieveIdentities(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
244 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
245 if (keys != null) |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
246 numKeys = keys.size(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
247 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
248 tw.writeUINT32(numKeys); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
249 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
250 if (keys != null) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
251 for (Entry<String, byte[]> entry : keys.entrySet()) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
252 byte[] keyBytes = entry.getValue(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
253 tw.writeString(keyBytes, 0, keyBytes.length); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
254 tw.writeString(entry.getKey()); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
255 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
256 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
257 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
258 sendPacket(tw.getBytes()); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
259 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
260 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
261 /** |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
262 * @param tr |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
263 */ |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
264 private void addIdentity(TypesReader tr, boolean checkConstraints) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
265 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
266 if (failWhenLocked()) |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
267 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
268 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
269 String type = tr.readString(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
270 String comment; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
271 String keyType; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
272 KeySpec pubSpec; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
273 KeySpec privSpec; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
274 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
275 if (type.equals("ssh-rsa")) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
276 keyType = "RSA"; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
277 BigInteger n = tr.readMPINT(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
278 BigInteger e = tr.readMPINT(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
279 BigInteger d = tr.readMPINT(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
280 BigInteger iqmp = tr.readMPINT(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
281 BigInteger p = tr.readMPINT(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
282 BigInteger q = tr.readMPINT(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
283 comment = tr.readString(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
284 // Derive the extra values Java needs. |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
285 BigInteger dmp1 = d.mod(p.subtract(BigInteger.ONE)); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
286 BigInteger dmq1 = d.mod(q.subtract(BigInteger.ONE)); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
287 pubSpec = new RSAPublicKeySpec(n, e); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
288 privSpec = new RSAPrivateCrtKeySpec(n, e, d, p, q, dmp1, dmq1, iqmp); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
289 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
290 else if (type.equals("ssh-dss")) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
291 keyType = "DSA"; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
292 BigInteger p = tr.readMPINT(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
293 BigInteger q = tr.readMPINT(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
294 BigInteger g = tr.readMPINT(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
295 BigInteger y = tr.readMPINT(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
296 BigInteger x = tr.readMPINT(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
297 comment = tr.readString(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
298 pubSpec = new DSAPublicKeySpec(y, p, q, g); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
299 privSpec = new DSAPrivateKeySpec(x, p, q, g); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
300 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
301 else if (type.equals("ecdsa-sha2-nistp256")) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
302 keyType = "EC"; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
303 String curveName = tr.readString(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
304 byte[] groupBytes = tr.readByteString(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
305 BigInteger exponent = tr.readMPINT(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
306 comment = tr.readString(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
307 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
308 if (!"nistp256".equals(curveName)) { |
295
deb5fb087b6f
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
294
diff
changeset
|
309 log.debug("Invalid curve name for ecdsa-sha2-nistp256: " + curveName); |
294
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
310 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
311 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
312 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
313 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
314 ECParameterSpec nistp256 = ECDSASHA2Verify.EllipticCurves.nistp256; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
315 ECPoint group = ECDSASHA2Verify.decodeECPoint(groupBytes, nistp256.getCurve()); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
316 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
317 if (group == null) { |
300
349847b2e318
add ecdsa key support everywhere
Carl Byington <carl@five-ten-sg.com>
parents:
298
diff
changeset
|
318 log.debug("No groupfor ecdsa-sha2-nistp256: "); |
294
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
319 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
320 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
321 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
322 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
323 pubSpec = new ECPublicKeySpec(group, nistp256); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
324 privSpec = new ECPrivateKeySpec(exponent, nistp256); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
325 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
326 else { |
295
deb5fb087b6f
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
294
diff
changeset
|
327 log.debug("Unknown key type: " + type); |
294
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
328 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
329 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
330 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
331 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
332 PublicKey pubKey; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
333 PrivateKey privKey; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
334 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
335 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
336 KeyFactory kf = KeyFactory.getInstance(keyType); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
337 pubKey = kf.generatePublic(pubSpec); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
338 privKey = kf.generatePrivate(privSpec); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
339 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
340 catch (NoSuchAlgorithmException ex) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
341 // TODO: log error |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
342 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
343 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
344 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
345 catch (InvalidKeySpecException ex) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
346 // TODO: log error |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
347 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
348 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
349 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
350 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
351 KeyPair pair = new KeyPair(pubKey, privKey); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
352 boolean confirmUse = false; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
353 int lifetime = 0; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
354 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
355 if (checkConstraints) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
356 while (tr.remain() > 0) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
357 int constraint = tr.readByte(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
358 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
359 if (constraint == SSH_AGENT_CONSTRAIN_CONFIRM) |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
360 confirmUse = true; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
361 else if (constraint == SSH_AGENT_CONSTRAIN_LIFETIME) |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
362 lifetime = tr.readUINT32(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
363 else { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
364 // Unknown constraint. Bail. |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
365 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
366 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
367 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
368 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
369 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
370 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
371 if (authAgent.addIdentity(pair, comment, confirmUse, lifetime)) |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
372 os.write(SSH_AGENT_SUCCESS); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
373 else |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
374 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
375 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
376 catch (IOException e) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
377 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
378 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
379 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
380 catch (IOException e1) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
381 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
382 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
383 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
384 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
385 /** |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
386 * @param tr |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
387 */ |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
388 private void removeIdentity(TypesReader tr) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
389 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
390 if (failWhenLocked()) |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
391 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
392 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
393 byte[] publicKey = tr.readByteString(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
394 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
395 if (authAgent.removeIdentity(publicKey)) |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
396 os.write(SSH_AGENT_SUCCESS); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
397 else |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
398 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
399 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
400 catch (IOException e) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
401 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
402 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
403 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
404 catch (IOException e1) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
405 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
406 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
407 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
408 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
409 /** |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
410 * @param tr |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
411 */ |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
412 private void removeAllIdentities(TypesReader tr) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
413 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
414 if (failWhenLocked()) |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
415 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
416 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
417 if (authAgent.removeAllIdentities()) |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
418 os.write(SSH_AGENT_SUCCESS); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
419 else |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
420 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
421 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
422 catch (IOException e) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
423 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
424 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
425 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
426 catch (IOException e1) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
427 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
428 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
429 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
430 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
431 private void processSignRequest(TypesReader tr) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
432 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
433 if (failWhenLocked()) |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
434 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
435 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
436 byte[] publicKeyBytes = tr.readByteString(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
437 byte[] challenge = tr.readByteString(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
438 int flags = tr.readUINT32(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
439 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
440 if (flags != 0) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
441 // We don't understand any flags; abort! |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
442 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
443 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
444 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
445 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
446 KeyPair pair = authAgent.getKeyPair(publicKeyBytes); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
447 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
448 if (pair == null) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
449 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
450 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
451 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
452 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
453 byte[] response; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
454 PrivateKey privKey = pair.getPrivate(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
455 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
456 if (privKey instanceof RSAPrivateKey) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
457 byte[] signature = RSASHA1Verify.generateSignature(challenge, |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
458 (RSAPrivateKey) privKey); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
459 response = RSASHA1Verify.encodeSSHRSASignature(signature); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
460 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
461 else if (privKey instanceof DSAPrivateKey) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
462 byte[] signature = DSASHA1Verify.generateSignature(challenge, |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
463 (DSAPrivateKey) privKey, new SecureRandom()); |
303
a218d9cd725b
add ecdsa key support everywhere
Carl Byington <carl@five-ten-sg.com>
parents:
302
diff
changeset
|
464 response = DSASHA1Verify.encodeSSHDSASignature(signature); |
294
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
465 } |
298
ab3a99f11a36
add ecdsa key support everywhere
Carl Byington <carl@five-ten-sg.com>
parents:
295
diff
changeset
|
466 else if (privKey instanceof ECPrivateKey) { |
302
beaccc9df37b
add ecdsa key support everywhere
Carl Byington <carl@five-ten-sg.com>
parents:
300
diff
changeset
|
467 ECPrivateKey pk = (ECPrivateKey) privKey; |
304
abad243cb341
add ecdsa key support everywhere
Carl Byington <carl@five-ten-sg.com>
parents:
303
diff
changeset
|
468 byte[] signature = ECDSASHA2Verify.generateSignature(challenge, pk); |
abad243cb341
add ecdsa key support everywhere
Carl Byington <carl@five-ten-sg.com>
parents:
303
diff
changeset
|
469 response = ECDSASHA2Verify.encodeSSHECDSASignature(signature, pk.getParams()); |
298
ab3a99f11a36
add ecdsa key support everywhere
Carl Byington <carl@five-ten-sg.com>
parents:
295
diff
changeset
|
470 } |
294
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
471 else { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
472 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
473 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
474 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
475 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
476 TypesWriter tw = new TypesWriter(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
477 tw.writeByte(SSH2_AGENT_SIGN_RESPONSE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
478 tw.writeString(response, 0, response.length); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
479 sendPacket(tw.getBytes()); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
480 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
481 catch (IOException e) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
482 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
483 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
484 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
485 catch (IOException e1) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
486 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
487 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
488 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
489 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
490 /** |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
491 * @param tr |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
492 */ |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
493 private void processLockRequest(TypesReader tr) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
494 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
495 if (failWhenLocked()) |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
496 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
497 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
498 String lockPassphrase = tr.readString(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
499 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
500 if (!authAgent.setAgentLock(lockPassphrase)) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
501 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
502 return; |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
503 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
504 else |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
505 os.write(SSH_AGENT_SUCCESS); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
506 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
507 catch (IOException e) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
508 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
509 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
510 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
511 catch (IOException e1) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
512 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
513 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
514 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
515 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
516 /** |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
517 * @param tr |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
518 */ |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
519 private void processUnlockRequest(TypesReader tr) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
520 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
521 String unlockPassphrase = tr.readString(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
522 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
523 if (authAgent.requestAgentUnlock(unlockPassphrase)) |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
524 os.write(SSH_AGENT_SUCCESS); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
525 else |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
526 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
527 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
528 catch (IOException e) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
529 try { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
530 os.write(SSH_AGENT_FAILURE); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
531 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
532 catch (IOException e1) { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
533 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
534 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
535 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
536 |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
537 /** |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
538 * @param tw |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
539 * @throws IOException |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
540 */ |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
541 private void sendPacket(byte[] message) throws IOException { |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
542 TypesWriter packet = new TypesWriter(); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
543 packet.writeUINT32(message.length); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
544 packet.writeBytes(message); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
545 os.write(packet.getBytes()); |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
546 } |
c41a399da303
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
547 } |