diff --git a/src/main/java/net/schmizz/sshj/common/ECDSAVariationsAdapter.java b/src/main/java/net/schmizz/sshj/common/ECDSAVariationsAdapter.java index f492f1ac..656843cc 100644 --- a/src/main/java/net/schmizz/sshj/common/ECDSAVariationsAdapter.java +++ b/src/main/java/net/schmizz/sshj/common/ECDSAVariationsAdapter.java @@ -21,72 +21,72 @@ import com.hierynomus.sshj.secg.SecgUtils; public class ECDSAVariationsAdapter { - private final static String BASE_ALGORITHM_NAME = "ecdsa-sha2-nistp"; + private final static String BASE_ALGORITHM_NAME = "ecdsa-sha2-nistp"; - private final static Logger log = LoggerFactory.getLogger(ECDSAVariationsAdapter.class); - - public final static Map SUPPORTED_CURVES = new HashMap(); - public final static Map NIST_CURVES_NAMES = new HashMap(); - - static { - NIST_CURVES_NAMES.put("256", "p-256"); - NIST_CURVES_NAMES.put("384", "p-384"); - NIST_CURVES_NAMES.put("521", "p-521"); - - SUPPORTED_CURVES.put("256", "nistp256"); - SUPPORTED_CURVES.put("384", "nistp384"); - SUPPORTED_CURVES.put("521", "nistp521"); - } - - public static PublicKey readPubKeyFromBuffer(Buffer buf, String variation) throws GeneralSecurityException { - String algorithm = BASE_ALGORITHM_NAME + variation; - if (!SecurityUtils.isBouncyCastleRegistered()) { - throw new GeneralSecurityException("BouncyCastle is required to read a key of type " + algorithm); - } - try { - // final String algo = buf.readString(); it has been already read - final String curveName = buf.readString(); - final int keyLen = buf.readUInt32AsInt(); - final byte x04 = buf.readByte(); // it must be 0x04, but don't think - // we need that check - final byte[] x = new byte[(keyLen - 1) / 2]; - final byte[] y = new byte[(keyLen - 1) / 2]; - buf.readRawBytes(x); - buf.readRawBytes(y); - if (log.isDebugEnabled()) { - log.debug(String.format("Key algo: %s, Key curve: %s, Key Len: %s, 0x04: %s\nx: %s\ny: %s", - algorithm, curveName, keyLen, x04, Arrays.toString(x), Arrays.toString(y))); - } + private final static Logger log = LoggerFactory.getLogger(ECDSAVariationsAdapter.class); - if (!SUPPORTED_CURVES.values().contains(curveName)) { - throw new GeneralSecurityException(String.format("Unknown curve %s", curveName)); - } + public final static Map SUPPORTED_CURVES = new HashMap(); + public final static Map NIST_CURVES_NAMES = new HashMap(); - BigInteger bigX = new BigInteger(1, x); - BigInteger bigY = new BigInteger(1, y); + static { + NIST_CURVES_NAMES.put("256", "p-256"); + NIST_CURVES_NAMES.put("384", "p-384"); + NIST_CURVES_NAMES.put("521", "p-521"); - X9ECParameters ecParams = NISTNamedCurves.getByName(NIST_CURVES_NAMES.get(variation)); - ECPoint pPublicPoint = ecParams.getCurve().createPoint(bigX, bigY); - ECParameterSpec spec = new ECParameterSpec(ecParams.getCurve(), ecParams.getG(), ecParams.getN()); - ECPublicKeySpec publicSpec = new ECPublicKeySpec(pPublicPoint, spec); + SUPPORTED_CURVES.put("256", "nistp256"); + SUPPORTED_CURVES.put("384", "nistp384"); + SUPPORTED_CURVES.put("521", "nistp521"); + } - KeyFactory keyFactory = KeyFactory.getInstance("ECDSA"); - return keyFactory.generatePublic(publicSpec); - } catch (Exception ex) { - throw new GeneralSecurityException(ex); - } - } + public static PublicKey readPubKeyFromBuffer(Buffer buf, String variation) throws GeneralSecurityException { + String algorithm = BASE_ALGORITHM_NAME + variation; + if (!SecurityUtils.isBouncyCastleRegistered()) { + throw new GeneralSecurityException("BouncyCastle is required to read a key of type " + algorithm); + } + try { + // final String algo = buf.readString(); it has been already read + final String curveName = buf.readString(); + final int keyLen = buf.readUInt32AsInt(); + final byte x04 = buf.readByte(); // it must be 0x04, but don't think + // we need that check + final byte[] x = new byte[(keyLen - 1) / 2]; + final byte[] y = new byte[(keyLen - 1) / 2]; + buf.readRawBytes(x); + buf.readRawBytes(y); + if (log.isDebugEnabled()) { + log.debug(String.format("Key algo: %s, Key curve: %s, Key Len: %s, 0x04: %s\nx: %s\ny: %s", + algorithm, curveName, keyLen, x04, Arrays.toString(x), Arrays.toString(y))); + } + + if (!SUPPORTED_CURVES.values().contains(curveName)) { + throw new GeneralSecurityException(String.format("Unknown curve %s", curveName)); + } + + BigInteger bigX = new BigInteger(1, x); + BigInteger bigY = new BigInteger(1, y); + + X9ECParameters ecParams = NISTNamedCurves.getByName(NIST_CURVES_NAMES.get(variation)); + ECPoint pPublicPoint = ecParams.getCurve().createPoint(bigX, bigY); + ECParameterSpec spec = new ECParameterSpec(ecParams.getCurve(), ecParams.getG(), ecParams.getN()); + ECPublicKeySpec publicSpec = new ECPublicKeySpec(pPublicPoint, spec); + + KeyFactory keyFactory = KeyFactory.getInstance("ECDSA"); + return keyFactory.generatePublic(publicSpec); + } catch (Exception ex) { + throw new GeneralSecurityException(ex); + } + } public static void writePubKeyContentsIntoBuffer(PublicKey pk, Buffer buf) { final ECPublicKey ecdsa = (ECPublicKey) pk; byte[] encoded = SecgUtils.getEncoded(ecdsa.getW(), ecdsa.getParams().getCurve()); - + buf.putString(Integer.toString(fieldSizeFromKey(ecdsa))) - .putBytes(encoded); + .putBytes(encoded); } - public static int fieldSizeFromKey(ECPublicKey ecPublicKey) { - return ecPublicKey.getParams().getCurve().getField().getFieldSize(); - } + public static int fieldSizeFromKey(ECPublicKey ecPublicKey) { + return ecPublicKey.getParams().getCurve().getField().getFieldSize(); + } } diff --git a/src/main/java/net/schmizz/sshj/common/KeyType.java b/src/main/java/net/schmizz/sshj/common/KeyType.java index 4ab634f1..5f8cecbf 100644 --- a/src/main/java/net/schmizz/sshj/common/KeyType.java +++ b/src/main/java/net/schmizz/sshj/common/KeyType.java @@ -372,7 +372,7 @@ public enum KeyType { } return ((Certificate) key); } - + private static Date dateFromEpoch(long seconds) { return new Date(seconds * 1000); } diff --git a/src/main/java/net/schmizz/sshj/signature/SignatureECDSA.java b/src/main/java/net/schmizz/sshj/signature/SignatureECDSA.java index 605d49e5..7125173f 100644 --- a/src/main/java/net/schmizz/sshj/signature/SignatureECDSA.java +++ b/src/main/java/net/schmizz/sshj/signature/SignatureECDSA.java @@ -30,12 +30,10 @@ import net.schmizz.sshj.common.KeyType; import net.schmizz.sshj.common.SSHRuntimeException; /** ECDSA {@link Signature} */ -public class SignatureECDSA - extends AbstractSignature { +public class SignatureECDSA extends AbstractSignature { /** A named factory for ECDSA-256 signature */ - public static class Factory256 - implements net.schmizz.sshj.common.Factory.Named { + public static class Factory256 implements net.schmizz.sshj.common.Factory.Named { @Override public Signature create() { @@ -50,8 +48,7 @@ public class SignatureECDSA } /** A named factory for ECDSA-384 signature */ - public static class Factory384 - implements net.schmizz.sshj.common.Factory.Named { + public static class Factory384 implements net.schmizz.sshj.common.Factory.Named { @Override public Signature create() { @@ -66,8 +63,7 @@ public class SignatureECDSA } /** A named factory for ECDSA-521 signature */ - public static class Factory521 - implements net.schmizz.sshj.common.Factory.Named { + public static class Factory521 implements net.schmizz.sshj.common.Factory.Named { @Override public Signature create() { @@ -80,14 +76,14 @@ public class SignatureECDSA } } - - private String keyTypeName; + + private String keyTypeName; public SignatureECDSA(String algorithm, String keyTypeName) { super(algorithm); this.keyTypeName = keyTypeName; } - + @Override public byte[] encode(byte[] sig) { int rIndex = 3; @@ -135,15 +131,18 @@ public class SignatureECDSA } catch (SignatureException e) { throw new SSHRuntimeException(e); } catch (IOException e) { - throw new SSHRuntimeException(e); + throw new SSHRuntimeException(e); } } - + private byte[] asnEncode(byte[] r, byte[] s) throws IOException { int rLen = r.length; int sLen = s.length; - /* We can't have the high bit set, so add an extra zero at the beginning if so. */ + /* + * We can't have the high bit set, so add an extra zero at the beginning + * if so. + */ if ((r[0] & 0x80) != 0) { rLen++; } @@ -153,17 +152,17 @@ public class SignatureECDSA /* Calculate total output length */ int length = 6 + rLen + sLen; - - ASN1EncodableVector vector = new ASN1EncodableVector(); - vector.add(new ASN1Integer(r)); - vector.add(new ASN1Integer(s)); - - ByteArrayOutputStream baos = new ByteArrayOutputStream(length); - ASN1OutputStream asnOS = new ASN1OutputStream(baos); - asnOS.writeObject(new DERSequence(vector)); - asnOS.flush(); + ASN1EncodableVector vector = new ASN1EncodableVector(); + vector.add(new ASN1Integer(r)); + vector.add(new ASN1Integer(s)); - return baos.toByteArray(); + ByteArrayOutputStream baos = new ByteArrayOutputStream(length); + ASN1OutputStream asnOS = new ASN1OutputStream(baos); + + asnOS.writeObject(new DERSequence(vector)); + asnOS.flush(); + + return baos.toByteArray(); } }