Mirrors/sshj
1
0
Fork 0
mirror of https://github.com/hierynomus/sshj.git synced 2025-12-06 15:20:54 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity

Extract encode method for signature. Implement signing for ECDSA.

Browse Source
This commit is contained in:
David Kocher
2014-05-14 12:33:46 +02:00
parent 08d0e59b6b
commit 77f5d7fdb8
6 changed files with 59 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/main/java/net/schmizz/sshj/signature/AbstractSignature.java
View File

@@ -81,6 +81,15 @@ public abstract class AbstractSignature
} }
} }
@Override
public byte[] sign() {
try {
return signature.sign();
} catch (SignatureException e) {
throw new SSHRuntimeException(e);
}
}
protected byte[] extractSig(byte[] sig) { protected byte[] extractSig(byte[] sig) {
if (sig[0] == 0 && sig[1] == 0 && sig[2] == 0) { if (sig[0] == 0 && sig[1] == 0 && sig[2] == 0) {
int i = 0; int i = 0;

7
src/main/java/net/schmizz/sshj/signature/Signature.java
View File

@@ -74,6 +74,13 @@ public interface Signature {
*/ */
byte[] sign(); byte[] sign();
/**
* Encode the signature as blog
* @param signature the signature to encode
* @return Encoded signature
*/
byte[] encode(byte[] signature);
/** /**
* Verify against the given signature. * Verify against the given signature.
* *

27
src/main/java/net/schmizz/sshj/signature/SignatureDSA.java
View File

@@ -35,11 +35,11 @@
*/ */
package net.schmizz.sshj.signature; package net.schmizz.sshj.signature;
import java.security.SignatureException;
import net.schmizz.sshj.common.KeyType; import net.schmizz.sshj.common.KeyType;
import net.schmizz.sshj.common.SSHRuntimeException; import net.schmizz.sshj.common.SSHRuntimeException;
import java.security.SignatureException;
/** DSA {@link Signature} */ /** DSA {@link Signature} */
public class SignatureDSA public class SignatureDSA
extends AbstractSignature { extends AbstractSignature {
@@ -65,14 +65,7 @@ public class SignatureDSA
} }
@Override @Override
public byte[] sign() { public byte[] encode(byte[] sig) {
byte[] sig;
try {
sig = signature.sign();
} catch (SignatureException e) {
throw new SSHRuntimeException(e);
}
// sig is in ASN.1 // sig is in ASN.1
// SEQUENCE::={ r INTEGER, s INTEGER } // SEQUENCE::={ r INTEGER, s INTEGER }
@@ -90,17 +83,11 @@ public class SignatureDSA
// result must be 40 bytes, but length of r and s may not be 20 bytes // result must be 40 bytes, but length of r and s may not be 20 bytes
System.arraycopy(r, int r_copylen = (r.length < 20) ? r.length : 20;
r.length > 20 ? 1 : 0, int s_copylen = (s.length < 20) ? s.length : 20;
result,
r.length > 20 ? 0 : 20 - r.length,
r.length > 20 ? 20 : r.length);
System.arraycopy(s, System.arraycopy(r, r.length - r_copylen, result, 20 - r_copylen, r_copylen);
s.length > 20 ? 1 : 0, System.arraycopy(s, s.length - s_copylen, result, 40 - s_copylen, s_copylen);
result,
s.length > 20 ? 20 : 40 - s.length,
s.length > 20 ? 20 : s.length);
return result; return result;
} }

34
src/main/java/net/schmizz/sshj/signature/SignatureECDSA.java
View File

@@ -35,12 +35,13 @@
*/ */
package net.schmizz.sshj.signature; package net.schmizz.sshj.signature;
import java.math.BigInteger;
import java.security.SignatureException;
import net.schmizz.sshj.common.Buffer; import net.schmizz.sshj.common.Buffer;
import net.schmizz.sshj.common.KeyType; import net.schmizz.sshj.common.KeyType;
import net.schmizz.sshj.common.SSHRuntimeException; import net.schmizz.sshj.common.SSHRuntimeException;
import java.security.SignatureException;
/** ECDSA {@link Signature} */ /** ECDSA {@link Signature} */
public class SignatureECDSA public class SignatureECDSA
extends AbstractSignature { extends AbstractSignature {
@@ -66,17 +67,31 @@ public class SignatureECDSA
} }
@Override @Override
public byte[] sign() { public byte[] encode(byte[] sig) {
throw new UnsupportedOperationException("No implementation for sign!"); int rIndex = 3;
int rLen = sig[rIndex++] & 0xff;
byte[] r = new byte[rLen];
System.arraycopy(sig, rIndex, r, 0, r.length);
int sIndex = rIndex + rLen + 1;
int sLen = sig[sIndex++] & 0xff;
byte[] s = new byte[sLen];
System.arraycopy(sig, sIndex, s, 0, s.length);
System.arraycopy(sig, 4, r, 0, rLen);
System.arraycopy(sig, 6 + rLen, s, 0, sLen);
Buffer buf = new Buffer.PlainBuffer();
buf.putMPInt(new BigInteger(r));
buf.putMPInt(new BigInteger(s));
return buf.getCompactData();
} }
@Override @Override
public boolean verify(byte[] sig) { public boolean verify(byte[] sig) {
byte[] r;
byte[] r = null; byte[] s;
byte[] s = null;
try { try {
Buffer sigbuf = new Buffer.PlainBuffer(sig); Buffer sigbuf = new Buffer.PlainBuffer(sig);
final String algo = new String(sigbuf.readBytes()); final String algo = new String(sigbuf.readBytes());
@@ -139,5 +154,4 @@ public class SignatureECDSA
throw new SSHRuntimeException(e); throw new SSHRuntimeException(e);
} }
} }
} }

12
src/main/java/net/schmizz/sshj/signature/SignatureRSA.java
View File

@@ -35,11 +35,11 @@
*/ */
package net.schmizz.sshj.signature; package net.schmizz.sshj.signature;
import java.security.SignatureException;
import net.schmizz.sshj.common.KeyType; import net.schmizz.sshj.common.KeyType;
import net.schmizz.sshj.common.SSHRuntimeException; import net.schmizz.sshj.common.SSHRuntimeException;
import java.security.SignatureException;
/** RSA {@link Signature} */ /** RSA {@link Signature} */
public class SignatureRSA public class SignatureRSA
extends AbstractSignature { extends AbstractSignature {
@@ -65,12 +65,8 @@ public class SignatureRSA
} }
@Override @Override
public byte[] sign() { public byte[] encode(byte[] signature) {
try { return signature;
return signature.sign();
} catch (SignatureException e) {
throw new SSHRuntimeException(e);
}
} }
@Override @Override

16
src/main/java/net/schmizz/sshj/userauth/method/KeyedAuthMethod.java
View File

@@ -62,16 +62,16 @@ public abstract class KeyedAuthMethod
} }
final String kt = KeyType.fromKey(key).toString(); final String kt = KeyType.fromKey(key).toString();
Signature sigger = Factory.Named.Util.create(params.getTransport().getConfig().getSignatureFactories(), kt); Signature signature = Factory.Named.Util.create(params.getTransport().getConfig().getSignatureFactories(), kt);
if (sigger == null) if (signature == null)
throw new UserAuthException("Could not create signature instance for " + kt + " key"); throw new UserAuthException("Could not create signature instance for " + kt + " key");
sigger.init(null, key); signature.init(null, key);
sigger.update(new Buffer.PlainBuffer() signature.update(new Buffer.PlainBuffer()
.putString(params.getTransport().getSessionID()) .putString(params.getTransport().getSessionID())
.putBuffer(reqBuf) // & rest of the data for sig .putBuffer(reqBuf) // & rest of the data for sig
.getCompactData()); .getCompactData());
reqBuf.putSignature(kt, sigger.sign()); reqBuf.putSignature(kt, signature.encode(signature.sign()));
return reqBuf; return reqBuf;
} }