private boolean verifySignature(byte[] sig, byte[] hostkey) throws IOException { if (kxs.np.server_host_key_algo.equals("ssh-rsa")) { RSASignature rs = RSASHA1Verify.decodeSSHRSASignature(sig); RSAPublicKey rpk = RSASHA1Verify.decodeSSHRSAPublicKey(hostkey); log.log(50, "Verifying ssh-rsa signature"); return RSASHA1Verify.verifySignature(kxs.H, rs, rpk); } if (kxs.np.server_host_key_algo.equals("ssh-dss")) { DSASignature ds = DSASHA1Verify.decodeSSHDSASignature(sig); DSAPublicKey dpk = DSASHA1Verify.decodeSSHDSAPublicKey(hostkey); log.log(50, "Verifying ssh-dss signature"); return DSASHA1Verify.verifySignature(kxs.H, ds, dpk); } throw new IOException("Unknown server host key algorithm '" + kxs.np.server_host_key_algo + "'"); }
/** * Extracts a SSH public key from a PEM-encoded SSH private key. * @param pem The PEM-encoded string (either RSA or DSA). * @param passPhrase The passphrase to decrypt the private key (may be null, if the key is not encrypted). * @return A public key string in the form "<pubkey-type> <pubkey-base64>" * @throws IOException if pem could not be decoded properly. */ public static String extract(final String pem, final String passPhrase) throws IOException { final Object priv = PEMDecoder.decode(pem.toCharArray(), passPhrase); if (priv instanceof RSAPrivateKey) { return "ssh-rsa " + DatatypeConverter.printBase64Binary(RSASHA1Verify.encodeSSHRSAPublicKey(((RSAPrivateKey)priv).getPublicKey())); } if (priv instanceof DSAPrivateKey) { return "ssh-dss " + DatatypeConverter.printBase64Binary(DSASHA1Verify.encodeSSHDSAPublicKey(((DSAPrivateKey)priv).getPublicKey())); } throw new IOException("should never happen"); } }
byte[] pk_enc = RSASHA1Verify.encodeSSHRSAPublicKey(pk.getPublicKey()); RSASignature ds = RSASHA1Verify.generateSignature(msg, pk); byte[] rsa_sig_enc = RSASHA1Verify.encodeSSHRSASignature(ds);
RSAPublicKey rpk = RSASHA1Verify.decodeSSHRSAPublicKey(serverHostKey);
byte[] pk_enc = RSASHA1Verify.encodeSSHRSAPublicKey(pk.getPublicKey()); RSASignature ds = RSASHA1Verify.generateSignature(msg, pk); byte[] rsa_sig_enc = RSASHA1Verify.encodeSSHRSASignature(ds);
final RSAPublicKey rpk = RSASHA1Verify.decodeSSHRSAPublicKey(serverHostKey);
private boolean verifySignature(byte[] sig, byte[] hostkey) throws IOException { if (kxs.np.server_host_key_algo.equals("ssh-rsa")) { RSASignature rs = RSASHA1Verify.decodeSSHRSASignature(sig); RSAPublicKey rpk = RSASHA1Verify.decodeSSHRSAPublicKey(hostkey); log.log(50, "Verifying ssh-rsa signature"); return RSASHA1Verify.verifySignature(kxs.H, rs, rpk); } if (kxs.np.server_host_key_algo.equals("ssh-dss")) { DSASignature ds = DSASHA1Verify.decodeSSHDSASignature(sig); DSAPublicKey dpk = DSASHA1Verify.decodeSSHDSAPublicKey(hostkey); log.log(50, "Verifying ssh-dss signature"); return DSASHA1Verify.verifySignature(kxs.H, ds, dpk); } throw new IOException("Unknown server host key algorithm '" + kxs.np.server_host_key_algo + "'"); }
remoteKey = RSASHA1Verify.decodeSSHRSAPublicKey(serverHostKey);
remoteKey = RSASHA1Verify.decodeSSHRSAPublicKey(serverHostKey);
@Override public HostKey parseKey(String algorithm, byte[] keyValue) throws KeyParseException { try { if ("ssh-rsa".equals(algorithm)) { RSASHA1Verify.decodeSSHRSAPublicKey(keyValue); } else if ("ssh-dss".equals(algorithm)) { DSASHA1Verify.decodeSSHDSAPublicKey(keyValue); } else { throw new KeyParseException("Key algorithm should be one of ssh-rsa or ssh-dss"); } } catch (IOException | StringIndexOutOfBoundsException ex) { throw new KeyParseException(Messages.ManualKeyProvidedHostKeyVerifier_KeyValueDoesNotParse(algorithm), ex); } return new HostKey(algorithm, keyValue); } }
@Override public HostKey parseKey(String algorithm, byte[] keyValue) throws KeyParseException { try { if ("ssh-rsa".equals(algorithm)) { RSASHA1Verify.decodeSSHRSAPublicKey(keyValue); } else if ("ssh-dss".equals(algorithm)) { DSASHA1Verify.decodeSSHDSAPublicKey(keyValue); } else { throw new KeyParseException("Key algorithm should be one of ssh-rsa or ssh-dss"); } } catch (IOException | StringIndexOutOfBoundsException ex) { throw new KeyParseException(Messages.ManualKeyProvidedHostKeyVerifier_KeyValueDoesNotParse(algorithm), ex); } return new HostKey(algorithm, keyValue); } }