private PublicKey decodeHostKey(String hostKeyAlgorithm, byte[] encodedHostKey) throws IOException { for (KeyAlgorithm<PublicKey, PrivateKey> algorithm : KeyAlgorithmManager.getSupportedAlgorithms()) { if (algorithm.getKeyFormat().equals(hostKeyAlgorithm)) { return algorithm.decodePublicKey(encodedHostKey); } } throw new IllegalArgumentException("Unknown hostkey type " + hostKeyAlgorithm); }
private boolean verifySignature(byte[] sig, byte[] hostkey) throws IOException { for (KeyAlgorithm<PublicKey, PrivateKey> algorithm : KeyAlgorithmManager.getSupportedAlgorithms()) { if (algorithm.getKeyFormat().equals(kxs.np.server_host_key_algo)) { PublicKey publicKey = algorithm.decodePublicKey(hostkey); byte[] signature = algorithm.decodeSignature(sig); return algorithm.verifySignature(kxs.H, signature, publicKey); } } throw new IOException("Unknown server host key algorithm '" + kxs.np.server_host_key_algo + "'"); }
/** * Adds a single public key entry to the database. Note: this will NOT add the public key * to any physical file (e.g., "~/.ssh/known_hosts") - use <code>addHostkeyToFile()</code> for that purpose. * This method is designed to be used in a {@link ServerHostKeyVerifier}. * * @param hostnames a list of hostname patterns - at least one most be specified. Check out the * OpenSSH sshd man page for a description of the pattern matching algorithm. * @param serverHostKeyAlgorithm as passed to the {@link ServerHostKeyVerifier}. * @param serverHostKey as passed to the {@link ServerHostKeyVerifier}. * @throws IOException on failure trying to convert the host key to a saveable format */ public void addHostkey(String[] hostnames, String serverHostKeyAlgorithm, byte[] serverHostKey) throws IOException { if (hostnames == null) { throw new IllegalArgumentException("hostnames may not be null"); } for (KeyAlgorithm<PublicKey, PrivateKey> algorithm : KeyAlgorithmManager.getSupportedAlgorithms()) { if (serverHostKeyAlgorithm.equals(algorithm.getKeyFormat())) { PublicKey publicKey = algorithm.decodePublicKey(serverHostKey); synchronized (publicKeys) { publicKeys.add(new KnownHostsEntry(hostnames, publicKey, serverHostKeyAlgorithm)); } return; } } throw new IOWarningException("Unknwon host key type (" + serverHostKeyAlgorithm + ")"); }
@Override public HostKey parseKey(String algorithm, byte[] keyValue) throws KeyParseException { for (KeyAlgorithm<?, ?> keyAlgorithm : KeyAlgorithmManager.getSupportedAlgorithms()) { try { if (keyAlgorithm.getKeyFormat().equals(algorithm)) { keyAlgorithm.decodePublicKey(keyValue); return new HostKey(algorithm, keyValue); } } catch (IOException ex) { throw new KeyParseException(Messages.ManualKeyProvidedHostKeyVerifier_KeyValueDoesNotParse(algorithm), ex); } } throw new KeyParseException("Unexpected key algorithm: " + algorithm); } }
@Override public HostKey parseKey(String algorithm, byte[] keyValue) throws KeyParseException { for (KeyAlgorithm<?, ?> keyAlgorithm : KeyAlgorithmManager.getSupportedAlgorithms()) { try { if (keyAlgorithm.getKeyFormat().equals(algorithm)) { keyAlgorithm.decodePublicKey(keyValue); return new HostKey(algorithm, keyValue); } } catch (IOException ex) { throw new KeyParseException(Messages.ManualKeyProvidedHostKeyVerifier_KeyValueDoesNotParse(algorithm), ex); } } throw new KeyParseException("Unexpected key algorithm: " + algorithm); } }