private static byte[] packString(String data) { if (data == null || data.isEmpty()) { return "".getBytes(); } return new Buffer.PlainBuffer().putString(data).getCompactData(); }
@Override public Subsystem startSubsystem(String name) throws ConnectionException, TransportException { checkReuse(); log.info("Will request `{}` subsystem", name); sendChannelRequest("subsystem", true, new Buffer.PlainBuffer().putString(name)) .await(conn.getTimeoutMs(), TimeUnit.MILLISECONDS); usedUp = true; return this; }
public byte[] toBytes() { Buffer.PlainBuffer buf = new Buffer.PlainBuffer(); buf.putUInt32(mask); if (has(Flag.SIZE)) buf.putUInt64(size); if (has(Flag.UIDGID)) { buf.putUInt32(uid); buf.putUInt32(gid); } if (has(Flag.MODE)) buf.putUInt32(mode.getMask()); if (has(Flag.ACMODTIME)) { buf.putUInt32(atime); buf.putUInt32(mtime); } if (has(Flag.EXTENDED)) { buf.putUInt32(ext.size()); for (Entry<String, String> entry : ext.entrySet()) { buf.putString(entry.getKey()); buf.putString(entry.getValue()); } } return buf.getCompactData(); }
private static byte[] packString(String data) { if (data == null || data.isEmpty()) { return "".getBytes(); } return new Buffer.PlainBuffer().putString(data).getCompactData(); }
@Override public Subsystem startSubsystem(String name) throws ConnectionException, TransportException { checkReuse(); log.info("Will request `{}` subsystem", name); sendChannelRequest("subsystem", true, new Buffer.PlainBuffer().putString(name)) .await(conn.getTimeoutMs(), TimeUnit.MILLISECONDS); usedUp = true; return this; }
@Override public Command exec(String command) throws ConnectionException, TransportException { checkReuse(); log.info("Will request to exec `{}`", command); sendChannelRequest("exec", true, new Buffer.PlainBuffer().putString(command)) .await(conn.getTimeoutMs(), TimeUnit.MILLISECONDS); usedUp = true; return this; }
.putString(K_S) .putBytes(dh.getE()) .putBytes(f)
private boolean parseGexReply(SSHPacket buffer) throws Buffer.BufferException, GeneralSecurityException, TransportException { byte[] K_S = buffer.readBytes(); byte[] f = buffer.readBytes(); byte[] sig = buffer.readBytes(); hostKey = new Buffer.PlainBuffer(K_S).readPublicKey(); dh.computeK(f); BigInteger k = dh.getK(); final Buffer.PlainBuffer buf = initializedBuffer() .putString(K_S) .putUInt32(minBits) .putUInt32(preferredBits) .putUInt32(maxBits) .putMPInt(((DH) dh).getP()) .putMPInt(((DH) dh).getG()) .putBytes(dh.getE()) .putBytes(f) .putMPInt(k); digest.update(buf.array(), buf.rpos(), buf.available()); H = digest.digest(); Signature signature = Factory.Named.Util.create(trans.getConfig().getSignatureFactories(), KeyType.fromKey(hostKey).toString()); signature.initVerify(hostKey); signature.update(H, 0, H.length); if (!signature.verify(sig)) throw new TransportException(DisconnectReason.KEY_EXCHANGE_FAILED, "KeyExchange signature verification failed"); return true; }
@Test public void testSignAndVerify() throws Exception { BigInteger x = new BigInteger(new byte[] { 58, 19, -71, -30, 89, -111, 75, 98, 110, 38, -56, -23, 68, 74, -40, 17, -30, 37, 50, 35 }); BigInteger y = new BigInteger(new byte[] { 32, -91, -39, 54, 19, 14, 26, 113, -109, -92, -45, 83, -86, 23, -103, 108, 102, 86, 110, 78, -45, -41, -37, 38, -94, -92, -124, -36, -93, 92, 127, 113, 97, -119, -10, -73, -41, -45, 98, -104, -54, -9, -92, 66, 15, 31, 68, -32, 32, -121, -51, 68, 29, 100, 59, 60, 109, 111, -81, 80, 7, 127, 116, -107, 88, -114, -114, -69, 41, -15, 59, 81, 70, 9, -113, 36, 119, 28, 16, -127, -65, 32, -19, 109, -27, 24, -48, -80, 84, 47, 119, 25, 57, -118, -66, -22, -105, -11, 112, 16, -91, -127, 62, 23, 89, -17, -43, -105, -4, -43, 60, 42, -81, -95, -27, -8, 98, -37, 120, 80, -76, 93, -24, -104, -117, 38, -56, -68 }); BigInteger p = new BigInteger(new byte[] { 0, -3, 127, 83, -127, 29, 117, 18, 41, 82, -33, 74, -100, 46, -20, -28, -25, -10, 17, -73, 82, 60, -17, 68, 0, -61, 30, 63, -128, -74, 81, 38, 105, 69, 93, 64, 34, 81, -5, 89, 61, -115, 88, -6, -65, -59, -11, -70, 48, -10, -53, -101, 85, 108, -41, -127, 59, -128, 29, 52, 111, -14, 102, 96, -73, 107, -103, 80, -91, -92, -97, -97, -24, 4, 123, 16, 34, -62, 79, -69, -87, -41, -2, -73, -58, 27, -8, 59, 87, -25, -58, -88, -90, 21, 15, 4, -5, -125, -10, -45, -59, 30, -61, 2, 53, 84, 19, 90, 22, -111, 50, -10, 117, -13, -82, 43, 97, -41, 42, -17, -14, 34, 3, 25, -99, -47, 72, 1, -57 }); BigInteger q = new BigInteger(new byte[] { 0, -105, 96, 80, -113, 21, 35, 11, -52, -78, -110, -71, -126, -94, -21, -124, 11, -16, 88, 28, -11 }); BigInteger g = new BigInteger(new byte[] { 0, -9, -31, -96, -123, -42, -101, 61, -34, -53, -68, -85, 92, 54, -72, 87, -71, 121, -108, -81, -69, -6, 58, -22, -126, -7, 87, 76, 11, 61, 7, -126, 103, 81, 89, 87, -114, -70, -44, 89, 79, -26, 113, 7, 16, -127, -128, -76, 73, 22, 113, 35, -24, 76, 40, 22, 19, -73, -49, 9, 50, -116, -56, -90, -31, 60, 22, 122, -117, 84, 124, -115, 40, -32, -93, -82, 30, 43, -77, -90, 117, -111, 110, -93, 127, 11, -6, 33, 53, 98, -15, -5, 98, 122, 1, 36, 59, -52, -92, -15, -66, -88, 81, -112, -119, -88, -125, -33, -31, 90, -27, -97, 6, -110, -117, 102, 94, -128, 123, 85, 37, 100, 1, 76, 59, -2, -49, 73, 42 }); byte[] data = "The Magic Words are Squeamish Ossifrage".getBytes(IOUtils.UTF8); // A previously signed and verified signature using the data and DSA key parameters above. byte[] dataSig = new byte[] { 0, 0, 0, 7, 115, 115, 104, 45, 100, 115, 115, 0, 0, 0, 40, 40, -71, 33, 105, -89, -107, 8, 26, -13, -90, 73, -103, 105, 112, 7, -59, -66, 46, 85, -27, 20, 82, 22, -113, -75, -86, -121, -42, -73, 78, 66, 93, -34, 39, -50, -93, 27, -5, 37, -92 }; SignatureDSA signatureForSigning = new SignatureDSA(); signatureForSigning.initSign(keyFactory.generatePrivate(new DSAPrivateKeySpec(x, p, q, g))); signatureForSigning.update(data); byte[] sigBlob = signatureForSigning.encode(signatureForSigning.sign()); byte[] sigFull = new Buffer.PlainBuffer().putString("ssh-dss").putBytes(sigBlob).getCompactData(); SignatureDSA signatureForVerifying = new SignatureDSA(); signatureForVerifying.initVerify(keyFactory.generatePublic(new DSAPublicKeySpec(y, p, q, g))); signatureForVerifying.update(data); Assert.assertTrue("Failed to verify signature: " + Arrays.toString(sigFull), signatureForVerifying.verify(sigFull)); signatureForVerifying.update(data); Assert.assertTrue("Failed to verify signature: " + Arrays.toString(dataSig), signatureForVerifying.verify(dataSig)); }
protected SSHPacket putSig(SSHPacket reqBuf) throws UserAuthException { PrivateKey key; try { key = kProv.getPrivate(); } catch (IOException ioe) { throw new UserAuthException("Problem getting private key from " + kProv, ioe); } final String kt = KeyType.fromKey(key).toString(); Signature signature = Factory.Named.Util.create(params.getTransport().getConfig().getSignatureFactories(), kt); if (signature == null) throw new UserAuthException("Could not create signature instance for " + kt + " key"); signature.initSign(key); signature.update(new Buffer.PlainBuffer() .putString(params.getTransport().getSessionID()) .putBuffer(reqBuf) // & rest of the data for sig .getCompactData()); reqBuf.putSignature(kt, signature.encode(signature.sign())); return reqBuf; }
@Test public void testDataTypes() throws Buffer.BufferException { // bool assertEquals(handyBuf.putBoolean(true).readBoolean(), true); // byte assertEquals(handyBuf.putByte((byte) 10).readByte(), (byte) 10); // byte array assertArrayEquals(handyBuf.putBytes("some string".getBytes()).readBytes(), "some string".getBytes()); // mpint BigInteger bi = new BigInteger("1111111111111111111111111111111"); assertEquals(handyBuf.putMPInt(bi).readMPInt(), bi); // string assertEquals(handyBuf.putString("some string").readString(), "some string"); // uint32 assertEquals(handyBuf.putUInt32(0xffffffffL).readUInt32(), 0xffffffffL); }
private byte[] generateMIC() throws UserAuthException { byte[] msg = new PlainBuffer().putString(params.getTransport().getSessionID()) .putByte(Message.USERAUTH_REQUEST.toByte()) .putString(params.getUsername()) .putString(params.getNextServiceName()) .putString(getName()) .getCompactData(); try { return secContext.getMIC(msg, 0, msg.length, null); } catch (GSSException e) { throw new UserAuthException("Exception getting message integrity code", e); } }
@Override public void allocatePTY(String term, int cols, int rows, int width, int height, Map<PTYMode, Integer> modes) throws ConnectionException, TransportException { sendChannelRequest( "pty-req", true, new Buffer.PlainBuffer() .putString(term) .putUInt32(cols) .putUInt32(rows) .putUInt32(width) .putUInt32(height) .putBytes(PTYMode.encode(modes)) ).await(conn.getTimeoutMs(), TimeUnit.MILLISECONDS); }
@Override public void reqX11Forwarding(String authProto, String authCookie, int screen) throws ConnectionException, TransportException { sendChannelRequest( "x11-req", true, new Buffer.PlainBuffer() .putBoolean(false) .putString(authProto) .putString(authCookie) .putUInt32(screen) ).await(conn.getTimeoutMs(), TimeUnit.MILLISECONDS); }
protected SSHPacket req(String reqName, Forward forward) throws ConnectionException, TransportException { final byte[] specifics = new Buffer.PlainBuffer().putString(forward.address).putUInt32(forward.port) .getCompactData(); return conn.sendGlobalRequest(reqName, true, specifics) .retrieve(conn.getTimeoutMs(), TimeUnit.MILLISECONDS); }
public T putSignature(String sigFormat, byte[] sigData) { final byte[] sig = new PlainBuffer().putString(sigFormat).putBytes(sigData).getCompactData(); return putString(sig); }
@Override public Command exec(String command) throws ConnectionException, TransportException { checkReuse(); log.debug("Will request to exec `{}`", command); sendChannelRequest("exec", true, new Buffer.PlainBuffer().putString(command, getRemoteCharset())) .await(conn.getTimeoutMs(), TimeUnit.MILLISECONDS); usedUp = true; return this; }
@Override public void signal(Signal sig) throws TransportException { sendChannelRequest("signal", false, new Buffer.PlainBuffer().putString(sig.toString())); }