Subversion Repositories Programming Utils

Rev

Details | Last modification | View Log | RSS feed

Rev Author Line No. Line
86 rm5248 1
/*
2
 * Licensed to the Apache Software Foundation (ASF) under one
3
 * or more contributor license agreements.  See the NOTICE file
4
 * distributed with this work for additional information
5
 * regarding copyright ownership.  The ASF licenses this file
6
 * to you under the Apache License, Version 2.0 (the
7
 * "License"); you may not use this file except in compliance
8
 * with the License.  You may obtain a copy of the License at
9
 *
10
 *   http://www.apache.org/licenses/LICENSE-2.0
11
 *
12
 * Unless required by applicable law or agreed to in writing,
13
 * software distributed under the License is distributed on an
14
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15
 * KIND, either express or implied.  See the License for the
16
 * specific language governing permissions and limitations
17
 * under the License.
18
 */
19
package org.apache.sshd.server.auth;
20
 
21
import java.security.PublicKey;
22
 
23
import org.apache.sshd.common.NamedFactory;
24
import org.apache.sshd.common.Signature;
25
import org.apache.sshd.common.SshConstants;
26
import org.apache.sshd.common.util.Buffer;
27
import org.apache.sshd.server.PublickeyAuthenticator;
28
import org.apache.sshd.server.UserAuth;
29
 
30
/**
31
 * TODO Add javadoc
32
 *
33
 * @author <a href="mailto:dev@mina.apache.org">Apache MINA SSHD Project</a>
34
 */
35
public class UserAuthPublicKey extends AbstractUserAuth {
36
 
37
    public static class Factory implements NamedFactory<UserAuth> {
38
        public String getName() {
39
            return "publickey";
40
        }
41
        public UserAuth create() {
42
            return new UserAuthPublicKey();
43
        }
44
    }
45
 
46
    public Boolean doAuth(Buffer buffer, boolean init) throws Exception {
47
        if (!init) {
48
            throw new IllegalStateException();
49
        }
50
        boolean hasSig = buffer.getBoolean();
51
        String alg = buffer.getString();
52
 
53
        int oldLim = buffer.wpos();
54
        int oldPos = buffer.rpos();
55
        int len = buffer.getInt();
56
        buffer.wpos(buffer.rpos() + len);
57
        PublicKey key = buffer.getRawPublicKey();
58
        Signature verif = NamedFactory.Utils.create(session.getFactoryManager().getSignatureFactories(), alg);
59
        if (verif == null) {
60
            throw new Exception("No Signature available for: " + alg);
61
        }
62
        verif.init(key, null);
63
        buffer.wpos(oldLim);
64
 
65
        byte[] sig = hasSig ? buffer.getBytes() : null;
66
 
67
        PublickeyAuthenticator authenticator = session.getFactoryManager().getPublickeyAuthenticator();
68
        if (authenticator == null) {
69
            throw new Exception("No PublickeyAuthenticator configured");
70
        }
71
 
72
        if (!authenticator.authenticate(username, key, session)) {
73
            return false;
74
        }
75
        if (!hasSig) {
76
            Buffer buf = session.createBuffer(SshConstants.SSH_MSG_USERAUTH_PK_OK);
77
            buf.putString(alg);
78
            buf.putRawBytes(buffer.array(), oldPos, 4 + len);
79
            session.writePacket(buf);
80
            return null;
81
        } else {
82
            Buffer buf = new Buffer();
83
            buf.putString(session.getKex().getH());
84
            buf.putByte(SshConstants.SSH_MSG_USERAUTH_REQUEST);
85
            buf.putString(username);
86
            buf.putString(service);
87
            buf.putString("publickey");
88
            buf.putByte((byte) 1);
89
            buf.putString(alg);
90
            buffer.rpos(oldPos);
91
            buffer.wpos(oldPos + 4 + len);
92
            buf.putBuffer(buffer);
93
            verif.update(buf.array(), buf.rpos(), buf.available());
94
            if (!verif.verify(sig)) {
95
                throw new Exception("Key verification failed");
96
            }
97
            return true;
98
        }
99
    }
100
}