Subversion Repositories Programming Utils

Rev

Blame | Last modification | View Log | RSS feed

/*
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements.  See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership.  The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License.  You may obtain a copy of the License at
 *
 *   http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied.  See the License for the
 * specific language governing permissions and limitations
 * under the License.
 */

package org.apache.sshd.agent.local;

import java.io.IOException;
import java.security.KeyPair;
import java.security.PublicKey;
import java.security.interfaces.DSAParams;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.ECParameterSpec;
import java.util.ArrayList;
import java.util.List;

import org.apache.sshd.agent.SshAgent;
import org.apache.sshd.common.Signature;
import org.apache.sshd.common.SshException;
import org.apache.sshd.common.signature.SignatureDSA;
import org.apache.sshd.common.signature.SignatureECDSA;
import org.apache.sshd.common.signature.SignatureRSA;

/**
 * A local SSH agent implementation
 */

public class AgentImpl implements SshAgent {

    private final List<Pair<KeyPair, String>> keys = new ArrayList<Pair<KeyPair, String>>();
    private boolean closed;

    public List<Pair<PublicKey, String>> getIdentities() throws IOException {
        if (closed) {
            throw new SshException("Agent closed");
        }
        List<Pair<PublicKey, String>> pks = new ArrayList<Pair<PublicKey, String>>();
        for (Pair<KeyPair, String> kp : keys) {
            pks.add(new Pair<PublicKey, String>(kp.getFirst().getPublic(), kp.getSecond()));
        }
        return pks;
    }

    public byte[] sign(PublicKey key, byte[] data) throws IOException {
        if (closed) {
            throw new SshException("Agent closed");
        }
        Pair<KeyPair, String> kp = getKeyPair(keys, key);
        if (kp == null) {
            throw new SshException("Key not found");
        }
        try {
            Signature verif;
            if (kp.getFirst().getPublic() instanceof DSAPublicKey) {
                verif = new SignatureDSA();
            } else if (kp.getFirst().getPublic() instanceof ECPublicKey) {
                ECPublicKey pubKey = (ECPublicKey) kp.getFirst().getPublic();
                verif = SignatureECDSA.getByCurveSize(pubKey.getParams());
            } else if (kp.getFirst().getPublic() instanceof RSAPublicKey) {
                verif = new SignatureRSA();
            } else {
                throw new SshException("Unsupported key type");
            }
            verif.init(kp.getFirst().getPublic(), kp.getFirst().getPrivate());
            verif.update(data, 0, data.length);
            return verif.sign();
        } catch (IOException e) {
            throw e;
        } catch (Exception e) {
            throw new SshException(e);
        }
    }

    public void addIdentity(KeyPair key, String comment) throws IOException {
        if (closed) {
            throw new SshException("Agent closed");
        }
        keys.add(new Pair<KeyPair, String>(key, comment));
    }

    public void removeIdentity(PublicKey key) throws IOException {
        if (closed) {
            throw new SshException("Agent closed");
        }
        Pair<KeyPair, String> kp = getKeyPair(keys, key);
        if (kp == null) {
            throw new SshException("Key not found");
        }
        keys.remove(kp);
    }

    public void removeAllIdentities() throws IOException {
        if (closed) {
            throw new SshException("Agent closed");
        }
        keys.clear();
    }

    public void close() {
        closed = true;
        keys.clear();
    }

    protected static SshAgent.Pair<KeyPair, String> getKeyPair(List<SshAgent.Pair<KeyPair, String>> keys, PublicKey key) {
        SshAgent.Pair<KeyPair, String> kp = null;
        for (SshAgent.Pair<KeyPair, String> k : keys) {
            if (areKeyEquals(key, k.getFirst().getPublic())) {
                kp = k;
                break;
            }
        }
        return kp;
    }

    protected static boolean areKeyEquals(PublicKey k1, PublicKey k2) {
        if (k1 instanceof DSAPublicKey && k2 instanceof DSAPublicKey) {
            DSAPublicKey d1 = (DSAPublicKey) k1;
            DSAPublicKey d2 = (DSAPublicKey) k2;
            DSAParams p1 = d1.getParams();
            DSAParams p2 = d2.getParams();
            return d1.getY().equals(d2.getY())
                        && p1.getG().equals(p2.getG())
                        && p1.getP().equals(p2.getP())
                        && p1.getQ().equals(p2.getQ());
        } else if (k1 instanceof ECPublicKey && k2 instanceof ECPublicKey) {
            ECPublicKey e1 = (ECPublicKey) k1;
            ECPublicKey e2 = (ECPublicKey) k2;
            ECParameterSpec p1 = e1.getParams();
            ECParameterSpec p2 = e2.getParams();
            return p1.getCofactor() == p2.getCofactor()
                        && p1.getOrder().equals(p2.getOrder())
                        && e1.getW().equals(e2.getW())
                        && p1.getGenerator().equals(p2.getGenerator())
                        && p1.getCurve().equals(p2.getCurve());
        } else if (k1 instanceof RSAPublicKey && k2 instanceof RSAPublicKey) {
            RSAPublicKey r1 = (RSAPublicKey) k1;
            RSAPublicKey r2 = (RSAPublicKey) k2;
            return r1.getModulus().equals(r2.getModulus())
                        && r1.getPublicExponent().equals(r2.getPublicExponent());
        } else {
            return false;
        }
    }

}