UserAuthPublicKey.java

Go to the documentation of this file.
00001 /* -*-mode:java; c-basic-offset:2; indent-tabs-mode:nil -*- */
00002 /*
00003 Copyright (c) 2002-2011 ymnk, JCraft,Inc. All rights reserved.
00004 
00005 Redistribution and use in source and binary forms, with or without
00006 modification, are permitted provided that the following conditions are met:
00007 
00008   1. Redistributions of source code must retain the above copyright notice,
00009      this list of conditions and the following disclaimer.
00010 
00011   2. Redistributions in binary form must reproduce the above copyright 
00012      notice, this list of conditions and the following disclaimer in 
00013      the documentation and/or other materials provided with the distribution.
00014 
00015   3. The names of the authors may not be used to endorse or promote products
00016      derived from this software without specific prior written permission.
00017 
00018 THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES,
00019 INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
00020 FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL JCRAFT,
00021 INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT,
00022 INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
00023 LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
00024 OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
00025 LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
00026 NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
00027 EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
00028 */
00029 
00030 package com.jcraft.jsch;
00031 
00032 import java.util.Vector;
00033 
00034 class UserAuthPublicKey extends UserAuth{
00035 
00036   public boolean start(Session session) throws Exception{
00037     super.start(session);
00038 
00039     Vector identities=session.jsch.identities;
00040 
00041     byte[] passphrase=null;
00042     byte[] _username=null;
00043 
00044     int command;
00045 
00046     synchronized(identities){
00047       if(identities.size()<=0){
00048         return false;
00049       }
00050 
00051       _username=Util.str2byte(username);
00052 
00053       for(int i=0; i<identities.size(); i++){
00054         Identity identity=(Identity)(identities.elementAt(i));
00055         byte[] pubkeyblob=identity.getPublicKeyBlob();
00056 
00057 //System.err.println("UserAuthPublicKey: "+identity+" "+pubkeyblob);
00058 
00059         if(pubkeyblob!=null){
00060           // send
00061           // byte      SSH_MSG_USERAUTH_REQUEST(50)
00062           // string    user name
00063           // string    service name ("ssh-connection")
00064           // string    "publickey"
00065           // boolean   FALSE
00066           // string    public key algorithm name
00067           // string    public key blob
00068           packet.reset();
00069           buf.putByte((byte)SSH_MSG_USERAUTH_REQUEST);
00070           buf.putString(_username);
00071           buf.putString(Util.str2byte("ssh-connection"));
00072           buf.putString(Util.str2byte("publickey"));
00073           buf.putByte((byte)0);
00074           buf.putString(Util.str2byte(identity.getAlgName()));
00075           buf.putString(pubkeyblob);
00076           session.write(packet);
00077 
00078           loop1:
00079           while(true){
00080             buf=session.read(buf);
00081             command=buf.getCommand()&0xff;
00082 
00083             if(command==SSH_MSG_USERAUTH_PK_OK){
00084               break;
00085             }
00086             else if(command==SSH_MSG_USERAUTH_FAILURE){
00087               break;
00088             }
00089             else if(command==SSH_MSG_USERAUTH_BANNER){
00090               buf.getInt(); buf.getByte(); buf.getByte();
00091               byte[] _message=buf.getString();
00092               byte[] lang=buf.getString();
00093               String message=Util.byte2str(_message);
00094               if(userinfo!=null){
00095                 userinfo.showMessage(message);
00096               }
00097               continue loop1;
00098             }
00099             else{
00100         //System.err.println("USERAUTH fail ("+command+")");
00101         //throw new JSchException("USERAUTH fail ("+command+")");
00102               break;
00103             }
00104           }
00105 
00106           if(command!=SSH_MSG_USERAUTH_PK_OK){
00107             continue;
00108           }
00109         }
00110 
00111 //System.err.println("UserAuthPublicKey: identity.isEncrypted()="+identity.isEncrypted());
00112 
00113         int count=5;
00114         while(true){
00115           if((identity.isEncrypted() && passphrase==null)){
00116             if(userinfo==null) throw new JSchException("USERAUTH fail");
00117             if(identity.isEncrypted() &&
00118                !userinfo.promptPassphrase("Passphrase for "+identity.getName())){
00119               throw new JSchAuthCancelException("publickey");
00120               //throw new JSchException("USERAUTH cancel");
00121               //break;
00122             }
00123             String _passphrase=userinfo.getPassphrase();
00124             if(_passphrase!=null){
00125               passphrase=Util.str2byte(_passphrase);
00126             }
00127           }
00128 
00129           if(!identity.isEncrypted() || passphrase!=null){
00130             if(identity.setPassphrase(passphrase))
00131               break;
00132           }
00133           Util.bzero(passphrase);
00134           passphrase=null;
00135           count--;
00136           if(count==0)break;
00137         }
00138 
00139         Util.bzero(passphrase);
00140         passphrase=null;
00141 //System.err.println("UserAuthPublicKey: identity.isEncrypted()="+identity.isEncrypted());
00142 
00143         if(identity.isEncrypted()) continue;
00144         if(pubkeyblob==null) pubkeyblob=identity.getPublicKeyBlob();
00145 
00146 //System.err.println("UserAuthPublicKey: pubkeyblob="+pubkeyblob);
00147 
00148         if(pubkeyblob==null) continue;
00149 
00150       // send
00151       // byte      SSH_MSG_USERAUTH_REQUEST(50)
00152       // string    user name
00153       // string    service name ("ssh-connection")
00154       // string    "publickey"
00155       // boolen    TRUE
00156       //  string    public key algorithm name
00157       //  string    public key to be used for authentication
00158       //  string    signature
00159         packet.reset();
00160         buf.putByte((byte)SSH_MSG_USERAUTH_REQUEST);
00161         buf.putString(_username);
00162         buf.putString(Util.str2byte("ssh-connection"));
00163         buf.putString(Util.str2byte("publickey"));
00164         buf.putByte((byte)1);
00165         buf.putString(Util.str2byte(identity.getAlgName()));
00166         buf.putString(pubkeyblob);
00167 
00168 //      byte[] tmp=new byte[buf.index-5];
00169 //      System.arraycopy(buf.buffer, 5, tmp, 0, tmp.length);
00170 //      buf.putString(signature);
00171 
00172         byte[] sid=session.getSessionId();
00173         int sidlen=sid.length;
00174         byte[] tmp=new byte[4+sidlen+buf.index-5];
00175         tmp[0]=(byte)(sidlen>>>24);
00176         tmp[1]=(byte)(sidlen>>>16);
00177         tmp[2]=(byte)(sidlen>>>8);
00178         tmp[3]=(byte)(sidlen);
00179         System.arraycopy(sid, 0, tmp, 4, sidlen);
00180         System.arraycopy(buf.buffer, 5, tmp, 4+sidlen, buf.index-5);
00181         byte[] signature=identity.getSignature(tmp);
00182         if(signature==null){  // for example, too long key length.
00183           break;
00184         }
00185         buf.putString(signature);
00186         session.write(packet);
00187 
00188         loop2:
00189         while(true){
00190           buf=session.read(buf);
00191           command=buf.getCommand()&0xff;
00192 
00193           if(command==SSH_MSG_USERAUTH_SUCCESS){
00194             return true;
00195           }
00196           else if(command==SSH_MSG_USERAUTH_BANNER){
00197             buf.getInt(); buf.getByte(); buf.getByte();
00198             byte[] _message=buf.getString();
00199             byte[] lang=buf.getString();
00200             String message=Util.byte2str(_message);
00201             if(userinfo!=null){
00202               userinfo.showMessage(message);
00203             }
00204             continue loop2;
00205           }
00206           else if(command==SSH_MSG_USERAUTH_FAILURE){
00207             buf.getInt(); buf.getByte(); buf.getByte(); 
00208             byte[] foo=buf.getString();
00209             int partial_success=buf.getByte();
00210       //System.err.println(new String(foo)+
00211       //                   " partial_success:"+(partial_success!=0));
00212             if(partial_success!=0){
00213               throw new JSchPartialAuthException(Util.byte2str(foo));
00214             }
00215             break;
00216           }
00217           //System.err.println("USERAUTH fail ("+command+")");
00218           //throw new JSchException("USERAUTH fail ("+command+")");
00219           break;
00220         }
00221       }
00222     }
00223     return false;
00224   }
00225 }
Generated on 5 May 2015 for HPCVIEWER by  doxygen 1.6.1