You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mina.apache.org by lg...@apache.org on 2016/02/12 19:24:04 UTC
mina-sshd git commit: Some code standardization for the built in
signatures
Repository: mina-sshd
Updated Branches:
refs/heads/master 43e83d162 -> 305850cfb
Some code standardization for the built in signatures
Project: http://git-wip-us.apache.org/repos/asf/mina-sshd/repo
Commit: http://git-wip-us.apache.org/repos/asf/mina-sshd/commit/305850cf
Tree: http://git-wip-us.apache.org/repos/asf/mina-sshd/tree/305850cf
Diff: http://git-wip-us.apache.org/repos/asf/mina-sshd/diff/305850cf
Branch: refs/heads/master
Commit: 305850cfb258356aa901f6c74ee7df22a41482ab
Parents: 43e83d1
Author: Lyor Goldstein <lg...@vmware.com>
Authored: Fri Feb 12 20:23:50 2016 +0200
Committer: Lyor Goldstein <lg...@vmware.com>
Committed: Fri Feb 12 20:23:50 2016 +0200
----------------------------------------------------------------------
.../common/signature/BuiltinSignatures.java | 8 ++---
.../sshd/common/signature/SignatureDSA.java | 13 +++++---
.../sshd/common/signature/SignatureECDSA.java | 34 ++++++++++++++++----
.../sshd/common/signature/SignatureRSA.java | 9 +++++-
4 files changed, 49 insertions(+), 15 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/305850cf/sshd-core/src/main/java/org/apache/sshd/common/signature/BuiltinSignatures.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/main/java/org/apache/sshd/common/signature/BuiltinSignatures.java b/sshd-core/src/main/java/org/apache/sshd/common/signature/BuiltinSignatures.java
index 851987a..922e4ae 100644
--- a/sshd-core/src/main/java/org/apache/sshd/common/signature/BuiltinSignatures.java
+++ b/sshd-core/src/main/java/org/apache/sshd/common/signature/BuiltinSignatures.java
@@ -49,7 +49,7 @@ public enum BuiltinSignatures implements SignatureFactory {
dsa(KeyPairProvider.SSH_DSS) {
@Override
public Signature create() {
- return new SignatureDSA("SHA1withDSA");
+ return new SignatureDSA();
}
},
rsa(KeyPairProvider.SSH_RSA) {
@@ -61,7 +61,7 @@ public enum BuiltinSignatures implements SignatureFactory {
nistp256(KeyPairProvider.ECDSA_SHA2_NISTP256) {
@Override
public Signature create() {
- return new SignatureECDSA("SHA256withECDSA");
+ return new SignatureECDSA.SignatureECDSA256();
}
@Override
@@ -72,7 +72,7 @@ public enum BuiltinSignatures implements SignatureFactory {
nistp384(KeyPairProvider.ECDSA_SHA2_NISTP384) {
@Override
public Signature create() {
- return new SignatureECDSA("SHA384withECDSA");
+ return new SignatureECDSA.SignatureECDSA384();
}
@Override
@@ -83,7 +83,7 @@ public enum BuiltinSignatures implements SignatureFactory {
nistp521(KeyPairProvider.ECDSA_SHA2_NISTP521) {
@Override
public Signature create() {
- return new SignatureECDSA("SHA512withECDSA");
+ return new SignatureECDSA.SignatureECDSA521();
}
@Override
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/305850cf/sshd-core/src/main/java/org/apache/sshd/common/signature/SignatureDSA.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/main/java/org/apache/sshd/common/signature/SignatureDSA.java b/sshd-core/src/main/java/org/apache/sshd/common/signature/SignatureDSA.java
index 9cc6986..4007fad 100644
--- a/sshd-core/src/main/java/org/apache/sshd/common/signature/SignatureDSA.java
+++ b/sshd-core/src/main/java/org/apache/sshd/common/signature/SignatureDSA.java
@@ -18,7 +18,7 @@
*/
package org.apache.sshd.common.signature;
-import java.io.IOException;
+import java.io.StreamCorruptedException;
import java.math.BigInteger;
import java.security.SignatureException;
@@ -38,10 +38,16 @@ import org.apache.sshd.common.util.io.DERWriter;
* @see <A HREF="https://tools.ietf.org/html/rfc4253#section-6.6">RFC4253 section 6.6</A>
*/
public class SignatureDSA extends AbstractSignature {
+ public static final String DEFAULT_ALGORITHM = "SHA1withDSA";
+
public static final int DSA_SIGNATURE_LENGTH = 40;
// result must be 40 bytes, but length of r and s may not exceed 20 bytes
public static final int MAX_SIGNATURE_VALUE_LENGTH = DSA_SIGNATURE_LENGTH / 2;
+ public SignatureDSA() {
+ this(DEFAULT_ALGORITHM);
+ }
+
protected SignatureDSA(String algorithm) {
super(algorithm);
}
@@ -53,7 +59,7 @@ public class SignatureDSA extends AbstractSignature {
try (DERParser parser = new DERParser(sig)) {
int type = parser.read();
if (type != 0x30) {
- throw new IOException("Invalid signature format - not a DER SEQUENCE: 0x" + Integer.toHexString(type));
+ throw new StreamCorruptedException("Invalid signature format - not a DER SEQUENCE: 0x" + Integer.toHexString(type));
}
// length of remaining encoding of the 2 integers
@@ -66,7 +72,7 @@ public class SignatureDSA extends AbstractSignature {
* - at least one byte of integer data (zero length is not an option)
*/
if (remainLen < (2 * 3)) {
- throw new IOException("Invalid signature format - not enough encoded data length: " + remainLen);
+ throw new StreamCorruptedException("Invalid signature format - not enough encoded data length: " + remainLen);
}
BigInteger r = parser.readBigInteger();
@@ -121,7 +127,6 @@ public class SignatureDSA extends AbstractSignature {
sEncoding = w.toByteArray();
}
-
int length = rEncoding.length + sEncoding.length;
byte[] encoded;
try (DERWriter w = new DERWriter(1 + length + 4)) { // in case length > 0x7F
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/305850cf/sshd-core/src/main/java/org/apache/sshd/common/signature/SignatureECDSA.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/main/java/org/apache/sshd/common/signature/SignatureECDSA.java b/sshd-core/src/main/java/org/apache/sshd/common/signature/SignatureECDSA.java
index ba2be7f..e9b49c5 100644
--- a/sshd-core/src/main/java/org/apache/sshd/common/signature/SignatureECDSA.java
+++ b/sshd-core/src/main/java/org/apache/sshd/common/signature/SignatureECDSA.java
@@ -18,7 +18,7 @@
*/
package org.apache.sshd.common.signature;
-import java.io.IOException;
+import java.io.StreamCorruptedException;
import java.math.BigInteger;
import org.apache.sshd.common.cipher.ECCurves;
@@ -36,6 +36,29 @@ import org.apache.sshd.common.util.io.DERWriter;
* @see <A HREF="http://tools.ietf.org/html/rfc3278#section-8.2">RFC3278 section 8.2</A>
*/
public class SignatureECDSA extends AbstractSignature {
+ public static class SignatureECDSA256 extends SignatureECDSA {
+ public static final String DEFAULT_ALGORITHM = "SHA256withECDSA";
+
+ public SignatureECDSA256() {
+ super(DEFAULT_ALGORITHM);
+ }
+ }
+
+ public static class SignatureECDSA384 extends SignatureECDSA {
+ public static final String DEFAULT_ALGORITHM = "SHA384withECDSA";
+
+ public SignatureECDSA384() {
+ super(DEFAULT_ALGORITHM);
+ }
+ }
+
+ public static class SignatureECDSA521 extends SignatureECDSA {
+ public static final String DEFAULT_ALGORITHM = "SHA512withECDSA";
+
+ public SignatureECDSA521() {
+ super(DEFAULT_ALGORITHM);
+ }
+ }
protected SignatureECDSA(String algo) {
super(algo);
@@ -48,20 +71,20 @@ public class SignatureECDSA extends AbstractSignature {
try (DERParser parser = new DERParser(sig)) {
int type = parser.read();
if (type != 0x30) {
- throw new IOException("Invalid signature format - not a DER SEQUENCE: 0x" + Integer.toHexString(type));
+ throw new StreamCorruptedException("Invalid signature format - not a DER SEQUENCE: 0x" + Integer.toHexString(type));
}
// length of remaining encoding of the 2 integers
int remainLen = parser.readLength();
/*
* There are supposed to be 2 INTEGERs, each encoded with:
- *
+ *
* - one byte representing the fact that it is an INTEGER
* - one byte of the integer encoding length
* - at least one byte of integer data (zero length is not an option)
*/
if (remainLen < (2 * 3)) {
- throw new IOException("Invalid signature format - not enough encoded data length: " + remainLen);
+ throw new StreamCorruptedException("Invalid signature format - not enough encoded data length: " + remainLen);
}
BigInteger r = parser.readBigInteger();
@@ -87,7 +110,6 @@ public class SignatureECDSA extends AbstractSignature {
}
Buffer rsBuf = new ByteArrayBuffer(data);
-
byte[] rArray = rsBuf.getMPIntAsBytes();
byte[] rEncoding;
try (DERWriter w = new DERWriter(rArray.length + 4)) { // in case length > 0x7F
@@ -104,7 +126,7 @@ public class SignatureECDSA extends AbstractSignature {
int remaining = rsBuf.available();
if (remaining != 0) {
- throw new IOException("Signature had padding - remaining=" + remaining);
+ throw new StreamCorruptedException("Signature had padding - remaining=" + remaining);
}
int length = rEncoding.length + sEncoding.length;
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/305850cf/sshd-core/src/main/java/org/apache/sshd/common/signature/SignatureRSA.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/main/java/org/apache/sshd/common/signature/SignatureRSA.java b/sshd-core/src/main/java/org/apache/sshd/common/signature/SignatureRSA.java
index 0703e4c..e5d2d4e 100644
--- a/sshd-core/src/main/java/org/apache/sshd/common/signature/SignatureRSA.java
+++ b/sshd-core/src/main/java/org/apache/sshd/common/signature/SignatureRSA.java
@@ -26,10 +26,17 @@ import org.apache.sshd.common.util.ValidateUtils;
* RSA <code>Signature</code>
*
* @author <a href="mailto:dev@mina.apache.org">Apache MINA SSHD Project</a>
+ * @see <A HREF="https://tools.ietf.org/html/rfc4253#section-6.6">RFC4253 section 6.6</A>
*/
public class SignatureRSA extends AbstractSignature {
+ public static final String DEFAULT_ALGORITHM = "SHA1withRSA";
+
public SignatureRSA() {
- super("SHA1withRSA");
+ super(DEFAULT_ALGORITHM);
+ }
+
+ protected SignatureRSA(String algorithm) {
+ super(algorithm);
}
@Override