UserAuthPublicKey


1   /* -*-mode:java; c-basic-offset:2; indent-tabs-mode:nil -*- */
2   /*
3   Copyright (c) 2002,2003,2004,2005,2006 ymnk, JCraft,Inc. All rights reserved.
4   
5   Redistribution and use in source and binary forms, with or without
6   modification, are permitted provided that the following conditions are met:
7   
8     1. Redistributions of source code must retain the above copyright notice,
9        this list of conditions and the following disclaimer.
10  
11    2. Redistributions in binary form must reproduce the above copyright 
12       notice, this list of conditions and the following disclaimer in 
13       the documentation and/or other materials provided with the distribution.
14  
15    3. The names of the authors may not be used to endorse or promote products
16       derived from this software without specific prior written permission.
17  
18  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES,
19  INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
20  FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL JCRAFT,
21  INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT,
22  INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
23  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
24  OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
25  LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
26  NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
27  EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28  */
29  
30  package com.jcraft.jsch;
31  
32  import java.util.Vector  ;
33  
34  class UserAuthPublicKey extends UserAuth{
35  
36    public boolean start(Session session, UserInfo userinfo) throws Exception  {
37      //super.start(session);
38     this.userinfo=userinfo;
39  
40      Vector   identities=session.jsch.identities;
41  
42      Packet packet=session.packet;
43      Buffer buf=packet.buffer;
44  
45      byte[] passphrase=null;
46      final String   username=session.username;
47  
48      byte[] _username=null;
49  
50      synchronized(identities){
51        if(identities.size()<=0){
52          return false;
53        }
54  
55        _username=Util.str2byte(username);
56  
57        for(int i=0; i<identities.size(); i++){
58          Identity identity=(Identity)(identities.elementAt(i));
59          byte[] pubkeyblob=identity.getPublicKeyBlob();
60  
61  //System.err.println("UserAuthPublicKey: "+identity+" "+pubkeyblob);
62  
63          if(pubkeyblob!=null){
64            // send
65            // byte      SSH_MSG_USERAUTH_REQUEST(50)
66            // string    user name
67            // string    service name ("ssh-connection")
68            // string    "publickey"
69            // boolen    FALSE
70            // string    plaintext password (ISO-10646 UTF-8)
71            packet.reset();
72            buf.putByte((byte)SSH_MSG_USERAUTH_REQUEST);
73            buf.putString(_username);
74            buf.putString("ssh-connection".getBytes());
75            buf.putString("publickey".getBytes());
76            buf.putByte((byte)0);
77            buf.putString(identity.getAlgName().getBytes());
78            buf.putString(pubkeyblob);
79            session.write(packet);
80  
81            loop1:
82            while(true){
83              // receive
84              // byte      SSH_MSG_USERAUTH_PK_OK(52)
85              // string    service name
86              buf=session.read(buf);
87  //System.err.println("read: 60 ? "+    buf.buffer[5]);
88              if(buf.buffer[5]==SSH_MSG_USERAUTH_PK_OK){
89                break;
90              }
91              else if(buf.buffer[5]==SSH_MSG_USERAUTH_FAILURE){
92  //  System.err.println("USERAUTH publickey "+session.getIdentity()+
93  //             " is not acceptable.");
94                break;
95              }
96              else if(buf.buffer[5]==SSH_MSG_USERAUTH_BANNER){
97                buf.getInt(); buf.getByte(); buf.getByte();
98                byte[] _message=buf.getString();
99                byte[] lang=buf.getString();
100               String   message=null;
101               try{ message=new String  (_message, "UTF-8"); }
102               catch(java.io.UnsupportedEncodingException   e){
103                 message=new String  (_message);
104               }
105               if(userinfo!=null){
106                 userinfo.showMessage(message);
107               }
108               continue loop1;
109             }
110             else{
111         //System.err.println("USERAUTH fail ("+buf.buffer[5]+")");
112         //throw new JSchException("USERAUTH fail ("+buf.buffer[5]+")");
113               break;
114             }
115           }
116           if(buf.buffer[5]!=SSH_MSG_USERAUTH_PK_OK){
117             continue;
118           }
119         }
120 
121 //System.err.println("UserAuthPublicKey: identity.isEncrypted()="+identity.isEncrypted());
122 
123         int count=5;
124         while(true){
125           if((identity.isEncrypted() && passphrase==null)){
126             if(userinfo==null) throw new JSchException("USERAUTH fail");
127             if(identity.isEncrypted() &&
128                !userinfo.promptPassphrase("Passphrase for "+identity.getName())){
129               throw new JSchAuthCancelException("publickey");
130               //throw new JSchException("USERAUTH cancel");
131               //break;
132             }
133             String   _passphrase=userinfo.getPassphrase();
134             if(_passphrase!=null){
135               passphrase=Util.str2byte(_passphrase);
136             }
137           }
138 
139           if(!identity.isEncrypted() || passphrase!=null){
140             if(identity.setPassphrase(passphrase))
141               break;
142           }
143           Util.bzero(passphrase);
144           passphrase=null;
145           count--;
146           if(count==0)break;
147         }
148 
149         Util.bzero(passphrase);
150         passphrase=null;
151 //System.err.println("UserAuthPublicKey: identity.isEncrypted()="+identity.isEncrypted());
152 
153         if(identity.isEncrypted()) continue;
154         if(pubkeyblob==null) pubkeyblob=identity.getPublicKeyBlob();
155 
156 //System.err.println("UserAuthPublicKey: pubkeyblob="+pubkeyblob);
157 
158         if(pubkeyblob==null) continue;
159 
160       // send
161       // byte      SSH_MSG_USERAUTH_REQUEST(50)
162       // string    user name
163       // string    service name ("ssh-connection")
164       // string    "publickey"
165       // boolen    TRUE
166       // string    plaintext password (ISO-10646 UTF-8)
167         packet.reset();
168         buf.putByte((byte)SSH_MSG_USERAUTH_REQUEST);
169         buf.putString(_username);
170         buf.putString("ssh-connection".getBytes());
171         buf.putString("publickey".getBytes());
172         buf.putByte((byte)1);
173         buf.putString(identity.getAlgName().getBytes());
174         buf.putString(pubkeyblob);
175 
176 //      byte[] tmp=new byte[buf.index-5];
177 //      System.arraycopy(buf.buffer, 5, tmp, 0, tmp.length);
178 //      buf.putString(signature);
179 
180         byte[] sid=session.getSessionId();
181         int sidlen=sid.length;
182         byte[] tmp=new byte[4+sidlen+buf.index-5];
183         tmp[0]=(byte)(sidlen>>>24);
184         tmp[1]=(byte)(sidlen>>>16);
185         tmp[2]=(byte)(sidlen>>>8);
186         tmp[3]=(byte)(sidlen);
187         System.arraycopy(sid, 0, tmp, 4, sidlen);
188         System.arraycopy(buf.buffer, 5, tmp, 4+sidlen, buf.index-5);
189         byte[] signature=identity.getSignature(tmp);
190         if(signature==null){  // for example, too long key length.
191           break;
192         }
193         buf.putString(signature);
194         session.write(packet);
195 
196         loop2:
197         while(true){
198     // receive
199     // byte      SSH_MSG_USERAUTH_SUCCESS(52)
200     // string    service name
201           buf=session.read(buf);
202     //System.err.println("read: 52 ? "+    buf.buffer[5]);
203           if(buf.buffer[5]==SSH_MSG_USERAUTH_SUCCESS){
204             return true;
205           }
206           else if(buf.buffer[5]==SSH_MSG_USERAUTH_BANNER){
207             buf.getInt(); buf.getByte(); buf.getByte();
208             byte[] _message=buf.getString();
209             byte[] lang=buf.getString();
210             String   message=null;
211             try{ message=new String  (_message, "UTF-8"); }
212             catch(java.io.UnsupportedEncodingException   e){
213               message=new String  (_message);
214             }
215             if(userinfo!=null){
216               userinfo.showMessage(message);
217             }
218             continue loop2;
219           }
220           else if(buf.buffer[5]==SSH_MSG_USERAUTH_FAILURE){
221             buf.getInt(); buf.getByte(); buf.getByte(); 
222             byte[] foo=buf.getString();
223             int partial_success=buf.getByte();
224       //System.err.println(new String(foo)+
225       //                   " partial_success:"+(partial_success!=0));
226             if(partial_success!=0){
227               throw new JSchPartialAuthException(new String  (foo));
228             }
229             break;
230           }
231           //System.err.println("USERAUTH fail ("+buf.buffer[5]+")");
232           //throw new JSchException("USERAUTH fail ("+buf.buffer[5]+")");
233           break;
234         }
235       }
236     }
237     return false;
238   }
239 }
240
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags