Пример #1
0
  private final boolean checkHashed(String entry, String hostname) {
    if (entry.startsWith("|1|") == false) return false;

    int delim_idx = entry.indexOf('|', 3);

    if (delim_idx == -1) return false;

    String salt_base64 = entry.substring(3, delim_idx);
    String hash_base64 = entry.substring(delim_idx + 1);

    byte[] salt = null;
    byte[] hash = null;

    try {
      salt = Base64.decode(salt_base64.toCharArray());
      hash = Base64.decode(hash_base64.toCharArray());
    } catch (IOException e) {
      return false;
    }

    SHA1 sha1 = new SHA1();

    if (salt.length != sha1.getDigestLength()) return false;

    byte[] dig = hmacSha1Hash(salt, hostname);

    for (int i = 0; i < dig.length; i++) if (dig[i] != hash[i]) return false;

    return true;
  }
Пример #2
0
  public static boolean verifySignature(byte[] message, DSASignature ds, DSAPublicKey dpk)
      throws IOException {
    /* Inspired by Bouncycastle's DSASigner class */

    SHA1 md = new SHA1();
    md.update(message);
    byte[] sha_message = new byte[md.getDigestLength()];
    md.digest(sha_message);

    BigInteger m = new BigInteger(1, sha_message);

    BigInteger r = ds.getR();
    BigInteger s = ds.getS();

    BigInteger g = dpk.getG();
    BigInteger p = dpk.getP();
    BigInteger q = dpk.getQ();
    BigInteger y = dpk.getY();

    BigInteger zero = BigInteger.ZERO;

    if (log.isEnabled()) {
      log.log(60, "ssh-dss signature: m: " + m.toString(16));
      log.log(60, "ssh-dss signature: r: " + r.toString(16));
      log.log(60, "ssh-dss signature: s: " + s.toString(16));
      log.log(60, "ssh-dss signature: g: " + g.toString(16));
      log.log(60, "ssh-dss signature: p: " + p.toString(16));
      log.log(60, "ssh-dss signature: q: " + q.toString(16));
      log.log(60, "ssh-dss signature: y: " + y.toString(16));
    }

    if (zero.compareTo(r) >= 0 || q.compareTo(r) <= 0) {
      log.log(20, "ssh-dss signature: zero.compareTo(r) >= 0 || q.compareTo(r) <= 0");
      return false;
    }

    if (zero.compareTo(s) >= 0 || q.compareTo(s) <= 0) {
      log.log(20, "ssh-dss signature: zero.compareTo(s) >= 0 || q.compareTo(s) <= 0");
      return false;
    }

    BigInteger w = s.modInverse(q);

    BigInteger u1 = m.multiply(w).mod(q);
    BigInteger u2 = r.multiply(w).mod(q);

    u1 = g.modPow(u1, p);
    u2 = y.modPow(u2, p);

    BigInteger v = u1.multiply(u2).mod(p).mod(q);

    return v.equals(r);
  }
Пример #3
0
  /**
   * Generate the hashed representation of the given hostname. Useful for adding entries with hashed
   * hostnames to a known_hosts file. (see -H option of OpenSSH key-gen).
   *
   * @param hostname
   * @return the hashed representation, e.g.,
   *     "|1|cDhrv7zwEUV3k71CEPHnhHZezhA=|Xo+2y6rUXo2OIWRAYhBOIijbJMA="
   */
  public static final String createHashedHostname(String hostname) {
    SHA1 sha1 = new SHA1();

    byte[] salt = new byte[sha1.getDigestLength()];

    new SecureRandom().nextBytes(salt);

    byte[] hash = hmacSha1Hash(salt, hostname);

    String base64_salt = new String(Base64.encode(salt));
    String base64_hash = new String(Base64.encode(hash));

    return new String("|1|" + base64_salt + "|" + base64_hash);
  }
Пример #4
0
  private static final byte[] hmacSha1Hash(byte[] salt, String hostname) {
    SHA1 sha1 = new SHA1();

    if (salt.length != sha1.getDigestLength())
      throw new IllegalArgumentException("Salt has wrong length (" + salt.length + ")");

    HMAC hmac = new HMAC(sha1, salt, salt.length);

    try {
      hmac.update(hostname.getBytes("ISO-8859-1"));
    } catch (UnsupportedEncodingException ignore) {
      /* Actually, ISO-8859-1 is supported by all correct
       * Java implementations. But... you never know. */
      hmac.update(hostname.getBytes());
    }

    byte[] dig = new byte[hmac.getDigestLength()];

    hmac.digest(dig);

    return dig;
  }
Пример #5
0
  public static DSASignature generateSignature(byte[] message, DSAPrivateKey pk, SecureRandom rnd) {
    SHA1 md = new SHA1();
    md.update(message);
    byte[] sha_message = new byte[md.getDigestLength()];
    md.digest(sha_message);

    BigInteger m = new BigInteger(1, sha_message);
    BigInteger k;
    int qBitLength = pk.getQ().bitLength();

    do {
      k = new BigInteger(qBitLength, rnd);
    } while (k.compareTo(pk.getQ()) >= 0);

    BigInteger r = pk.getG().modPow(k, pk.getP()).mod(pk.getQ());

    k = k.modInverse(pk.getQ()).multiply(m.add((pk).getX().multiply(r)));

    BigInteger s = k.mod(pk.getQ());

    return new DSASignature(r, s);
  }