Skip to content
This repository was archived by the owner on Oct 1, 2024. It is now read-only.

Commit b45e2b3

Browse files
author
Navneet Das
authored
feat: [CDS-7716]: Implements rsa-sha2-256 and rsa-sha2-512 (#4)
* feat: [CDS-7716]: Implements `rsa-sha2-256` and `rsa-sha2-512` from `mwiede/jsch #1` * feat: [CDS-7716]: Bumps `artifactId` and `version` * feat: [CDS-7716]: Reverts `artifactId` * feat: [CDS-7716]: Adds `EOFs` and removed unused imports
1 parent ed56f6b commit b45e2b3

17 files changed

+404
-169
lines changed

pom.xml

+1-1
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@
44
<groupId>com.jcraft.harness</groupId>
55
<artifactId>jsch-0-1-54-harness-patch</artifactId>
66
<packaging>jar</packaging>
7-
<version>1.0</version>
7+
<version>1.2</version>
88
<name>JSch</name>
99
<url>http://www.jcraft.com/jsch/</url>
1010
<description>JSch is a pure Java implementation of SSH2</description>

src/main/java/com/jcraft/jsch/Identity.java

+8
Original file line numberDiff line numberDiff line change
@@ -52,6 +52,14 @@ public interface Identity{
5252
*/
5353
public byte[] getSignature(byte[] data);
5454

55+
/**
56+
* Signs on data with this identity, and returns the result.
57+
* @param data data to be signed
58+
* @param alg signature algorithm to use
59+
* @return the signature
60+
*/
61+
public byte[] getSignature(byte[] data, String alg);
62+
5563
/**
5664
* @deprecated The decryption should be done automatically in #setPassphase(byte[] passphrase)
5765
* @see #setPassphrase(byte[] passphrase)

src/main/java/com/jcraft/jsch/IdentityFile.java

+10
Original file line numberDiff line numberDiff line change
@@ -80,6 +80,16 @@ public byte[] getSignature(byte[] data){
8080
return kpair.getSignature(data);
8181
}
8282

83+
/**
84+
* Signs on data with this identity, and returns the result.
85+
* @param data data to be signed
86+
* @param alg signature algorithm to use
87+
* @return the signature
88+
*/
89+
public byte[] getSignature(byte[] data, String alg){
90+
return kpair.getSignature(data, alg);
91+
}
92+
8393
/**
8494
* @deprecated This method should not be invoked.
8595
* @see #setPassphrase(byte[] passphrase)

src/main/java/com/jcraft/jsch/JSch.java

+6-3
Original file line numberDiff line numberDiff line change
@@ -41,8 +41,7 @@ public class JSch{
4141
static java.util.Hashtable config=new java.util.Hashtable();
4242
static{
4343
config.put("kex", "ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1");
44-
config.put("server_host_key", "ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521");
45-
config.put("cipher.s2c",
44+
config.put("server_host_key", "rsa-sha2-256,rsa-sha2-512,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521"); config.put("cipher.s2c",
4645
"aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc");
4746
config.put("cipher.c2s",
4847
"aes128-ctr,aes128-cbc,3des-ctr,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc");
@@ -93,7 +92,9 @@ public class JSch{
9392
config.put("sha-512", "com.jcraft.jsch.jce.SHA512");
9493
config.put("md5", "com.jcraft.jsch.jce.MD5");
9594
config.put("signature.dss", "com.jcraft.jsch.jce.SignatureDSA");
96-
config.put("signature.rsa", "com.jcraft.jsch.jce.SignatureRSA");
95+
config.put("ssh-rsa", "com.jcraft.jsch.jce.SignatureRSA");
96+
config.put("rsa-sha2-256", "com.jcraft.jsch.jce.SignatureRSASHA256");
97+
config.put("rsa-sha2-512", "com.jcraft.jsch.jce.SignatureRSASHA512");
9798
config.put("signature.ecdsa", "com.jcraft.jsch.jce.SignatureECDSA");
9899
config.put("keypairgen.dsa", "com.jcraft.jsch.jce.KeyPairGenDSA");
99100
config.put("keypairgen.rsa", "com.jcraft.jsch.jce.KeyPairGenRSA");
@@ -131,6 +132,8 @@ public class JSch{
131132

132133
config.put("PreferredAuthentications", "gssapi-with-mic,publickey,keyboard-interactive,password");
133134

135+
config.put("PubkeyAcceptedKeyTypes", "rsa-sha2-256,rsa-sha2-512,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521");
136+
134137
config.put("CheckCiphers", "aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,arcfour,arcfour128,arcfour256");
135138
config.put("CheckKexes", "diffie-hellman-group14-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521");
136139
config.put("CheckSignatures", "ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521");

src/main/java/com/jcraft/jsch/KeyExchange.java

+3-1
Original file line numberDiff line numberDiff line change
@@ -213,8 +213,10 @@ protected boolean verify(String alg, byte[] K_S, int index,
213213
n=tmp;
214214

215215
SignatureRSA sig=null;
216+
Buffer buf=new Buffer(sig_of_H);
217+
String foo=Util.byte2str(buf.getString());
216218
try{
217-
Class c=Class.forName(session.getConfig("signature.rsa"));
219+
Class c=Class.forName(session.getConfig(foo));
218220
sig=(SignatureRSA)(c.newInstance());
219221
sig.init();
220222
}

src/main/java/com/jcraft/jsch/KeyPair.java

+4
Original file line numberDiff line numberDiff line change
@@ -828,8 +828,12 @@ private static boolean parseHeader(Buffer buffer, java.util.Hashtable v) {
828828

829829
public abstract byte[] getSignature(byte[] data);
830830

831+
public abstract byte[] getSignature(byte[] data, String alg);
832+
831833
public abstract Signature getVerifier();
832834

835+
public abstract Signature getVerifier(String alg);
836+
833837
public abstract byte[] forSSHAgent() throws JSchException;
834838

835839
public String getPublicKeyComment() {

src/main/java/com/jcraft/jsch/KeyPairDSA.java

+8
Original file line numberDiff line numberDiff line change
@@ -267,6 +267,10 @@ public byte[] getSignature(byte[] data){
267267
return null;
268268
}
269269

270+
public byte[] getSignature(byte[] data, String alg){
271+
return getSignature(data);
272+
}
273+
270274
public Signature getVerifier(){
271275
try{
272276
Class c=Class.forName((String)jsch.getConfig("signature.dss"));
@@ -291,6 +295,10 @@ public Signature getVerifier(){
291295
return null;
292296
}
293297

298+
public Signature getVerifier(String alg){
299+
return getVerifier();
300+
}
301+
294302
static KeyPair fromSSHAgent(JSch jsch, Buffer buf) throws JSchException {
295303

296304
byte[][] tmp = buf.getBytes(7, "invalid key format");

src/main/java/com/jcraft/jsch/KeyPairECDSA.java

+8
Original file line numberDiff line numberDiff line change
@@ -303,6 +303,10 @@ public byte[] getSignature(byte[] data){
303303
return null;
304304
}
305305

306+
public byte[] getSignature(byte[] data, String al){
307+
return getSignature(data);
308+
}
309+
306310
public Signature getVerifier(){
307311
try{
308312
Class c=Class.forName((String)jsch.getConfig("signature.ecdsa"));
@@ -326,6 +330,10 @@ public Signature getVerifier(){
326330
return null;
327331
}
328332

333+
public Signature getVerifier(String alg){
334+
return getVerifier();
335+
}
336+
329337
static KeyPair fromSSHAgent(JSch jsch, Buffer buf) throws JSchException {
330338

331339
byte[][] tmp = buf.getBytes(5, "invalid key format");

src/main/java/com/jcraft/jsch/KeyPairPKCS8.java

+8
Original file line numberDiff line numberDiff line change
@@ -210,10 +210,18 @@ public byte[] getSignature(byte[] data){
210210
return kpair.getSignature(data);
211211
}
212212

213+
public byte[] getSignature(byte[] data, String alg){
214+
return kpair.getSignature(data, alg);
215+
}
216+
213217
public Signature getVerifier(){
214218
return kpair.getVerifier();
215219
}
216220

221+
public Signature getVerifier(String alg){
222+
return kpair.getVerifier(alg);
223+
}
224+
217225
public byte[] forSSHAgent() throws JSchException {
218226
return kpair.forSSHAgent();
219227
}

src/main/java/com/jcraft/jsch/KeyPairRSA.java

+13-5
Original file line numberDiff line numberDiff line change
@@ -317,16 +317,20 @@ public int getKeySize(){
317317
}
318318

319319
public byte[] getSignature(byte[] data){
320-
try{
321-
Class c=Class.forName((String)jsch.getConfig("signature.rsa"));
320+
return getSignature(data, "ssh-rsa");
321+
}
322+
323+
public byte[] getSignature(byte[] data, String alg){
324+
try{
325+
Class c=Class.forName(jsch.getConfig(alg));
322326
SignatureRSA rsa=(SignatureRSA)(c.newInstance());
323327
rsa.init();
324328
rsa.setPrvKey(prv_array, n_array);
325329

326330
rsa.update(data);
327331
byte[] sig = rsa.sign();
328332
byte[][] tmp = new byte[2][];
329-
tmp[0] = sshrsa;
333+
tmp[0] = Util.str2byte(alg);
330334
tmp[1] = sig;
331335
return Buffer.fromBytes(tmp).buffer;
332336
}
@@ -336,8 +340,12 @@ public byte[] getSignature(byte[] data){
336340
}
337341

338342
public Signature getVerifier(){
339-
try{
340-
Class c=Class.forName((String)jsch.getConfig("signature.rsa"));
343+
return getVerifier("ssh-rsa");
344+
}
345+
346+
public Signature getVerifier(String alg){
347+
try{
348+
Class c=Class.forName(jsch.getConfig(alg));
341349
SignatureRSA rsa=(SignatureRSA)(c.newInstance());
342350
rsa.init();
343351

src/main/java/com/jcraft/jsch/OpenSSHConfig.java

+1
Original file line numberDiff line numberDiff line change
@@ -47,6 +47,7 @@ LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
4747
* <li>Hostname</li>
4848
* <li>Port</li>
4949
* <li>PreferredAuthentications</li>
50+
* <li>PubkeyAcceptedKeyTypes</li>
5051
* <li>IdentityFile</li>
5152
* <li>NumberOfPasswordPrompts</li>
5253
* <li>ConnectTimeout</li>

src/main/java/com/jcraft/jsch/Session.java

+1
Original file line numberDiff line numberDiff line change
@@ -2548,6 +2548,7 @@ private void applyConfig() throws JSchException {
25482548
checkConfig(config, "StrictHostKeyChecking");
25492549
checkConfig(config, "HashKnownHosts");
25502550
checkConfig(config, "PreferredAuthentications");
2551+
checkConfig(config, "PubkeyAcceptedKeyTypes");
25512552
checkConfig(config, "MaxAuthTries");
25522553
checkConfig(config, "ClearAllForwardings");
25532554

0 commit comments

Comments
 (0)