Return encoded signature blob instead of a raw signature in
SshAuthenticationService
This commit is contained in:
parent
0a72dda6fc
commit
6e5f5405a2
|
@ -27,6 +27,7 @@ import org.sufficientlysecure.keychain.ssh.key.SshDSAPublicKey;
|
|||
import org.sufficientlysecure.keychain.ssh.key.SshECDSAPublicKey;
|
||||
import org.sufficientlysecure.keychain.ssh.key.SshEd25519PublicKey;
|
||||
import org.sufficientlysecure.keychain.ssh.key.SshRSAPublicKey;
|
||||
import org.sufficientlysecure.keychain.ssh.utils.SshUtils;
|
||||
|
||||
public class SshPublicKey {
|
||||
private final static String TAG = "SshPublicKey";
|
||||
|
@ -66,48 +67,13 @@ public class SshPublicKey {
|
|||
private String encodeECKey(PGPPublicKey publicKey) {
|
||||
ECPublicBCPGKey publicBCPGKey = (ECPublicBCPGKey) publicKey.getPublicKeyPacket().getKey();
|
||||
|
||||
String curveName = getCurveName(publicBCPGKey);
|
||||
String curveName = SshUtils.getCurveName(mPublicKey.getCurveOid());
|
||||
SshECDSAPublicKey sshECDSAPublicKey = new SshECDSAPublicKey(curveName, publicBCPGKey.getEncodedPoint());
|
||||
|
||||
return sshECDSAPublicKey.getPublicKeyBlob();
|
||||
}
|
||||
|
||||
private String getCurveName(ECPublicBCPGKey publicBCPGKey) {
|
||||
String curveOid = publicBCPGKey.getCurveOID().getId();
|
||||
// see RFC5656 section 10.{1,2}
|
||||
switch (curveOid) {
|
||||
// REQUIRED curves
|
||||
case "1.2.840.10045.3.1.7":
|
||||
return "nistp256";
|
||||
case "1.3.132.0.34":
|
||||
return "nistp384";
|
||||
case "1.3.132.0.35":
|
||||
return "nistp521";
|
||||
|
||||
// RECOMMENDED curves
|
||||
case "1.3.132.0.1":
|
||||
return "1.3.132.0.1";
|
||||
case "1.2.840.10045.3.1.1":
|
||||
return "1.2.840.10045.3.1.1";
|
||||
case "1.3.132.0.33":
|
||||
return "1.3.132.0.33";
|
||||
case "1.3.132.0.26":
|
||||
return "1.3.132.0.26";
|
||||
case "1.3.132.0.27":
|
||||
return "1.3.132.0.27";
|
||||
case "1.3.132.0.16":
|
||||
return "1.3.132.0.16";
|
||||
case "1.3.132.0.36":
|
||||
return "1.3.132.0.36";
|
||||
case "1.3.132.0.37":
|
||||
return "1.3.132.0.37";
|
||||
case "1.3.132.0.38":
|
||||
return "1.3.132.0.38";
|
||||
|
||||
default:
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
private String encodeEdDSAKey(PGPPublicKey publicKey) {
|
||||
EdDSAPublicBCPGKey publicBCPGKey = (EdDSAPublicBCPGKey) publicKey.getPublicKeyPacket().getKey();
|
||||
|
|
|
@ -23,6 +23,7 @@ import android.content.Intent;
|
|||
import android.os.IBinder;
|
||||
import android.util.Log;
|
||||
import org.bouncycastle.bcpg.HashAlgorithmTags;
|
||||
import org.bouncycastle.bcpg.PublicKeyAlgorithmTags;
|
||||
import org.openintents.ssh.authentication.ISshAuthenticationService;
|
||||
import org.openintents.ssh.authentication.SshAuthenticationApi;
|
||||
import org.openintents.ssh.authentication.SshAuthenticationApiError;
|
||||
|
@ -46,10 +47,14 @@ import org.sufficientlysecure.keychain.ssh.AuthenticationData;
|
|||
import org.sufficientlysecure.keychain.ssh.AuthenticationOperation;
|
||||
import org.sufficientlysecure.keychain.ssh.AuthenticationParcel;
|
||||
import org.sufficientlysecure.keychain.ssh.AuthenticationResult;
|
||||
import org.sufficientlysecure.keychain.ssh.signature.SshSignatureConverter;
|
||||
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.PublicKey;
|
||||
import java.util.*;
|
||||
import java.util.Collections;
|
||||
import java.util.Date;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
|
||||
|
||||
public class SshAuthenticationService extends Service {
|
||||
|
@ -141,12 +146,22 @@ public class SshAuthenticationService extends Service {
|
|||
CachedPublicKeyRing cachedPublicKeyRing = mKeyRepository.getCachedPublicKeyRing(masterKeyId);
|
||||
|
||||
long authSubKeyId;
|
||||
int authSubKeyAlgorithm;
|
||||
String authSubKeyCurveOid = null;
|
||||
try {
|
||||
// get first usable subkey capable of authentication
|
||||
authSubKeyId = cachedPublicKeyRing.getSecretAuthenticationId();
|
||||
// needed for encoding the resulting signature
|
||||
authSubKeyAlgorithm = getPublicKey(masterKeyId).getAlgorithm();
|
||||
if (authSubKeyAlgorithm == PublicKeyAlgorithmTags.ECDSA) {
|
||||
authSubKeyCurveOid = getPublicKey(masterKeyId).getCurveOid();
|
||||
}
|
||||
} catch (PgpKeyNotFoundException e) {
|
||||
return createExceptionErrorResult(SshAuthenticationApiError.NO_AUTH_KEY,
|
||||
"authentication key for master key id not found in keychain", e);
|
||||
} catch (KeyRepository.NotFoundException e) {
|
||||
return createExceptionErrorResult(SshAuthenticationApiError.NO_SUCH_KEY,
|
||||
"Key for master key id not found", e);
|
||||
}
|
||||
|
||||
authData.setAuthenticationSubKeyId(authSubKeyId);
|
||||
|
@ -175,7 +190,19 @@ public class SshAuthenticationService extends Service {
|
|||
// return PendingIntent to be executed by client
|
||||
return packagePendingIntent(pi);
|
||||
} else if (authResult.success()) {
|
||||
return new SigningResponse(authResult.getSignature()).toIntent();
|
||||
byte[] rawSignature = authResult.getSignature();
|
||||
byte[] sshSignature;
|
||||
if (authSubKeyAlgorithm == PublicKeyAlgorithmTags.ECDSA) {
|
||||
sshSignature = SshSignatureConverter.getSshSignatureEcDsa(rawSignature, authSubKeyCurveOid);
|
||||
} else {
|
||||
try {
|
||||
sshSignature = SshSignatureConverter.getSshSignature(rawSignature, authSubKeyAlgorithm);
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
return createExceptionErrorResult(SshAuthenticationApiError.INTERNAL_ERROR,
|
||||
"Error converting signature", e);
|
||||
}
|
||||
}
|
||||
return new SigningResponse(sshSignature).toIntent();
|
||||
} else {
|
||||
LogEntryParcel errorMsg = authResult.getLog().getLast();
|
||||
return createErrorResult(SshAuthenticationApiError.INTERNAL_ERROR, getString(errorMsg.mType.getMsgId()));
|
||||
|
|
|
@ -0,0 +1,138 @@
|
|||
/*
|
||||
* Copyright (C) 2017 Christian Hagau <ach@hagau.se>
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
package org.sufficientlysecure.keychain.ssh.signature;
|
||||
|
||||
import org.bouncycastle.asn1.ASN1Integer;
|
||||
import org.bouncycastle.asn1.ASN1Primitive;
|
||||
import org.bouncycastle.asn1.ASN1Sequence;
|
||||
import org.bouncycastle.bcpg.PublicKeyAlgorithmTags;
|
||||
import org.bouncycastle.util.BigIntegers;
|
||||
import org.sufficientlysecure.keychain.ssh.key.SshEncodedData;
|
||||
import org.sufficientlysecure.keychain.ssh.utils.SshUtils;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.math.BigInteger;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
|
||||
public class SshSignatureConverter {
|
||||
|
||||
private static String getSignatureType(int algorithm) throws NoSuchAlgorithmException {
|
||||
switch (algorithm) {
|
||||
case PublicKeyAlgorithmTags.RSA_SIGN:
|
||||
case PublicKeyAlgorithmTags.RSA_GENERAL:
|
||||
return "ssh-rsa";
|
||||
|
||||
case PublicKeyAlgorithmTags.EDDSA:
|
||||
return "ssh-ed25519";
|
||||
|
||||
case PublicKeyAlgorithmTags.DSA:
|
||||
return "ssh-dss";
|
||||
|
||||
default:
|
||||
throw new NoSuchAlgorithmException("Unknown algorithm");
|
||||
}
|
||||
}
|
||||
|
||||
private static byte[] getSignatureBlob(byte[] rawSignature, int algorithm) throws NoSuchAlgorithmException {
|
||||
switch (algorithm) {
|
||||
case PublicKeyAlgorithmTags.RSA_SIGN:
|
||||
case PublicKeyAlgorithmTags.RSA_GENERAL:
|
||||
return rawSignature;
|
||||
|
||||
case PublicKeyAlgorithmTags.EDDSA:
|
||||
return rawSignature;
|
||||
|
||||
case PublicKeyAlgorithmTags.DSA:
|
||||
return getDsaSignatureBlob(rawSignature);
|
||||
|
||||
default:
|
||||
throw new NoSuchAlgorithmException("Unknown algorithm");
|
||||
}
|
||||
}
|
||||
|
||||
private static byte[] getEcDsaSignatureBlob(byte[] rawSignature) {
|
||||
BigInteger r = getR(rawSignature);
|
||||
BigInteger s = getS(rawSignature);
|
||||
|
||||
SshEncodedData rsBlob = new SshEncodedData();
|
||||
rsBlob.putMPInt(r);
|
||||
rsBlob.putMPInt(s);
|
||||
|
||||
return rsBlob.getBytes();
|
||||
}
|
||||
|
||||
private static BigInteger getR(byte[] rawSignature) {
|
||||
ASN1Sequence asn1Sequence = getASN1Sequence(rawSignature);
|
||||
return ASN1Integer.getInstance(asn1Sequence.getObjectAt(0)).getValue();
|
||||
}
|
||||
|
||||
private static BigInteger getS(byte[] rawSignature) {
|
||||
ASN1Sequence asn1Sequence = getASN1Sequence(rawSignature);
|
||||
return ASN1Integer.getInstance(asn1Sequence.getObjectAt(1)).getValue();
|
||||
}
|
||||
|
||||
private static ASN1Sequence getASN1Sequence(byte[] rawSignature) {
|
||||
try {
|
||||
return (ASN1Sequence) ASN1Primitive.fromByteArray(rawSignature);
|
||||
} catch (IOException e) {
|
||||
throw new IllegalArgumentException("Could not read ASN.1 object", e);
|
||||
}
|
||||
}
|
||||
|
||||
private static byte[] getDsaSignatureBlob(byte[] rawSignature) {
|
||||
BigInteger r = getR(rawSignature);
|
||||
BigInteger s = getS(rawSignature);
|
||||
|
||||
byte[] rByte = BigIntegers.asUnsignedByteArray(r);
|
||||
byte[] sByte = BigIntegers.asUnsignedByteArray(s);
|
||||
|
||||
int integerLength = getDsaSignatureLength(rByte.length > sByte.length ? rByte.length : sByte.length);
|
||||
int rPaddingLength = integerLength - rByte.length;
|
||||
int sPaddingLength = integerLength - sByte.length;
|
||||
|
||||
byte[] rsBlob = new byte[2 * integerLength];
|
||||
System.arraycopy(rByte, 0, rsBlob, rPaddingLength, rByte.length);
|
||||
System.arraycopy(sByte, 0, rsBlob, integerLength + sPaddingLength, sByte.length);
|
||||
|
||||
return rsBlob;
|
||||
}
|
||||
|
||||
private static int getDsaSignatureLength(int inLength) {
|
||||
if (inLength <= 20) {
|
||||
return 20;
|
||||
} else {
|
||||
return 32;
|
||||
}
|
||||
}
|
||||
|
||||
public static byte[] getSshSignature(byte[] rawSignature, int algorithm) throws NoSuchAlgorithmException {
|
||||
SshEncodedData signature = new SshEncodedData();
|
||||
signature.putString(getSignatureType(algorithm));
|
||||
signature.putString(getSignatureBlob(rawSignature, algorithm));
|
||||
|
||||
return signature.getBytes();
|
||||
}
|
||||
|
||||
public static byte[] getSshSignatureEcDsa(byte[] rawSignature, String curveOid) {
|
||||
SshEncodedData signature = new SshEncodedData();
|
||||
signature.putString("ecdsa-sha2-" + SshUtils.getCurveName(curveOid));
|
||||
signature.putString(getEcDsaSignatureBlob(rawSignature));
|
||||
|
||||
return signature.getBytes();
|
||||
}
|
||||
}
|
|
@ -0,0 +1,57 @@
|
|||
/*
|
||||
* Copyright (C) 2017 Christian Hagau <ach@hagau.se>
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
package org.sufficientlysecure.keychain.ssh.utils;
|
||||
|
||||
public class SshUtils {
|
||||
|
||||
public static String getCurveName(String curveOid) {
|
||||
// see RFC5656 section 10.{1,2}
|
||||
switch (curveOid) {
|
||||
// REQUIRED curves
|
||||
case "1.2.840.10045.3.1.7":
|
||||
return "nistp256";
|
||||
case "1.3.132.0.34":
|
||||
return "nistp384";
|
||||
case "1.3.132.0.35":
|
||||
return "nistp521";
|
||||
|
||||
// RECOMMENDED curves
|
||||
case "1.3.132.0.1":
|
||||
return "1.3.132.0.1";
|
||||
case "1.2.840.10045.3.1.1":
|
||||
return "1.2.840.10045.3.1.1";
|
||||
case "1.3.132.0.33":
|
||||
return "1.3.132.0.33";
|
||||
case "1.3.132.0.26":
|
||||
return "1.3.132.0.26";
|
||||
case "1.3.132.0.27":
|
||||
return "1.3.132.0.27";
|
||||
case "1.3.132.0.16":
|
||||
return "1.3.132.0.16";
|
||||
case "1.3.132.0.36":
|
||||
return "1.3.132.0.36";
|
||||
case "1.3.132.0.37":
|
||||
return "1.3.132.0.37";
|
||||
case "1.3.132.0.38":
|
||||
return "1.3.132.0.38";
|
||||
|
||||
default:
|
||||
return null;
|
||||
}
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue