| 4450 |
10 Apr 17 |
nicklas |
1 |
package net.sf.basedb.opengrid; |
| 4450 |
10 Apr 17 |
nicklas |
2 |
|
| 4450 |
10 Apr 17 |
nicklas |
3 |
import java.security.MessageDigest; |
| 4450 |
10 Apr 17 |
nicklas |
4 |
import java.security.NoSuchAlgorithmException; |
| 4450 |
10 Apr 17 |
nicklas |
5 |
import java.security.PublicKey; |
| 4450 |
10 Apr 17 |
nicklas |
6 |
import java.util.Base64; |
| 6612 |
28 Feb 22 |
nicklas |
7 |
import java.util.Collections; |
| 6612 |
28 Feb 22 |
nicklas |
8 |
import java.util.List; |
| 4450 |
10 Apr 17 |
nicklas |
9 |
|
| 4450 |
10 Apr 17 |
nicklas |
10 |
import net.schmizz.sshj.common.Buffer; |
| 4450 |
10 Apr 17 |
nicklas |
11 |
import net.schmizz.sshj.common.SSHRuntimeException; |
| 4450 |
10 Apr 17 |
nicklas |
12 |
import net.schmizz.sshj.transport.verification.HostKeyVerifier; |
| 4450 |
10 Apr 17 |
nicklas |
13 |
|
| 4450 |
10 Apr 17 |
nicklas |
14 |
/** |
| 4450 |
10 Apr 17 |
nicklas |
Verify the connection to a remote host using SHA-256 |
| 4450 |
10 Apr 17 |
nicklas |
hash of the servers public key. |
| 4450 |
10 Apr 17 |
nicklas |
17 |
|
| 4450 |
10 Apr 17 |
nicklas |
@author nicklas |
| 4450 |
10 Apr 17 |
nicklas |
@since 1.1 |
| 4450 |
10 Apr 17 |
nicklas |
20 |
*/ |
| 4450 |
10 Apr 17 |
nicklas |
21 |
public class Sha256Verifier |
| 4450 |
10 Apr 17 |
nicklas |
22 |
implements HostKeyVerifier |
| 4450 |
10 Apr 17 |
nicklas |
23 |
{ |
| 4450 |
10 Apr 17 |
nicklas |
24 |
|
| 4450 |
10 Apr 17 |
nicklas |
25 |
private final String fingerprint; |
| 4450 |
10 Apr 17 |
nicklas |
26 |
|
| 4450 |
10 Apr 17 |
nicklas |
27 |
public Sha256Verifier(String fingerprint) |
| 4450 |
10 Apr 17 |
nicklas |
28 |
{ |
| 4450 |
10 Apr 17 |
nicklas |
// Ensure no padding |
| 4450 |
10 Apr 17 |
nicklas |
30 |
this.fingerprint = fingerprint.replace("=", ""); |
| 4450 |
10 Apr 17 |
nicklas |
31 |
} |
| 4450 |
10 Apr 17 |
nicklas |
32 |
|
| 4450 |
10 Apr 17 |
nicklas |
33 |
@Override |
| 4450 |
10 Apr 17 |
nicklas |
34 |
public boolean verify(String hostname, int port, PublicKey key) |
| 4450 |
10 Apr 17 |
nicklas |
35 |
{ |
| 4450 |
10 Apr 17 |
nicklas |
36 |
try |
| 4450 |
10 Apr 17 |
nicklas |
37 |
{ |
| 4450 |
10 Apr 17 |
nicklas |
38 |
MessageDigest digest = MessageDigest.getInstance("SHA-256"); |
| 4450 |
10 Apr 17 |
nicklas |
39 |
digest.update(new Buffer.PlainBuffer().putPublicKey(key).getCompactData()); |
| 4450 |
10 Apr 17 |
nicklas |
40 |
byte[] hash = digest.digest(); |
| 4450 |
10 Apr 17 |
nicklas |
41 |
String b64 = Base64.getEncoder().encodeToString(hash).replace("=", ""); |
| 4450 |
10 Apr 17 |
nicklas |
42 |
return fingerprint.equals(b64); |
| 4450 |
10 Apr 17 |
nicklas |
43 |
} |
| 4450 |
10 Apr 17 |
nicklas |
44 |
catch (NoSuchAlgorithmException ex) |
| 4450 |
10 Apr 17 |
nicklas |
45 |
{ |
| 4450 |
10 Apr 17 |
nicklas |
46 |
throw new SSHRuntimeException(ex); |
| 4450 |
10 Apr 17 |
nicklas |
47 |
} |
| 4450 |
10 Apr 17 |
nicklas |
48 |
} |
| 4450 |
10 Apr 17 |
nicklas |
49 |
|
| 6612 |
28 Feb 22 |
nicklas |
50 |
@Override |
| 6612 |
28 Feb 22 |
nicklas |
51 |
public List<String> findExistingAlgorithms(String host, int port) |
| 6612 |
28 Feb 22 |
nicklas |
52 |
{ |
| 6612 |
28 Feb 22 |
nicklas |
53 |
return Collections.emptyList(); |
| 6612 |
28 Feb 22 |
nicklas |
54 |
} |
| 6612 |
28 Feb 22 |
nicklas |
55 |
|
| 4450 |
10 Apr 17 |
nicklas |
56 |
} |