diff options
| author | Kenny Root <kenny@the-b.org> | 2015-12-26 00:13:30 -0600 |
|---|---|---|
| committer | Kenny Root <kenny@the-b.org> | 2015-12-26 00:13:30 -0600 |
| commit | 065d92593af8bd43b47f016ebf6b4c1dd24fb769 (patch) | |
| tree | 20cb84b576ee22d1ce7cfd0a27efe098a0f8ce6d /sshlib | |
| parent | 93e998a377cf6bd4098ec38e99d6c191e274c3a9 (diff) | |
| download | sshlib-065d92593af8bd43b47f016ebf6b4c1dd24fb769.tar.gz sshlib-065d92593af8bd43b47f016ebf6b4c1dd24fb769.tar.bz2 sshlib-065d92593af8bd43b47f016ebf6b4c1dd24fb769.zip | |
Add tests for ECDSASHA2Verify
Since SimpleDERReader is now more tested and this class duplicates the
functionality of that one, we will switch to using SimpleDERReader
enstead.
Diffstat (limited to 'sshlib')
| -rw-r--r-- | sshlib/src/main/java/com/trilead/ssh2/signature/ECDSASHA2Verify.java | 80 | ||||
| -rw-r--r-- | sshlib/src/test/java/com/trilead/ssh2/signature/ECDSASHA2VerifyTest.java | 66 |
2 files changed, 71 insertions, 75 deletions
diff --git a/sshlib/src/main/java/com/trilead/ssh2/signature/ECDSASHA2Verify.java b/sshlib/src/main/java/com/trilead/ssh2/signature/ECDSASHA2Verify.java index f628ae7..89cacfb 100644 --- a/sshlib/src/main/java/com/trilead/ssh2/signature/ECDSASHA2Verify.java +++ b/sshlib/src/main/java/com/trilead/ssh2/signature/ECDSASHA2Verify.java @@ -24,6 +24,7 @@ import java.security.spec.KeySpec; import java.util.Map; import java.util.TreeMap; +import com.trilead.ssh2.crypto.SimpleDERReader; import com.trilead.ssh2.log.Logger; import com.trilead.ssh2.packets.TypesReader; import com.trilead.ssh2.packets.TypesWriter; @@ -267,24 +268,6 @@ public class ECDSASHA2Verify { } } - private static final int readLength(byte[] sig, int offset, int numOctets) throws IOException { - if (numOctets > 4 || numOctets <= 0) { - throw new IOException("Cannot decode DER length"); - } - - long length = 0L; - for (int i = 0; i < numOctets; i++) { - length <<= 8; - length |= sig[offset++]; - } - - if (length > 0xFFFFFFL || length < 0L) { - throw new IOException("Invalid DER length"); - } - - return (int) length; - } - public static byte[] encodeSSHECDSASignature(byte[] sig, ECParameterSpec params) throws IOException { TypesWriter tw = new TypesWriter(); @@ -299,64 +282,11 @@ public class ECDSASHA2Verify { * 0x02 <len> <data[len]> */ - if (sig[0] != 0x30) { - throw new IOException("Invalid signature format"); - } - - final int seqHeaderLength; - final int seqLength; - if ((sig[1] & 0x80) != 0) { - int seqHeaderOctets = sig[1] & 0x7F; - seqHeaderLength = seqHeaderOctets + 1; - seqLength = readLength(sig, 2, seqHeaderOctets); - } else { - seqHeaderLength = 1; - seqLength = sig[1]; - } - - if ((seqLength == 0) || (1 + seqHeaderLength + seqLength != sig.length) || (sig[1 + seqHeaderLength] != 0x02)) { - throw new IOException("Invalid signature format"); - } - - final int rHeaderLength; - final int rLength; - if ((sig[1 + seqHeaderLength + 1] & 0x80) != 0) { - int rHeaderOctets = sig[seqHeaderLength + 2] & 0x7F; - rHeaderLength = rHeaderOctets + 1; - rLength = readLength(sig, seqHeaderLength + 3, rHeaderOctets); - } else { - rHeaderLength = 1; - rLength = sig[seqHeaderLength + 2]; - } - - if ((rLength == 0) || (rLength > seqLength - (rHeaderLength + 1 + 1 + 1)) || - sig[1 + seqHeaderLength + 1 + rHeaderLength + rLength] != 0x02) { - throw new IOException("Invalid signature format"); - } - - final int sHeaderLength; - final int sLength; - if ((sig[1 + seqHeaderLength + 1 + rHeaderLength + rLength + 1] & 0x80) != 0) { - int sHeaderOctets = sig[1 + seqHeaderLength + 1 + rHeaderLength + rLength + 1] & 0x7F; - sHeaderLength = sHeaderOctets + 1; - sLength = readLength(sig, 4 + rHeaderLength + rLength, sHeaderOctets); - } else { - sHeaderLength = 1; - sLength = sig[1 + seqHeaderLength + 1 + rHeaderLength + rLength + 1]; - } - - if ((sLength == 0) || 2 + rHeaderLength + rLength + sHeaderLength + sLength > seqLength) { - throw new IOException("Invalid signature format"); - } - - byte[] rArray = new byte[rLength]; - byte[] sArray = new byte[sLength]; - - System.arraycopy(sig, 1 + seqHeaderLength + 1, rArray, 0, rLength); - System.arraycopy(sig, 1 + seqHeaderLength + 1 + rLength + 1 + sHeaderLength, sArray, 0, sLength); + SimpleDERReader reader = new SimpleDERReader(sig); + SimpleDERReader seqReader = new SimpleDERReader(reader.readSequenceAsByteArray()); - BigInteger r = new BigInteger(1, rArray); - BigInteger s = new BigInteger(1, sArray); + BigInteger r = seqReader.readInt(); + BigInteger s = seqReader.readInt(); // Write the <r,s> to its own types writer. TypesWriter rsWriter = new TypesWriter(); diff --git a/sshlib/src/test/java/com/trilead/ssh2/signature/ECDSASHA2VerifyTest.java b/sshlib/src/test/java/com/trilead/ssh2/signature/ECDSASHA2VerifyTest.java new file mode 100644 index 0000000..d7b9316 --- /dev/null +++ b/sshlib/src/test/java/com/trilead/ssh2/signature/ECDSASHA2VerifyTest.java @@ -0,0 +1,66 @@ +package com.trilead.ssh2.signature; + +import org.junit.Test; + +import static org.junit.Assert.*; + +/** + * Created by kenny on 12/25/15. + */ +public class ECDSASHA2VerifyTest { + private static final byte[] DER_ENCODED_P521_SIG = new byte[]{ + (byte) 0x30, (byte) 0x81, (byte) 0x88, (byte) 0x02, (byte) 0x42, (byte) 0x00, (byte) 0xFB, (byte) 0x41, (byte) 0xFD, (byte) 0xBD, (byte) 0x61, (byte) 0x5D, + (byte) 0xFE, (byte) 0x3F, (byte) 0x0C, (byte) 0xA1, (byte) 0xF0, (byte) 0x73, (byte) 0xF1, (byte) 0x18, (byte) 0xFB, (byte) 0x25, (byte) 0x57, (byte) 0xF4, + (byte) 0xDE, (byte) 0xF5, (byte) 0xC1, (byte) 0xAA, (byte) 0xB2, (byte) 0xA7, (byte) 0x2B, (byte) 0x9F, (byte) 0x81, (byte) 0xD1, (byte) 0x21, (byte) 0x9D, + (byte) 0x48, (byte) 0xC8, (byte) 0xC9, (byte) 0x31, (byte) 0xB9, (byte) 0x9B, (byte) 0xE5, (byte) 0x97, (byte) 0x94, (byte) 0x2F, (byte) 0xD5, (byte) 0x7E, + (byte) 0x0C, (byte) 0x32, (byte) 0x2D, (byte) 0xF9, (byte) 0x76, (byte) 0xC6, (byte) 0x33, (byte) 0x2C, (byte) 0x49, (byte) 0x1D, (byte) 0xDF, (byte) 0x51, + (byte) 0xA2, (byte) 0xD2, (byte) 0xB0, (byte) 0x72, (byte) 0x9B, (byte) 0x26, (byte) 0xC4, (byte) 0xB2, (byte) 0xA0, (byte) 0xF0, (byte) 0x7E, (byte) 0x02, + (byte) 0x42, (byte) 0x01, (byte) 0x56, (byte) 0x94, (byte) 0x9B, (byte) 0xAB, (byte) 0x00, (byte) 0x6D, (byte) 0x3C, (byte) 0x28, (byte) 0x34, (byte) 0x1B, + (byte) 0x00, (byte) 0xF3, (byte) 0xDF, (byte) 0xF7, (byte) 0x42, (byte) 0xAD, (byte) 0x8B, (byte) 0x20, (byte) 0x55, (byte) 0x2E, (byte) 0x80, (byte) 0x4F, + (byte) 0xDE, (byte) 0x0F, (byte) 0xBC, (byte) 0xE7, (byte) 0xE2, (byte) 0x7C, (byte) 0xF3, (byte) 0x3B, (byte) 0xFD, (byte) 0x95, (byte) 0xB0, (byte) 0xF7, + (byte) 0xD4, (byte) 0xE0, (byte) 0x63, (byte) 0xA9, (byte) 0x86, (byte) 0xA6, (byte) 0x49, (byte) 0xF4, (byte) 0x69, (byte) 0x66, (byte) 0x10, (byte) 0xD5, + (byte) 0x3F, (byte) 0xB6, (byte) 0x30, (byte) 0xDC, (byte) 0x01, (byte) 0x0E, (byte) 0xBE, (byte) 0xD1, (byte) 0x62, (byte) 0x86, (byte) 0x2B, (byte) 0xE4, + (byte) 0xF2, (byte) 0xF3, (byte) 0x6D, (byte) 0x4C, (byte) 0xE1, (byte) 0xD0, (byte) 0x5C + }; + + private static final byte[] SSH_ENCODED_P521_SIG = new byte[] { + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x13, + (byte) 0x65, (byte) 0x63, (byte) 0x64, (byte) 0x73, (byte) 0x61, (byte) 0x2D, (byte) 0x73, (byte) 0x68, + (byte) 0x61, (byte) 0x32, (byte) 0x2D, (byte) 0x6E, (byte) 0x69, (byte) 0x73, (byte) 0x74, (byte) 0x70, + (byte) 0x35, (byte) 0x32, (byte) 0x31, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x8C, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x42, + (byte) 0x00, (byte) 0xFB, (byte) 0x41, (byte) 0xFD, (byte) 0xBD, (byte) 0x61, (byte) 0x5D, + (byte) 0xFE, (byte) 0x3F, (byte) 0x0C, (byte) 0xA1, (byte) 0xF0, (byte) 0x73, (byte) 0xF1, (byte) 0x18, + (byte) 0xFB, (byte) 0x25, (byte) 0x57, (byte) 0xF4, (byte) 0xDE, (byte) 0xF5, (byte) 0xC1, (byte) 0xAA, + (byte) 0xB2, (byte) 0xA7, (byte) 0x2B, (byte) 0x9F, (byte) 0x81, (byte) 0xD1, (byte) 0x21, (byte) 0x9D, + (byte) 0x48, (byte) 0xC8, (byte) 0xC9, (byte) 0x31, (byte) 0xB9, (byte) 0x9B, (byte) 0xE5, (byte) 0x97, + (byte) 0x94, (byte) 0x2F, (byte) 0xD5, (byte) 0x7E, (byte) 0x0C, (byte) 0x32, (byte) 0x2D, (byte) 0xF9, + (byte) 0x76, (byte) 0xC6, (byte) 0x33, (byte) 0x2C, (byte) 0x49, (byte) 0x1D, (byte) 0xDF, (byte) 0x51, + (byte) 0xA2, (byte) 0xD2, (byte) 0xB0, (byte) 0x72, (byte) 0x9B, (byte) 0x26, (byte) 0xC4, (byte) 0xB2, + (byte) 0xA0, (byte) 0xF0, (byte) 0x7E, + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x42, + (byte) 0x01, (byte) 0x56, (byte) 0x94, (byte) 0x9B, (byte) 0xAB, (byte) 0x00, (byte) 0x6D, (byte) 0x3C, + (byte) 0x28, (byte) 0x34, (byte) 0x1B, (byte) 0x00, (byte) 0xF3, (byte) 0xDF, (byte) 0xF7, (byte) 0x42, + (byte) 0xAD, (byte) 0x8B, (byte) 0x20, (byte) 0x55, (byte) 0x2E, (byte) 0x80, (byte) 0x4F, (byte) 0xDE, + (byte) 0x0F, (byte) 0xBC, (byte) 0xE7, (byte) 0xE2, (byte) 0x7C, (byte) 0xF3, (byte) 0x3B, (byte) 0xFD, + (byte) 0x95, (byte) 0xB0, (byte) 0xF7, (byte) 0xD4, (byte) 0xE0, (byte) 0x63, (byte) 0xA9, (byte) 0x86, + (byte) 0xA6, (byte) 0x49, (byte) 0xF4, (byte) 0x69, (byte) 0x66, (byte) 0x10, (byte) 0xD5, (byte) 0x3F, + (byte) 0xB6, (byte) 0x30, (byte) 0xDC, (byte) 0x01, (byte) 0x0E, (byte) 0xBE, (byte) 0xD1, (byte) 0x62, + (byte) 0x86, (byte) 0x2B, (byte) 0xE4, (byte) 0xF2, (byte) 0xF3, (byte) 0x6D, (byte) 0x4C, (byte) 0xE1, + (byte) 0xD0, (byte) 0x5C + }; + + @Test + public void encodeSSHECDSASignature() throws Exception { + byte[] encoded = ECDSASHA2Verify.encodeSSHECDSASignature(DER_ENCODED_P521_SIG, + ECDSASHA2Verify.getCurveForSize(521)); + assertArrayEquals(SSH_ENCODED_P521_SIG, encoded); + } + + @Test + public void decodeSSHECDSASignature() throws Exception { + byte[] encoded = ECDSASHA2Verify.decodeSSHECDSASignature(SSH_ENCODED_P521_SIG); + assertArrayEquals(DER_ENCODED_P521_SIG, encoded); + } +}
\ No newline at end of file |