com.mindbright.ssh2
Class SSH2Signature

java.lang.Object
  extended bycom.mindbright.ssh2.SSH2Signature
All Implemented Interfaces:
SSH2PKISigner
Direct Known Subclasses:
SSH2SimpleSignature

public abstract class SSH2Signature
extends java.lang.Object
implements SSH2PKISigner

Abstract base class for classes implementing the ssh2 signature algorithms.


Field Summary
protected  java.lang.String algorithm
           
protected  PrivateKey privateKey
           
protected  byte[] pubKeyBlob
           
protected  PublicKey publicKey
           
protected  Signature signature
           
 
Constructor Summary
protected SSH2Signature()
          Constructor.
 
Method Summary
 void clearSensitiveData()
          Try to remove any sensitive data from memory.
protected abstract  PublicKey decodePublicKey(byte[] pubKeyBlob)
          Decode a public key blob.
protected abstract  byte[] decodeSignature(byte[] sigBlob)
          Decode the given signature blob from the ssh standard form to the internal form.
protected abstract  byte[] encodePublicKey(PublicKey publicKey)
          Encode the given public key into a public key blob.
protected abstract  byte[] encodeSignature(byte[] sigRaw)
          Encode the given, internal form, signature into the ssh standard form.
 java.lang.String getAlgorithmName()
          Get the algorithm this instance handles.
static SSH2Signature getEncodingInstance(java.lang.String algorithm)
          Get a SSH2Signature instance suitable for encoding with the given algorithm.
static SSH2Signature getInstance(java.lang.String algorithm)
          Get a SSH2Signature instance suitable for encoding with the given algorithm.
 PublicKey getPublicKey()
          Get the public key associated with this SSH2Signature object.
 byte[] getPublicKeyBlob()
          Get the public key associated with this SSH2Signature object.
protected abstract  java.lang.String getSignatureAlgorithm()
          Get the signature algorithm.
 void initSign(PrivateKey privateKey)
          Prepare for signing with the given private key.
 void initVerify(byte[] pubKeyBlob)
          Prepare to verify a signature with the given public key.
 void initVerify(PublicKey publicKey)
          Prepare to verify a signature with the given public key.
 void setIncompatibility(SSH2Transport transport)
          Set eventual incompatibility modes depending on the remote end.
 void setPublicKey(PublicKey publicKey)
          Associate a public key with this object.
 byte[] sign(byte[] data)
          Sign the given data.
 boolean verify(byte[] sigBlob, byte[] data)
          Verify that the given signature matches the given data and the public key.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

algorithm

protected java.lang.String algorithm

signature

protected Signature signature

privateKey

protected PrivateKey privateKey

publicKey

protected PublicKey publicKey

pubKeyBlob

protected byte[] pubKeyBlob
Constructor Detail

SSH2Signature

protected SSH2Signature()
Constructor.

Method Detail

getInstance

public static SSH2Signature getInstance(java.lang.String algorithm)
                                 throws SSH2Exception
Get a SSH2Signature instance suitable for encoding with the given algorithm.

Parameters:
algorithm - The algorithm. Currently the valid values are "ssh-dss" and "ssh-rsa".
Returns:
An instance of the apropriate signature class.
Throws:
SSH2Exception

getEncodingInstance

public static SSH2Signature getEncodingInstance(java.lang.String algorithm)
                                         throws SSH2Exception
Get a SSH2Signature instance suitable for encoding with the given algorithm.

Parameters:
algorithm - The algorithm. Currently the valid values are "ssh-dss" and "ssh-rsa".
Returns:
An instance of the apropriate signature class.
Throws:
SSH2Exception

getAlgorithmName

public final java.lang.String getAlgorithmName()
Get the algorithm this instance handles.

Specified by:
getAlgorithmName in interface SSH2PKISigner
Returns:
The algorithm name.

getPublicKeyBlob

public final byte[] getPublicKeyBlob()
                              throws SSH2SignatureException
Get the public key associated with this SSH2Signature object.

Specified by:
getPublicKeyBlob in interface SSH2PKISigner
Returns:
A public key blob.
Throws:
SSH2SignatureException

getPublicKey

public final PublicKey getPublicKey()
                             throws SSH2SignatureException
Get the public key associated with this SSH2Signature object.

Returns:
A public key object.
Throws:
SSH2SignatureException

setPublicKey

public final void setPublicKey(PublicKey publicKey)
Associate a public key with this object.

Parameters:
publicKey - The key to associate.

setIncompatibility

public void setIncompatibility(SSH2Transport transport)
Description copied from interface: SSH2PKISigner
Set eventual incompatibility modes depending on the remote end. Some older ssh implementations use slightly incompatible algorithms when signing data.

Specified by:
setIncompatibility in interface SSH2PKISigner
Parameters:
transport - An SSH2Transport object which identifies the other end.

initSign

public final void initSign(PrivateKey privateKey)
                    throws SSH2Exception
Prepare for signing with the given private key.

Parameters:
privateKey - Key to use for signing.
Throws:
SSH2Exception

initVerify

public final void initVerify(PublicKey publicKey)
                      throws SSH2Exception
Prepare to verify a signature with the given public key.

Parameters:
publicKey - Key to use when verifying.
Throws:
SSH2Exception

initVerify

public final void initVerify(byte[] pubKeyBlob)
                      throws SSH2Exception
Prepare to verify a signature with the given public key.

Parameters:
pubKeyBlob - key to use when verifying, encoded as a public key blob.
Throws:
SSH2Exception

sign

public final byte[] sign(byte[] data)
                  throws SSH2SignatureException
Sign the given data. The object must have been initialized for signing first.

Specified by:
sign in interface SSH2PKISigner
Parameters:
data - Data to sign.
Returns:
A signature blob encoded in the ssh format.
Throws:
SSH2SignatureException

verify

public final boolean verify(byte[] sigBlob,
                            byte[] data)
                     throws SSH2SignatureException
Verify that the given signature matches the given data and the public key. The public key is given in the initialization call.

Parameters:
sigBlob - Signature blob encoded in the ssh format.
data - Signed data.
Returns:
True if the signature matches.
Throws:
SSH2SignatureException

getSignatureAlgorithm

protected abstract java.lang.String getSignatureAlgorithm()
Get the signature algorithm.

Returns:
The algorithm name.

encodePublicKey

protected abstract byte[] encodePublicKey(PublicKey publicKey)
                                   throws SSH2Exception
Encode the given public key into a public key blob.

Parameters:
publicKey - The public key to encode. Must be an instance of DSAPublicKey.
Returns:
A byte array containing the key suitably encoded.
Throws:
SSH2Exception

decodePublicKey

protected abstract PublicKey decodePublicKey(byte[] pubKeyBlob)
                                      throws SSH2Exception
Decode a public key blob.

Parameters:
pubKeyBlob - A byte array containing a public key blob.
Returns:
A Publickey instance.
Throws:
SSH2Exception

encodeSignature

protected abstract byte[] encodeSignature(byte[] sigRaw)
Encode the given, internal form, signature into the ssh standard form.

Parameters:
sigRaw - The raw signature.
Returns:
A byte array containing the signature suitably encoded.

decodeSignature

protected abstract byte[] decodeSignature(byte[] sigBlob)
                                   throws SSH2SignatureException
Decode the given signature blob from the ssh standard form to the internal form.

Parameters:
sigBlob - The encoded signature.
Returns:
A raw signature blob.
Throws:
SSH2SignatureException

clearSensitiveData

public void clearSensitiveData()
Description copied from interface: SSH2PKISigner
Try to remove any sensitive data from memory.

Specified by:
clearSensitiveData in interface SSH2PKISigner