diff options
| author | Niclas Eklund <[email protected]> | 2010-12-20 17:05:39 +0100 |
|---|---|---|
| committer | Niclas Eklund <[email protected]> | 2010-12-20 17:05:39 +0100 |
| commit | 4e894385dba69227fde6a5b402b169ec4621a356 (patch) | |
| tree | c7f28fc7c5245c4cab6d351f7569af5255473067 /lib/ssh/src | |
| parent | 8a1ec022a6395ce6c228c6776dc12bff4f3967cf (diff) | |
| download | otp-4e894385dba69227fde6a5b402b169ec4621a356.tar.gz otp-4e894385dba69227fde6a5b402b169ec4621a356.tar.bz2 otp-4e894385dba69227fde6a5b402b169ec4621a356.zip | |
OTP-8987
In some cases SSH returned {error, normal} when a channel was terminated
unexpectedly. This has now been changed to {error, channel_closed}.
OTP-8986
It is now possible to use SSH to sign and verify binary data.
Diffstat (limited to 'lib/ssh/src')
| -rw-r--r-- | lib/ssh/src/ssh.erl | 41 | ||||
| -rw-r--r-- | lib/ssh/src/ssh_connection_manager.erl | 6 | ||||
| -rwxr-xr-x | lib/ssh/src/ssh_file.erl | 9 | ||||
| -rwxr-xr-x | lib/ssh/src/ssh_rsa.erl | 3 |
4 files changed, 52 insertions, 7 deletions
diff --git a/lib/ssh/src/ssh.erl b/lib/ssh/src/ssh.erl index 994c77436a..b7f56b1b38 100644 --- a/lib/ssh/src/ssh.erl +++ b/lib/ssh/src/ssh.erl @@ -30,6 +30,8 @@ stop_listener/1, stop_listener/2, stop_daemon/1, stop_daemon/2, shell/1, shell/2, shell/3]). +-export([sign_data/2, verify_data/3]). + %%-------------------------------------------------------------------- %% Function: start([, Type]) -> ok %% @@ -95,6 +97,8 @@ connect(Host, Port, Options, Timeout) -> {error, Other}; {'DOWN', MRef, _, Manager, Reason} when is_pid(Manager) -> receive %% Clear EXIT message from queue + {'EXIT', Manager, _What} when Reason == normal -> + {error, channel_closed}; {'EXIT', Manager, _What} -> {error, Reason} after 0 -> @@ -239,6 +243,43 @@ shell(Host, Port, Options) -> Error end. + +%%-------------------------------------------------------------------- +%% Function: sign_data(Data, Algorithm) -> binary() | +%% {error, Reason} +%% +%% Data = binary() +%% Algorithm = "ssh-rsa" +%% +%% Description: Use SSH key to sign data. +%%-------------------------------------------------------------------- +sign_data(Data, Algorithm) when is_binary(Data) -> + case ssh_file:private_identity_key(Algorithm,[]) of + {ok, Key} when Algorithm == "ssh-rsa" -> + ssh_rsa:sign(Key, Data); + Error -> + Error + end. + +%%-------------------------------------------------------------------- +%% Function: verify_data(Data, Signature, Algorithm) -> ok | +%% {error, Reason} +%% +%% Data = binary() +%% Signature = binary() +%% Algorithm = "ssh-rsa" +%% +%% Description: Use SSH signature to verify data. +%%-------------------------------------------------------------------- +verify_data(Data, Signature, Algorithm) when is_binary(Data), is_binary(Signature) -> + case ssh_file:public_identity_key(Algorithm, []) of + {ok, Key} when Algorithm == "ssh-rsa" -> + ssh_rsa:verify(Key, Data, Signature); + Error -> + Error + end. + + %%-------------------------------------------------------------------- %%% Internal functions %%-------------------------------------------------------------------- diff --git a/lib/ssh/src/ssh_connection_manager.erl b/lib/ssh/src/ssh_connection_manager.erl index 6bf89224cf..9bfd5270da 100644 --- a/lib/ssh/src/ssh_connection_manager.erl +++ b/lib/ssh/src/ssh_connection_manager.erl @@ -147,7 +147,7 @@ close(ConnectionManager, ChannelId) -> try call(ConnectionManager, {close, ChannelId}) of ok -> ok; - {error,normal} -> + {error, channel_closed} -> ok catch exit:{noproc, _} -> @@ -158,7 +158,7 @@ stop(ConnectionManager) -> try call(ConnectionManager, stop) of ok -> ok; - {error,normal} -> + {error, channel_closed} -> ok catch exit:{noproc, _} -> @@ -604,7 +604,7 @@ call(Pid, Msg, Timeout) -> exit:{timeout, _} -> {error, timeout}; exit:{normal, _} -> - {error, normal} + {error, channel_closed} end. cast(Pid, Msg) -> diff --git a/lib/ssh/src/ssh_file.erl b/lib/ssh/src/ssh_file.erl index 13722656db..cd0d01c546 100755 --- a/lib/ssh/src/ssh_file.erl +++ b/lib/ssh/src/ssh_file.erl @@ -33,8 +33,8 @@ lookup_host_key/3, add_host_key/3, % del_host_key/2, lookup_user_key/3, ssh_dir/2, file_name/3]). --export([private_identity_key/2]). -%% , public_identity_key/2, +-export([private_identity_key/2, + public_identity_key/2]). %% identity_keys/2]). -export([encode_public_key/1, decode_public_key_v2/2]). @@ -140,6 +140,11 @@ private_identity_key(Alg, Opts) -> Path = file_name(user, identity_key_filename(Alg), Opts), read_private_key_v2(Path, Alg). +public_identity_key(Alg, Opts) -> + Path = file_name(user, identity_key_filename(Alg) ++ ".pub", Opts), + read_public_key_v2(Path, Alg). + + read_public_key_v2(File, Type) -> case file:read_file(File) of {ok,Bin} -> diff --git a/lib/ssh/src/ssh_rsa.erl b/lib/ssh/src/ssh_rsa.erl index e27cdcf7bd..91b8285b2e 100755 --- a/lib/ssh/src/ssh_rsa.erl +++ b/lib/ssh/src/ssh_rsa.erl @@ -202,8 +202,7 @@ rsassa_pkcs1_v1_5_verify(Public=#ssh_key { public={N,_E}}, Mb, Sb) -> case emsa_pkcs1_v1_5_encode(Mb, K) of EM -> ok; _S -> - io:format("S: ~p~n", [_S]), - {error, invalid_signature} % exit(invalid_signature) + {error, invalid_signature} end. |