diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/ssh/doc/src/ssh.xml | 32 | ||||
| -rw-r--r-- | lib/ssh/src/ssh.erl | 49 | ||||
| -rw-r--r-- | lib/ssh/src/ssh_connection_manager.erl | 6 | ||||
| -rwxr-xr-x | lib/ssh/src/ssh_file.erl | 9 | ||||
| -rwxr-xr-x | lib/ssh/src/ssh_rsa.erl | 3 | 
5 files changed, 90 insertions, 9 deletions
| diff --git a/lib/ssh/doc/src/ssh.xml b/lib/ssh/doc/src/ssh.xml index 71e6b2cd3d..2c5096a25f 100644 --- a/lib/ssh/doc/src/ssh.xml +++ b/lib/ssh/doc/src/ssh.xml @@ -283,6 +283,22 @@      </func>      <func> +      <name>sign_data(Data, Algorithm) -> Signature | {error, Reason}</name> +      <fsummary> </fsummary> +      <type> +        <v> Data = binary()</v> +	<v> Algorithm = "ssh-rsa"</v> +	<v> Signature = binary()</v> +	<v> Reason = term()</v> +      </type> +      <desc> +        <p>Signs the supplied binary using the SSH key. +	</p> +      </desc> +    </func> + + +    <func>        <name>start() -> </name>        <name>start(Type) -> ok | {error, Reason}</name>        <fsummary>Starts the Ssh application. </fsummary> @@ -339,6 +355,22 @@  	by the listener up and running.</p>        </desc>      </func> + +    <func> +      <name>verify_data(Data, Signature, Algorithm) -> ok | {error, Reason}</name> +      <fsummary> </fsummary> +      <type> +        <v> Data = binary()</v> +	<v> Algorithm = "ssh-rsa"</v> +	<v> Signature = binary()</v> +	<v> Reason = term()</v> +      </type> +      <desc> +        <p>Verifies the supplied binary against the binary signature. +	</p> +      </desc> +    </func> +    </funcs>  </erlref> diff --git a/lib/ssh/src/ssh.erl b/lib/ssh/src/ssh.erl index 994c77436a..cada109df0 100644 --- a/lib/ssh/src/ssh.erl +++ b/lib/ssh/src/ssh.erl @@ -30,6 +30,8 @@  	 stop_listener/1, stop_listener/2, stop_daemon/1, stop_daemon/2,  	 shell/1, shell/2, shell/3]). +-export([sign_data/2, verify_data/3]). +  %%--------------------------------------------------------------------  %% Function: start([, Type]) -> ok  %% @@ -94,11 +96,17 @@ connect(Host, Port, Options, Timeout) ->  		    do_demonitor(MRef, Manager),  		    {error, Other};  		{'DOWN', MRef, _, Manager, Reason} when is_pid(Manager) -> +		    error_logger:warning_report([{ssh, connect}, +						 {diagnose, +						  "Connection was closed before properly set up."}, +						 {host, Host}, +						 {port, Port}, +						 {reason, Reason}]),  		    receive %% Clear EXIT message from queue  			{'EXIT', Manager, _What} ->  -			    {error, Reason} +			    {error, channel_closed}  		    after 0 -> -			    {error, Reason} +			    {error, channel_closed}  		    end  	    after Timeout  ->  		    do_demonitor(MRef, Manager), @@ -239,6 +247,43 @@ shell(Host, Port, Options) ->  	    Error      end. + +%%-------------------------------------------------------------------- +%% Function: sign_data(Data, Algorithm) -> binary() |  +%%                                         {error, Reason} +%% +%%   Data = binary() +%%   Algorithm = "ssh-rsa" +%% +%% Description: Use SSH key to sign data. +%%-------------------------------------------------------------------- +sign_data(Data, Algorithm) when is_binary(Data) -> +    case ssh_file:private_identity_key(Algorithm,[]) of +	{ok, Key} when Algorithm == "ssh-rsa" -> +	    ssh_rsa:sign(Key, Data); +	Error -> +	    Error +    end. + +%%-------------------------------------------------------------------- +%% Function: verify_data(Data, Signature, Algorithm) -> ok |  +%%                                                      {error, Reason} +%% +%%   Data = binary() +%%   Signature = binary() +%%   Algorithm = "ssh-rsa" +%% +%% Description: Use SSH signature to verify data. +%%-------------------------------------------------------------------- +verify_data(Data, Signature, Algorithm) when is_binary(Data), is_binary(Signature) -> +    case ssh_file:public_identity_key(Algorithm, []) of +	{ok, Key} when Algorithm == "ssh-rsa" -> +	    ssh_rsa:verify(Key, Data, Signature); +	Error -> +	    Error +    end. + +  %%--------------------------------------------------------------------  %%% Internal functions  %%-------------------------------------------------------------------- diff --git a/lib/ssh/src/ssh_connection_manager.erl b/lib/ssh/src/ssh_connection_manager.erl index 6bf89224cf..9bfd5270da 100644 --- a/lib/ssh/src/ssh_connection_manager.erl +++ b/lib/ssh/src/ssh_connection_manager.erl @@ -147,7 +147,7 @@ close(ConnectionManager, ChannelId) ->      try   call(ConnectionManager, {close, ChannelId}) of  	  ok ->  	    ok; -	  {error,normal} -> +	  {error, channel_closed} ->  	    ok      catch  	exit:{noproc, _} -> @@ -158,7 +158,7 @@ stop(ConnectionManager) ->      try call(ConnectionManager, stop) of  	ok ->  	    ok; -	{error,normal} -> +	{error, channel_closed} ->  	    ok      catch  	exit:{noproc, _} -> @@ -604,7 +604,7 @@ call(Pid, Msg, Timeout) ->  	exit:{timeout, _} ->  	    {error, timeout};  	exit:{normal, _} -> -	    {error, normal} +	    {error, channel_closed}      end.  cast(Pid, Msg) -> diff --git a/lib/ssh/src/ssh_file.erl b/lib/ssh/src/ssh_file.erl index c78f5dc337..ff23f714cd 100755 --- a/lib/ssh/src/ssh_file.erl +++ b/lib/ssh/src/ssh_file.erl @@ -35,8 +35,8 @@  	 lookup_host_key/3, add_host_key/3, % del_host_key/2,  	 lookup_user_key/3, ssh_dir/2, file_name/3]). --export([private_identity_key/2]). -%% , public_identity_key/2, +-export([private_identity_key/2,  +	 public_identity_key/2]).  %% 	 identity_keys/2]).  -export([encode_public_key/1, decode_public_key_v2/2]). @@ -147,6 +147,11 @@ private_identity_key(Alg, Opts) ->      Path = file_name(user, identity_key_filename(Alg), Opts),      read_private_key_v2(Path, Alg). +public_identity_key(Alg, Opts) -> +    Path = file_name(user, identity_key_filename(Alg) ++ ".pub", Opts), +    read_public_key_v2(Path, Alg). + +  read_public_key_v2(File, Type) ->      case file:read_file(File) of  	{ok,Bin} -> diff --git a/lib/ssh/src/ssh_rsa.erl b/lib/ssh/src/ssh_rsa.erl index e27cdcf7bd..91b8285b2e 100755 --- a/lib/ssh/src/ssh_rsa.erl +++ b/lib/ssh/src/ssh_rsa.erl @@ -202,8 +202,7 @@ rsassa_pkcs1_v1_5_verify(Public=#ssh_key { public={N,_E}}, Mb, Sb) ->      case emsa_pkcs1_v1_5_encode(Mb, K) of  	EM -> ok;  	_S -> -	    io:format("S: ~p~n", [_S]), -	    {error, invalid_signature} % exit(invalid_signature) +	    {error, invalid_signature}      end. | 
