148ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood/* 248ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood * Copyright (c) 2006-2011 Christian Plattner. All rights reserved. 348ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood * Please refer to the LICENSE.txt for licensing details. 448ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood */ 548ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwoodimport ch.ethz.ssh2.KnownHosts; 648ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwoodimport ch.ethz.ssh2.ServerHostKeyVerifier; 748ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood 848ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwoodclass SimpleVerifier implements ServerHostKeyVerifier 948ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood{ 1048ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood KnownHosts database; 1148ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood 1248ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood /* 1348ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood * This class is being used by the UsingKnownHosts.java example. 1448ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood */ 1548ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood 1648ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood public SimpleVerifier(KnownHosts database) 1748ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood { 1848ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood if (database == null) 1948ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood throw new IllegalArgumentException(); 2048ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood 2148ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood this.database = database; 2248ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood } 2348ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood 2448ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood public boolean verifyServerHostKey(String hostname, int port, String serverHostKeyAlgorithm, byte[] serverHostKey) 2548ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood throws Exception 2648ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood { 2748ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood int result = database.verifyHostkey(hostname, serverHostKeyAlgorithm, serverHostKey); 2848ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood 2948ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood switch (result) 3048ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood { 3148ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood case KnownHosts.HOSTKEY_IS_OK: 3248ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood 3348ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood return true; // We are happy 3448ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood 3548ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood case KnownHosts.HOSTKEY_IS_NEW: 3648ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood 3748ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood // Unknown host? Blindly accept the key and put it into the cache. 3848ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood // Well, you definitely can do better (e.g., ask the user). 3948ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood 4048ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood // The following call will ONLY put the key into the memory cache! 4148ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood // To save it in a known hosts file, also call "KnownHosts.addHostkeyToFile(...)" 4248ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood database.addHostkey(new String[] { hostname }, serverHostKeyAlgorithm, serverHostKey); 4348ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood 4448ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood return true; 4548ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood 4648ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood case KnownHosts.HOSTKEY_HAS_CHANGED: 4748ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood 4848ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood // Close the connection if the hostkey has changed. 4948ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood // Better: ask user and add new key to database. 5048ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood return false; 5148ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood 5248ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood default: 5348ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood throw new IllegalStateException(); 5448ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood } 5548ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood } 5648ded2421114c4c87ef3f8005c9f793a5d077cbdMike Lockwood}