/**
* @param string
* @return bool
*/
public function authenticate(PacketProtocol $protocol, $packet)
{
if ($this->user) {
$protocol->send('bnb', SSH_MSG_USERAUTH_FAILURE, array(), 0);
return FALSE;
}
list($user, $service, $method) = parse('sss', $packet);
if ($service !== 'ssh-connection' || $method !== 'publickey') {
$protocol->send('bnb', SSH_MSG_USERAUTH_FAILURE, array('publickey'), 0);
return FALSE;
}
list($signed, $publickey_algorithm, $publickey) = parse('bss', $packet);
// FIXME: currently on ssh-rsa supported
if ($publickey_algorithm !== 'ssh-rsa' || ($content = @file_get_contents($this->dir . '/' . $user)) === FALSE) {
$protocol->send('bnb', SSH_MSG_USERAUTH_FAILURE, array('publickey'), 0);
return FALSE;
}
if (!$signed) {
$protocol->send('bss', SSH_MSG_USERAUTH_PK_OK, $publickey_algorithm, $publickey);
return FALSE;
}
list($signature) = parse('s', $packet);
list($known_publickey_algorithm, $known_publickey, ) = explode(' ', trim($content), 3);
$known_publickey = base64_decode($known_publickey);
if (!($known_publickey_algorithm === $publickey_algorithm && $known_publickey === $publickey)) {
$protocol->send('bnb', SSH_MSG_USERAUTH_FAILURE, array('publickey'), 0);
return FALSE;
}
$data = format('sbsssbss', $protocol->getSessionId(), SSH_MSG_USERAUTH_REQUEST, $user, $service, 'publickey', 1, $publickey_algorithm, $publickey);
if (verify($publickey, $data, $signature)) {
$protocol->send('b', SSH_MSG_USERAUTH_SUCCESS);
$this->user = $user;
$this->service = $service;
return TRUE;
}
return FALSE;
}
