H = digest.digest(); Signature signature = Factory.Named.Util.create(trans.getConfig().getSignatureFactories(), KeyType.fromKey(hostKey).toString()); signature.initVerify(hostKey);
final byte[] integrityKey_S2C = hash.digest(); final Cipher cipher_C2S = Factory.Named.Util.create(transport.getConfig().getCipherFactories(), negotiatedAlgs.getClient2ServerCipherAlgorithm()); cipher_C2S.init(Cipher.Mode.Encrypt, initialIV_C2S); final Cipher cipher_S2C = Factory.Named.Util.create(transport.getConfig().getCipherFactories(), negotiatedAlgs.getServer2ClientCipherAlgorithm()); cipher_S2C.init(Cipher.Mode.Decrypt, initialIV_S2C); final MAC mac_C2S = Factory.Named.Util.create(transport.getConfig().getMACFactories(), negotiatedAlgs .getClient2ServerMACAlgorithm()); mac_C2S.init(resizedKey(integrityKey_C2S, mac_C2S.getBlockSize(), hash, kex.getK(), kex.getH())); final MAC mac_S2C = Factory.Named.Util.create(transport.getConfig().getMACFactories(), negotiatedAlgs.getServer2ClientMACAlgorithm()); mac_S2C.init(resizedKey(integrityKey_S2C, mac_S2C.getBlockSize(), hash, kex.getK(), kex.getH())); Factory.Named.Util.create(transport.getConfig().getCompressionFactories(), negotiatedAlgs.getServer2ClientCompressionAlgorithm()); final Compression compression_C2S = Factory.Named.Util.create(transport.getConfig().getCompressionFactories(), negotiatedAlgs.getClient2ServerCompressionAlgorithm());
KeyFormat format = KeyProviderUtil.detectKeyFileFormat(pemContent, false); final FileKeyProvider fkp = Factory.Named.Util.create(sshClient.getTransport().getConfig().getFileKeyProviderFactories(), format.toString()); if (fkp == null) throw new SSHException("No provider available for " + format + " key file");
final byte[] integrityKey_S2C = hash.digest(); final Cipher cipher_C2S = Factory.Named.Util.create(transport.getConfig().getCipherFactories(), negotiatedAlgs.getClient2ServerCipherAlgorithm()); cipher_C2S.init(Cipher.Mode.Encrypt, initialIV_C2S); final Cipher cipher_S2C = Factory.Named.Util.create(transport.getConfig().getCipherFactories(), negotiatedAlgs.getServer2ClientCipherAlgorithm()); cipher_S2C.init(Cipher.Mode.Decrypt, initialIV_S2C); final MAC mac_C2S = Factory.Named.Util.create(transport.getConfig().getMACFactories(), negotiatedAlgs .getClient2ServerMACAlgorithm()); mac_C2S.init(integrityKey_C2S); final MAC mac_S2C = Factory.Named.Util.create(transport.getConfig().getMACFactories(), negotiatedAlgs.getServer2ClientMACAlgorithm()); mac_S2C.init(integrityKey_S2C); Factory.Named.Util.create(transport.getConfig().getCompressionFactories(), negotiatedAlgs.getServer2ClientCompressionAlgorithm()); final Compression compression_C2S = Factory.Named.Util.create(transport.getConfig().getCompressionFactories(), negotiatedAlgs.getClient2ServerCompressionAlgorithm());
H = sha1.digest(); Signature signature = Factory.Named.Util.create(trans.getConfig().getSignatureFactories(), KeyType.fromKey(hostKey).toString()); signature.init(hostKey, null);
private boolean parseGexReply(SSHPacket buffer) throws Buffer.BufferException, GeneralSecurityException, TransportException { byte[] K_S = buffer.readBytes(); byte[] f = buffer.readBytes(); byte[] sig = buffer.readBytes(); hostKey = new Buffer.PlainBuffer(K_S).readPublicKey(); dh.computeK(f); BigInteger k = dh.getK(); final Buffer.PlainBuffer buf = initializedBuffer() .putString(K_S) .putUInt32(minBits) .putUInt32(preferredBits) .putUInt32(maxBits) .putMPInt(((DH) dh).getP()) .putMPInt(((DH) dh).getG()) .putBytes(dh.getE()) .putBytes(f) .putMPInt(k); digest.update(buf.array(), buf.rpos(), buf.available()); H = digest.digest(); Signature signature = Factory.Named.Util.create(trans.getConfig().getSignatureFactories(), KeyType.fromKey(hostKey).toString()); signature.initVerify(hostKey); signature.update(H, 0, H.length); if (!signature.verify(sig)) throw new TransportException(DisconnectReason.KEY_EXCHANGE_FAILED, "KeyExchange signature verification failed"); return true; }
/** * Creates a {@link KeyProvider} instance from passed strings. Currently only PKCS8 format private key files are * supported (OpenSSH uses this format). * <p/> * * @param privateKey the private key as a string * @param publicKey the public key as a string if it's not included with the private key * @param passwordFinder the {@link PasswordFinder} that can supply the passphrase for decryption (may be {@code * null} in case keyfile is not encrypted) * * @return the key provider ready for use in authentication * * @throws SSHException if there was no suitable key provider available for the file format; typically because * BouncyCastle is not in the classpath * @throws IOException if the key file format is not known, etc. */ public KeyProvider loadKeys(String privateKey, String publicKey, PasswordFinder passwordFinder) throws IOException { final KeyFormat format = KeyProviderUtil.detectKeyFileFormat(privateKey, publicKey != null); final FileKeyProvider fkp = Factory.Named.Util.create(trans.getConfig().getFileKeyProviderFactories(), format.toString()); if (fkp == null) throw new SSHException("No provider available for " + format + " key file"); fkp.init(privateKey, publicKey, passwordFinder); return fkp; }
/** * Creates a {@link KeyProvider} instance from passed strings. Currently only PKCS8 format private key files are * supported (OpenSSH uses this format). * <p/> * * @param privateKey the private key as a string * @param publicKey the public key as a string if it's not included with the private key * @param passwordFinder the {@link PasswordFinder} that can supply the passphrase for decryption (may be {@code * null} in case keyfile is not encrypted) * * @return the key provider ready for use in authentication * * @throws SSHException if there was no suitable key provider available for the file format; typically because * BouncyCastle is not in the classpath * @throws IOException if the key file format is not known, etc. */ public KeyProvider loadKeys(String privateKey, String publicKey, PasswordFinder passwordFinder) throws IOException { final KeyFormat format = KeyProviderUtil.detectKeyFileFormat(privateKey, publicKey != null); final FileKeyProvider fkp = Factory.Named.Util.create(trans.getConfig().getFileKeyProviderFactories(), format.toString()); if (fkp == null) throw new SSHException("No provider available for " + format + " key file"); fkp.init(privateKey, publicKey, passwordFinder); return fkp; }
H = digest.digest(); Signature signature = Factory.Named.Util.create(trans.getConfig().getSignatureFactories(), KeyType.fromKey(hostKey).toString()); signature.initVerify(hostKey);
public Proposal(Config config) { kex = Factory.Named.Util.getNames(config.getKeyExchangeFactories()); sig = Factory.Named.Util.getNames(config.getSignatureFactories()); c2sCipher = s2cCipher = Factory.Named.Util.getNames(config.getCipherFactories()); c2sMAC = s2cMAC = Factory.Named.Util.getNames(config.getMACFactories()); c2sComp = s2cComp = Factory.Named.Util.getNames(config.getCompressionFactories()); packet = new SSHPacket(Message.KEXINIT); // Put cookie packet.ensureCapacity(16); config.getRandomFactory().create().fill(packet.array(), packet.wpos(), 16); packet.wpos(packet.wpos() + 16); // Put algorithm lists packet.putString(toCommaString(kex)); packet.putString(toCommaString(sig)); packet.putString(toCommaString(c2sCipher)); packet.putString(toCommaString(s2cCipher)); packet.putString(toCommaString(c2sMAC)); packet.putString(toCommaString(s2cMAC)); packet.putString(toCommaString(c2sComp)); packet.putString(toCommaString(s2cComp)); packet.putString(""); packet.putString(""); packet.putBoolean(false); // Optimistic next packet does not follow packet.putUInt32(0); // "Reserved" for future by spec }
public Proposal(Config config) { kex = Factory.Named.Util.getNames(config.getKeyExchangeFactories()); sig = Factory.Named.Util.getNames(config.getSignatureFactories()); c2sCipher = s2cCipher = Factory.Named.Util.getNames(config.getCipherFactories()); c2sMAC = s2cMAC = Factory.Named.Util.getNames(config.getMACFactories()); c2sComp = s2cComp = Factory.Named.Util.getNames(config.getCompressionFactories()); packet = new SSHPacket(Message.KEXINIT); // Put cookie packet.ensureCapacity(16); config.getRandomFactory().create().fill(packet.array(), packet.wpos(), 16); packet.wpos(packet.wpos() + 16); // Put algorithm lists packet.putString(toCommaString(kex)); packet.putString(toCommaString(sig)); packet.putString(toCommaString(c2sCipher)); packet.putString(toCommaString(s2cCipher)); packet.putString(toCommaString(c2sMAC)); packet.putString(toCommaString(s2cMAC)); packet.putString(toCommaString(c2sComp)); packet.putString(toCommaString(s2cComp)); packet.putString(""); packet.putString(""); packet.putBoolean(false); // Optimistic next packet does not follow packet.putUInt32(0); // "Reserved" for future by spec }
final KeyFormat format = KeyProviderUtil.detectKeyFileFormat(loc); final FileKeyProvider fkp = Factory.Named.Util.create(trans.getConfig().getFileKeyProviderFactories(), format.toString()); if (fkp == null) throw new SSHException("No provider available for " + format + " key file");
/** * Creates a {@link KeyProvider} instance from given location on the file system. Currently only PKCS8 format * private key files are supported (OpenSSH uses this format). * <p/> * * @param location the location of the key file * @param passwordFinder the {@link PasswordFinder} that can supply the passphrase for decryption (may be {@code * null} in case keyfile is not encrypted) * * @return the key provider ready for use in authentication * * @throws SSHException if there was no suitable key provider available for the file format; typically because * BouncyCastle is not in the classpath * @throws IOException if the key file format is not known, if the file could not be read, etc. */ public KeyProvider loadKeys(String location, PasswordFinder passwordFinder) throws IOException { final File loc = new File(location); final KeyFormat format = KeyProviderUtil.detectKeyFileFormat(loc); final FileKeyProvider fkp = Factory.Named.Util.create(trans.getConfig().getFileKeyProviderFactories(), format.toString()); if (fkp == null) throw new SSHException("No provider available for " + format + " key file"); fkp.init(loc, passwordFinder); return fkp; }
protected SSHPacket putSig(SSHPacket reqBuf) throws UserAuthException { PrivateKey key; try { key = kProv.getPrivate(); } catch (IOException ioe) { throw new UserAuthException("Problem getting private key from " + kProv, ioe); } final String kt = KeyType.fromKey(key).toString(); Signature signature = Factory.Named.Util.create(params.getTransport().getConfig().getSignatureFactories(), kt); if (signature == null) throw new UserAuthException("Could not create signature instance for " + kt + " key"); signature.initSign(key); signature.update(new Buffer.PlainBuffer() .putString(params.getTransport().getSessionID()) .putBuffer(reqBuf) // & rest of the data for sig .getCompactData()); reqBuf.putSignature(kt, signature.encode(signature.sign())); return reqBuf; }
private void gotKexInit(SSHPacket buf) throws TransportException { buf.rpos(buf.rpos() - 1); final Proposal serverProposal = new Proposal(buf); negotiatedAlgs = clientProposal.negotiate(serverProposal); log.debug("Negotiated algorithms: {}", negotiatedAlgs); for(AlgorithmsVerifier v: algorithmVerifiers) { log.debug("Trying to verify algorithms with {}", v); if(!v.verify(negotiatedAlgs)) { throw new TransportException(DisconnectReason.KEY_EXCHANGE_FAILED, "Failed to verify negotiated algorithms `" + negotiatedAlgs + "`"); } } kex = Factory.Named.Util.create(transport.getConfig().getKeyExchangeFactories(), negotiatedAlgs.getKeyExchangeAlgorithm()); try { kex.init(transport, transport.getServerID(), transport.getClientID(), serverProposal.getPacket().getCompactData(), clientProposal.getPacket().getCompactData()); } catch (GeneralSecurityException e) { throw new TransportException(DisconnectReason.KEY_EXCHANGE_FAILED, e); } }
protected SSHPacket putSig(SSHPacket reqBuf) throws UserAuthException { PrivateKey key; try { key = kProv.getPrivate(); } catch (IOException ioe) { throw new UserAuthException("Problem getting private key from " + kProv, ioe); } final String kt = KeyType.fromKey(key).toString(); Signature signature = Factory.Named.Util.create(params.getTransport().getConfig().getSignatureFactories(), kt); if (signature == null) throw new UserAuthException("Could not create signature instance for " + kt + " key"); signature.init(null, key); signature.update(new Buffer.PlainBuffer() .putString(params.getTransport().getSessionID()) .putBuffer(reqBuf) // & rest of the data for sig .getCompactData()); reqBuf.putSignature(kt, signature.encode(signature.sign())); return reqBuf; }
private void gotKexInit(SSHPacket buf) throws TransportException { buf.rpos(buf.rpos() - 1); final Proposal serverProposal = new Proposal(buf); negotiatedAlgs = clientProposal.negotiate(serverProposal); log.debug("Negotiated algorithms: {}", negotiatedAlgs); kex = Factory.Named.Util.create(transport.getConfig().getKeyExchangeFactories(), negotiatedAlgs.getKeyExchangeAlgorithm()); try { kex.init(transport, transport.getServerID(), transport.getClientID(), serverProposal.getPacket().getCompactData(), clientProposal.getPacket().getCompactData()); } catch (GeneralSecurityException e) { throw new TransportException(DisconnectReason.KEY_EXCHANGE_FAILED, e); } }
final byte[] integrityKey_S2C = hash.digest(); final Cipher cipher_C2S = Factory.Named.Util.create(transport.getConfig().getCipherFactories(), negotiatedAlgs.getClient2ServerCipherAlgorithm()); cipher_C2S.init(Cipher.Mode.Encrypt, initialIV_C2S); final Cipher cipher_S2C = Factory.Named.Util.create(transport.getConfig().getCipherFactories(), negotiatedAlgs.getServer2ClientCipherAlgorithm()); cipher_S2C.init(Cipher.Mode.Decrypt, initialIV_S2C); final MAC mac_C2S = Factory.Named.Util.create(transport.getConfig().getMACFactories(), negotiatedAlgs .getClient2ServerMACAlgorithm()); mac_C2S.init(resizedKey(integrityKey_C2S, mac_C2S.getBlockSize(), hash, kex.getK(), kex.getH())); final MAC mac_S2C = Factory.Named.Util.create(transport.getConfig().getMACFactories(), negotiatedAlgs.getServer2ClientMACAlgorithm()); mac_S2C.init(resizedKey(integrityKey_S2C, mac_S2C.getBlockSize(), hash, kex.getK(), kex.getH())); Factory.Named.Util.create(transport.getConfig().getCompressionFactories(), negotiatedAlgs.getServer2ClientCompressionAlgorithm()); final Compression compression_C2S = Factory.Named.Util.create(transport.getConfig().getCompressionFactories(), negotiatedAlgs.getClient2ServerCompressionAlgorithm());
/** * Creates a {@link KeyProvider} instance from passed strings. Currently only PKCS8 format private key files are * supported (OpenSSH uses this format). * <p/> * * @param privateKey the private key as a string * @param publicKey the public key as a string if it's not included with the private key * @param passwordFinder the {@link PasswordFinder} that can supply the passphrase for decryption (may be {@code * null} in case keyfile is not encrypted) * * @return the key provider ready for use in authentication * * @throws SSHException if there was no suitable key provider available for the file format; typically because * BouncyCastle is not in the classpath * @throws IOException if the key file format is not known, etc. */ public KeyProvider loadKeys(String privateKey, String publicKey, PasswordFinder passwordFinder) throws IOException { final KeyFormat format = KeyProviderUtil.detectKeyFileFormat(privateKey, publicKey != null); final FileKeyProvider fkp = Factory.Named.Util.create(trans.getConfig().getFileKeyProviderFactories(), format.toString()); if (fkp == null) throw new SSHException("No provider available for " + format + " key file"); fkp.init(privateKey, publicKey, passwordFinder); return fkp; }
public Proposal(Config config) { kex = Factory.Named.Util.getNames(config.getKeyExchangeFactories()); sig = Factory.Named.Util.getNames(config.getSignatureFactories()); c2sCipher = s2cCipher = Factory.Named.Util.getNames(config.getCipherFactories()); c2sMAC = s2cMAC = Factory.Named.Util.getNames(config.getMACFactories()); c2sComp = s2cComp = Factory.Named.Util.getNames(config.getCompressionFactories()); packet = new SSHPacket(Message.KEXINIT); // Put cookie packet.ensureCapacity(16); config.getRandomFactory().create().fill(packet.array(), packet.wpos(), 16); packet.wpos(packet.wpos() + 16); // Put algorithm lists packet.putString(toCommaString(kex)); packet.putString(toCommaString(sig)); packet.putString(toCommaString(c2sCipher)); packet.putString(toCommaString(s2cCipher)); packet.putString(toCommaString(c2sMAC)); packet.putString(toCommaString(s2cMAC)); packet.putString(toCommaString(c2sComp)); packet.putString(toCommaString(s2cComp)); packet.putString(""); packet.putString(""); packet.putBoolean(false); // Optimistic next packet does not follow packet.putUInt32(0); // "Reserved" for future by spec }