/** * Private method used while putting new keys into use that will resize the key used to initialize the cipher to the * needed length. * * @param E the key to resize * @param blockSize the cipher block size * @param hash the hash algorithm * @param K the key exchange K parameter * @param H the key exchange H parameter * * @return the resized key */ private static byte[] resizedKey(byte[] E, int blockSize, Digest hash, BigInteger K, byte[] H) { while (blockSize > E.length) { Buffer.PlainBuffer buffer = new Buffer.PlainBuffer().putMPInt(K).putRawBytes(H).putRawBytes(E); hash.update(buffer.array(), 0, buffer.available()); byte[] foo = hash.digest(); byte[] bar = new byte[E.length + foo.length]; System.arraycopy(E, 0, bar, 0, E.length); System.arraycopy(foo, 0, bar, E.length, foo.length); E = bar; } return E; }
.putBytes(f) .putMPInt(dh.getK()); digest.update(buf.array(), buf.rpos(), buf.available()); H = digest.digest();
/** * Private method used while putting new keys into use that will resize the key used to initialize the cipher to the * needed length. * * @param E the key to resize * @param blockSize the cipher block size * @param hash the hash algorithm * @param K the key exchange K parameter * @param H the key exchange H parameter * * @return the resized key */ private static byte[] resizedKey(byte[] E, int blockSize, Digest hash, BigInteger K, byte[] H) { while (blockSize > E.length) { Buffer.PlainBuffer buffer = new Buffer.PlainBuffer().putMPInt(K).putRawBytes(H).putRawBytes(E); hash.update(buffer.array(), 0, buffer.available()); byte[] foo = hash.digest(); byte[] bar = new byte[E.length + foo.length]; System.arraycopy(E, 0, bar, 0, E.length); System.arraycopy(foo, 0, bar, E.length, foo.length); E = bar; } return E; }
final int pos = hashInput.available() - sessionID.length - 1; // Position of <placeholder> hashInput.array()[pos] = 'A'; hash.update(hashInput.array(), 0, hashInput.available()); final byte[] initialIV_C2S = hash.digest(); hashInput.array()[pos] = 'B'; hash.update(hashInput.array(), 0, hashInput.available()); final byte[] initialIV_S2C = hash.digest(); hashInput.array()[pos] = 'C'; hash.update(hashInput.array(), 0, hashInput.available()); final byte[] encryptionKey_C2S = hash.digest(); hashInput.array()[pos] = 'D'; hash.update(hashInput.array(), 0, hashInput.available()); final byte[] encryptionKey_S2C = hash.digest(); hashInput.array()[pos] = 'E'; hash.update(hashInput.array(), 0, hashInput.available()); final byte[] integrityKey_C2S = hash.digest(); hashInput.array()[pos] = 'F'; hash.update(hashInput.array(), 0, hashInput.available()); final byte[] integrityKey_S2C = hash.digest();
final int pos = hashInput.available() - sessionID.length - 1; // Position of <placeholder> hashInput.array()[pos] = 'A'; hash.update(hashInput.array(), 0, hashInput.available()); final byte[] initialIV_C2S = hash.digest(); hashInput.array()[pos] = 'B'; hash.update(hashInput.array(), 0, hashInput.available()); final byte[] initialIV_S2C = hash.digest(); hashInput.array()[pos] = 'C'; hash.update(hashInput.array(), 0, hashInput.available()); final byte[] encryptionKey_C2S = hash.digest(); hashInput.array()[pos] = 'D'; hash.update(hashInput.array(), 0, hashInput.available()); final byte[] encryptionKey_S2C = hash.digest(); hashInput.array()[pos] = 'E'; hash.update(hashInput.array(), 0, hashInput.available()); final byte[] integrityKey_C2S = hash.digest(); hashInput.array()[pos] = 'F'; hash.update(hashInput.array(), 0, hashInput.available()); final byte[] integrityKey_S2C = hash.digest();
.putBytes(f) .putMPInt(dh.getK()); digest.update(buf.array(), buf.rpos(), buf.available()); H = digest.digest();
.putMPInt(f) .putMPInt(dh.getK()); sha1.update(buf.array(), buf.rpos(), buf.available()); H = sha1.digest();
private boolean parseGexReply(SSHPacket buffer) throws Buffer.BufferException, GeneralSecurityException, TransportException { byte[] K_S = buffer.readBytes(); byte[] f = buffer.readBytes(); byte[] sig = buffer.readBytes(); hostKey = new Buffer.PlainBuffer(K_S).readPublicKey(); dh.computeK(f); BigInteger k = dh.getK(); final Buffer.PlainBuffer buf = initializedBuffer() .putString(K_S) .putUInt32(minBits) .putUInt32(preferredBits) .putUInt32(maxBits) .putMPInt(((DH) dh).getP()) .putMPInt(((DH) dh).getG()) .putBytes(dh.getE()) .putBytes(f) .putMPInt(k); digest.update(buf.array(), buf.rpos(), buf.available()); H = digest.digest(); Signature signature = Factory.Named.Util.create(trans.getConfig().getSignatureFactories(), KeyType.fromKey(hostKey).toString()); signature.initVerify(hostKey); signature.update(H, 0, H.length); if (!signature.verify(sig)) throw new TransportException(DisconnectReason.KEY_EXCHANGE_FAILED, "KeyExchange signature verification failed"); return true; }
/** * Private method used while putting new keys into use that will resize the key used to initialize the cipher to the * needed length. * * @param E the key to resize * @param blockSize the cipher block size * @param hash the hash algorithm * @param K the key exchange K parameter * @param H the key exchange H parameter * * @return the resized key */ private static byte[] resizedKey(byte[] E, int blockSize, Digest hash, BigInteger K, byte[] H) { while (blockSize > E.length) { Buffer.PlainBuffer buffer = new Buffer.PlainBuffer().putMPInt(K).putRawBytes(H).putRawBytes(E); hash.update(buffer.array(), 0, buffer.available()); byte[] foo = hash.digest(); byte[] bar = new byte[E.length + foo.length]; System.arraycopy(E, 0, bar, 0, E.length); System.arraycopy(foo, 0, bar, E.length, foo.length); E = bar; } return E; }
private String getKeyString() { final Buffer.PlainBuffer buf = new Buffer.PlainBuffer().putPublicKey(key); return Base64.encodeBytes(buf.array(), buf.rpos(), buf.available()); }
private String getKeyString(PublicKey pk) { final Buffer.PlainBuffer buf = new Buffer.PlainBuffer().putPublicKey(pk); return Base64.encodeBytes(buf.array(), buf.rpos(), buf.available()); }
private PlainBuffer decryptBuffer(PlainBuffer privateKeyBuffer, String cipherName, String kdfName, byte[] kdfOptions) throws IOException { Cipher cipher = createCipher(cipherName); initializeCipher(kdfName, kdfOptions, cipher); byte[] array = privateKeyBuffer.array(); cipher.update(array, 0, privateKeyBuffer.available()); return new PlainBuffer(array); }
final int pos = hashInput.available() - sessionID.length - 1; // Position of <placeholder> hashInput.array()[pos] = 'A'; hash.update(hashInput.array(), 0, hashInput.available()); final byte[] initialIV_C2S = hash.digest(); hashInput.array()[pos] = 'B'; hash.update(hashInput.array(), 0, hashInput.available()); final byte[] initialIV_S2C = hash.digest(); hashInput.array()[pos] = 'C'; hash.update(hashInput.array(), 0, hashInput.available()); final byte[] encryptionKey_C2S = hash.digest(); hashInput.array()[pos] = 'D'; hash.update(hashInput.array(), 0, hashInput.available()); final byte[] encryptionKey_S2C = hash.digest(); hashInput.array()[pos] = 'E'; hash.update(hashInput.array(), 0, hashInput.available()); final byte[] integrityKey_C2S = hash.digest(); hashInput.array()[pos] = 'F'; hash.update(hashInput.array(), 0, hashInput.available()); final byte[] integrityKey_S2C = hash.digest();
private boolean parseGexReply(SSHPacket buffer) throws Buffer.BufferException, GeneralSecurityException, TransportException { byte[] K_S = buffer.readBytes(); byte[] f = buffer.readBytes(); byte[] sig = buffer.readBytes(); hostKey = new Buffer.PlainBuffer(K_S).readPublicKey(); dh.computeK(f); BigInteger k = dh.getK(); final Buffer.PlainBuffer buf = initializedBuffer() .putString(K_S) .putUInt32(minBits) .putUInt32(preferredBits) .putUInt32(maxBits) .putMPInt(((DH) dh).getP()) .putMPInt(((DH) dh).getG()) .putBytes(dh.getE()) .putBytes(f) .putMPInt(k); digest.update(buf.array(), buf.rpos(), buf.available()); H = digest.digest(); Signature signature = Factory.Named.Util.create(trans.getConfig().getSignatureFactories(), KeyType.fromKey(hostKey).toString()); signature.initVerify(hostKey); signature.update(H, 0, H.length); if (!signature.verify(sig)) throw new TransportException(DisconnectReason.KEY_EXCHANGE_FAILED, "KeyExchange signature verification failed"); return true; }
private String getKeyString(PublicKey pk) { final Buffer.PlainBuffer buf = new Buffer.PlainBuffer().putPublicKey(pk); return Base64.encodeBytes(buf.array(), buf.rpos(), buf.available()); }
private PlainBuffer decryptBuffer(PlainBuffer privateKeyBuffer, String cipherName, String kdfName, byte[] kdfOptions) throws IOException { Cipher cipher = createCipher(cipherName); initializeCipher(kdfName, kdfOptions, cipher); byte[] array = privateKeyBuffer.array(); cipher.update(array, 0, privateKeyBuffer.available()); return new PlainBuffer(array); }