public AbstractService(String name, Transport trans) { this.name = name; this.trans = trans; log = trans.getConfig().getLoggerFactory().getLogger(getClass()); }
Decoder(Transport packetHandler) { this.packetHandler = packetHandler; log = packetHandler.getConfig().getLoggerFactory().getLogger(getClass()); }
public UserAuthImpl(Transport trans) { super("ssh-userauth", trans); authenticated = new Promise<Boolean, UserAuthException>("authenticated", UserAuthException.chainer, trans.getConfig().getLoggerFactory()); }
protected AbstractForwardedChannelOpener(String chanType, Connection conn) { this.chanType = chanType; this.conn = conn; log = conn.getTransport().getConfig().getLoggerFactory().getLogger(getClass()); }
@Override protected void initDH(DHBase dh) throws GeneralSecurityException { dh.init(new DHParameterSpec(group, generator), trans.getConfig().getRandomFactory()); } }
@Override protected void initDH(DHBase dh) throws GeneralSecurityException { dh.init(Curve25519DH.getCurve25519Params(), trans.getConfig().getRandomFactory()); } }
@Override protected void initDH(DHBase dh) throws GeneralSecurityException { dh.init(new DHParameterSpec(DHGroupData.P1, DHGroupData.G), trans.getConfig().getRandomFactory()); } }
protected KeepAlive(ConnectionImpl conn, String name) { this.conn = conn; log = conn.getTransport().getConfig().getLoggerFactory().getLogger(getClass()); setName(name); }
@Override protected void initDH(DHBase dh) throws GeneralSecurityException { dh.init(new DHParameterSpec(DHGroupData.P14, DHGroupData.G), trans.getConfig().getRandomFactory()); } }
@Override protected void initDH(DHBase dh) throws GeneralSecurityException { dh.init(new ECNamedCurveGenParameterSpec(curve), trans.getConfig().getRandomFactory()); }
private boolean parseGexGroup(SSHPacket buffer) throws Buffer.BufferException, GeneralSecurityException, TransportException { BigInteger p = buffer.readMPInt(); BigInteger g = buffer.readMPInt(); int bitLength = p.bitLength(); if (bitLength < minBits || bitLength > maxBits) { throw new GeneralSecurityException("Server generated gex p is out of range (" + bitLength + " bits)"); } log.debug("Received server p bitlength {}", bitLength); dh.init(new DHParameterSpec(p, g), trans.getConfig().getRandomFactory()); log.debug("Sending {}", Message.KEX_DH_GEX_INIT); trans.write(new SSHPacket(Message.KEX_DH_GEX_INIT).putBytes(dh.getE())); return false; } }
@Override public Promise<SSHPacket, ConnectionException> sendGlobalRequest(String name, boolean wantReply, byte[] specifics) throws TransportException { synchronized (globalReqPromises) { log.debug("Making global request for `{}`", name); trans.write(new SSHPacket(Message.GLOBAL_REQUEST).putString(name) .putBoolean(wantReply) .putRawBytes(specifics)); Promise<SSHPacket, ConnectionException> promise = null; if (wantReply) { promise = new Promise<SSHPacket, ConnectionException>("global req for " + name, ConnectionException.chainer, trans.getConfig().getLoggerFactory()); globalReqPromises.add(promise); } return promise; } }
/** * Adds {@code zlib} compression to preferred compression algorithms. There is no guarantee that it will be * successfully negotiatied. * <p/> * If the client is already connected renegotiation is done; otherwise this method simply returns (and compression * will be negotiated during connection establishment). * * @throws ClassNotFoundException if {@code JZlib} is not in classpath * @throws TransportException if an error occurs during renegotiation */ public void useCompression() throws TransportException { trans.getConfig().setCompressionFactories(Arrays.asList( new DelayedZlibCompression.Factory(), new ZlibCompression.Factory(), new NoneCompression.Factory())); if (isConnected()) rekey(); }
final KeyFormat format = KeyProviderUtil.detectKeyFileFormat(loc); final FileKeyProvider fkp = Factory.Named.Util.create(trans.getConfig().getFileKeyProviderFactories(), format.toString()); if (fkp == null) throw new SSHException("No provider available for " + format + " key file");
protected AbstractChannel(Connection conn, String type, Charset remoteCharset) { this.conn = conn; this.loggerFactory = conn.getTransport().getConfig().getLoggerFactory(); this.type = type; this.log = loggerFactory.getLogger(getClass()); this.trans = conn.getTransport(); this.remoteCharset = remoteCharset != null ? remoteCharset : IOUtils.UTF8; id = conn.nextID(); lwin = new Window.Local(conn.getWindowSize(), conn.getMaxPacketSize(), loggerFactory); in = new ChannelInputStream(this, trans, lwin); openEvent = new Event<ConnectionException>("chan#" + id + " / " + "open", ConnectionException.chainer, openCloseLock, loggerFactory); closeEvent = new Event<ConnectionException>("chan#" + id + " / " + "close", ConnectionException.chainer, openCloseLock, loggerFactory); }
/** * Creates a {@link KeyProvider} instance from passed strings. Currently only PKCS8 format private key files are * supported (OpenSSH uses this format). * <p/> * * @param privateKey the private key as a string * @param publicKey the public key as a string if it's not included with the private key * @param passwordFinder the {@link PasswordFinder} that can supply the passphrase for decryption (may be {@code * null} in case keyfile is not encrypted) * * @return the key provider ready for use in authentication * * @throws SSHException if there was no suitable key provider available for the file format; typically because * BouncyCastle is not in the classpath * @throws IOException if the key file format is not known, etc. */ public KeyProvider loadKeys(String privateKey, String publicKey, PasswordFinder passwordFinder) throws IOException { final KeyFormat format = KeyProviderUtil.detectKeyFileFormat(privateKey, publicKey != null); final FileKeyProvider fkp = Factory.Named.Util.create(trans.getConfig().getFileKeyProviderFactories(), format.toString()); if (fkp == null) throw new SSHException("No provider available for " + format + " key file"); fkp.init(privateKey, publicKey, passwordFinder); return fkp; }
protected SSHPacket putSig(SSHPacket reqBuf) throws UserAuthException { PrivateKey key; try { key = kProv.getPrivate(); } catch (IOException ioe) { throw new UserAuthException("Problem getting private key from " + kProv, ioe); } final String kt = KeyType.fromKey(key).toString(); Signature signature = Factory.Named.Util.create(params.getTransport().getConfig().getSignatureFactories(), kt); if (signature == null) throw new UserAuthException("Could not create signature instance for " + kt + " key"); signature.initSign(key); signature.update(new Buffer.PlainBuffer() .putString(params.getTransport().getSessionID()) .putBuffer(reqBuf) // & rest of the data for sig .getCompactData()); reqBuf.putSignature(kt, signature.encode(signature.sign())); return reqBuf; }
H = digest.digest(); Signature signature = Factory.Named.Util.create(trans.getConfig().getSignatureFactories(), KeyType.fromKey(hostKey).toString()); signature.initVerify(hostKey);
private boolean parseGexReply(SSHPacket buffer) throws Buffer.BufferException, GeneralSecurityException, TransportException { byte[] K_S = buffer.readBytes(); byte[] f = buffer.readBytes(); byte[] sig = buffer.readBytes(); hostKey = new Buffer.PlainBuffer(K_S).readPublicKey(); dh.computeK(f); BigInteger k = dh.getK(); final Buffer.PlainBuffer buf = initializedBuffer() .putString(K_S) .putUInt32(minBits) .putUInt32(preferredBits) .putUInt32(maxBits) .putMPInt(((DH) dh).getP()) .putMPInt(((DH) dh).getG()) .putBytes(dh.getE()) .putBytes(f) .putMPInt(k); digest.update(buf.array(), buf.rpos(), buf.available()); H = digest.digest(); Signature signature = Factory.Named.Util.create(trans.getConfig().getSignatureFactories(), KeyType.fromKey(hostKey).toString()); signature.initVerify(hostKey); signature.update(H, 0, H.length); if (!signature.verify(sig)) throw new TransportException(DisconnectReason.KEY_EXCHANGE_FAILED, "KeyExchange signature verification failed"); return true; }
@Override protected void initDH(DHBase dh) throws GeneralSecurityException { dh.init(new DHParameterSpec(group, generator), trans.getConfig().getRandomFactory()); } }