Package ch.ethz.ssh2

Examples of ch.ethz.ssh2.KnownHosts$KnownHostsEntry


    PacketNewKeys ign = new PacketNewKeys();
    tm.sendKexMessage(ign.getPayload());

    BlockCipher cbc;
    MAC mac;

    try
    {
      cbc = BlockCipherFactory.createCipher(kxs.np.enc_algo_client_to_server, true, km.enc_key_client_to_server,
          km.initial_iv_client_to_server);

      mac = new MAC(kxs.np.mac_algo_client_to_server, km.integrity_key_client_to_server);

    }
    catch (IllegalArgumentException e1)
    {
      throw new IOException("Fatal error during MAC startup!");


    {
      if (km == null)
        throw new IOException("Peer sent SSH_MSG_NEWKEYS, but I have no key material ready!");

      BlockCipher cbc;
      MAC mac;

      try
      {
        cbc = BlockCipherFactory.createCipher(kxs.np.enc_algo_server_to_client, false,
            km.enc_key_server_to_client, km.initial_iv_server_to_client);

        mac = new MAC(kxs.np.mac_algo_server_to_client, km.integrity_key_server_to_client);

      }
      catch (IllegalArgumentException e1)
      {
        throw new IOException("Fatal error during MAC startup!");

  public static boolean verifySignature(byte[] message, DSASignature ds, DSAPublicKey dpk) throws IOException
  {
    /* Inspired by Bouncycastle's DSASigner class */

    SHA1 md = new SHA1();
    md.update(message);
    byte[] sha_message = new byte[md.getDigestLength()];
    md.digest(sha_message);

    BigInteger m = new BigInteger(1, sha_message);

    BigInteger r = ds.getR();
    BigInteger s = ds.getS();

        if (kxs.np.kex_algo.equals("diffie-hellman-group1-sha1"))
          kxs.dhx.init(1, rnd);
        else
          kxs.dhx.init(14, rnd);

        PacketKexDHInit kp = new PacketKexDHInit(kxs.dhx.getE());
        tm.sendKexMessage(kp.getPayload());
        kxs.state = 1;
        return;
      }

      throw new IllegalStateException("Unkown KEX method!");

        || kxs.np.kex_algo.equals("diffie-hellman-group14-sha1"))
    {
      if (kxs.state == 1)
      {

        PacketKexDHReply dhr = new PacketKexDHReply(msg, 0, msglen);

        kxs.hostkey = dhr.getHostKey();

        if (verifier != null)
        {
          boolean vres = false;

          try
          {
            vres = verifier.verifyServerHostKey(hostname, port, kxs.np.server_host_key_algo, kxs.hostkey);
          }
          catch (Exception e)
          {
            throw (IOException) new IOException(
                "The server hostkey was not accepted by the verifier callback.").initCause(e);
          }

          if (vres == false)
            throw new IOException("The server hostkey was not accepted by the verifier callback");
        }

        kxs.dhx.setF(dhr.getF());

        try
        {
          kxs.H = kxs.dhx.calculateH(csh.getClientString(), csh.getServerString(), kxs.localKEX.getPayload(),
              kxs.remoteKEX.getPayload(), dhr.getHostKey());
        }
        catch (IllegalArgumentException e)
        {
          throw (IOException) new IOException("KEX error.").initCause(e);
        }

        boolean res = verifySignature(dhr.getSignature(), kxs.hostkey);

        if (res == false)
          throw new IOException("Hostkey signature sent by remote is wrong!");

        kxs.K = kxs.dhx.getK();

    if (kxs.np.kex_algo.equals("diffie-hellman-group-exchange-sha1"))
    {
      if (kxs.state == 1)
      {
        PacketKexDhGexGroup dhgexgrp = new PacketKexDhGexGroup(msg, 0, msglen);
        kxs.dhgx = new DhGroupExchange(dhgexgrp.getP(), dhgexgrp.getG());
        kxs.dhgx.init(rnd);
        PacketKexDhGexInit dhgexinit = new PacketKexDhGexInit(kxs.dhgx.getE());
        tm.sendKexMessage(dhgexinit.getPayload());
        kxs.state = 2;
        return;

      if (kxs.state == 1)
      {
        PacketKexDhGexGroup dhgexgrp = new PacketKexDhGexGroup(msg, 0, msglen);
        kxs.dhgx = new DhGroupExchange(dhgexgrp.getP(), dhgexgrp.getG());
        kxs.dhgx.init(rnd);
        PacketKexDhGexInit dhgexinit = new PacketKexDhGexInit(kxs.dhgx.getE());
        tm.sendKexMessage(dhgexinit.getPayload());
        kxs.state = 2;
        return;
      }

      if (kxs.state == 2)

        return;
      }

      if (kxs.state == 2)
      {
        PacketKexDhGexReply dhgexrpl = new PacketKexDhGexReply(msg, 0, msglen);

        kxs.hostkey = dhgexrpl.getHostKey();

        if (verifier != null)
        {
          boolean vres = false;

          try
          {
            vres = verifier.verifyServerHostKey(hostname, port, kxs.np.server_host_key_algo, kxs.hostkey);
          }
          catch (Exception e)
          {
            throw (IOException) new IOException(
                "The server hostkey was not accepted by the verifier callback.").initCause(e);
          }

          if (vres == false)
            throw new IOException("The server hostkey was not accepted by the verifier callback");
        }

        kxs.dhgx.setF(dhgexrpl.getF());

        try
        {
          kxs.H = kxs.dhgx.calculateH(csh.getClientString(), csh.getServerString(),
              kxs.localKEX.getPayload(), kxs.remoteKEX.getPayload(), dhgexrpl.getHostKey(),
              kxs.dhgexParameters);
        }
        catch (IllegalArgumentException e)
        {
          throw (IOException) new IOException("KEX error.").initCause(e);
        }

        boolean res = verifySignature(dhgexrpl.getSignature(), kxs.hostkey);

        if (res == false)
          throw new IOException("Hostkey signature sent by remote is wrong!");

        kxs.K = kxs.dhgx.getK();

          tm.sendKexMessage(dhgexreq.getPayload());

        }
        else
        {
          PacketKexDhGexRequest dhgexreq = new PacketKexDhGexRequest(kxs.dhgexParameters);
          tm.sendKexMessage(dhgexreq.getPayload());
        }
        kxs.state = 1;
        return;
      }

      if (kxs.np.kex_algo.equals("diffie-hellman-group-exchange-sha1"))
      {
        if (kxs.dhgexParameters.getMin_group_len() == 0)
        {
          PacketKexDhGexRequestOld dhgexreq = new PacketKexDhGexRequestOld(kxs.dhgexParameters);
          tm.sendKexMessage(dhgexreq.getPayload());

        }
        else
        {
          PacketKexDhGexRequest dhgexreq = new PacketKexDhGexRequest(kxs.dhgexParameters);
          tm.sendKexMessage(dhgexreq.getPayload());
        }
        kxs.state = 1;
        return;
      }

TOP

Related Classes of ch.ethz.ssh2.KnownHosts$KnownHostsEntry

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.