factory = new PacketFactory(in, out);
}
private void exchangeKey() throws SSHException
{
KexInitMessage clientKex = new KexInitMessage();
byte[] cookie = new byte[16];
rnd.nextBytes(cookie);
clientKex.setCookie(cookie);
clientKex.setKexAlgorithms(listNames(algos.getKexAlgorithms()));
clientKex.setEncryptionAlgorithmsClientToServer(listNames(algos.getEncryptionAlgorithms()));
clientKex.setEncryptionAlgorithmsServerToClient(listNames(algos.getEncryptionAlgorithms()));
clientKex.setMacAlgorithmsClientToServer(listNames(algos.getMacAlgorithms()));
clientKex.setMacAlgorithmsServerToClient(listNames(algos.getMacAlgorithms()));
clientKex.setCompressionAlgorithmsClientToServer(new String[] {"none"});
clientKex.setCompressionAlgorithmsServerToClient(new String[] {"none"});
clientKex.setLanguagesClientToServer(new String[0]);
clientKex.setLanguagesServerToClient(new String[0]);
clientKex.setServerHostKeyAlgorithms(listNames(algos.getServerHostKeyAlgorithms()));
clientKex.setFirstKexPacketFollows(false);
writeMessage(clientKex);
KexInitMessage serverKex = (KexInitMessage)readMessage();
ic = clientKex.getEncoding();
is = serverKex.getEncoding();
kexAlgo = selectAlgorithm(serverKex.getKexAlgorithms(),
clientKex.getKexAlgorithms(), true);
if (kexAlgo == null) {
throw new SSHException("Unsupported key exchange algorithm.");
}
hostKeyAlgo = selectAlgorithm(
serverKex.getServerHostKeyAlgorithms(),
clientKex.getServerHostKeyAlgorithms(), true);
if (hostKeyAlgo == null) {
throw new SSHException("Unsupported host key algorithm.");
}
encryptionCS = selectAlgorithm(
serverKex.getEncryptionAlgorithmsClientToServer(),
clientKex.getEncryptionAlgorithmsClientToServer(),
false);
encryptionSC = selectAlgorithm(
serverKex.getEncryptionAlgorithmsServerToClient(),
clientKex.getEncryptionAlgorithmsServerToClient(),
false);
integrityCS = selectAlgorithm(
serverKex.getMacAlgorithmsClientToServer(),
clientKex.getMacAlgorithmsClientToServer(),
false);
integritySC = selectAlgorithm(
serverKex.getMacAlgorithmsServerToClient(),
clientKex.getMacAlgorithmsServerToClient(),
false);
GlieseLogger.LOGGER.info(String.format(
"Negotiated algorithms: %s %s", kexAlgo, hostKeyAlgo));
GlieseLogger.LOGGER.info(String.format(
"Negotiated algorithms client->server: %s %s %s",
encryptionCS, integrityCS, "none"));
GlieseLogger.LOGGER.info(String.format(
"Negotiated algorithms server->client: %s %s %s",
encryptionSC, integritySC, "none"));
if (serverKex.isFirstKexPacketFollows() && !guess) {
/* when guess is wrong ignore the next packet */
readMessage();
}
KeyExchangeAlgorithm dh = getAlgorithm(