protected int check2048(Class c, int _max) throws Exception { DH dh = (com.jcraft.jsch.DH) (c.newInstance()); dh.init(); byte[] foo = new byte[257]; foo[1] = (byte) 0xdd; foo[256] = 0x73; dh.setP(foo); byte[] bar = {(byte) 0x02}; dh.setG(bar); try { dh.getE(); _max = 2048; } catch (Exception e) { } return _max; }
public void init(Session session, byte[] V_S, byte[] V_C, byte[] I_S, byte[] I_C) throws Exception { this.session = session; this.V_S = V_S; this.V_C = V_C; this.I_S = I_S; this.I_C = I_C; try { Class c = Class.forName(session.getConfig(hash)); sha = (HASH) (c.newInstance()); sha.init(); } catch (Exception e) { System.err.println(e); } buf = new Buffer(); packet = new Packet(buf); try { Class c = Class.forName(session.getConfig("dh")); // Since JDK8, SunJCE has lifted the keysize restrictions // from 1024 to 2048 for DH. preferred = max = check2048(c, max); dh = (com.jcraft.jsch.DH) (c.newInstance()); dh.init(); } catch (Exception e) { throw e; } packet.reset(); buf.putByte((byte) SSH_MSG_KEX_DH_GEX_REQUEST); buf.putInt(min); buf.putInt(preferred); buf.putInt(max); session.write(packet); if (JSch.getLogger().isEnabled(Logger.INFO)) { JSch.getLogger() .log( Logger.INFO, "SSH_MSG_KEX_DH_GEX_REQUEST(" + min + "<" + preferred + "<" + max + ") sent"); JSch.getLogger().log(Logger.INFO, "expecting SSH_MSG_KEX_DH_GEX_GROUP"); } state = SSH_MSG_KEX_DH_GEX_GROUP; }
public void a( Session paramSession, byte[] paramArrayOfByte1, byte[] paramArrayOfByte2, byte[] paramArrayOfByte3, byte[] paramArrayOfByte4) { q = paramSession; e = paramArrayOfByte1; f = paramArrayOfByte2; g = paramArrayOfByte3; h = paramArrayOfByte4; try { r = ((HASH) Class.forName(paramSession.d("sha-1")).newInstance()); r.a(); x = new Buffer(); y = new Packet(x); } catch (Exception paramArrayOfByte1) { for (; ; ) { try { d = ((DH) Class.forName(paramSession.d("dh")).newInstance()); d.a(); y.a(); x.a((byte) 34); x.a(a); x.a(b); x.a(c); paramSession.b(y); if (JSch.d().a(1)) { JSch.d().a(1, "SSH_MSG_KEX_DH_GEX_REQUEST(" + a + "<" + b + "<" + c + ") sent"); JSch.d().a(1, "expecting SSH_MSG_KEX_DH_GEX_GROUP"); } w = 31; return; } catch (Exception paramSession) { throw paramSession; } paramArrayOfByte1 = paramArrayOfByte1; System.err.println(paramArrayOfByte1); } } }
public boolean next(Buffer _buf) throws Exception { int i, j; switch (state) { case SSH_MSG_KEX_DH_GEX_GROUP: // byte SSH_MSG_KEX_DH_GEX_GROUP(31) // mpint p, safe prime // mpint g, generator for subgroup in GF (p) _buf.getInt(); _buf.getByte(); j = _buf.getByte(); if (j != SSH_MSG_KEX_DH_GEX_GROUP) { System.err.println("type: must be SSH_MSG_KEX_DH_GEX_GROUP " + j); return false; } p = _buf.getMPInt(); g = _buf.getMPInt(); dh.setP(p); dh.setG(g); // The client responds with: // byte SSH_MSG_KEX_DH_GEX_INIT(32) // mpint e <- g^x mod p // x is a random number (1 < x < (p-1)/2) e = dh.getE(); packet.reset(); buf.putByte((byte) SSH_MSG_KEX_DH_GEX_INIT); buf.putMPInt(e); session.write(packet); if (JSch.getLogger().isEnabled(Logger.INFO)) { JSch.getLogger().log(Logger.INFO, "SSH_MSG_KEX_DH_GEX_INIT sent"); JSch.getLogger().log(Logger.INFO, "expecting SSH_MSG_KEX_DH_GEX_REPLY"); } state = SSH_MSG_KEX_DH_GEX_REPLY; return true; // break; case SSH_MSG_KEX_DH_GEX_REPLY: // The server responds with: // byte SSH_MSG_KEX_DH_GEX_REPLY(33) // string server public host key and certificates (K_S) // mpint f // string signature of H j = _buf.getInt(); j = _buf.getByte(); j = _buf.getByte(); if (j != SSH_MSG_KEX_DH_GEX_REPLY) { System.err.println("type: must be SSH_MSG_KEX_DH_GEX_REPLY " + j); return false; } K_S = _buf.getString(); byte[] f = _buf.getMPInt(); byte[] sig_of_H = _buf.getString(); dh.setF(f); dh.checkRange(); K = normalize(dh.getK()); // The hash H is computed as the HASH hash of the concatenation of the // following: // string V_C, the client's version string (CR and NL excluded) // string V_S, the server's version string (CR and NL excluded) // string I_C, the payload of the client's SSH_MSG_KEXINIT // string I_S, the payload of the server's SSH_MSG_KEXINIT // string K_S, the host key // uint32 min, minimal size in bits of an acceptable group // uint32 n, preferred size in bits of the group the server should send // uint32 max, maximal size in bits of an acceptable group // mpint p, safe prime // mpint g, generator for subgroup // mpint e, exchange value sent by the client // mpint f, exchange value sent by the server // mpint K, the shared secret // This value is called the exchange hash, and it is used to authenti- // cate the key exchange. buf.reset(); buf.putString(V_C); buf.putString(V_S); buf.putString(I_C); buf.putString(I_S); buf.putString(K_S); buf.putInt(min); buf.putInt(preferred); buf.putInt(max); buf.putMPInt(p); buf.putMPInt(g); buf.putMPInt(e); buf.putMPInt(f); buf.putMPInt(K); byte[] foo = new byte[buf.getLength()]; buf.getByte(foo); sha.update(foo, 0, foo.length); H = sha.digest(); // System.err.print("H -> "); dump(H, 0, H.length); i = 0; j = 0; j = ((K_S[i++] << 24) & 0xff000000) | ((K_S[i++] << 16) & 0x00ff0000) | ((K_S[i++] << 8) & 0x0000ff00) | ((K_S[i++]) & 0x000000ff); String alg = Util.byte2str(K_S, i, j); i += j; boolean result = verify(alg, K_S, i, sig_of_H); state = STATE_END; return result; } return false; }
public boolean a(Buffer paramBuffer) { switch (w) { case 32: default: return false; case 31: paramBuffer.d(); paramBuffer.g(); i = paramBuffer.g(); if (i != 31) { System.err.println("type: must be SSH_MSG_KEX_DH_GEX_GROUP " + i); return false; } z = paramBuffer.h(); A = paramBuffer.h(); d.a(z); d.b(A); B = d.b(); y.a(); x.a((byte) 32); x.c(B); q.b(y); if (JSch.d().a(1)) { JSch.d().a(1, "SSH_MSG_KEX_DH_GEX_INIT sent"); JSch.d().a(1, "expecting SSH_MSG_KEX_DH_GEX_REPLY"); } w = 33; return true; } paramBuffer.d(); paramBuffer.g(); int i = paramBuffer.g(); if (i != 33) { System.err.println("type: must be SSH_MSG_KEX_DH_GEX_REPLY " + i); return false; } u = paramBuffer.j(); byte[] arrayOfByte1 = paramBuffer.h(); byte[] arrayOfByte2 = paramBuffer.j(); d.c(arrayOfByte1); s = a(d.c()); x.k(); x.b(f); x.b(e); x.b(h); x.b(g); x.b(u); x.a(a); x.a(b); x.a(c); x.c(z); x.c(A); x.c(B); x.c(arrayOfByte1); x.c(s); paramBuffer = new byte[x.a()]; x.d(paramBuffer); r.a(paramBuffer, 0, paramBuffer.length); t = r.c(); i = u[0] << 24 & 0xFF000000 | u[1] << 16 & 0xFF0000 | u[2] << 8 & 0xFF00 | u[3] & 0xFF; paramBuffer = Util.c(u, 4, i); i += 4; int j; int m; int k; int n; byte[] arrayOfByte3; byte[] arrayOfByte4; if (paramBuffer.equals("ssh-rsa")) { v = 0; paramBuffer = u; j = i + 1; i = paramBuffer[i]; paramBuffer = u; m = j + 1; j = paramBuffer[j]; paramBuffer = u; k = m + 1; n = paramBuffer[m]; paramBuffer = u; m = k + 1; i = i << 24 & 0xFF000000 | j << 16 & 0xFF0000 | n << 8 & 0xFF00 | paramBuffer[k] & 0xFF; arrayOfByte3 = new byte[i]; System.arraycopy(u, m, arrayOfByte3, 0, i); i += m; paramBuffer = u; j = i + 1; i = paramBuffer[i]; paramBuffer = u; m = j + 1; j = paramBuffer[j]; paramBuffer = u; k = m + 1; n = paramBuffer[m]; paramBuffer = u; m = k + 1; i = i << 24 & 0xFF000000 | j << 16 & 0xFF0000 | n << 8 & 0xFF00 | paramBuffer[k] & 0xFF; arrayOfByte4 = new byte[i]; System.arraycopy(u, m, arrayOfByte4, 0, i); } for (; ; ) { try { paramBuffer = (SignatureRSA) Class.forName(q.d("signature.rsa")).newInstance(); System.err.println(localException1); } catch (Exception localException1) { try { paramBuffer.a(); paramBuffer.a(arrayOfByte3, arrayOfByte4); paramBuffer.a(t); bool2 = paramBuffer.b(arrayOfByte2); bool1 = bool2; if (JSch.d().a(1)) { JSch.d().a(1, "ssh_rsa_verify: signature " + bool2); bool1 = bool2; } w = 0; return bool1; } catch (Exception localException4) { boolean bool2; boolean bool1; for (; ; ) {} } localException1 = localException1; paramBuffer = null; } continue; if (paramBuffer.equals("ssh-dss")) { v = 1; paramBuffer = u; j = i + 1; i = paramBuffer[i]; paramBuffer = u; m = j + 1; j = paramBuffer[j]; paramBuffer = u; k = m + 1; n = paramBuffer[m]; paramBuffer = u; m = k + 1; i = i << 24 & 0xFF000000 | j << 16 & 0xFF0000 | n << 8 & 0xFF00 | paramBuffer[k] & 0xFF; paramBuffer = new byte[i]; System.arraycopy(u, m, paramBuffer, 0, i); i += m; z = paramBuffer; paramBuffer = u; j = i + 1; i = paramBuffer[i]; paramBuffer = u; m = j + 1; j = paramBuffer[j]; paramBuffer = u; k = m + 1; n = paramBuffer[m]; paramBuffer = u; m = k + 1; i = i << 24 & 0xFF000000 | j << 16 & 0xFF0000 | n << 8 & 0xFF00 | paramBuffer[k] & 0xFF; arrayOfByte3 = new byte[i]; System.arraycopy(u, m, arrayOfByte3, 0, i); i += m; paramBuffer = u; j = i + 1; i = paramBuffer[i]; paramBuffer = u; m = j + 1; j = paramBuffer[j]; paramBuffer = u; k = m + 1; n = paramBuffer[m]; paramBuffer = u; m = k + 1; i = i << 24 & 0xFF000000 | j << 16 & 0xFF0000 | n << 8 & 0xFF00 | paramBuffer[k] & 0xFF; paramBuffer = new byte[i]; System.arraycopy(u, m, paramBuffer, 0, i); i += m; A = paramBuffer; paramBuffer = u; j = i + 1; i = paramBuffer[i]; paramBuffer = u; m = j + 1; j = paramBuffer[j]; paramBuffer = u; k = m + 1; n = paramBuffer[m]; paramBuffer = u; m = k + 1; i = i << 24 & 0xFF000000 | j << 16 & 0xFF0000 | n << 8 & 0xFF00 | paramBuffer[k] & 0xFF; arrayOfByte4 = new byte[i]; System.arraycopy(u, m, arrayOfByte4, 0, i); for (; ; ) { try { paramBuffer = (SignatureDSA) Class.forName(q.d("signature.dss")).newInstance(); } catch (Exception localException2) { try { paramBuffer.a(); paramBuffer.a(arrayOfByte4, z, arrayOfByte3, A); paramBuffer.a(t); bool2 = paramBuffer.b(arrayOfByte2); bool1 = bool2; if (!JSch.d().a(1)) { break; } JSch.d().a(1, "ssh_dss_verify: signature " + bool2); bool1 = bool2; } catch (Exception localException3) { for (; ; ) {} } localException2 = localException2; paramBuffer = null; } System.err.println(localException2); } } System.err.println("unknown alg"); bool1 = false; } }