protected int check2048(Class c, int _max) throws Exception {
DH dh = (com.jcraft.jsch.DH) (c.newInstance());
dh.init();
byte[] foo = new byte[257];
foo[1] = (byte) 0xdd;
foo[256] = 0x73;
dh.setP(foo);
byte[] bar = {(byte) 0x02};
dh.setG(bar);
try {
dh.getE();
_max = 2048;
} catch (Exception e) {
}
return _max;
}
public void init(Session session, byte[] V_S, byte[] V_C, byte[] I_S, byte[] I_C)
throws Exception {
this.session = session;
this.V_S = V_S;
this.V_C = V_C;
this.I_S = I_S;
this.I_C = I_C;
try {
Class c = Class.forName(session.getConfig(hash));
sha = (HASH) (c.newInstance());
sha.init();
} catch (Exception e) {
System.err.println(e);
}
buf = new Buffer();
packet = new Packet(buf);
try {
Class c = Class.forName(session.getConfig("dh"));
// Since JDK8, SunJCE has lifted the keysize restrictions
// from 1024 to 2048 for DH.
preferred = max = check2048(c, max);
dh = (com.jcraft.jsch.DH) (c.newInstance());
dh.init();
} catch (Exception e) {
throw e;
}
packet.reset();
buf.putByte((byte) SSH_MSG_KEX_DH_GEX_REQUEST);
buf.putInt(min);
buf.putInt(preferred);
buf.putInt(max);
session.write(packet);
if (JSch.getLogger().isEnabled(Logger.INFO)) {
JSch.getLogger()
.log(
Logger.INFO,
"SSH_MSG_KEX_DH_GEX_REQUEST(" + min + "<" + preferred + "<" + max + ") sent");
JSch.getLogger().log(Logger.INFO, "expecting SSH_MSG_KEX_DH_GEX_GROUP");
}
state = SSH_MSG_KEX_DH_GEX_GROUP;
}
public void a(
Session paramSession,
byte[] paramArrayOfByte1,
byte[] paramArrayOfByte2,
byte[] paramArrayOfByte3,
byte[] paramArrayOfByte4) {
q = paramSession;
e = paramArrayOfByte1;
f = paramArrayOfByte2;
g = paramArrayOfByte3;
h = paramArrayOfByte4;
try {
r = ((HASH) Class.forName(paramSession.d("sha-1")).newInstance());
r.a();
x = new Buffer();
y = new Packet(x);
} catch (Exception paramArrayOfByte1) {
for (; ; ) {
try {
d = ((DH) Class.forName(paramSession.d("dh")).newInstance());
d.a();
y.a();
x.a((byte) 34);
x.a(a);
x.a(b);
x.a(c);
paramSession.b(y);
if (JSch.d().a(1)) {
JSch.d().a(1, "SSH_MSG_KEX_DH_GEX_REQUEST(" + a + "<" + b + "<" + c + ") sent");
JSch.d().a(1, "expecting SSH_MSG_KEX_DH_GEX_GROUP");
}
w = 31;
return;
} catch (Exception paramSession) {
throw paramSession;
}
paramArrayOfByte1 = paramArrayOfByte1;
System.err.println(paramArrayOfByte1);
}
}
}
public boolean next(Buffer _buf) throws Exception {
int i, j;
switch (state) {
case SSH_MSG_KEX_DH_GEX_GROUP:
// byte SSH_MSG_KEX_DH_GEX_GROUP(31)
// mpint p, safe prime
// mpint g, generator for subgroup in GF (p)
_buf.getInt();
_buf.getByte();
j = _buf.getByte();
if (j != SSH_MSG_KEX_DH_GEX_GROUP) {
System.err.println("type: must be SSH_MSG_KEX_DH_GEX_GROUP " + j);
return false;
}
p = _buf.getMPInt();
g = _buf.getMPInt();
dh.setP(p);
dh.setG(g);
// The client responds with:
// byte SSH_MSG_KEX_DH_GEX_INIT(32)
// mpint e <- g^x mod p
// x is a random number (1 < x < (p-1)/2)
e = dh.getE();
packet.reset();
buf.putByte((byte) SSH_MSG_KEX_DH_GEX_INIT);
buf.putMPInt(e);
session.write(packet);
if (JSch.getLogger().isEnabled(Logger.INFO)) {
JSch.getLogger().log(Logger.INFO, "SSH_MSG_KEX_DH_GEX_INIT sent");
JSch.getLogger().log(Logger.INFO, "expecting SSH_MSG_KEX_DH_GEX_REPLY");
}
state = SSH_MSG_KEX_DH_GEX_REPLY;
return true;
// break;
case SSH_MSG_KEX_DH_GEX_REPLY:
// The server responds with:
// byte SSH_MSG_KEX_DH_GEX_REPLY(33)
// string server public host key and certificates (K_S)
// mpint f
// string signature of H
j = _buf.getInt();
j = _buf.getByte();
j = _buf.getByte();
if (j != SSH_MSG_KEX_DH_GEX_REPLY) {
System.err.println("type: must be SSH_MSG_KEX_DH_GEX_REPLY " + j);
return false;
}
K_S = _buf.getString();
byte[] f = _buf.getMPInt();
byte[] sig_of_H = _buf.getString();
dh.setF(f);
dh.checkRange();
K = normalize(dh.getK());
// The hash H is computed as the HASH hash of the concatenation of the
// following:
// string V_C, the client's version string (CR and NL excluded)
// string V_S, the server's version string (CR and NL excluded)
// string I_C, the payload of the client's SSH_MSG_KEXINIT
// string I_S, the payload of the server's SSH_MSG_KEXINIT
// string K_S, the host key
// uint32 min, minimal size in bits of an acceptable group
// uint32 n, preferred size in bits of the group the server should send
// uint32 max, maximal size in bits of an acceptable group
// mpint p, safe prime
// mpint g, generator for subgroup
// mpint e, exchange value sent by the client
// mpint f, exchange value sent by the server
// mpint K, the shared secret
// This value is called the exchange hash, and it is used to authenti-
// cate the key exchange.
buf.reset();
buf.putString(V_C);
buf.putString(V_S);
buf.putString(I_C);
buf.putString(I_S);
buf.putString(K_S);
buf.putInt(min);
buf.putInt(preferred);
buf.putInt(max);
buf.putMPInt(p);
buf.putMPInt(g);
buf.putMPInt(e);
buf.putMPInt(f);
buf.putMPInt(K);
byte[] foo = new byte[buf.getLength()];
buf.getByte(foo);
sha.update(foo, 0, foo.length);
H = sha.digest();
// System.err.print("H -> "); dump(H, 0, H.length);
i = 0;
j = 0;
j =
((K_S[i++] << 24) & 0xff000000)
| ((K_S[i++] << 16) & 0x00ff0000)
| ((K_S[i++] << 8) & 0x0000ff00)
| ((K_S[i++]) & 0x000000ff);
String alg = Util.byte2str(K_S, i, j);
i += j;
boolean result = verify(alg, K_S, i, sig_of_H);
state = STATE_END;
return result;
}
return false;
}
public boolean a(Buffer paramBuffer) {
switch (w) {
case 32:
default:
return false;
case 31:
paramBuffer.d();
paramBuffer.g();
i = paramBuffer.g();
if (i != 31) {
System.err.println("type: must be SSH_MSG_KEX_DH_GEX_GROUP " + i);
return false;
}
z = paramBuffer.h();
A = paramBuffer.h();
d.a(z);
d.b(A);
B = d.b();
y.a();
x.a((byte) 32);
x.c(B);
q.b(y);
if (JSch.d().a(1)) {
JSch.d().a(1, "SSH_MSG_KEX_DH_GEX_INIT sent");
JSch.d().a(1, "expecting SSH_MSG_KEX_DH_GEX_REPLY");
}
w = 33;
return true;
}
paramBuffer.d();
paramBuffer.g();
int i = paramBuffer.g();
if (i != 33) {
System.err.println("type: must be SSH_MSG_KEX_DH_GEX_REPLY " + i);
return false;
}
u = paramBuffer.j();
byte[] arrayOfByte1 = paramBuffer.h();
byte[] arrayOfByte2 = paramBuffer.j();
d.c(arrayOfByte1);
s = a(d.c());
x.k();
x.b(f);
x.b(e);
x.b(h);
x.b(g);
x.b(u);
x.a(a);
x.a(b);
x.a(c);
x.c(z);
x.c(A);
x.c(B);
x.c(arrayOfByte1);
x.c(s);
paramBuffer = new byte[x.a()];
x.d(paramBuffer);
r.a(paramBuffer, 0, paramBuffer.length);
t = r.c();
i = u[0] << 24 & 0xFF000000 | u[1] << 16 & 0xFF0000 | u[2] << 8 & 0xFF00 | u[3] & 0xFF;
paramBuffer = Util.c(u, 4, i);
i += 4;
int j;
int m;
int k;
int n;
byte[] arrayOfByte3;
byte[] arrayOfByte4;
if (paramBuffer.equals("ssh-rsa")) {
v = 0;
paramBuffer = u;
j = i + 1;
i = paramBuffer[i];
paramBuffer = u;
m = j + 1;
j = paramBuffer[j];
paramBuffer = u;
k = m + 1;
n = paramBuffer[m];
paramBuffer = u;
m = k + 1;
i = i << 24 & 0xFF000000 | j << 16 & 0xFF0000 | n << 8 & 0xFF00 | paramBuffer[k] & 0xFF;
arrayOfByte3 = new byte[i];
System.arraycopy(u, m, arrayOfByte3, 0, i);
i += m;
paramBuffer = u;
j = i + 1;
i = paramBuffer[i];
paramBuffer = u;
m = j + 1;
j = paramBuffer[j];
paramBuffer = u;
k = m + 1;
n = paramBuffer[m];
paramBuffer = u;
m = k + 1;
i = i << 24 & 0xFF000000 | j << 16 & 0xFF0000 | n << 8 & 0xFF00 | paramBuffer[k] & 0xFF;
arrayOfByte4 = new byte[i];
System.arraycopy(u, m, arrayOfByte4, 0, i);
}
for (; ; ) {
try {
paramBuffer = (SignatureRSA) Class.forName(q.d("signature.rsa")).newInstance();
System.err.println(localException1);
} catch (Exception localException1) {
try {
paramBuffer.a();
paramBuffer.a(arrayOfByte3, arrayOfByte4);
paramBuffer.a(t);
bool2 = paramBuffer.b(arrayOfByte2);
bool1 = bool2;
if (JSch.d().a(1)) {
JSch.d().a(1, "ssh_rsa_verify: signature " + bool2);
bool1 = bool2;
}
w = 0;
return bool1;
} catch (Exception localException4) {
boolean bool2;
boolean bool1;
for (; ; ) {}
}
localException1 = localException1;
paramBuffer = null;
}
continue;
if (paramBuffer.equals("ssh-dss")) {
v = 1;
paramBuffer = u;
j = i + 1;
i = paramBuffer[i];
paramBuffer = u;
m = j + 1;
j = paramBuffer[j];
paramBuffer = u;
k = m + 1;
n = paramBuffer[m];
paramBuffer = u;
m = k + 1;
i = i << 24 & 0xFF000000 | j << 16 & 0xFF0000 | n << 8 & 0xFF00 | paramBuffer[k] & 0xFF;
paramBuffer = new byte[i];
System.arraycopy(u, m, paramBuffer, 0, i);
i += m;
z = paramBuffer;
paramBuffer = u;
j = i + 1;
i = paramBuffer[i];
paramBuffer = u;
m = j + 1;
j = paramBuffer[j];
paramBuffer = u;
k = m + 1;
n = paramBuffer[m];
paramBuffer = u;
m = k + 1;
i = i << 24 & 0xFF000000 | j << 16 & 0xFF0000 | n << 8 & 0xFF00 | paramBuffer[k] & 0xFF;
arrayOfByte3 = new byte[i];
System.arraycopy(u, m, arrayOfByte3, 0, i);
i += m;
paramBuffer = u;
j = i + 1;
i = paramBuffer[i];
paramBuffer = u;
m = j + 1;
j = paramBuffer[j];
paramBuffer = u;
k = m + 1;
n = paramBuffer[m];
paramBuffer = u;
m = k + 1;
i = i << 24 & 0xFF000000 | j << 16 & 0xFF0000 | n << 8 & 0xFF00 | paramBuffer[k] & 0xFF;
paramBuffer = new byte[i];
System.arraycopy(u, m, paramBuffer, 0, i);
i += m;
A = paramBuffer;
paramBuffer = u;
j = i + 1;
i = paramBuffer[i];
paramBuffer = u;
m = j + 1;
j = paramBuffer[j];
paramBuffer = u;
k = m + 1;
n = paramBuffer[m];
paramBuffer = u;
m = k + 1;
i = i << 24 & 0xFF000000 | j << 16 & 0xFF0000 | n << 8 & 0xFF00 | paramBuffer[k] & 0xFF;
arrayOfByte4 = new byte[i];
System.arraycopy(u, m, arrayOfByte4, 0, i);
for (; ; ) {
try {
paramBuffer = (SignatureDSA) Class.forName(q.d("signature.dss")).newInstance();
} catch (Exception localException2) {
try {
paramBuffer.a();
paramBuffer.a(arrayOfByte4, z, arrayOfByte3, A);
paramBuffer.a(t);
bool2 = paramBuffer.b(arrayOfByte2);
bool1 = bool2;
if (!JSch.d().a(1)) {
break;
}
JSch.d().a(1, "ssh_dss_verify: signature " + bool2);
bool1 = bool2;
} catch (Exception localException3) {
for (; ; ) {}
}
localException2 = localException2;
paramBuffer = null;
}
System.err.println(localException2);
}
}
System.err.println("unknown alg");
bool1 = false;
}
}
