Mercurial > 510Connectbot
comparison src/com/trilead/ssh2/crypto/KeyMaterial.java @ 0:0ce5cc452d02
initial version
| author | Carl Byington <carl@five-ten-sg.com> |
|---|---|
| date | Thu, 22 May 2014 10:41:19 -0700 |
| parents | |
| children |
comparison
equal
deleted
inserted
replaced
| -1:000000000000 | 0:0ce5cc452d02 |
|---|---|
| 1 | |
| 2 package com.trilead.ssh2.crypto; | |
| 3 | |
| 4 | |
| 5 import java.math.BigInteger; | |
| 6 | |
| 7 import com.trilead.ssh2.crypto.digest.HashForSSH2Types; | |
| 8 | |
| 9 /** | |
| 10 * Establishes key material for iv/key/mac (both directions). | |
| 11 * | |
| 12 * @author Christian Plattner, plattner@trilead.com | |
| 13 * @version $Id: KeyMaterial.java,v 1.1 2007/10/15 12:49:56 cplattne Exp $ | |
| 14 */ | |
| 15 public class KeyMaterial { | |
| 16 public byte[] initial_iv_client_to_server; | |
| 17 public byte[] initial_iv_server_to_client; | |
| 18 public byte[] enc_key_client_to_server; | |
| 19 public byte[] enc_key_server_to_client; | |
| 20 public byte[] integrity_key_client_to_server; | |
| 21 public byte[] integrity_key_server_to_client; | |
| 22 | |
| 23 private static byte[] calculateKey(HashForSSH2Types sh, BigInteger K, byte[] H, byte type, byte[] SessionID, | |
| 24 int keyLength) { | |
| 25 byte[] res = new byte[keyLength]; | |
| 26 int dglen = sh.getDigestLength(); | |
| 27 int numRounds = (keyLength + dglen - 1) / dglen; | |
| 28 byte[][] tmp = new byte[numRounds][]; | |
| 29 sh.reset(); | |
| 30 sh.updateBigInt(K); | |
| 31 sh.updateBytes(H); | |
| 32 sh.updateByte(type); | |
| 33 sh.updateBytes(SessionID); | |
| 34 tmp[0] = sh.getDigest(); | |
| 35 int off = 0; | |
| 36 int produced = Math.min(dglen, keyLength); | |
| 37 System.arraycopy(tmp[0], 0, res, off, produced); | |
| 38 keyLength -= produced; | |
| 39 off += produced; | |
| 40 | |
| 41 for (int i = 1; i < numRounds; i++) { | |
| 42 sh.updateBigInt(K); | |
| 43 sh.updateBytes(H); | |
| 44 | |
| 45 for (int j = 0; j < i; j++) | |
| 46 sh.updateBytes(tmp[j]); | |
| 47 | |
| 48 tmp[i] = sh.getDigest(); | |
| 49 produced = Math.min(dglen, keyLength); | |
| 50 System.arraycopy(tmp[i], 0, res, off, produced); | |
| 51 keyLength -= produced; | |
| 52 off += produced; | |
| 53 } | |
| 54 | |
| 55 return res; | |
| 56 } | |
| 57 | |
| 58 public static KeyMaterial create(String hashAlgo, byte[] H, BigInteger K, byte[] SessionID, int keyLengthCS, | |
| 59 int blockSizeCS, int macLengthCS, int keyLengthSC, int blockSizeSC, int macLengthSC) | |
| 60 throws IllegalArgumentException { | |
| 61 KeyMaterial km = new KeyMaterial(); | |
| 62 HashForSSH2Types sh = new HashForSSH2Types(hashAlgo); | |
| 63 km.initial_iv_client_to_server = calculateKey(sh, K, H, (byte) 'A', SessionID, blockSizeCS); | |
| 64 km.initial_iv_server_to_client = calculateKey(sh, K, H, (byte) 'B', SessionID, blockSizeSC); | |
| 65 km.enc_key_client_to_server = calculateKey(sh, K, H, (byte) 'C', SessionID, keyLengthCS); | |
| 66 km.enc_key_server_to_client = calculateKey(sh, K, H, (byte) 'D', SessionID, keyLengthSC); | |
| 67 km.integrity_key_client_to_server = calculateKey(sh, K, H, (byte) 'E', SessionID, macLengthCS); | |
| 68 km.integrity_key_server_to_client = calculateKey(sh, K, H, (byte) 'F', SessionID, macLengthSC); | |
| 69 return km; | |
| 70 } | |
| 71 } |