Mercurial > 510Connectbot
comparison src/ch/ethz/ssh2/crypto/dh/DhGroupExchange.java @ 342:175c7d68f3c4
merge ganymed into mainline
| author | Carl Byington <carl@five-ten-sg.com> |
|---|---|
| date | Thu, 31 Jul 2014 16:33:38 -0700 |
| parents | 1d400fd78e4a |
| children |
comparison
equal
deleted
inserted
replaced
| 272:ce2f4e397703 | 342:175c7d68f3c4 |
|---|---|
| 1 | |
| 2 package ch.ethz.ssh2.crypto.dh; | |
| 3 | |
| 4 import java.math.BigInteger; | |
| 5 import java.security.SecureRandom; | |
| 6 import java.io.IOException; | |
| 7 | |
| 8 import ch.ethz.ssh2.DHGexParameters; | |
| 9 import ch.ethz.ssh2.crypto.digest.HashForSSH2Types; | |
| 10 | |
| 11 | |
| 12 /** | |
| 13 * DhGroupExchange. | |
| 14 * | |
| 15 * @author Christian Plattner, plattner@trilead.com | |
| 16 * @version $Id: DhGroupExchange.java,v 1.1 2007/10/15 12:49:57 cplattne Exp $ | |
| 17 */ | |
| 18 public class DhGroupExchange { | |
| 19 /* Given by the standard */ | |
| 20 | |
| 21 private BigInteger p; | |
| 22 private BigInteger g; | |
| 23 | |
| 24 /* Client public and private */ | |
| 25 | |
| 26 private BigInteger e; | |
| 27 private BigInteger x; | |
| 28 | |
| 29 /* Server public */ | |
| 30 | |
| 31 private BigInteger f; | |
| 32 | |
| 33 /* Shared secret */ | |
| 34 | |
| 35 private BigInteger k; | |
| 36 | |
| 37 public DhGroupExchange(BigInteger p, BigInteger g) { | |
| 38 this.p = p; | |
| 39 this.g = g; | |
| 40 } | |
| 41 | |
| 42 public void init(SecureRandom rnd) { | |
| 43 k = null; | |
| 44 x = new BigInteger(p.bitLength() - 1, rnd); | |
| 45 e = g.modPow(x, p); | |
| 46 } | |
| 47 | |
| 48 /** | |
| 49 * @return Returns the e. | |
| 50 */ | |
| 51 public BigInteger getE() { | |
| 52 if (e == null) | |
| 53 throw new IllegalStateException("Not initialized!"); | |
| 54 | |
| 55 return e; | |
| 56 } | |
| 57 | |
| 58 /** | |
| 59 * @return Returns the shared secret k. | |
| 60 */ | |
| 61 public BigInteger getK() { | |
| 62 if (k == null) | |
| 63 throw new IllegalStateException("Shared secret not yet known, need f first!"); | |
| 64 | |
| 65 return k; | |
| 66 } | |
| 67 | |
| 68 /** | |
| 69 * Sets f and calculates the shared secret. | |
| 70 */ | |
| 71 public void setF(BigInteger f) { | |
| 72 if (e == null) | |
| 73 throw new IllegalStateException("Not initialized!"); | |
| 74 | |
| 75 BigInteger zero = BigInteger.valueOf(0); | |
| 76 | |
| 77 if (zero.compareTo(f) >= 0 || p.compareTo(f) <= 0) | |
| 78 throw new IllegalArgumentException("Invalid f specified!"); | |
| 79 | |
| 80 this.f = f; | |
| 81 this.k = f.modPow(x, p); | |
| 82 } | |
| 83 | |
| 84 public byte[] calculateH(String hashAlgo, byte[] clientversion, byte[] serverversion, | |
| 85 byte[] clientKexPayload, byte[] serverKexPayload, byte[] hostKey, DHGexParameters para) throws IOException { | |
| 86 HashForSSH2Types hash = new HashForSSH2Types(hashAlgo); | |
| 87 hash.updateByteString(clientversion); | |
| 88 hash.updateByteString(serverversion); | |
| 89 hash.updateByteString(clientKexPayload); | |
| 90 hash.updateByteString(serverKexPayload); | |
| 91 hash.updateByteString(hostKey); | |
| 92 | |
| 93 if (para.getMin_group_len() > 0) | |
| 94 hash.updateUINT32(para.getMin_group_len()); | |
| 95 | |
| 96 hash.updateUINT32(para.getPref_group_len()); | |
| 97 | |
| 98 if (para.getMax_group_len() > 0) | |
| 99 hash.updateUINT32(para.getMax_group_len()); | |
| 100 | |
| 101 hash.updateBigInt(p); | |
| 102 hash.updateBigInt(g); | |
| 103 hash.updateBigInt(e); | |
| 104 hash.updateBigInt(f); | |
| 105 hash.updateBigInt(k); | |
| 106 return hash.getDigest(); | |
| 107 } | |
| 108 } |