Mercurial > 510Connectbot
comparison src/ch/ethz/ssh2/crypto/dh/DhGroupExchange.java @ 273:91a31873c42a ganymed
start conversion from trilead to ganymed
| author | Carl Byington <carl@five-ten-sg.com> |
|---|---|
| date | Fri, 18 Jul 2014 11:21:46 -0700 |
| parents | |
| children | 071eccdff8ea |
comparison
equal
deleted
inserted
replaced
| 272:ce2f4e397703 | 273:91a31873c42a |
|---|---|
| 1 /* | |
| 2 * Copyright (c) 2006-2011 Christian Plattner. All rights reserved. | |
| 3 * Please refer to the LICENSE.txt for licensing details. | |
| 4 */ | |
| 5 package ch.ethz.ssh2.crypto.dh; | |
| 6 | |
| 7 import java.io.IOException; | |
| 8 import java.math.BigInteger; | |
| 9 import java.security.SecureRandom; | |
| 10 | |
| 11 import ch.ethz.ssh2.DHGexParameters; | |
| 12 import ch.ethz.ssh2.crypto.digest.HashForSSH2Types; | |
| 13 | |
| 14 /** | |
| 15 * DhGroupExchange. | |
| 16 * | |
| 17 * @author Christian Plattner | |
| 18 * @version 2.50, 03/15/10 | |
| 19 */ | |
| 20 public class DhGroupExchange { | |
| 21 /* Given by the standard */ | |
| 22 | |
| 23 private BigInteger p; | |
| 24 private BigInteger g; | |
| 25 | |
| 26 /* Client public and private */ | |
| 27 | |
| 28 private BigInteger e; | |
| 29 private BigInteger x; | |
| 30 | |
| 31 /* Server public */ | |
| 32 | |
| 33 private BigInteger f; | |
| 34 | |
| 35 /* Shared secret */ | |
| 36 | |
| 37 private BigInteger k; | |
| 38 | |
| 39 public DhGroupExchange(BigInteger p, BigInteger g) { | |
| 40 this.p = p; | |
| 41 this.g = g; | |
| 42 } | |
| 43 | |
| 44 public void init(SecureRandom rnd) { | |
| 45 k = null; | |
| 46 | |
| 47 x = new BigInteger(p.bitLength() - 1, rnd); | |
| 48 e = g.modPow(x, p); | |
| 49 } | |
| 50 | |
| 51 /** | |
| 52 * @return Returns the e. | |
| 53 */ | |
| 54 public BigInteger getE() { | |
| 55 if(e == null) { | |
| 56 throw new IllegalStateException("Not initialized!"); | |
| 57 } | |
| 58 | |
| 59 return e; | |
| 60 } | |
| 61 | |
| 62 /** | |
| 63 * @return Returns the shared secret k. | |
| 64 */ | |
| 65 public BigInteger getK() { | |
| 66 if(k == null) { | |
| 67 throw new IllegalStateException("Shared secret not yet known, need f first!"); | |
| 68 } | |
| 69 | |
| 70 return k; | |
| 71 } | |
| 72 | |
| 73 /** | |
| 74 * Sets f and calculates the shared secret. | |
| 75 */ | |
| 76 public void setF(BigInteger f) { | |
| 77 if(e == null) { | |
| 78 throw new IllegalStateException("Not initialized!"); | |
| 79 } | |
| 80 | |
| 81 BigInteger zero = BigInteger.valueOf(0); | |
| 82 | |
| 83 if(zero.compareTo(f) >= 0 || p.compareTo(f) <= 0) { | |
| 84 throw new IllegalArgumentException("Invalid f specified!"); | |
| 85 } | |
| 86 | |
| 87 this.f = f; | |
| 88 this.k = f.modPow(x, p); | |
| 89 } | |
| 90 | |
| 91 public byte[] calculateH(byte[] clientversion, byte[] serverversion, byte[] clientKexPayload, | |
| 92 byte[] serverKexPayload, byte[] hostKey, DHGexParameters para) throws IOException { | |
| 93 HashForSSH2Types hash = new HashForSSH2Types("SHA1"); | |
| 94 | |
| 95 hash.updateByteString(clientversion); | |
| 96 hash.updateByteString(serverversion); | |
| 97 hash.updateByteString(clientKexPayload); | |
| 98 hash.updateByteString(serverKexPayload); | |
| 99 hash.updateByteString(hostKey); | |
| 100 if(para.getMin_group_len() > 0) { | |
| 101 hash.updateUINT32(para.getMin_group_len()); | |
| 102 } | |
| 103 hash.updateUINT32(para.getPref_group_len()); | |
| 104 if(para.getMax_group_len() > 0) { | |
| 105 hash.updateUINT32(para.getMax_group_len()); | |
| 106 } | |
| 107 hash.updateBigInt(p); | |
| 108 hash.updateBigInt(g); | |
| 109 hash.updateBigInt(e); | |
| 110 hash.updateBigInt(f); | |
| 111 hash.updateBigInt(k); | |
| 112 | |
| 113 return hash.getDigest(); | |
| 114 } | |
| 115 } |