Mercurial > 510Connectbot
comparison src/ch/ethz/ssh2/Connection.java @ 344:b40bc65fa09a
compensate for SecureRandom bug on older devices
| author | Carl Byington <carl@five-ten-sg.com> |
|---|---|
| date | Thu, 31 Jul 2014 18:39:36 -0700 |
| parents | cd1d87edcbf6 |
| children | 145ec135804f |
comparison
equal
deleted
inserted
replaced
| 343:df13118e8e79 | 344:b40bc65fa09a |
|---|---|
| 11 import java.io.IOException; | 11 import java.io.IOException; |
| 12 import java.net.InetSocketAddress; | 12 import java.net.InetSocketAddress; |
| 13 import java.net.Socket; | 13 import java.net.Socket; |
| 14 import java.net.SocketTimeoutException; | 14 import java.net.SocketTimeoutException; |
| 15 import java.security.KeyPair; | 15 import java.security.KeyPair; |
| 16 import java.security.SecureRandom; | |
| 17 import java.util.ArrayList; | 16 import java.util.ArrayList; |
| 18 import java.util.List; | 17 import java.util.List; |
| 19 import java.util.Set; | 18 import java.util.Set; |
| 20 | 19 |
| 21 import ch.ethz.ssh2.auth.AgentProxy; | 20 import ch.ethz.ssh2.auth.AgentProxy; |
| 22 import ch.ethz.ssh2.auth.AuthenticationManager; | 21 import ch.ethz.ssh2.auth.AuthenticationManager; |
| 23 import ch.ethz.ssh2.channel.ChannelManager; | 22 import ch.ethz.ssh2.channel.ChannelManager; |
| 24 import ch.ethz.ssh2.compression.CompressionFactory; | 23 import ch.ethz.ssh2.compression.CompressionFactory; |
| 25 import ch.ethz.ssh2.crypto.CryptoWishList; | 24 import ch.ethz.ssh2.crypto.CryptoWishList; |
| 25 import ch.ethz.ssh2.crypto.SecureRandomFix; | |
| 26 import ch.ethz.ssh2.crypto.cipher.BlockCipherFactory; | 26 import ch.ethz.ssh2.crypto.cipher.BlockCipherFactory; |
| 27 import ch.ethz.ssh2.crypto.digest.MAC; | 27 import ch.ethz.ssh2.crypto.digest.MAC; |
| 28 import ch.ethz.ssh2.packets.PacketIgnore; | 28 import ch.ethz.ssh2.packets.PacketIgnore; |
| 29 import ch.ethz.ssh2.transport.ClientTransportManager; | 29 import ch.ethz.ssh2.transport.ClientTransportManager; |
| 30 import ch.ethz.ssh2.transport.HTTPProxyClientTransportManager; | 30 import ch.ethz.ssh2.transport.HTTPProxyClientTransportManager; |
| 31 import ch.ethz.ssh2.transport.KexManager; | 31 import ch.ethz.ssh2.transport.KexManager; |
| 32 import ch.ethz.ssh2.util.TimeoutService.TimeoutToken; | |
| 32 import ch.ethz.ssh2.util.TimeoutService; | 33 import ch.ethz.ssh2.util.TimeoutService; |
| 33 import ch.ethz.ssh2.util.TimeoutService.TimeoutToken; | |
| 34 | 34 |
| 35 /** | 35 /** |
| 36 * A <code>Connection</code> is used to establish an encrypted TCP/IP | 36 * A <code>Connection</code> is used to establish an encrypted TCP/IP |
| 37 * connection to a SSH-2 server. | 37 * connection to a SSH-2 server. |
| 38 * <p/> | 38 * <p/> |
| 62 | 62 |
| 63 /* Will be used to generate all random data needed for the current connection. | 63 /* Will be used to generate all random data needed for the current connection. |
| 64 * Note: SecureRandom.nextBytes() is thread safe. | 64 * Note: SecureRandom.nextBytes() is thread safe. |
| 65 */ | 65 */ |
| 66 | 66 |
| 67 private SecureRandom generator; | 67 private SecureRandomFix generator; |
| 68 | 68 |
| 69 /** | 69 /** |
| 70 * Unless you know what you are doing, you will never need this. | 70 * Unless you know what you are doing, you will never need this. |
| 71 * | 71 * |
| 72 * @return The list of supported cipher algorithms by this implementation. | 72 * @return The list of supported cipher algorithms by this implementation. |
| 1160 } | 1160 } |
| 1161 | 1161 |
| 1162 return false; | 1162 return false; |
| 1163 } | 1163 } |
| 1164 | 1164 |
| 1165 private SecureRandom getOrCreateSecureRND() { | 1165 private SecureRandomFix getOrCreateSecureRND() { |
| 1166 if (generator == null) { | 1166 if (generator == null) { |
| 1167 generator = new SecureRandom(); | 1167 generator = new SecureRandomFix(); |
| 1168 } | 1168 } |
| 1169 | 1169 |
| 1170 return generator; | 1170 return generator; |
| 1171 } | 1171 } |
| 1172 | 1172 |
| 1192 * | 1192 * |
| 1193 * @throws IOException | 1193 * @throws IOException |
| 1194 */ | 1194 */ |
| 1195 | 1195 |
| 1196 public synchronized void sendIgnorePacket() throws IOException { | 1196 public synchronized void sendIgnorePacket() throws IOException { |
| 1197 SecureRandom rnd = getOrCreateSecureRND(); | 1197 SecureRandomFix rnd = getOrCreateSecureRND(); |
| 1198 byte[] data = new byte[rnd.nextInt(16)]; | 1198 byte[] data = new byte[rnd.nextInt(16)]; |
| 1199 rnd.nextBytes(data); | 1199 rnd.nextBytes(data); |
| 1200 sendIgnorePacket(data); | 1200 sendIgnorePacket(data); |
| 1201 } | 1201 } |
| 1202 | 1202 |
| 1422 * x11 cookie generation and the like. | 1422 * x11 cookie generation and the like. |
| 1423 * | 1423 * |
| 1424 * @param rnd a SecureRandom instance | 1424 * @param rnd a SecureRandom instance |
| 1425 */ | 1425 */ |
| 1426 | 1426 |
| 1427 public synchronized void setSecureRandom(SecureRandom rnd) { | 1427 public synchronized void setSecureRandom(SecureRandomFix rnd) { |
| 1428 if (rnd == null) { | 1428 if (rnd == null) { |
| 1429 throw new IllegalArgumentException(); | 1429 throw new IllegalArgumentException(); |
| 1430 } | 1430 } |
| 1431 | 1431 |
| 1432 this.generator = rnd; | 1432 this.generator = rnd; |