Mercurial > 510Connectbot
diff src/ch/ethz/ssh2/transport/KexManager.java @ 307:071eccdff8ea ganymed
fix java formatting
| author | Carl Byington <carl@five-ten-sg.com> |
|---|---|
| date | Wed, 30 Jul 2014 14:16:58 -0700 |
| parents | ca5dd224a87b |
| children | 90537ba71897 |
line wrap: on
line diff
--- a/src/ch/ethz/ssh2/transport/KexManager.java Wed Jul 30 12:09:51 2014 -0700 +++ b/src/ch/ethz/ssh2/transport/KexManager.java Wed Jul 30 14:16:58 2014 -0700 @@ -91,18 +91,20 @@ } public ConnectionInfo getOrWaitForConnectionInfo(int minKexCount) throws IOException { - synchronized(accessLock) { - while(true) { - if((lastConnInfo != null) && (lastConnInfo.keyExchangeCounter >= minKexCount)) { + synchronized (accessLock) { + while (true) { + if ((lastConnInfo != null) && (lastConnInfo.keyExchangeCounter >= minKexCount)) { return lastConnInfo; } - if(connectionClosed) { + + if (connectionClosed) { throw tm.getReasonClosedCause(); } + try { accessLock.wait(); } - catch(InterruptedException e) { + catch (InterruptedException e) { throw new InterruptedIOException(e.getMessage()); } } @@ -110,110 +112,105 @@ } private String getFirstMatch(String[] client, String[] server) throws NegotiateException { - if(client == null || server == null) { + if (client == null || server == null) { throw new IllegalArgumentException(); } - for(String c : client) { - for(String s : server) { - if(c.equals(s)) { + + for (String c : client) { + for (String s : server) { + if (c.equals(s)) { return c; } } } + throw new NegotiateException(String.format("Negotiation failed for %s", Arrays.toString(server))); } private boolean compareFirstOfNameList(String[] a, String[] b) { - if(a == null || b == null) { + if (a == null || b == null) { throw new IllegalArgumentException(); } - if((a.length == 0) && (b.length == 0)) { + + if ((a.length == 0) && (b.length == 0)) { return true; } - if((a.length == 0) || (b.length == 0)) { + + if ((a.length == 0) || (b.length == 0)) { return false; } + return (a[0].equals(b[0])); } private boolean isGuessOK(KexParameters cpar, KexParameters spar) { - if(cpar == null || spar == null) { + if (cpar == null || spar == null) { throw new IllegalArgumentException(); } - if(!compareFirstOfNameList(cpar.kex_algorithms, spar.kex_algorithms)) { - return false; - } - if(!compareFirstOfNameList(cpar.server_host_key_algorithms, spar.server_host_key_algorithms)) { + + if (!compareFirstOfNameList(cpar.kex_algorithms, spar.kex_algorithms)) { return false; } - /* + if (!compareFirstOfNameList(cpar.server_host_key_algorithms, spar.server_host_key_algorithms)) { + return false; + } + + /* * We do NOT check here if the other algorithms can be agreed on, this - * is just a check if kex_algorithms and server_host_key_algorithms were - * guessed right! - */ - + * is just a check if kex_algorithms and server_host_key_algorithms were + * guessed right! + */ return true; } protected NegotiatedParameters mergeKexParameters(KexParameters client, KexParameters server) - throws NegotiateException { + throws NegotiateException { NegotiatedParameters np = new NegotiatedParameters(); - np.kex_algo = getFirstMatch(client.kex_algorithms, server.kex_algorithms); - log.info("kex_algo=" + np.kex_algo); - np.server_host_key_algo = getFirstMatch(client.server_host_key_algorithms, - server.server_host_key_algorithms); - + server.server_host_key_algorithms); log.info("server_host_key_algo=" + np.server_host_key_algo); - np.enc_algo_client_to_server = getFirstMatch(client.encryption_algorithms_client_to_server, - server.encryption_algorithms_client_to_server); + server.encryption_algorithms_client_to_server); np.enc_algo_server_to_client = getFirstMatch(client.encryption_algorithms_server_to_client, - server.encryption_algorithms_server_to_client); - + server.encryption_algorithms_server_to_client); log.info("enc_algo_client_to_server=" + np.enc_algo_client_to_server); log.info("enc_algo_server_to_client=" + np.enc_algo_server_to_client); - np.mac_algo_client_to_server = getFirstMatch(client.mac_algorithms_client_to_server, - server.mac_algorithms_client_to_server); + server.mac_algorithms_client_to_server); np.mac_algo_server_to_client = getFirstMatch(client.mac_algorithms_server_to_client, - server.mac_algorithms_server_to_client); - + server.mac_algorithms_server_to_client); log.info("mac_algo_client_to_server=" + np.mac_algo_client_to_server); log.info("mac_algo_server_to_client=" + np.mac_algo_server_to_client); - np.comp_algo_client_to_server = getFirstMatch(client.compression_algorithms_client_to_server, - server.compression_algorithms_client_to_server); + server.compression_algorithms_client_to_server); np.comp_algo_server_to_client = getFirstMatch(client.compression_algorithms_server_to_client, - server.compression_algorithms_server_to_client); - + server.compression_algorithms_server_to_client); log.info("comp_algo_client_to_server=" + np.comp_algo_client_to_server); log.info("comp_algo_server_to_client=" + np.comp_algo_server_to_client); - np.lang_client_to_server = getFirstMatch(client.languages_client_to_server, - server.languages_client_to_server); + server.languages_client_to_server); + np.lang_server_to_client = getFirstMatch(client.languages_server_to_client, + server.languages_server_to_client); - np.lang_server_to_client = getFirstMatch(client.languages_server_to_client, - server.languages_server_to_client); - - if(isGuessOK(client, server)) { + if (isGuessOK(client, server)) { np.guessOK = true; } + return np; } public synchronized void initiateKEX(CryptoWishList cwl, DHGexParameters dhgex, KeyPair dsa, KeyPair rsa, KeyPair ec) - throws IOException { + throws IOException { nextKEXcryptoWishList = cwl; nextKEXdhgexParameters = dhgex; nextKEXdsakey = dsa; nextKEXrsakey = rsa; nextKEXeckey = ec; - if(kxs == null) { + if (kxs == null) { kxs = new KexState(); kxs.local_dsa_key = dsa; kxs.local_rsa_key = rsa; @@ -229,53 +226,49 @@ int mac_cs_key_len = MAC.getKeyLen(kxs.np.mac_algo_client_to_server); int enc_cs_key_len = BlockCipherFactory.getKeySize(kxs.np.enc_algo_client_to_server); int enc_cs_block_len = BlockCipherFactory.getBlockSize(kxs.np.enc_algo_client_to_server); - int mac_sc_key_len = MAC.getKeyLen(kxs.np.mac_algo_server_to_client); int enc_sc_key_len = BlockCipherFactory.getKeySize(kxs.np.enc_algo_server_to_client); int enc_sc_block_len = BlockCipherFactory.getBlockSize(kxs.np.enc_algo_server_to_client); - km = KeyMaterial.create("SHA1", kxs.H, kxs.K, sessionId, enc_cs_key_len, enc_cs_block_len, mac_cs_key_len, - enc_sc_key_len, enc_sc_block_len, mac_sc_key_len); + enc_sc_key_len, enc_sc_block_len, mac_sc_key_len); } - catch(IllegalArgumentException e) { + catch (IllegalArgumentException e) { return false; } + return true; } protected void finishKex(boolean clientMode) throws IOException { - if(sessionId == null) { + if (sessionId == null) { sessionId = kxs.H; } establishKeyMaterial(); - - /* Tell the other side that we start using the new material */ - + /* Tell the other side that we start using the new material */ PacketNewKeys ign = new PacketNewKeys(); tm.sendKexMessage(ign.getPayload()); - BlockCipher cbc; MAC mac; Compressor comp; try { cbc = BlockCipherFactory.createCipher(clientMode ? kxs.np.enc_algo_client_to_server - : kxs.np.enc_algo_server_to_client, true, clientMode ? km.enc_key_client_to_server - : km.enc_key_server_to_client, clientMode ? km.initial_iv_client_to_server - : km.initial_iv_server_to_client); + : kxs.np.enc_algo_server_to_client, true, clientMode ? km.enc_key_client_to_server + : km.enc_key_server_to_client, clientMode ? km.initial_iv_client_to_server + : km.initial_iv_server_to_client); try { mac = new MAC(clientMode ? kxs.np.mac_algo_client_to_server : kxs.np.mac_algo_server_to_client, clientMode - ? km.integrity_key_client_to_server : km.integrity_key_server_to_client); + ? km.integrity_key_client_to_server : km.integrity_key_server_to_client); } - catch(DigestException e) { + catch (DigestException e) { throw new IOException(e); } comp = CompressionFactory.createCompressor(kxs.np.comp_algo_client_to_server); } - catch(IllegalArgumentException f) { + catch (IllegalArgumentException f) { throw new IOException(String.format("Fatal error initializing ciphers. %s", f.getMessage())); }