diff app/src/main/java/ch/ethz/ssh2/transport/ServerKexManager.java @ 438:d29cce60f393

migrate from Eclipse to Android Studio
author Carl Byington <carl@five-ten-sg.com>
date Thu, 03 Dec 2015 11:23:55 -0800
parents src/ch/ethz/ssh2/transport/ServerKexManager.java@6740870cf268
children
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/app/src/main/java/ch/ethz/ssh2/transport/ServerKexManager.java	Thu Dec 03 11:23:55 2015 -0800
@@ -0,0 +1,230 @@
+/*
+ * Copyright (c) 2006-2013 Christian Plattner. All rights reserved.
+ * Please refer to the LICENSE.txt for licensing details.
+ */
+package ch.ethz.ssh2.transport;
+
+import java.io.IOException;
+import java.security.DigestException;
+import java.security.interfaces.DSAPrivateKey;
+import java.security.interfaces.DSAPublicKey;
+import java.security.interfaces.ECPrivateKey;
+import java.security.interfaces.ECPublicKey;
+import java.security.interfaces.RSAPrivateKey;
+import java.security.interfaces.RSAPublicKey;
+import java.math.BigInteger;
+
+import ch.ethz.ssh2.ConnectionInfo;
+import ch.ethz.ssh2.PacketTypeException;
+import ch.ethz.ssh2.auth.ServerAuthenticationManager;
+import ch.ethz.ssh2.crypto.cipher.BlockCipher;
+import ch.ethz.ssh2.crypto.cipher.BlockCipherFactory;
+import ch.ethz.ssh2.crypto.dh.GenericDhExchange;
+import ch.ethz.ssh2.crypto.digest.MAC;
+import ch.ethz.ssh2.packets.PacketKexDHInit;
+import ch.ethz.ssh2.packets.PacketKexDHReply;
+import ch.ethz.ssh2.packets.PacketKexInit;
+import ch.ethz.ssh2.packets.Packets;
+import ch.ethz.ssh2.server.ServerConnectionState;
+import ch.ethz.ssh2.signature.DSASHA1Verify;
+import ch.ethz.ssh2.signature.ECDSASHA2Verify;
+import ch.ethz.ssh2.signature.RSASHA1Verify;
+
+/**
+ * @version $Id: ServerKexManager.java 160 2014-05-01 14:30:26Z dkocher@sudo.ch $
+ */
+public class ServerKexManager extends KexManager {
+
+    private final ServerConnectionState state;
+
+    private boolean authenticationStarted = false;
+
+    public ServerKexManager(ServerConnectionState state) {
+        super(state.tm, state.csh, state.next_cryptoWishList, state.generator);
+        this.state = state;
+    }
+
+    public void handleFailure(final IOException failure) {
+        synchronized (accessLock) {
+            connectionClosed = true;
+            accessLock.notifyAll();
+        }
+    }
+
+    public void handleMessage(byte[] msg) throws IOException {
+        PacketKexInit kip;
+
+        if (msg == null) {
+            synchronized (accessLock) {
+                connectionClosed = true;
+                accessLock.notifyAll();
+                return;
+            }
+        }
+
+        if ((kxs == null) && (msg[0] != Packets.SSH_MSG_KEXINIT)) {
+            throw new PacketTypeException(msg[0]);
+        }
+
+        if (ignore_next_kex_packet) {
+            ignore_next_kex_packet = false;
+            return;
+        }
+
+        if (msg[0] == Packets.SSH_MSG_KEXINIT) {
+            if ((kxs != null) && (kxs.state != 0)) {
+                throw new PacketTypeException(msg[0]);
+            }
+
+            if (kxs == null) {
+                /*
+                 * Ah, OK, peer wants to do KEX. Let's be nice and play
+                 * together.
+                 */
+                kxs = new KexState();
+                kxs.local_dsa_key = nextKEXdsakey;
+                kxs.local_rsa_key = nextKEXrsakey;
+                kxs.local_ec_key  = nextKEXeckey;
+                kxs.dhgexParameters = nextKEXdhgexParameters;
+                kip = new PacketKexInit(nextKEXcryptoWishList, rnd);
+                kxs.localKEX = kip;
+                tm.sendKexMessage(kip.getPayload());
+            }
+
+            kip = new PacketKexInit(msg);
+            kxs.remoteKEX = kip;
+            kxs.np = mergeKexParameters(kxs.remoteKEX.getKexParameters(), kxs.localKEX.getKexParameters());
+
+            if (kxs.remoteKEX.isFirst_kex_packet_follows() && (kxs.np.guessOK == false)) {
+                // Guess was wrong, we need to ignore the next kex packet.
+                ignore_next_kex_packet = true;
+            }
+
+            if (kxs.np.kex_algo.equals("diffie-hellman-group1-sha1")  ||
+                    kxs.np.kex_algo.equals("diffie-hellman-group14-sha1") ||
+                    kxs.np.kex_algo.equals("ecdh-sha2-nistp256")          ||
+                    kxs.np.kex_algo.equals("ecdh-sha2-nistp384")          ||
+                    kxs.np.kex_algo.equals("ecdh-sha2-nistp521")) {
+                kxs.dhx = GenericDhExchange.getInstance(kxs.np.kex_algo);
+                kxs.dhx.init(kxs.np.kex_algo);
+                kxs.state = 1;
+                return;
+            }
+
+            throw new IllegalStateException("Unkown KEX method!");
+        }
+
+        if (msg[0] == Packets.SSH_MSG_NEWKEYS) {
+            if (km == null) {
+                throw new IOException("Peer sent SSH_MSG_NEWKEYS, but I have no key material ready!");
+            }
+
+            BlockCipher cbc;
+            MAC mac;
+
+            try {
+                cbc = BlockCipherFactory.createCipher(kxs.np.enc_algo_client_to_server, false,
+                                                      km.enc_key_client_to_server, km.initial_iv_client_to_server);
+
+                try {
+                    mac = new MAC(kxs.np.mac_algo_client_to_server, km.integrity_key_client_to_server);
+                }
+                catch (DigestException e) {
+                    throw new IOException(e);
+                }
+            }
+            catch (IllegalArgumentException e) {
+                throw new IOException(e);
+            }
+
+            tm.changeRecvCipher(cbc, mac);
+            ConnectionInfo sci = new ConnectionInfo();
+            kexCount++;
+            sci.keyExchangeAlgorithm = kxs.np.kex_algo;
+            sci.keyExchangeCounter = kexCount;
+            sci.clientToServerCryptoAlgorithm = kxs.np.enc_algo_client_to_server;
+            sci.serverToClientCryptoAlgorithm = kxs.np.enc_algo_server_to_client;
+            sci.clientToServerMACAlgorithm = kxs.np.mac_algo_client_to_server;
+            sci.serverToClientMACAlgorithm = kxs.np.mac_algo_server_to_client;
+            sci.serverHostKeyAlgorithm = kxs.np.server_host_key_algo;
+            sci.serverHostKey = kxs.remote_hostkey;
+
+            synchronized (accessLock) {
+                lastConnInfo = sci;
+                accessLock.notifyAll();
+            }
+
+            kxs = null;
+            return;
+        }
+
+        if ((kxs == null) || (kxs.state == 0)) {
+            throw new IOException("Unexpected Kex submessage!");
+        }
+
+        if (kxs.np.kex_algo.equals("diffie-hellman-group1-sha1")  ||
+                kxs.np.kex_algo.equals("diffie-hellman-group14-sha1") ||
+                kxs.np.kex_algo.equals("ecdh-sha2-nistp256")          ||
+                kxs.np.kex_algo.equals("ecdh-sha2-nistp384")          ||
+                kxs.np.kex_algo.equals("ecdh-sha2-nistp521")) {
+            if (kxs.state == 1) {
+                PacketKexDHInit dhi = new PacketKexDHInit(msg);
+                kxs.dhx.setE(dhi.getE());
+                byte[] hostKey = null;
+
+                if (kxs.np.server_host_key_algo.startsWith("ecdsa-sha2-")) {
+                    hostKey = ECDSASHA2Verify.encodeSSHECDSAPublicKey((ECPublicKey)kxs.local_ec_key.getPublic());
+                }
+
+                if (kxs.np.server_host_key_algo.equals("ssh-rsa")) {
+                    hostKey = RSASHA1Verify.encodeSSHRSAPublicKey((RSAPublicKey)kxs.local_rsa_key.getPublic());
+                }
+
+                if (kxs.np.server_host_key_algo.equals("ssh-dss")) {
+                    hostKey = DSASHA1Verify.encodeSSHDSAPublicKey((DSAPublicKey)kxs.local_dsa_key.getPublic());
+                }
+
+                try {
+                    kxs.H = kxs.dhx.calculateH(csh.getClientString(), csh.getServerString(),
+                                               kxs.remoteKEX.getPayload(), kxs.localKEX.getPayload(), hostKey);
+                }
+                catch (IllegalArgumentException e) {
+                    throw new IOException("KEX error.", e);
+                }
+
+                kxs.K = kxs.dhx.getK();
+                byte[] signature = null;
+
+                if (kxs.np.server_host_key_algo.startsWith("ecdsa-sha2-")) {
+                    ECPrivateKey pk = (ECPrivateKey)kxs.local_ec_key.getPrivate();
+                    byte[] es = ECDSASHA2Verify.generateSignature(kxs.H, pk);
+                    signature = ECDSASHA2Verify.encodeSSHECDSASignature(es, pk.getParams());
+                }
+
+                if (kxs.np.server_host_key_algo.equals("ssh-rsa")) {
+                    byte[] rs = RSASHA1Verify.generateSignature(kxs.H, (RSAPrivateKey)kxs.local_rsa_key.getPrivate());
+                    signature = RSASHA1Verify.encodeSSHRSASignature(rs);
+                }
+
+                if (kxs.np.server_host_key_algo.equals("ssh-dss")) {
+                    byte[] ds = DSASHA1Verify.generateSignature(kxs.H, (DSAPrivateKey)kxs.local_dsa_key.getPrivate(), rnd);
+                    signature = DSASHA1Verify.encodeSSHDSASignature(ds);
+                }
+
+                PacketKexDHReply dhr = new PacketKexDHReply(hostKey, new BigInteger(kxs.dhx.getF()), signature);
+                tm.sendKexMessage(dhr.getPayload());
+                finishKex(false);
+                kxs.state = -1;
+
+                if (authenticationStarted == false) {
+                    authenticationStarted = true;
+                    state.am = new ServerAuthenticationManager(state);
+                }
+
+                return;
+            }
+        }
+
+        throw new IllegalStateException(String.format("Unknown KEX method %s", kxs.np.kex_algo));
+    }
+}