Mercurial > 510Connectbot

changeset 313:1d400fd78e4a ganymed

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
add ecdsa key support everywhere
author Carl Byington <carl@five-ten-sg.com>
date Wed, 30 Jul 2014 16:19:33 -0700
parents 1442be38051b
children d85bc45139f2
files src/ch/ethz/ssh2/crypto/dh/DhExchange.java src/ch/ethz/ssh2/crypto/dh/DhGroupExchange.java src/ch/ethz/ssh2/crypto/dh/EcDhExchange.java src/ch/ethz/ssh2/crypto/dh/GenericDhExchange.java src/ch/ethz/ssh2/transport/ClientKexManager.java
diffstat 5 files changed, 29 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/src/ch/ethz/ssh2/crypto/dh/DhExchange.java	Wed Jul 30 16:03:21 2014 -0700
+++ b/src/ch/ethz/ssh2/crypto/dh/DhExchange.java	Wed Jul 30 16:19:33 2014 -0700
@@ -58,6 +58,7 @@
     /* Server public */
 
     private DHPublicKey serverPublic;
+    private byte[] f;
 
     @Override
     public void init(String name) throws IOException {
@@ -105,6 +106,11 @@
     }
 
     @Override
+    public byte[] getF() {
+        return f;
+    }
+
+    @Override
     public void setF(byte[] f) throws IOException {
         if (clientPublic == null)
             throw new IllegalStateException("DhExchange not initialized!");
@@ -114,6 +120,7 @@
         try {
             KeyFactory kf = KeyFactory.getInstance("DH");
             DHParameterSpec params = clientPublic.getParams();
+            this.f = f;
             this.serverPublic = (DHPublicKey) kf.generatePublic(new DHPublicKeySpec(
                                     new BigInteger(f), params.getP(), params.getG()));
             ka = KeyAgreement.getInstance("DH");
--- a/src/ch/ethz/ssh2/crypto/dh/DhGroupExchange.java	Wed Jul 30 16:03:21 2014 -0700
+++ b/src/ch/ethz/ssh2/crypto/dh/DhGroupExchange.java	Wed Jul 30 16:19:33 2014 -0700
@@ -3,6 +3,7 @@
 
 import java.math.BigInteger;
 import java.security.SecureRandom;
+import java.io.IOException;
 
 import ch.ethz.ssh2.DHGexParameters;
 import ch.ethz.ssh2.crypto.digest.HashForSSH2Types;
--- a/src/ch/ethz/ssh2/crypto/dh/EcDhExchange.java	Wed Jul 30 16:03:21 2014 -0700
+++ b/src/ch/ethz/ssh2/crypto/dh/EcDhExchange.java	Wed Jul 30 16:19:33 2014 -0700
@@ -27,9 +27,16 @@
  *
  */
 public class EcDhExchange extends GenericDhExchange {
+
+    /* Client public and private */
+
     private ECPrivateKey clientPrivate;
     private ECPublicKey clientPublic;
+
+    /* Server public */
+
     private ECPublicKey serverPublic;
+    private byte[] f;
 
     @Override
     public void init(String name) throws IOException {
@@ -78,6 +85,11 @@
     }
 
     @Override
+    public byte[] getF() {
+        return f;
+    }
+
+    @Override
     public void setF(byte[] f) throws IOException {
         if (clientPublic == null)
             throw new IllegalStateException("DhDsaExchange not initialized!");
@@ -88,6 +100,7 @@
             KeyFactory kf = KeyFactory.getInstance("EC");
             ECParameterSpec params = clientPublic.getParams();
             ECPoint serverPoint = ECDSASHA2Verify.decodeECPoint(f, params.getCurve());
+            this.f = f;
             this.serverPublic = (ECPublicKey) kf.generatePublic(new ECPublicKeySpec(serverPoint,
                                 params));
             ka = KeyAgreement.getInstance("ECDH");
--- a/src/ch/ethz/ssh2/crypto/dh/GenericDhExchange.java	Wed Jul 30 16:03:21 2014 -0700
+++ b/src/ch/ethz/ssh2/crypto/dh/GenericDhExchange.java	Wed Jul 30 16:19:33 2014 -0700
@@ -62,6 +62,12 @@
     /**
      * @param f
      */
+    public void setF(BigInteger f) throws IOException {
+        setF(f.toByteArray());
+    }
+
+    public abstract byte[] getF();
+
     public abstract void setF(byte[] f) throws IOException;
 
     public byte[] calculateH(byte[] clientversion, byte[] serverversion, byte[] clientKexPayload,
--- a/src/ch/ethz/ssh2/transport/ClientKexManager.java	Wed Jul 30 16:03:21 2014 -0700
+++ b/src/ch/ethz/ssh2/transport/ClientKexManager.java	Wed Jul 30 16:19:33 2014 -0700
@@ -257,7 +257,7 @@
                 kxs.dhgx.setF(dhgexrpl.getF());
 
                 try {
-                    kxs.H = kxs.dhgx.calculateH(csh.getClientString(), csh.getServerString(),
+                    kxs.H = kxs.dhgx.calculateH(kxs.hashAlgo, csh.getClientString(), csh.getServerString(),
                             kxs.localKEX.getPayload(), kxs.remoteKEX.getPayload(), dhgexrpl.getHostKey(),
                             kxs.dhgexParameters);
                 }
@@ -295,7 +295,7 @@
                         throw new IOException("The server host key was not accepted by the verifier callback", e);
                     }
                 }
-                kxs.dhx.setF(dhr.getF());
+                kxs.dhx.setF(dhr.getF().toByteArray());
                 try {
                     kxs.H = kxs.dhx.calculateH(kxs.hashAlgo, csh.getClientString(), csh.getServerString(), kxs.localKEX.getPayload(),
                             kxs.remoteKEX.getPayload(), dhr.getHostKey());