changeset 375:8c1451f51a5e

kex error fixed; order encryption, hash, and kex algorithms properly, strongest preferred
author Carl Byington <carl@five-ten-sg.com>
date Mon, 04 Aug 2014 14:21:32 -0700 (2014-08-04)
parents 597138203c15
children 711ad4cf87b6
files src/ch/ethz/ssh2/crypto/cipher/BlockCipherFactory.java src/ch/ethz/ssh2/crypto/digest/MAC.java src/ch/ethz/ssh2/log/Logger.java
diffstat 3 files changed, 15 insertions(+), 8 deletions(-) [+]
line wrap: on
line diff
--- a/src/ch/ethz/ssh2/crypto/cipher/BlockCipherFactory.java	Mon Aug 04 14:02:00 2014 -0700
+++ b/src/ch/ethz/ssh2/crypto/cipher/BlockCipherFactory.java	Mon Aug 04 14:21:32 2014 -0700
@@ -32,14 +32,14 @@
     private static final List<CipherEntry> ciphers = new ArrayList<CipherEntry>();
 
     static {
-        /* Higher Priority First */
-        ciphers.add(new CipherEntry("aes128-ctr", 16, 16, "ch.ethz.ssh2.crypto.cipher.AES"));
-        ciphers.add(new CipherEntry("aes192-ctr", 16, 24, "ch.ethz.ssh2.crypto.cipher.AES"));
+        // Higher priority (stronger) first
         ciphers.add(new CipherEntry("aes256-ctr", 16, 32, "ch.ethz.ssh2.crypto.cipher.AES"));
+        ciphers.add(new CipherEntry("aes192-ctr", 16, 24, "ch.ethz.ssh2.crypto.cipher.AES"));
+        ciphers.add(new CipherEntry("aes128-ctr", 16, 16, "ch.ethz.ssh2.crypto.cipher.AES"));
         ciphers.add(new CipherEntry("blowfish-ctr", 8, 16, "ch.ethz.ssh2.crypto.cipher.BlowFish"));
+        ciphers.add(new CipherEntry("aes256-cbc", 16, 32, "ch.ethz.ssh2.crypto.cipher.AES"));
+        ciphers.add(new CipherEntry("aes192-cbc", 16, 24, "ch.ethz.ssh2.crypto.cipher.AES"));
         ciphers.add(new CipherEntry("aes128-cbc", 16, 16, "ch.ethz.ssh2.crypto.cipher.AES"));
-        ciphers.add(new CipherEntry("aes192-cbc", 16, 24, "ch.ethz.ssh2.crypto.cipher.AES"));
-        ciphers.add(new CipherEntry("aes256-cbc", 16, 32, "ch.ethz.ssh2.crypto.cipher.AES"));
         ciphers.add(new CipherEntry("blowfish-cbc", 8, 16, "ch.ethz.ssh2.crypto.cipher.BlowFish"));
         ciphers.add(new CipherEntry("3des-ctr", 8, 24, "ch.ethz.ssh2.crypto.cipher.DESede"));
         ciphers.add(new CipherEntry("3des-cbc", 8, 24, "ch.ethz.ssh2.crypto.cipher.DESede"));
--- a/src/ch/ethz/ssh2/crypto/digest/MAC.java	Mon Aug 04 14:02:00 2014 -0700
+++ b/src/ch/ethz/ssh2/crypto/digest/MAC.java	Mon Aug 04 14:21:32 2014 -0700
@@ -18,8 +18,15 @@
     private int size;
 
     public static String[] getMacList() {
-        // Higher priority first. Added SHA-2 algorithms as in RFC 6668
-        return new String[] {"hmac-sha1-96", "hmac-sha1", "hmac-md5-96", "hmac-md5", "hmac-sha2-256", "hmac-sha2-512"};
+        // Higher priority (stronger) first. Added SHA-2 algorithms as in RFC 6668
+        return new String[] {
+                             "hmac-sha2-512",
+                             "hmac-sha2-256",
+                             "hmac-sha1",
+                             "hmac-sha1-96",
+                             "hmac-md5",
+                             "hmac-md5-96"
+                             };
     }
 
     public static void checkMacList(final String[] macs) {
--- a/src/ch/ethz/ssh2/log/Logger.java	Mon Aug 04 14:02:00 2014 -0700
+++ b/src/ch/ethz/ssh2/log/Logger.java	Mon Aug 04 14:21:32 2014 -0700
@@ -9,7 +9,7 @@
 
 public class Logger {
     private static final String TAG = "ConnectBot.ssh";
-    public static boolean enabled = true;
+    public static boolean enabled = false;
 
     public static Logger getLogger(Class<?> x) {
         return new Logger();