/// <exception cref="System.Exception"></exception>
private void UpdateKeys(KeyExchange kex)
{
byte[] K = kex.GetK();
byte[] H = kex.GetH();
HASH hash = kex.GetHash();
// String[] guess=kex.guess;
if (session_id == null)
{
session_id = new byte[H.Length];
System.Array.Copy(H, 0, session_id, 0, H.Length);
}
buf.Reset();
buf.PutMPInt(K);
buf.PutByte(H);
buf.PutByte(unchecked((byte)unchecked((int)(0x41))));
buf.PutByte(session_id);
hash.Update(buf.buffer, 0, buf.index);
IVc2s = hash.Digest();
int j = buf.index - session_id.Length - 1;
buf.buffer[j]++;
hash.Update(buf.buffer, 0, buf.index);
IVs2c = hash.Digest();
buf.buffer[j]++;
hash.Update(buf.buffer, 0, buf.index);
Ec2s = hash.Digest();
buf.buffer[j]++;
hash.Update(buf.buffer, 0, buf.index);
Es2c = hash.Digest();
buf.buffer[j]++;
hash.Update(buf.buffer, 0, buf.index);
MACc2s = hash.Digest();
buf.buffer[j]++;
hash.Update(buf.buffer, 0, buf.index);
MACs2c = hash.Digest();
try
{
Type c;
string method;
method = guess[KeyExchange.PROPOSAL_ENC_ALGS_STOC];
c = Sharpen.Runtime.GetType(GetConfig(method));
s2ccipher = (NSch.Cipher)(System.Activator.CreateInstance(c));
while (s2ccipher.GetBlockSize() > Es2c.Length)
{
buf.Reset();
buf.PutMPInt(K);
buf.PutByte(H);
buf.PutByte(Es2c);
hash.Update(buf.buffer, 0, buf.index);
byte[] foo = hash.Digest();
byte[] bar = new byte[Es2c.Length + foo.Length];
System.Array.Copy(Es2c, 0, bar, 0, Es2c.Length);
System.Array.Copy(foo, 0, bar, Es2c.Length, foo.Length);
Es2c = bar;
}
s2ccipher.Init(NSch.Cipher.DECRYPT_MODE, Es2c, IVs2c);
s2ccipher_size = s2ccipher.GetIVSize();
method = guess[KeyExchange.PROPOSAL_MAC_ALGS_STOC];
c = Sharpen.Runtime.GetType(GetConfig(method));
s2cmac = (MAC)(System.Activator.CreateInstance(c));
s2cmac.Init(MACs2c);
//mac_buf=new byte[s2cmac.getBlockSize()];
s2cmac_result1 = new byte[s2cmac.GetBlockSize()];
s2cmac_result2 = new byte[s2cmac.GetBlockSize()];
method = guess[KeyExchange.PROPOSAL_ENC_ALGS_CTOS];
c = Sharpen.Runtime.GetType(GetConfig(method));
c2scipher = (NSch.Cipher)(System.Activator.CreateInstance(c));
while (c2scipher.GetBlockSize() > Ec2s.Length)
{
buf.Reset();
buf.PutMPInt(K);
buf.PutByte(H);
buf.PutByte(Ec2s);
hash.Update(buf.buffer, 0, buf.index);
byte[] foo = hash.Digest();
byte[] bar = new byte[Ec2s.Length + foo.Length];
System.Array.Copy(Ec2s, 0, bar, 0, Ec2s.Length);
System.Array.Copy(foo, 0, bar, Ec2s.Length, foo.Length);
Ec2s = bar;
}
c2scipher.Init(NSch.Cipher.ENCRYPT_MODE, Ec2s, IVc2s);
c2scipher_size = c2scipher.GetIVSize();
method = guess[KeyExchange.PROPOSAL_MAC_ALGS_CTOS];
c = Sharpen.Runtime.GetType(GetConfig(method));
c2smac = (MAC)(System.Activator.CreateInstance(c));
c2smac.Init(MACc2s);
method = guess[KeyExchange.PROPOSAL_COMP_ALGS_CTOS];
InitDeflater(method);
method = guess[KeyExchange.PROPOSAL_COMP_ALGS_STOC];
InitInflater(method);
}
catch (Exception e)
{
if (e is JSchException)
{
throw;
}
throw new JSchException(e.ToString(), e);
}
}
/// <exception cref="NSch.JSchException"></exception>
private void CheckHost(string chost, int port, KeyExchange kex)
{
string shkc = GetConfig("StrictHostKeyChecking");
if (hostKeyAlias != null)
{
chost = hostKeyAlias;
}
//System.err.println("shkc: "+shkc);
byte[] K_S = kex.GetHostKey();
string key_type = kex.GetKeyType();
string key_fprint = kex.GetFingerPrint();
if (hostKeyAlias == null && port != 22)
{
chost = ("[" + chost + "]:" + port);
}
// hostkey=new HostKey(chost, K_S);
HostKeyRepository hkr = jsch.GetHostKeyRepository();
int i = 0;
lock (hkr)
{
i = hkr.Check(chost, K_S);
}
bool insert = false;
if ((shkc.Equals("ask") || shkc.Equals("yes")) && i == HostKeyRepository.CHANGED)
{
string file = null;
lock (hkr)
{
file = hkr.GetKnownHostsRepositoryID();
}
if (file == null)
{
file = "known_hosts";
}
bool b = false;
if (userinfo != null)
{
string message = "WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!\n" + "IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!\n"
+ "Someone could be eavesdropping on you right now (man-in-the-middle attack)!\n"
+ "It is also possible that the " + key_type + " host key has just been changed.\n"
+ "The fingerprint for the " + key_type + " key sent by the remote host is\n" +
key_fprint + ".\n" + "Please contact your system administrator.\n" + "Add correct host key in "
+ file + " to get rid of this message.";
if (shkc.Equals("ask"))
{
b = userinfo.PromptYesNo(message + "\nDo you want to delete the old key and insert the new key?"
);
}
else
{
// shkc.equals("yes")
userinfo.ShowMessage(message);
}
}
if (!b)
{
throw new JSchException("HostKey has been changed: " + chost);
}
lock (hkr)
{
hkr.Remove(chost, (key_type.Equals("DSA") ? "ssh-dss" : "ssh-rsa"), null);
insert = true;
}
}
if ((shkc.Equals("ask") || shkc.Equals("yes")) && (i != HostKeyRepository.OK) &&
!insert)
{
if (shkc.Equals("yes"))
{
throw new JSchException("reject HostKey: " + host);
}
//System.err.println("finger-print: "+key_fprint);
if (userinfo != null)
{
bool foo = userinfo.PromptYesNo("The authenticity of host '" + host + "' can't be established.\n"
+ key_type + " key fingerprint is " + key_fprint + ".\n" + "Are you sure you want to continue connecting?"
);
if (!foo)
{
throw new JSchException("reject HostKey: " + host);
}
insert = true;
}
else
{
if (i == HostKeyRepository.NOT_INCLUDED)
{
throw new JSchException("UnknownHostKey: " + host + ". " + key_type + " key fingerprint is "
+ key_fprint);
}
else
{
throw new JSchException("HostKey has been changed: " + host);
}
}
}
if (shkc.Equals("no") && HostKeyRepository.NOT_INCLUDED == i)
{
insert = true;
}
if (i == HostKeyRepository.OK && JSch.GetLogger().IsEnabled(Logger.INFO))
{
JSch.GetLogger().Log(Logger.INFO, "Host '" + host + "' is known and mathces the "
+ key_type + " host key");
}
if (insert && JSch.GetLogger().IsEnabled(Logger.WARN))
{
JSch.GetLogger().Log(Logger.WARN, "Permanently added '" + host + "' (" + key_type
+ ") to the list of known hosts.");
}
string hkh = GetConfig("HashKnownHosts");
if (hkh.Equals("yes") && (hkr is KnownHosts))
{
hostkey = ((KnownHosts)hkr).CreateHashedHostKey(chost, K_S);
}
else
{
hostkey = new HostKey(chost, K_S);
}
if (insert)
{
lock (hkr)
{
hkr.Add(hostkey, userinfo);
}
}
}
/// <exception cref="System.Exception"></exception>
private void Receive_newkeys(Buffer buf, KeyExchange kex)
{
UpdateKeys(kex);
in_kex = false;
}
