private void receive_newkeys(Buffer buf, KeyExchange kex)
{
// send_newkeys();
updateKeys(kex);
in_kex=false;
}
private void updateKeys(KeyExchange kex)
{
byte[] K=kex.getK();
byte[] H=kex.getH();
HASH hash=kex.getHash();
String[] guess=kex._guess;
if(session_id==null)
{
session_id=new byte[H.Length];
SharpSSH.SharpSsh.java.System.arraycopy(H, 0, session_id, 0, H.Length);
}
/*
Initial IV client to server: HASH (K || H || "A" || session_id)
Initial IV server to client: HASH (K || H || "B" || session_id)
Encryption key client to server: HASH (K || H || "C" || session_id)
Encryption key server to client: HASH (K || H || "D" || session_id)
Integrity key client to server: HASH (K || H || "E" || session_id)
Integrity key server to client: HASH (K || H || "F" || session_id)
*/
buf.reset();
buf.putMPInt(K);
buf.putByte(H);
buf.putByte((byte)0x41);
buf.putByte(session_id);
hash.update(buf.buffer, 0, buf.index);
IVc2s=hash.digest();
int j=buf.index-session_id.Length-1;
buf.buffer[j]++;
hash.update(buf.buffer, 0, buf.index);
IVs2c=hash.digest();
buf.buffer[j]++;
hash.update(buf.buffer, 0, buf.index);
Ec2s=hash.digest();
buf.buffer[j]++;
hash.update(buf.buffer, 0, buf.index);
Es2c=hash.digest();
buf.buffer[j]++;
hash.update(buf.buffer, 0, buf.index);
MACc2s=hash.digest();
buf.buffer[j]++;
hash.update(buf.buffer, 0, buf.index);
MACs2c=hash.digest();
try
{
Class c;
c=Class.forName(getConfig(guess[KeyExchange.PROPOSAL_ENC_ALGS_STOC]));
s2ccipher=(Cipher)(c.newInstance());
while(s2ccipher.getBlockSize()>Es2c.Length)
{
buf.reset();
buf.putMPInt(K);
buf.putByte(H);
buf.putByte(Es2c);
hash.update(buf.buffer, 0, buf.index);
byte[] foo=hash.digest();
byte[] bar=new byte[Es2c.Length+foo.Length];
SharpSSH.SharpSsh.java.System.arraycopy(Es2c, 0, bar, 0, Es2c.Length);
SharpSSH.SharpSsh.java.System.arraycopy(foo, 0, bar, Es2c.Length, foo.Length);
Es2c=bar;
}
s2ccipher.init(Cipher.DECRYPT_MODE, Es2c, IVs2c);
cipher_size=s2ccipher.getIVSize();
c=Class.forName(getConfig(guess[KeyExchange.PROPOSAL_MAC_ALGS_STOC]));
s2cmac=(MAC)(c.newInstance());
s2cmac.init(MACs2c);
mac_buf=new byte[s2cmac.getBlockSize()];
c=Class.forName(getConfig(guess[KeyExchange.PROPOSAL_ENC_ALGS_CTOS]));
c2scipher=(Cipher)(c.newInstance());
while(c2scipher.getBlockSize()>Ec2s.Length)
{
buf.reset();
buf.putMPInt(K);
buf.putByte(H);
buf.putByte(Ec2s);
hash.update(buf.buffer, 0, buf.index);
byte[] foo=hash.digest();
byte[] bar=new byte[Ec2s.Length+foo.Length];
SharpSSH.SharpSsh.java.System.arraycopy(Ec2s, 0, bar, 0, Ec2s.Length);
SharpSSH.SharpSsh.java.System.arraycopy(foo, 0, bar, Ec2s.Length, foo.Length);
Ec2s=bar;
}
c2scipher.init(Cipher.ENCRYPT_MODE, Ec2s, IVc2s);
c=Class.forName(getConfig(guess[KeyExchange.PROPOSAL_MAC_ALGS_CTOS]));
c2smac=(MAC)(c.newInstance());
c2smac.init(MACc2s);
if(!guess[KeyExchange.PROPOSAL_COMP_ALGS_CTOS].equals("none"))
{
String foo=getConfig(guess[KeyExchange.PROPOSAL_COMP_ALGS_CTOS]);
if(foo!=null)
{
try
{
c=Class.forName(foo);
deflater=(Compression)(c.newInstance());
int level=6;
try{ level=Integer.parseInt(getConfig("compression_level"));}
catch(Exception ee){ }
deflater.init(Compression.DEFLATER, level);
}
catch(Exception ee)
{
System.Console.Error.WriteLine(foo+" isn't accessible.");
}
}
}
else
{
if(deflater!=null)
{
deflater=null;
}
}
if(!guess[KeyExchange.PROPOSAL_COMP_ALGS_STOC].equals("none"))
{
String foo=getConfig(guess[KeyExchange.PROPOSAL_COMP_ALGS_STOC]);
if(foo!=null)
{
try
{
c=Class.forName(foo);
inflater=(Compression)(c.newInstance());
inflater.init(Compression.INFLATER, 0);
}
catch(Exception ee)
{
System.Console.Error.WriteLine(foo+" isn't accessible.");
}
}
}
else
{
if(inflater!=null)
{
inflater=null;
}
}
}
catch(Exception e){ System.Console.Error.WriteLine("updatekeys: "+e); }
}
private void checkHost(String host, KeyExchange kex)
{
String shkc=getConfig("StrictHostKeyChecking");
//System.Console.WriteLine("shkc: "+shkc);
byte[] K_S=kex.getHostKey();
String key_type=kex.getKeyType();
String key_fprint=kex.getFingerPrint();
hostkey=new HostKey(host, K_S);
HostKeyRepository hkr=jsch.getHostKeyRepository();
int i=0;
lock(hkr)
{
i=hkr.check(host, K_S);
}
bool insert=false;
if((shkc.equals("ask") || shkc.equals("yes")) &&
i==HostKeyRepository.CHANGED)
{
String file=null;
lock(hkr)
{
file=hkr.getKnownHostsRepositoryID();
}
if(file==null){file="known_hosts";}
String message=
"WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!\n"+
"IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!\n"+
"Someone could be eavesdropping on you right now (man-in-the-middle attack)!\n"+
"It is also possible that the "+key_type+" host key has just been changed.\n"+
"The fingerprint for the "+key_type+" key sent by the remote host is\n"+
key_fprint+".\n"+
"Please contact your system administrator.\n"+
"Add correct host key in "+file+" to get rid of this message.";
bool b=false;
if(userinfo!=null)
{
//userinfo.showMessage(message);
b=userinfo.promptYesNo(message+
"\nDo you want to delete the old key and insert the new key?");
}
//throw new JSchException("HostKey has been changed: "+host);
if(!b)
{
throw new JSchException("HostKey has been changed: "+host);
}
else
{
lock(hkr)
{
hkr.remove(host,
(key_type.equals("DSA") ? "ssh-dss" : "ssh-rsa"),
null);
insert=true;
}
}
}
// bool insert=false;
if((shkc.equals("ask") || shkc.equals("yes")) &&
(i!=HostKeyRepository.OK) && !insert)
{
if(shkc.equals("yes"))
{
throw new JSchException("reject HostKey: "+host);
}
//System.Console.WriteLine("finger-print: "+key_fprint);
if(userinfo!=null)
{
bool foo=userinfo.promptYesNo(
"The authenticity of host '"+host+"' can't be established.\n"+
key_type+" key fingerprint is "+key_fprint+".\n"+
"Are you sure you want to continue connecting?"
);
if(!foo)
{
throw new JSchException("reject HostKey: "+host);
}
insert=true;
}
else
{
if(i==HostKeyRepository.NOT_INCLUDED)
throw new JSchException("UnknownHostKey: "+host+". "+key_type+" key fingerprint is "+key_fprint);
else throw new JSchException("HostKey has been changed: "+host);
}
}
if(shkc.equals("no") &&
HostKeyRepository.NOT_INCLUDED==i)
{
insert=true;
}
if(insert)
{
lock(hkr)
{
hkr.add(host, K_S, userinfo);
}
}
}