public Buffer read(Buffer buf) { int j = 0; while (true) { buf.Reset(); io.getByte(buf.buffer, buf.index, cipher_size); buf.index+=cipher_size; if (s2ccipher!=null) { s2ccipher.update(buf.buffer, 0, cipher_size, buf.buffer, 0); } // j=((buf.buffer[0]<<24)&0xff000000)| // ((buf.buffer[1]<<16)&0x00ff0000)| // ((buf.buffer[2]<< 8)&0x0000ff00)| // ((buf.buffer[3] )&0x000000ff); j = Util.ToInt32(buf.buffer, 0); j = j - 4 - cipher_size + 8; if (j < 0 || (buf.index + j) > buf.buffer.Length) { throw new IOException("invalid data"); } if (j > 0) { io.getByte(buf.buffer, buf.index, j); buf.index+=(j); if(s2ccipher!=null) { s2ccipher.update(buf.buffer, cipher_size, j, buf.buffer, cipher_size); } } if (s2cmac != null) { s2cmac.update(seqi); s2cmac.update(buf.buffer, 0, buf.index); byte[] result = s2cmac.doFinal(); io.getByte(mac_buf, 0, mac_buf.Length); if (!result.SequenceEqual(mac_buf)) { throw new IOException("MAC Error"); } } seqi++; if (inflater != null) { //inflater.uncompress(buf); int pad=buf.buffer[4]; uncompress_len[0]=buf.index-5-pad; byte[] foo=inflater.uncompress(buf.buffer, 5, uncompress_len); if(foo!=null) { buf.buffer=foo; buf.index=5+uncompress_len[0]; } else { System.Console.Error.WriteLine("fail in inflater"); break; } } int type=buf.buffer[5]&0xff; //System.Console.WriteLine("read: "+type); if(type==SSH_MSG_DISCONNECT) { buf.Rewind(); buf.ReadInt();buf.ReadShort(); int reason_code=buf.ReadInt(); byte[] description=buf.ReadString(); byte[] language_tag=buf.ReadString(); /* System.Console.Error.WriteLine("SSH_MSG_DISCONNECT:"+ " "+reason_code+ " "+Encoding.UTF8.GetString(description)+ " "+Encoding.UTF8.GetString(language_tag)); */ throw new JSchException( "SSH_MSG_DISCONNECT:"+ " "+reason_code+ " "+description+ " "+language_tag); //break; } else if(type==SSH_MSG_IGNORE) { } else if(type==SSH_MSG_DEBUG) { buf.Rewind(); buf.ReadInt();buf.ReadShort(); /* byte always_display=(byte)buf.getByte(); byte[] message=buf.getString(); byte[] language_tag=buf.getString(); System.Console.Error.WriteLine("SSH_MSG_DEBUG:"+ " "+Encoding.UTF8.GetString(message)+ " "+Encoding.UTF8.GetString(language_tag)); */ } else if(type==SSH_MSG_CHANNEL_WINDOW_ADJUST) { buf.Rewind(); buf.ReadInt();buf.ReadShort(); Channel c=Channel.getChannel(buf.ReadInt(), this); if(c==null) { } else { c.addRemoteWindowSize(buf.ReadInt()); } } else { break; } } buf.Rewind(); return buf; }
public override bool next(Buffer _buf) { int i, j; bool result = false; switch (state) { case SSH_MSG_KEXDH_REPLY: // The server responds with: // byte SSH_MSG_KEXDH_REPLY(31) // string server public host key and certificates (K_S) // mpint f // string signature of H j = _buf.ReadInt(); j = _buf.ReadByte(); j = _buf.ReadByte(); if (j != 31) { Console.WriteLine("type: must be 31 " + j); result = false; break; } K_S = _buf.ReadString(); // K_S is server_key_blob, which includes .... // string ssh-dss // impint p of dsa // impint q of dsa // impint g of dsa // impint pub_key of dsa //System.out.print("K_S: "); //dump(K_S, 0, K_S.length); byte[] f = _buf.ReadMPInt(); byte[] sig_of_H = _buf.ReadString(); /* * for(int ii=0; ii<sig_of_H.length;ii++){ * System.out.print(Integer.toHexString(sig_of_H[ii]&0xff)); * System.out.print(": "); * } * Console.WriteLine(""); */ dh.setF(f); K = dh.getK(); //The hash H is computed as the HASH hash of the concatenation of the //following: // string V_C, the client's version string (CR and NL excluded) // string V_S, the server's version string (CR and NL excluded) // string I_C, the payload of the client's SSH_MSG_KEXINIT // string I_S, the payload of the server's SSH_MSG_KEXINIT // string K_S, the host key // mpint e, exchange value sent by the client // mpint f, exchange value sent by the server // mpint K, the shared secret // This value is called the exchange hash, and it is used to authenti- // cate the key exchange. buf.Reset(); buf.WriteString(V_C); buf.WriteString(V_S); buf.WriteString(I_C); buf.WriteString(I_S); buf.WriteString(K_S); buf.WriteMPInt(e); buf.WriteMPInt(f); buf.WriteMPInt(K); byte[] foo = new byte[buf.Length]; buf.ReadByte(foo); sha.update(foo, 0, foo.Length); H = sha.digest(); //System.out.print("H -> "); //dump(H, 0, H.length); i = 0; j = 0; j = (int)((K_S[i++] << 24) & 0xff000000) | ((K_S[i++] << 16) & 0x00ff0000) | ((K_S[i++] << 8) & 0x0000ff00) | ((K_S[i++]) & 0x000000ff); String alg = Util.getString(K_S, i, j); i += j; result = false; if (alg.Equals("ssh-rsa")) { byte[] tmp; byte[] ee; byte[] n; type = RSA; j = (int)((K_S[i++] << 24) & 0xff000000) | ((K_S[i++] << 16) & 0x00ff0000) | ((K_S[i++] << 8) & 0x0000ff00) | ((K_S[i++]) & 0x000000ff); tmp = new byte[j]; Array.Copy(K_S, i, tmp, 0, j); i += j; ee = tmp; j = (int)((K_S[i++] << 24) & 0xff000000) | ((K_S[i++] << 16) & 0x00ff0000) | ((K_S[i++] << 8) & 0x0000ff00) | ((K_S[i++]) & 0x000000ff); tmp = new byte[j]; Array.Copy(K_S, i, tmp, 0, j); i += j; n = tmp; // SignatureRSA sig=new SignatureRSA(); // sig.init(); SignatureRSA sig = null; try { Type t = Type.GetType(session.getConfig("signature.rsa")); sig = (SignatureRSA)(Activator.CreateInstance(t)); sig.init(); } catch (Exception eee) { Console.WriteLine(eee); } sig.setPubKey(ee, n); sig.update(H); result = sig.verify(sig_of_H); //MainClass.dump(ee, n, sig_of_H, H); } else if (alg.Equals("ssh-dss")) { byte[] q = null; byte[] tmp; byte[] p; byte[] g; type = DSS; j = (int)((K_S[i++] << 24) & 0xff000000) | ((K_S[i++] << 16) & 0x00ff0000) | ((K_S[i++] << 8) & 0x0000ff00) | ((K_S[i++]) & 0x000000ff); tmp = new byte[j]; Array.Copy(K_S, i, tmp, 0, j); i += j; p = tmp; j = (int)((K_S[i++] << 24) & 0xff000000) | ((K_S[i++] << 16) & 0x00ff0000) | ((K_S[i++] << 8) & 0x0000ff00) | ((K_S[i++]) & 0x000000ff); tmp = new byte[j]; Array.Copy(K_S, i, tmp, 0, j); i += j; q = tmp; j = (int)((K_S[i++] << 24) & 0xff000000) | ((K_S[i++] << 16) & 0x00ff0000) | ((K_S[i++] << 8) & 0x0000ff00) | ((K_S[i++]) & 0x000000ff); tmp = new byte[j]; Array.Copy(K_S, i, tmp, 0, j); i += j; g = tmp; j = (int)((K_S[i++] << 24) & 0xff000000) | ((K_S[i++] << 16) & 0x00ff0000) | ((K_S[i++] << 8) & 0x0000ff00) | ((K_S[i++]) & 0x000000ff); tmp = new byte[j]; Array.Copy(K_S, i, tmp, 0, j); i += j; f = tmp; // SignatureDSA sig=new SignatureDSA(); // sig.init(); SignatureDSA sig = null; try { Type t = Type.GetType(session.getConfig("signature.dss")); sig = (SignatureDSA)(Activator.CreateInstance(t)); sig.init(); } catch (Exception ee) { Console.WriteLine(ee); } sig.setPubKey(f, p, q, g); sig.update(H); result = sig.verify(sig_of_H); } else { Console.WriteLine("unknow alg"); } state = STATE_END; break; } return(result); }
public override bool next(Buffer _buf) { int i, j; bool result = false; switch (state) { case SSH_MSG_KEX_DH_GEX_GROUP: // byte SSH_MSG_KEX_DH_GEX_GROUP(31) // mpint p, safe prime // mpint g, generator for subgroup in GF (p) _buf.ReadInt(); _buf.ReadByte(); j = _buf.ReadByte(); if (j != 31) { Console.WriteLine("type: must be 31 " + j); result = false; } p = _buf.ReadMPInt(); g = _buf.ReadMPInt(); /* * for(int iii=0; iii<p.length; iii++){ * System.out.println("0x"+Integer.toHexString(p[iii]&0xff)+","); * } * System.out.println(""); * for(int iii=0; iii<g.length; iii++){ * System.out.println("0x"+Integer.toHexString(g[iii]&0xff)+","); * } */ dh.setP(p); dh.setG(g); // The client responds with: // byte SSH_MSG_KEX_DH_GEX_INIT(32) // mpint e <- g^x mod p // x is a random number (1 < x < (p-1)/2) e = dh.getE(); packet.reset(); buf.WriteByte((byte)0x20); buf.WriteMPInt(e); session.write(packet); state = SSH_MSG_KEX_DH_GEX_REPLY; result = true; break; case SSH_MSG_KEX_DH_GEX_REPLY: // The server responds with: // byte SSH_MSG_KEX_DH_GEX_REPLY(33) // string server public host key and certificates (K_S) // mpint f // string signature of H j = _buf.ReadInt(); j = _buf.ReadByte(); j = _buf.ReadByte(); if (j != 33) { Console.WriteLine("type: must be 33 " + j); result = false; } K_S = _buf.ReadString(); // K_S is server_key_blob, which includes .... // string ssh-dss // impint p of dsa // impint q of dsa // impint g of dsa // impint pub_key of dsa //System.out.print("K_S: "); dump(K_S, 0, K_S.length); byte[] f = _buf.ReadMPInt(); byte[] sig_of_H = _buf.ReadString(); dh.setF(f); K = dh.getK(); //The hash H is computed as the HASH hash of the concatenation of the //following: // string V_C, the client's version string (CR and NL excluded) // string V_S, the server's version string (CR and NL excluded) // string I_C, the payload of the client's SSH_MSG_KEXINIT // string I_S, the payload of the server's SSH_MSG_KEXINIT // string K_S, the host key // uint32 min, minimal size in bits of an acceptable group // uint32 n, preferred size in bits of the group the server should send // uint32 max, maximal size in bits of an acceptable group // mpint p, safe prime // mpint g, generator for subgroup // mpint e, exchange value sent by the client // mpint f, exchange value sent by the server // mpint K, the shared secret // This value is called the exchange hash, and it is used to authenti- // cate the key exchange. buf.Reset(); buf.WriteString(V_C); buf.WriteString(V_S); buf.WriteString(I_C); buf.WriteString(I_S); buf.WriteString(K_S); buf.WriteInt(min); buf.WriteInt(preferred); buf.WriteInt(max); buf.WriteMPInt(p); buf.WriteMPInt(g); buf.WriteMPInt(e); buf.WriteMPInt(f); buf.WriteMPInt(K); byte[] foo = new byte[buf.Length]; buf.ReadByte(foo); sha.update(foo, 0, foo.Length); H = sha.digest(); // System.out.print("H -> "); dump(H, 0, H.length); i = 0; j = 0; j = (int)((K_S[i++] << 24) & 0xff000000) | ((K_S[i++] << 16) & 0x00ff0000) | ((K_S[i++] << 8) & 0x0000ff00) | ((K_S[i++]) & 0x000000ff); String alg = Util.getString(K_S, i, j); i += j; if (alg.Equals("ssh-rsa")) { byte[] tmp; byte[] ee; byte[] n; type = RSA; j = (int)((K_S[i++] << 24) & 0xff000000) | ((K_S[i++] << 16) & 0x00ff0000) | ((K_S[i++] << 8) & 0x0000ff00) | ((K_S[i++]) & 0x000000ff); tmp = new byte[j]; Array.Copy(K_S, i, tmp, 0, j); i += j; ee = tmp; j = (int)((K_S[i++] << 24) & 0xff000000) | ((K_S[i++] << 16) & 0x00ff0000) | ((K_S[i++] << 8) & 0x0000ff00) | ((K_S[i++]) & 0x000000ff); tmp = new byte[j]; Array.Copy(K_S, i, tmp, 0, j); i += j; n = tmp; // SignatureRSA sig=new SignatureRSA(); // sig.init(); SignatureRSA sig = null; try { Type t = Type.GetType(session.getConfig("signature.rsa")); sig = (SignatureRSA)(Activator.CreateInstance(t)); sig.init(); } catch (Exception eee) { Console.WriteLine(eee); } sig.setPubKey(ee, n); sig.update(H); result = sig.verify(sig_of_H); } else if (alg.Equals("ssh-dss")) { byte[] q = null; byte[] tmp; type = DSS; j = (int)((K_S[i++] << 24) & 0xff000000) | ((K_S[i++] << 16) & 0x00ff0000) | ((K_S[i++] << 8) & 0x0000ff00) | ((K_S[i++]) & 0x000000ff); tmp = new byte[j]; Array.Copy(K_S, i, tmp, 0, j); i += j; p = tmp; j = (int)((K_S[i++] << 24) & 0xff000000) | ((K_S[i++] << 16) & 0x00ff0000) | ((K_S[i++] << 8) & 0x0000ff00) | ((K_S[i++]) & 0x000000ff); tmp = new byte[j]; Array.Copy(K_S, i, tmp, 0, j); i += j; q = tmp; j = (int)((K_S[i++] << 24) & 0xff000000) | ((K_S[i++] << 16) & 0x00ff0000) | ((K_S[i++] << 8) & 0x0000ff00) | ((K_S[i++]) & 0x000000ff); tmp = new byte[j]; Array.Copy(K_S, i, tmp, 0, j); i += j; g = tmp; j = (int)((K_S[i++] << 24) & 0xff000000) | ((K_S[i++] << 16) & 0x00ff0000) | ((K_S[i++] << 8) & 0x0000ff00) | ((K_S[i++]) & 0x000000ff); tmp = new byte[j]; Array.Copy(K_S, i, tmp, 0, j); i += j; f = tmp; // SignatureDSA sig=new SignatureDSA(); // sig.init(); SignatureDSA sig = null; try { Type t = Type.GetType(session.getConfig("signature.dss")); sig = (SignatureDSA)(Activator.CreateInstance(t)); sig.init(); } catch (Exception ee) { Console.WriteLine(ee); } sig.setPubKey(f, p, q, g); sig.update(H); result = sig.verify(sig_of_H); } else { Console.WriteLine("unknow alg"); } state = STATE_END; break; } return(result); }