SharpSSH: C:/work/OMMR/OCHHP_OMMR_OMMR/Code/Assemblies/SharpSSH/Source/SharpSSH-1.1.1.13.src/SharpSSH/jsch/DHGEX.cs Source File

00001 using System;
00002 
00003 namespace Tamir.SharpSsh.jsch
00004 {
00005         /* -*-mode:java; c-basic-offset:2; -*- */
00006         /*
00007         Copyright (c) 2002,2003,2004 ymnk, JCraft,Inc. All rights reserved.
00008 
00009         Redistribution and use in source and binary forms, with or without
00010         modification, are permitted provided that the following conditions are met:
00011 
00012           1. Redistributions of source code must retain the above copyright notice,
00013                  this list of conditions and the following disclaimer.
00014 
00015           2. Redistributions in binary form must reproduce the above copyright 
00016                  notice, this list of conditions and the following disclaimer in 
00017                  the documentation and/or other materials provided with the distribution.
00018 
00019           3. The names of the authors may not be used to endorse or promote products
00020                  derived from this software without specific prior written permission.
00021 
00022         THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES,
00023         INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
00024         FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL JCRAFT,
00025         INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT,
00026         INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
00027         LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
00028         OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
00029         LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
00030         NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
00031         EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
00032         */
00033 
00034 
00035         public class DHGEX : KeyExchange
00036         {
00037 
00038                 internal const int SSH_MSG_KEX_DH_GEX_GROUP=               31;
00039                 internal const int SSH_MSG_KEX_DH_GEX_INIT=                32;
00040                 internal const int SSH_MSG_KEX_DH_GEX_REPLY=               33;
00041 
00042                 internal static int min=1024;
00043 
00044                 //  static int min=512;
00045                 internal static int preferred=1024;
00046                 internal static int max=1024;
00047 
00048                 //  static int preferred=1024;
00049                 //  static int max=2000;
00050 
00051                 internal const int RSA=0;
00052                 internal const int DSS=1;
00053                 private int type=0;
00054 
00055                 private int state;
00056 
00057                 //  com.jcraft.jsch.DH dh;
00058                 internal DH dh;
00059 
00060                 internal byte[] V_S;
00061                 internal byte[] V_C;
00062                 internal byte[] I_S;
00063                 internal byte[] I_C;
00064 
00065                 private Buffer buf;
00066                 private Packet packet;
00067 
00068                 private byte[] p;
00069                 private byte[] g;
00070                 private byte[] e;
00071                 //private byte[] f;
00072 
00073                 public override void init(Session session,
00074                         byte[] V_S, byte[] V_C, byte[] I_S, byte[] I_C)
00075                 {
00076                         this.session=session;
00077                         this.V_S=V_S;      
00078                         this.V_C=V_C;      
00079                         this.I_S=I_S;      
00080                         this.I_C=I_C;      
00081 
00082                         //    sha=new SHA1();
00083                         //    sha.init();
00084 
00085                         try
00086                         {
00087                                 Type t=Type.GetType(session.getConfig("sha-1"));
00088                                 sha=(HASH)(Activator.CreateInstance(t));
00089                                 sha.init();
00090                         }
00091                         catch(Exception e)
00092                         {
00093                                 Console.WriteLine(e);
00094                         }
00095 
00096                         buf=new Buffer();
00097                         packet=new Packet(buf);
00098 
00099                         try
00100                         {
00101                                 Type t=Type.GetType(session.getConfig("dh"));
00102                                 dh=(DH)(Activator.CreateInstance(t));
00103                                 dh.init();
00104                         }
00105                         catch(Exception e)
00106                         {
00107                                 throw e;
00108                         }
00109 
00110                         packet.reset();
00111                         buf.putByte((byte)0x22);
00112                         buf.putInt(min);
00113                         buf.putInt(preferred);
00114                         buf.putInt(max);
00115                         session.write(packet); 
00116 
00117                         state=SSH_MSG_KEX_DH_GEX_GROUP;
00118                 }
00119 
00120                 public override bool next(Buffer _buf) 
00121                 {
00122                         int i,j;
00123                         bool result=false;
00124                         switch(state)
00125                         {
00126                                 case SSH_MSG_KEX_DH_GEX_GROUP:
00127                                         // byte  SSH_MSG_KEX_DH_GEX_GROUP(31)
00128                                         // mpint p, safe prime
00129                                         // mpint g, generator for subgroup in GF (p)
00130                                         _buf.getInt();
00131                                         _buf.getByte();
00132                                         j=_buf.getByte();
00133                                         if(j!=31)
00134                                         {
00135                                                 Console.WriteLine("type: must be 31 "+j);
00136                                                 result = false;
00137                                         }
00138 
00139                                         p=_buf.getMPInt();
00140                                         g=_buf.getMPInt();
00141                                         /*
00142                           for(int iii=0; iii<p.length; iii++){
00143                           System.out.println("0x"+Integer.toHexString(p[iii]&0xff)+",");
00144                           }
00145                           System.out.println("");
00146                           for(int iii=0; iii<g.length; iii++){
00147                           System.out.println("0x"+Integer.toHexString(g[iii]&0xff)+",");
00148                           }
00149                                         */
00150                                         dh.setP(p);
00151                                         dh.setG(g);
00152 
00153                                         // The client responds with:
00154                                         // byte  SSH_MSG_KEX_DH_GEX_INIT(32)
00155                                         // mpint e <- g^x mod p
00156                                         //         x is a random number (1 < x < (p-1)/2)
00157 
00158                                         e=dh.getE();
00159 
00160                                         packet.reset();
00161                                         buf.putByte((byte)0x20);
00162                                         buf.putMPInt(e);
00163                                         session.write(packet);
00164 
00165                                         state=SSH_MSG_KEX_DH_GEX_REPLY;
00166                                         result = true;
00167                                         break;
00168 
00169                                 case SSH_MSG_KEX_DH_GEX_REPLY:
00170                                         // The server responds with:
00171                                         // byte      SSH_MSG_KEX_DH_GEX_REPLY(33)
00172                                         // string    server public host key and certificates (K_S)
00173                                         // mpint     f
00174                                         // string    signature of H
00175                                         j=_buf.getInt();
00176                                         j=_buf.getByte();
00177                                         j=_buf.getByte();
00178                                         if(j!=33)
00179                                         {
00180                                                 Console.WriteLine("type: must be 33 "+j);
00181                                                 result = false;
00182                                         }
00183 
00184                                         K_S=_buf.getString();
00185                                         // K_S is server_key_blob, which includes ....
00186                                         // string ssh-dss
00187                                         // impint p of dsa
00188                                         // impint q of dsa
00189                                         // impint g of dsa
00190                                         // impint pub_key of dsa
00191                                         //System.out.print("K_S: "); dump(K_S, 0, K_S.length);
00192 
00193                                         byte[] f=_buf.getMPInt();
00194                                         byte[] sig_of_H=_buf.getString();
00195 
00196                                         dh.setF(f);
00197                                         K=dh.getK();
00198 
00199                                         //The hash H is computed as the HASH hash of the concatenation of the
00200                                         //following:
00201                                         // string    V_C, the client's version string (CR and NL excluded)
00202                                         // string    V_S, the server's version string (CR and NL excluded)
00203                                         // string    I_C, the payload of the client's SSH_MSG_KEXINIT
00204                                         // string    I_S, the payload of the server's SSH_MSG_KEXINIT
00205                                         // string    K_S, the host key
00206                                         // uint32    min, minimal size in bits of an acceptable group
00207                                         // uint32   n, preferred size in bits of the group the server should send
00208                                         // uint32    max, maximal size in bits of an acceptable group
00209                                         // mpint     p, safe prime
00210                                         // mpint     g, generator for subgroup
00211                                         // mpint     e, exchange value sent by the client
00212                                         // mpint     f, exchange value sent by the server
00213                                         // mpint     K, the shared secret
00214                                         // This value is called the exchange hash, and it is used to authenti-
00215                                         // cate the key exchange.
00216 
00217                                         buf.reset();
00218                                         buf.putString(V_C); buf.putString(V_S);
00219                                         buf.putString(I_C); buf.putString(I_S);
00220                                         buf.putString(K_S);
00221                                         buf.putInt(min); buf.putInt(preferred); buf.putInt(max);
00222                                         buf.putMPInt(p); buf.putMPInt(g); buf.putMPInt(e); buf.putMPInt(f);
00223                                         buf.putMPInt(K);
00224 
00225                                         byte[] foo=new byte[buf.getLength()];
00226                                         buf.getByte(foo);
00227                                         sha.update(foo, 0, foo.Length);
00228 
00229                                         H=sha.digest();
00230 
00231                                         // System.out.print("H -> "); dump(H, 0, H.length);
00232 
00233                                         i=0;
00234                                         j=0;
00235                                         j=(int)((K_S[i++]<<24)&0xff000000)|((K_S[i++]<<16)&0x00ff0000)|
00236                                                 ((K_S[i++]<<8)&0x0000ff00)|((K_S[i++])&0x000000ff);
00237                                         String alg=Util.getString(K_S, i, j);
00238                                         i+=j;
00239 
00240                                         
00241                                         if(alg.Equals("ssh-rsa"))
00242                                         {
00243                                                 byte[] tmp;
00244                                                 byte[] ee;
00245                                                 byte[] n;
00246         
00247                                                 type=RSA;
00248 
00249                                                 j=(int)((K_S[i++]<<24)&0xff000000)|((K_S[i++]<<16)&0x00ff0000)|
00250                                                         ((K_S[i++]<<8)&0x0000ff00)|((K_S[i++])&0x000000ff);
00251                                                 tmp=new byte[j]; Array.Copy(K_S, i, tmp, 0, j); i+=j;
00252                                                 ee=tmp;
00253                                                 j=(int)((K_S[i++]<<24)&0xff000000)|((K_S[i++]<<16)&0x00ff0000)|
00254                                                         ((K_S[i++]<<8)&0x0000ff00)|((K_S[i++])&0x000000ff);
00255                                                 tmp=new byte[j]; Array.Copy(K_S, i, tmp, 0, j); i+=j;
00256                                                 n=tmp;
00257 
00258                                                 //      SignatureRSA sig=new SignatureRSA();
00259                                                 //      sig.init();
00260 
00261                                                 SignatureRSA sig=null;
00262                                                 try
00263                                                 {
00264                                                         Type t=Type.GetType(session.getConfig("signature.rsa"));
00265                                                         sig=(SignatureRSA)(Activator.CreateInstance(t));
00266                                                         sig.init();
00267                                                 }
00268                                                 catch(Exception eee)
00269                                                 {
00270                                                         Console.WriteLine(eee);
00271                                                 }
00272 
00273                                                 sig.setPubKey(ee, n);   
00274                                                 sig.update(H);
00275                                                 result=sig.verify(sig_of_H);
00276                                         }
00277                                         else if(alg.Equals("ssh-dss"))
00278                                         {
00279                                                 byte[] q=null;
00280                                                 byte[] tmp;
00281 
00282                                                 type=DSS;
00283 
00284                                                 j=(int)((K_S[i++]<<24)&0xff000000)|((K_S[i++]<<16)&0x00ff0000)|
00285                                                         ((K_S[i++]<<8)&0x0000ff00)|((K_S[i++])&0x000000ff);
00286                                                 tmp=new byte[j]; Array.Copy(K_S, i, tmp, 0, j); i+=j;
00287                                                 p=tmp;
00288                                                 j=(int)((K_S[i++]<<24)&0xff000000)|((K_S[i++]<<16)&0x00ff0000)|
00289                                                         ((K_S[i++]<<8)&0x0000ff00)|((K_S[i++])&0x000000ff);
00290                                                 tmp=new byte[j]; Array.Copy(K_S, i, tmp, 0, j); i+=j;
00291                                                 q=tmp;
00292                                                 j=(int)((K_S[i++]<<24)&0xff000000)|((K_S[i++]<<16)&0x00ff0000)|
00293                                                         ((K_S[i++]<<8)&0x0000ff00)|((K_S[i++])&0x000000ff);
00294                                                 tmp=new byte[j]; Array.Copy(K_S, i, tmp, 0, j); i+=j;
00295                                                 g=tmp;
00296                                                 j=(int)((K_S[i++]<<24)&0xff000000)|((K_S[i++]<<16)&0x00ff0000)|
00297                                                         ((K_S[i++]<<8)&0x0000ff00)|((K_S[i++])&0x000000ff);
00298                                                 tmp=new byte[j]; Array.Copy(K_S, i, tmp, 0, j); i+=j;
00299                                                 f=tmp;
00300         
00301                                                 //      SignatureDSA sig=new SignatureDSA();
00302                                                 //      sig.init();
00303 
00304                                                 SignatureDSA sig=null;
00305                                                 try
00306                                                 {
00307                                                         Type t=Type.GetType(session.getConfig("signature.dss"));
00308                                                         sig=(SignatureDSA)(Activator.CreateInstance(t));
00309                                                         sig.init();
00310                                                 }
00311                                                 catch(Exception ee)
00312                                                 {
00313                                                         Console.WriteLine(ee);
00314                                                 }
00315 
00316                                                 sig.setPubKey(f, p, q, g);   
00317                                                 sig.update(H);
00318                                                 result=sig.verify(sig_of_H);
00319                                         }
00320                                         else
00321                                         {
00322                                                 Console.WriteLine("unknow alg");
00323                                         }           
00324                                         state=STATE_END;
00325                                         break;
00326                         }
00327                         return result;
00328                 }
00329 
00330                 public override String getKeyType()
00331                 {
00332                         if(type==DSS) return "DSA";
00333                         return "RSA";
00334                 }
00335 
00336                 public override int getState(){return state; }
00337         }
00338 
00339 }
00340