1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
|
/*
* This file is part of "JTA - Telnet/SSH for the JAVA(tm) platform".
*
* (c) Matthias L. Jugel, Marcus Meißner 1996-2005. All Rights Reserved.
*
* Please visit http://javatelnet.org/ for updates and contact.
*
* --LICENSE NOTICE--
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
* --LICENSE NOTICE--
*
*/
package de.mud.ssh;
import java.math.BigInteger;
/**
* @author Marcus Meissner
* @version $Id: SshCrypto.java 499 2005-09-29 08:24:54Z leo $
*/
public class SshCrypto {
private Cipher sndCipher,rcvCipher;
public SshCrypto(String type, final byte[] key) {
sndCipher = Cipher.getInstance(type);
rcvCipher = Cipher.getInstance(type);
// must be async for RC4. But we currently don't.
sndCipher.setKey(key);
rcvCipher.setKey(key);
}
public byte[] encrypt(byte[] block) {
return sndCipher.encrypt(block);
}
public byte[] decrypt(byte[] block) {
return rcvCipher.decrypt(block);
};
//-------------------------------------------------------------------------
static public byte[] encrypteRSAPkcs1Twice(byte[] clearData,
byte[] server_key_public_exponent,
byte[] server_key_public_modulus,
byte[] host_key_public_exponent,
byte[] host_key_public_modulus) {
// At each encryption step, a multiple-precision integer is constructed
//
// the integer is interpreted as a sequence of bytes, msb first;
// the number of bytes is the number of bytes needed to represent the modulus.
//
// cf PKCS #1: RSA Encryption Standard. Available for anonymous ftp at ftp.rsa.com.
// The sequence of byte is as follows:
// The most significant byte is zero.
// The next byte contains the value 2 (stands for public-key encrypted data)
// Then, there are non zero random bytes to fill any unused space
// a zero byte,
// and the data to be encrypted
byte[] key1exp, key1mod, key2exp, key2mod;
if (server_key_public_modulus.length < host_key_public_modulus.length) {
key1exp = server_key_public_exponent;
key1mod = server_key_public_modulus;
key2exp = host_key_public_exponent;
key2mod = host_key_public_modulus;
} else {
key1exp = host_key_public_exponent;
key1mod = host_key_public_modulus;
key2exp = server_key_public_exponent;
key2mod = server_key_public_modulus;
}
byte[] EncryptionBlock; //what will be encrypted
int offset = 0;
EncryptionBlock = new byte[key1mod.length];
EncryptionBlock[0] = 0;
EncryptionBlock[1] = 2;
offset = 2;
for (int i = 2; i < (EncryptionBlock.length - clearData.length - 1); i++)
EncryptionBlock[offset++] = SshMisc.getNotZeroRandomByte();
EncryptionBlock[offset++] = 0;
for (int i = 0; i < clearData.length; i++)
EncryptionBlock[offset++] = clearData[i];
//EncryptionBlock can be encrypted now !
BigInteger m, e, message;
byte[] messageByte;
m = new BigInteger(1, key1mod);
e = new BigInteger(1, key1exp);
message = new BigInteger(1, EncryptionBlock);
message = message.modPow(e, m); //RSA Encryption !!
byte[] messageByteTemp = message.toByteArray();
//there should be no zeroes a the begining but we have to fix it (JDK bug !!)
messageByte = new byte[key1mod.length];
int tempOffset = 0;
while (messageByteTemp[tempOffset] == 0)
tempOffset++;
for (int i = messageByte.length - messageByteTemp.length + tempOffset;
i < messageByte.length; i++)
messageByte[i] = messageByteTemp[tempOffset++];
clearData = messageByte;
//SECOND ROUND !!
offset = 0;
EncryptionBlock = new byte[key2mod.length];
EncryptionBlock[0] = 0;
EncryptionBlock[1] = 2;
offset = 2;
for (int i = 2; i < (EncryptionBlock.length - clearData.length - 1); i++)
EncryptionBlock[offset++] = SshMisc.getNotZeroRandomByte(); //random !=0
EncryptionBlock[offset++] = 0;
for (int i = 0; (i < clearData.length ) ; i++)
EncryptionBlock[offset++] = clearData[i];
//EncryptionBlock can be encrypted now !
m = new BigInteger(1, key2mod);
e = new BigInteger(1, key2exp);
message = new BigInteger(1, EncryptionBlock);
message = message.modPow(e, m);
messageByteTemp = message.toByteArray();
//there should be no zeroes a the begining but we have to fix it (JDK bug !!)
messageByte = new byte[key2mod.length];
tempOffset = 0;
while (messageByteTemp[tempOffset] == 0)
tempOffset++;
for (int i = messageByte.length - messageByteTemp.length + tempOffset;
i < messageByte.length; i++)
messageByte[i] = messageByteTemp[tempOffset++];
//Second encrypted key : encrypted_session_key //mp-int
byte[] encrypted_session_key = new byte[key2mod.length + 2];
//the lengh of the mp-int.
encrypted_session_key[1] = (byte) ((8 * key2mod.length) & 0xff);
encrypted_session_key[0] = (byte) (((8 * key2mod.length) >> 8) & 0xff);
//the mp-int
for (int i = 0; i < key2mod.length; i++)
encrypted_session_key[i + 2] = messageByte[i];
return encrypted_session_key;
};
}
|
