Mirrors/sshj
1
0
Fork 0
mirror of https://github.com/hierynomus/sshj.git synced 2025-12-06 07:10:53 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity

Use the configured Random factory in DH KEX (Fixes #292)

Browse Source
This commit is contained in:
Jeroen van Erp
2016-12-28 10:00:24 +01:00
parent c9c68f019e
commit 0ad51709c2
13 changed files with 43 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/java/net/schmizz/sshj/transport/kex/AbstractDHGex.java
View File

@@ -103,7 +103,7 @@ public abstract class AbstractDHGex extends AbstractDH {
throw new GeneralSecurityException("Server generated gex p is out of range (" + bitLength + " bits)");
}
log.debug("Received server p bitlength {}", bitLength);
dh.init(new DHParameterSpec(p, g));
dh.init(new DHParameterSpec(p, g), trans.getConfig().getRandomFactory());
log.debug("Sending {}", Message.KEX_DH_GEX_INIT);
trans.write(new SSHPacket(Message.KEX_DH_GEX_INIT).putBytes(dh.getE()));
return false;

18
src/main/java/net/schmizz/sshj/transport/kex/Curve25519DH.java
View File

@@ -15,19 +15,19 @@
*/
package net.schmizz.sshj.transport.kex;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Arrays;
import org.bouncycastle.asn1.x9.X9ECParameters;
import org.bouncycastle.crypto.ec.CustomNamedCurves;
import org.bouncycastle.jce.spec.ECParameterSpec;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Arrays;
import net.schmizz.sshj.common.Factory;
import net.schmizz.sshj.transport.random.Random;
public class Curve25519DH extends DHBase {
private byte[] secretKey;
public Curve25519DH() {
@@ -42,10 +42,10 @@ public class Curve25519DH extends DHBase {
}
@Override
public void init(AlgorithmParameterSpec params) throws GeneralSecurityException {
SecureRandom secureRandom = new SecureRandom();
public void init(AlgorithmParameterSpec params, Factory<Random> randomFactory) throws GeneralSecurityException {
Random random = randomFactory.create();
byte[] secretBytes = new byte[32];
secureRandom.nextBytes(secretBytes);
random.fill(secretBytes);
byte[] publicBytes = new byte[32];
djb.Curve25519.keygen(publicBytes, null, secretBytes);
this.secretKey = Arrays.copyOf(secretBytes, secretBytes.length);

2
src/main/java/net/schmizz/sshj/transport/kex/Curve25519SHA256.java
View File

@@ -45,6 +45,6 @@ public class Curve25519SHA256 extends AbstractDHG {
@Override
protected void initDH(DHBase dh) throws GeneralSecurityException {
dh.init(Curve25519DH.getCurve25519Params());
dh.init(Curve25519DH.getCurve25519Params(), trans.getConfig().getRandomFactory());
}
}

4
src/main/java/net/schmizz/sshj/transport/kex/DH.java
View File

@@ -15,8 +15,10 @@
*/
package net.schmizz.sshj.transport.kex;
import net.schmizz.sshj.common.Factory;
import net.schmizz.sshj.common.SSHRuntimeException;
import net.schmizz.sshj.common.SecurityUtils;
import net.schmizz.sshj.transport.random.Random;
import javax.crypto.spec.DHParameterSpec;
import javax.crypto.spec.DHPublicKeySpec;
@@ -38,7 +40,7 @@ public class DH extends DHBase {
}
@Override
protected void init(AlgorithmParameterSpec params) throws GeneralSecurityException {
protected void init(AlgorithmParameterSpec params, Factory<Random> randomFactory) throws GeneralSecurityException {
if (!(params instanceof DHParameterSpec)) {
throw new SSHRuntimeException("Wrong algorithm parameters for Diffie Hellman");
}

4
src/main/java/net/schmizz/sshj/transport/kex/DHBase.java
View File

@@ -15,8 +15,10 @@
*/
package net.schmizz.sshj.transport.kex;
import net.schmizz.sshj.common.Factory;
import net.schmizz.sshj.common.SSHRuntimeException;
import net.schmizz.sshj.common.SecurityUtils;
import net.schmizz.sshj.transport.random.Random;
import javax.crypto.KeyAgreement;
import java.math.BigInteger;
@@ -42,7 +44,7 @@ abstract class DHBase {
abstract void computeK(byte[] f) throws GeneralSecurityException;
protected abstract void init(AlgorithmParameterSpec params) throws GeneralSecurityException;
protected abstract void init(AlgorithmParameterSpec params, Factory<Random> randomFactory) throws GeneralSecurityException;
void setE(byte[] e) {
this.e = e;

2
src/main/java/net/schmizz/sshj/transport/kex/DHG1.java
View File

@@ -51,6 +51,6 @@ public class DHG1
@Override
protected void initDH(DHBase dh) throws GeneralSecurityException {
dh.init(new DHParameterSpec(DHGroupData.P1, DHGroupData.G));
dh.init(new DHParameterSpec(DHGroupData.P1, DHGroupData.G), trans.getConfig().getRandomFactory());
}
}

2
src/main/java/net/schmizz/sshj/transport/kex/DHG14.java
View File

@@ -51,6 +51,6 @@ public class DHG14
@Override
protected void initDH(DHBase dh) throws GeneralSecurityException {
dh.init(new DHParameterSpec(DHGroupData.P14, DHGroupData.G));
dh.init(new DHParameterSpec(DHGroupData.P14, DHGroupData.G), trans.getConfig().getRandomFactory());
}
}

4
src/main/java/net/schmizz/sshj/transport/kex/ECDH.java
View File

@@ -15,7 +15,9 @@
*/
package net.schmizz.sshj.transport.kex;
import net.schmizz.sshj.common.Factory;
import net.schmizz.sshj.common.SecurityUtils;
import net.schmizz.sshj.transport.random.Random;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
@@ -39,7 +41,7 @@ public class ECDH extends DHBase {
super("EC", "ECDH");
}
protected void init(AlgorithmParameterSpec params) throws GeneralSecurityException {
protected void init(AlgorithmParameterSpec params, Factory<Random> randomFactory) throws GeneralSecurityException {
generator.initialize(params);
KeyPair keyPair = generator.generateKeyPair();
agreement.init(keyPair.getPrivate());

2
src/main/java/net/schmizz/sshj/transport/kex/ECDHNistP.java
View File

@@ -79,7 +79,7 @@ public class ECDHNistP extends AbstractDHG {
@Override
protected void initDH(DHBase dh) throws GeneralSecurityException {
dh.init(new ECNamedCurveGenParameterSpec(curve));
dh.init(new ECNamedCurveGenParameterSpec(curve), trans.getConfig().getRandomFactory());
}
}

5
src/main/java/net/schmizz/sshj/transport/random/BouncyCastleRandom.java
View File

@@ -57,4 +57,9 @@ public class BouncyCastleRandom
random.nextBytes(bytes, start, len);
}
@Override
public void fill(byte[] bytes) {
random.nextBytes(bytes);
}
}

4
src/main/java/net/schmizz/sshj/transport/random/JCERandom.java
View File

@@ -71,4 +71,8 @@ public class JCERandom
}
}
@Override
public void fill(final byte[] bytes) {
random.nextBytes(bytes);
}
}

7
src/main/java/net/schmizz/sshj/transport/random/Random.java
View File

@@ -18,6 +18,13 @@ package net.schmizz.sshj.transport.random;
/** A pseudo random number generator. */
public interface Random {
/**
* Fill the array of bytes with random values.
*
* @param bytes byte array to be filled.
*/
void fill(byte[] bytes);
/**
* Fill part of bytes with random values.
*

4
src/main/java/net/schmizz/sshj/transport/random/SingletonRandomFactory.java
View File

@@ -37,4 +37,8 @@ public class SingletonRandomFactory
random.fill(bytes, start, len);
}
@Override
public void fill(final byte[] bytes) {
random.fill(bytes);
}
}