Migrate remaining block ciphers

2025-12-06 23:30:55 +03:00 · 2017-10-09 20:55:12 -04:00
parent 823f1e5759
commit c67ae242f2
11 changed files with 151 additions and 31 deletions
--- a/src/main/java/com/hierynomus/sshj/transport/cipher/BlockCiphers.java
+++ b/src/main/java/com/hierynomus/sshj/transport/cipher/BlockCiphers.java
@@ -19,14 +19,15 @@ import net.schmizz.sshj.transport.cipher.BlockCipher;
 import net.schmizz.sshj.transport.cipher.Cipher;
 /**
- * All BlockCiphers supported by SSH according to the following RFCs
+ * All BlockCiphers supported by SSH according to the following RFCs:
 *
- * - https://tools.ietf.org/html/rfc4344#section-3.1
+ * <ul>
- * - https://tools.ietf.org/html/rfc4253#section-6.3
+ *   <li>https://tools.ietf.org/html/rfc4344#section-3.1</li>
 *   <li>https://tools.ietf.org/html/rfc4253#section-6.3</li>
 *   <li>TODO: https://tools.ietf.org/html/rfc5647</li>
 * </ul>
 *
- * TODO: https://tools.ietf.org/html/rfc5647
+ * Some of the Ciphers are still implemented in net.schmizz.sshj.transport.cipher.*. These are deprecated and scheduled to be removed.
 *
 * Some of the Ciphers are still implemented in net.schmizz.sshj.transport.cipher.*. These are scheduled to be migrated to here.
 */
@SuppressWarnings("PMD.MethodNamingConventions")
 public class BlockCiphers {
@@ -34,9 +35,30 @@ public class BlockCiphers {
    public static final String COUNTER_MODE = "CTR";
    public static final String CIPHER_BLOCK_CHAINING_MODE = "CBC";
    public static Factory AES128CTR() {
        return new Factory(16, 128, "aes128-ctr", "AES", COUNTER_MODE);
    }
    public static Factory AES192CTR() {
        return new Factory(16, 192, "aes192-ctr", "AES", COUNTER_MODE);
    }
    public static Factory AES256CTR() {
        return new Factory(16, 256, "aes256-ctr", "AES", COUNTER_MODE);
    }
    public static Factory AES128CBC() {
        return new Factory(16, 128, "aes128-cbc", "AES", CIPHER_BLOCK_CHAINING_MODE);
    }
    public static Factory AES192CBC() {
        return new Factory(16, 192, "aes192-cbc", "AES", CIPHER_BLOCK_CHAINING_MODE);
    }
    public static Factory AES256CBC() {
        return new Factory(16, 256, "aes256-cbc", "AES", CIPHER_BLOCK_CHAINING_MODE);
    }
    public static Factory BlowfishCTR() {
        return new Factory(8, 256, "blowfish-ctr", "Blowfish", COUNTER_MODE);
    }
    public static Factory BlowfishCBC() {
        return new Factory(8, 128, "blowfish-cbc", "Blowfish", CIPHER_BLOCK_CHAINING_MODE);
    }
    public static Factory Twofish128CTR() {
        return new Factory(16, 128, "twofish128-ctr", "Twofish", COUNTER_MODE);
    }
@@ -91,6 +113,9 @@ public class BlockCiphers {
    public static Factory TripleDESCTR() {
        return new Factory(8, 192, "3des-ctr", "DESede", COUNTER_MODE);
    }
    public static Factory TripleDESCBC() {
        return new Factory(8, 192, "3des-cbc", "DESede", CIPHER_BLOCK_CHAINING_MODE);
    }
    /** Named factory for BlockCipher */
    public static class Factory
--- a/src/main/java/net/schmizz/sshj/DefaultConfig.java
+++ b/src/main/java/net/schmizz/sshj/DefaultConfig.java
@@ -53,9 +53,7 @@ import java.util.*;
 * <p/>
 * <ul>
 * <li>{@link net.schmizz.sshj.ConfigImpl#setKeyExchangeFactories Key exchange}: {@link net.schmizz.sshj.transport.kex.DHG14}*, {@link net.schmizz.sshj.transport.kex.DHG1}</li>
- * <li>{@link net.schmizz.sshj.ConfigImpl#setCipherFactories Ciphers} [1]: {@link net.schmizz.sshj.transport.cipher.AES128CTR}, {@link net.schmizz.sshj.transport.cipher.AES192CTR}, {@link net.schmizz.sshj.transport.cipher.AES256CTR},
+ * <li>{@link net.schmizz.sshj.ConfigImpl#setCipherFactories Ciphers}: {@link BlockCiphers}, {@link StreamCiphers} [1]</li>
 * {@link
 * net.schmizz.sshj.transport.cipher.AES128CBC}, {@link net.schmizz.sshj.transport.cipher.AES192CBC}, {@link net.schmizz.sshj.transport.cipher.AES256CBC}, {@link net.schmizz.sshj.transport.cipher.AES192CBC}, {@link net.schmizz.sshj.transport.cipher.TripleDESCBC}, {@link net.schmizz.sshj.transport.cipher.BlowfishCBC}</li>
 * <li>{@link net.schmizz.sshj.ConfigImpl#setMACFactories MAC}: {@link net.schmizz.sshj.transport.mac.HMACSHA1}, {@link net.schmizz.sshj.transport.mac.HMACSHA196}, {@link net.schmizz.sshj.transport.mac.HMACMD5}, {@link
 * net.schmizz.sshj.transport.mac.HMACMD596}</li>
 * <li>{@link net.schmizz.sshj.ConfigImpl#setCompressionFactories Compression}: {@link net.schmizz.sshj.transport.compression.NoneCompression}</li>
@@ -153,14 +151,13 @@ public class DefaultConfig
    protected void initCipherFactories() {
        List<Factory.Named<Cipher>> avail = new LinkedList<Factory.Named<Cipher>>(Arrays.<Factory.Named<Cipher>>asList(
-                new AES128CTR.Factory(),
+                BlockCiphers.AES128CBC(),
-                new AES192CTR.Factory(),
+                BlockCiphers.AES128CTR(),
-                new AES256CTR.Factory(),
+                BlockCiphers.AES192CBC(),
-                new AES128CBC.Factory(),
+                BlockCiphers.AES192CTR(),
-                new AES192CBC.Factory(),
+                BlockCiphers.AES256CBC(),
-                new AES256CBC.Factory(),
+                BlockCiphers.AES256CTR(),
-                new TripleDESCBC.Factory(),
+                BlockCiphers.BlowfishCBC(),
                new BlowfishCBC.Factory(),
                BlockCiphers.BlowfishCTR(),
                BlockCiphers.Cast128CBC(),
                BlockCiphers.Cast128CTR(),
@@ -172,6 +169,7 @@ public class DefaultConfig
                BlockCiphers.Serpent192CTR(),
                BlockCiphers.Serpent256CBC(),
                BlockCiphers.Serpent256CTR(),
                BlockCiphers.TripleDESCBC(),
                BlockCiphers.TripleDESCTR(),
                BlockCiphers.Twofish128CBC(),
                BlockCiphers.Twofish128CTR(),
--- a/src/main/java/net/schmizz/sshj/transport/cipher/AES128CBC.java
+++ b/src/main/java/net/schmizz/sshj/transport/cipher/AES128CBC.java
@@ -15,7 +15,14 @@
 */
 package net.schmizz.sshj.transport.cipher;
-/** {@code aes128-cbc} cipher */
+import com.hierynomus.sshj.transport.cipher.BlockCiphers;
 /**
 * {@code aes128-cbc} cipher
 *
 * @deprecated Use {@link BlockCiphers#AES128CBC()}
 */
@Deprecated
 public class AES128CBC
        extends BlockCipher {
@@ -32,6 +39,11 @@ public class AES128CBC
        public String getName() {
            return "aes128-cbc";
        }
        @Override
        public String toString() {
            return getName();
        }
    }
    public AES128CBC() {
--- a/src/main/java/net/schmizz/sshj/transport/cipher/AES128CTR.java
+++ b/src/main/java/net/schmizz/sshj/transport/cipher/AES128CTR.java
@@ -15,11 +15,18 @@
 */
 package net.schmizz.sshj.transport.cipher;
-/** {@code aes128-ctr} cipher */
+import com.hierynomus.sshj.transport.cipher.BlockCiphers;
 /**
 * {@code aes128-ctr} cipher
 *
 * @deprecated Use {@link BlockCiphers#AES128CTR()}
 */
@Deprecated
 public class AES128CTR
        extends BlockCipher {
-    /** Named factory for AES128CBC Cipher */
+    /** Named factory for AES128CTR Cipher */
    public static class Factory
            implements net.schmizz.sshj.common.Factory.Named<Cipher> {
@@ -32,6 +39,11 @@ public class AES128CTR
        public String getName() {
            return "aes128-ctr";
        }
        @Override
        public String toString() {
            return getName();
        }
    }
    public AES128CTR() {
--- a/src/main/java/net/schmizz/sshj/transport/cipher/AES192CBC.java
+++ b/src/main/java/net/schmizz/sshj/transport/cipher/AES192CBC.java
@@ -15,7 +15,14 @@
 */
 package net.schmizz.sshj.transport.cipher;
-/** {@code aes192-cbc} cipher */
+import com.hierynomus.sshj.transport.cipher.BlockCiphers;
 /**
 * {@code aes192-cbc} cipher
 *
 * @deprecated Use {@link BlockCiphers#AES192CBC()}
 */
@Deprecated
 public class AES192CBC
        extends BlockCipher {
@@ -32,6 +39,11 @@ public class AES192CBC
        public String getName() {
            return "aes192-cbc";
        }
        @Override
        public String toString() {
            return getName();
        }
    }
    public AES192CBC() {
--- a/src/main/java/net/schmizz/sshj/transport/cipher/AES192CTR.java
+++ b/src/main/java/net/schmizz/sshj/transport/cipher/AES192CTR.java
@@ -15,7 +15,14 @@
 */
 package net.schmizz.sshj.transport.cipher;
-/** {@code aes192-ctr} cipher */
+import com.hierynomus.sshj.transport.cipher.BlockCiphers;
 /**
 * {@code aes192-ctr} cipher
 *
 * @deprecated Use {@link BlockCiphers#AES192CTR()}
 */
@Deprecated
 public class AES192CTR
        extends BlockCipher {
@@ -32,6 +39,11 @@ public class AES192CTR
        public String getName() {
            return "aes192-ctr";
        }
        @Override
        public String toString() {
            return getName();
        }
    }
    public AES192CTR() {
--- a/src/main/java/net/schmizz/sshj/transport/cipher/AES256CBC.java
+++ b/src/main/java/net/schmizz/sshj/transport/cipher/AES256CBC.java
@@ -15,7 +15,14 @@
 */
 package net.schmizz.sshj.transport.cipher;
-/** {@code aes256-ctr} cipher */
+import com.hierynomus.sshj.transport.cipher.BlockCiphers;
 /**
 * {@code aes256-cbc} cipher
 *
 * @deprecated Use {@link BlockCiphers#AES256CBC()}
 */
@Deprecated
 public class AES256CBC
        extends BlockCipher {
@@ -32,6 +39,11 @@ public class AES256CBC
        public String getName() {
            return "aes256-cbc";
        }
        @Override
        public String toString() {
            return getName();
        }
    }
    public AES256CBC() {
--- a/src/main/java/net/schmizz/sshj/transport/cipher/AES256CTR.java
+++ b/src/main/java/net/schmizz/sshj/transport/cipher/AES256CTR.java
@@ -15,11 +15,18 @@
 */
 package net.schmizz.sshj.transport.cipher;
-/** {@code aes256-ctr} cipher */
+import com.hierynomus.sshj.transport.cipher.BlockCiphers;
 /**
 * {@code aes256-ctr} cipher
 *
 * @deprecated Use {@link BlockCiphers#AES256CTR()}
 */
@Deprecated
 public class AES256CTR
        extends BlockCipher {
-    /** Named factory for AES256CBC Cipher */
+    /** Named factory for AES256CTR Cipher */
    public static class Factory
            implements net.schmizz.sshj.common.Factory.Named<Cipher> {
@@ -32,6 +39,11 @@ public class AES256CTR
        public String getName() {
            return "aes256-ctr";
        }
        @Override
        public String toString() {
            return getName();
        }
    }
    public AES256CTR() {
--- a/src/main/java/net/schmizz/sshj/transport/cipher/BlowfishCBC.java
+++ b/src/main/java/net/schmizz/sshj/transport/cipher/BlowfishCBC.java
@@ -15,7 +15,14 @@
 */
 package net.schmizz.sshj.transport.cipher;
-/** {@code blowfish-ctr} cipher */
+import com.hierynomus.sshj.transport.cipher.BlockCiphers;
 /**
 * {@code blowfish-bcb} cipher
 *
 * @deprecated Use {@link BlockCiphers#BlowfishCBC()}
 */
@Deprecated
 public class BlowfishCBC
        extends BlockCipher {
@@ -32,6 +39,11 @@ public class BlowfishCBC
        public String getName() {
            return "blowfish-cbc";
        }
        @Override
        public String toString() {
            return getName();
        }
    }
    public BlowfishCBC() {
--- a/src/main/java/net/schmizz/sshj/transport/cipher/TripleDESCBC.java
+++ b/src/main/java/net/schmizz/sshj/transport/cipher/TripleDESCBC.java
@@ -15,7 +15,14 @@
 */
 package net.schmizz.sshj.transport.cipher;
-/** {@code 3des-cbc} cipher */
+import com.hierynomus.sshj.transport.cipher.BlockCiphers;
 /**
 * {@code 3des-cbc} cipher
 *
 * @deprecated Use {@link BlockCiphers#TripleDESCBC()}
 */
@Deprecated
 public class TripleDESCBC
        extends BlockCipher {
@@ -32,6 +39,11 @@ public class TripleDESCBC
        public String getName() {
            return "3des-cbc";
        }
        @Override
        public String toString() {
            return getName();
        }
    }
    public TripleDESCBC() {
--- a/src/main/java/net/schmizz/sshj/userauth/keyprovider/PKCS5KeyFile.java
+++ b/src/main/java/net/schmizz/sshj/userauth/keyprovider/PKCS5KeyFile.java
@@ -15,6 +15,7 @@
 */
 package net.schmizz.sshj.userauth.keyprovider;
 import com.hierynomus.sshj.transport.cipher.BlockCiphers;
 import net.schmizz.sshj.common.Base64;
 import net.schmizz.sshj.common.ByteArrayUtils;
 import net.schmizz.sshj.common.IOUtils;
@@ -116,13 +117,13 @@ public class PKCS5KeyFile extends BaseFileKeyProvider {
                        } else {
                            String algorithm = line.substring(10, ptr);
                            if ("DES-EDE3-CBC".equals(algorithm)) {
-                                cipher = new TripleDESCBC();
+                                cipher = BlockCiphers.TripleDESCBC().create();
                            } else if ("AES-128-CBC".equals(algorithm)) {
-                                cipher = new AES128CBC();
+                                cipher = BlockCiphers.AES128CBC().create();
                            } else if ("AES-192-CBC".equals(algorithm)) {
-                                cipher = new AES192CBC();
+                                cipher = BlockCiphers.AES192CBC().create();
                            } else if ("AES-256-CBC".equals(algorithm)) {
-                                cipher = new AES256CBC();
+                                cipher = BlockCiphers.AES256CBC().create();
                            } else {
                                throw new FormatException("Not a supported algorithm: " + algorithm);
                            }