diff options
author | Kenny Root <kenny@the-b.org> | 2013-10-05 22:28:37 -0700 |
---|---|---|
committer | Kenny Root <kenny@the-b.org> | 2013-10-06 10:11:56 -0700 |
commit | 2f4da82b29f41a2fbc9669ff4852a8160bb7a6a7 (patch) | |
tree | 33955c291d193398a0920032516b658d72475b2d /src/com/trilead/ssh2/transport | |
parent | b03fe90574ce2e3f24f8376b0af64d32f8c03515 (diff) | |
download | connectbot-2f4da82b29f41a2fbc9669ff4852a8160bb7a6a7.tar.gz connectbot-2f4da82b29f41a2fbc9669ff4852a8160bb7a6a7.tar.bz2 connectbot-2f4da82b29f41a2fbc9669ff4852a8160bb7a6a7.zip |
Add diffie-hellman-group-exchange-sha256 support
Support exchanging groups using SHA-256 as specified in RFC 4419
For more information, see https://tools.ietf.org/html/rfc4419
Change-Id: Iee5d29e7113a05cad4714a61321bf86b016624b8
Diffstat (limited to 'src/com/trilead/ssh2/transport')
-rw-r--r-- | src/com/trilead/ssh2/transport/KexManager.java | 21 |
1 files changed, 14 insertions, 7 deletions
diff --git a/src/com/trilead/ssh2/transport/KexManager.java b/src/com/trilead/ssh2/transport/KexManager.java index 230047e..cd26530 100644 --- a/src/com/trilead/ssh2/transport/KexManager.java +++ b/src/com/trilead/ssh2/transport/KexManager.java @@ -61,6 +61,7 @@ public class KexManager KEX_ALGS.add("ecdh-sha2-nistp256"); KEX_ALGS.add("ecdh-sha2-nistp384"); KEX_ALGS.add("ecdh-sha2-nistp521"); + KEX_ALGS.add("diffie-hellman-group-exchange-sha256"); KEX_ALGS.add("diffie-hellman-group-exchange-sha1"); KEX_ALGS.add("diffie-hellman-group14-sha1"); KEX_ALGS.add("diffie-hellman-group1-sha1"); @@ -449,20 +450,24 @@ public class KexManager ignore_next_kex_packet = true; } - if (kxs.np.kex_algo.equals("diffie-hellman-group-exchange-sha1")) + if (kxs.np.kex_algo.equals("diffie-hellman-group-exchange-sha1") + || kxs.np.kex_algo.equals("diffie-hellman-group-exchange-sha256")) { if (kxs.dhgexParameters.getMin_group_len() == 0 || csh.server_versioncomment.matches("OpenSSH_2\\.([0-4]\\.|5\\.[0-2]).*")) { PacketKexDhGexRequestOld dhgexreq = new PacketKexDhGexRequestOld(kxs.dhgexParameters); tm.sendKexMessage(dhgexreq.getPayload()); - } else { PacketKexDhGexRequest dhgexreq = new PacketKexDhGexRequest(kxs.dhgexParameters); tm.sendKexMessage(dhgexreq.getPayload()); } - kxs.hashAlgo = "SHA1"; + if (kxs.np.kex_algo.endsWith("sha1")) { + kxs.hashAlgo = "SHA1"; + } else { + kxs.hashAlgo = "SHA-256"; + } kxs.state = 1; return; } @@ -538,7 +543,8 @@ public class KexManager if ((kxs == null) || (kxs.state == 0)) throw new IOException("Unexpected Kex submessage!"); - if (kxs.np.kex_algo.equals("diffie-hellman-group-exchange-sha1")) + if (kxs.np.kex_algo.equals("diffie-hellman-group-exchange-sha1") + || kxs.np.kex_algo.equals("diffie-hellman-group-exchange-sha256")) { if (kxs.state == 1) { @@ -579,9 +585,10 @@ public class KexManager try { - kxs.H = kxs.dhgx.calculateH(csh.getClientString(), csh.getServerString(), - kxs.localKEX.getPayload(), kxs.remoteKEX.getPayload(), dhgexrpl.getHostKey(), - kxs.dhgexParameters); + kxs.H = kxs.dhgx.calculateH(kxs.hashAlgo, + csh.getClientString(), csh.getServerString(), + kxs.localKEX.getPayload(), kxs.remoteKEX.getPayload(), + dhgexrpl.getHostKey(), kxs.dhgexParameters); } catch (IllegalArgumentException e) { |