diff options
| author | Kenny Root <kenny@the-b.org> | 2015-04-03 06:49:08 +0200 |
|---|---|---|
| committer | Kenny Root <kenny@the-b.org> | 2015-04-03 06:50:35 +0200 |
| commit | df68511544c9979b1868bb98ebc004fab885509a (patch) | |
| tree | 034fbe2603a7dd45dec65f34d215a5d9d2b08f6f | |
| parent | c0ef0b33c96b644889cd04dc70080756dbb0122c (diff) | |
| download | sshlib-df68511544c9979b1868bb98ebc004fab885509a.tar.gz sshlib-df68511544c9979b1868bb98ebc004fab885509a.tar.bz2 sshlib-df68511544c9979b1868bb98ebc004fab885509a.zip | |
Check for EC support before enabling it
Fixes #69
| -rw-r--r-- | lib/src/main/java/com/trilead/ssh2/transport/KexManager.java | 30 |
1 files changed, 24 insertions, 6 deletions
diff --git a/lib/src/main/java/com/trilead/ssh2/transport/KexManager.java b/lib/src/main/java/com/trilead/ssh2/transport/KexManager.java index cd26530..2476b76 100644 --- a/lib/src/main/java/com/trilead/ssh2/transport/KexManager.java +++ b/lib/src/main/java/com/trilead/ssh2/transport/KexManager.java @@ -2,6 +2,8 @@ package com.trilead.ssh2.transport; import java.io.IOException; +import java.security.KeyFactory; +import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; import java.security.interfaces.DSAPublicKey; import java.security.interfaces.ECPublicKey; @@ -47,20 +49,36 @@ public class KexManager { private static final Logger log = Logger.getLogger(KexManager.class); + private static final boolean supportsEc; + static { + KeyFactory keyFact; + try { + keyFact = KeyFactory.getInstance("EC"); + } catch (NoSuchAlgorithmException ignored) { + keyFact = null; + log.log(10, "Disabling EC support due to lack of KeyFactory"); + } + supportsEc = keyFact != null; + } + private static final Set<String> HOSTKEY_ALGS = new TreeSet<String>(); static { - HOSTKEY_ALGS.add("ecdsa-sha2-nistp256"); - HOSTKEY_ALGS.add("ecdsa-sha2-nistp384"); - HOSTKEY_ALGS.add("ecdsa-sha2-nistp521"); + if (supportsEc) { + HOSTKEY_ALGS.add("ecdsa-sha2-nistp256"); + HOSTKEY_ALGS.add("ecdsa-sha2-nistp384"); + HOSTKEY_ALGS.add("ecdsa-sha2-nistp521"); + } HOSTKEY_ALGS.add("ssh-rsa"); HOSTKEY_ALGS.add("ssh-dsa"); } private static final Set<String> KEX_ALGS = new TreeSet<String>(); static { - KEX_ALGS.add("ecdh-sha2-nistp256"); - KEX_ALGS.add("ecdh-sha2-nistp384"); - KEX_ALGS.add("ecdh-sha2-nistp521"); + if (supportsEc) { + KEX_ALGS.add("ecdh-sha2-nistp256"); + KEX_ALGS.add("ecdh-sha2-nistp384"); + KEX_ALGS.add("ecdh-sha2-nistp521"); + } KEX_ALGS.add("diffie-hellman-group-exchange-sha256"); KEX_ALGS.add("diffie-hellman-group-exchange-sha1"); KEX_ALGS.add("diffie-hellman-group14-sha1"); |