From abd16a0d0b44884f1ccb266155d6b4149179ca14 Mon Sep 17 00:00:00 2001 From: Kenny Root Date: Sun, 3 Feb 2013 19:00:31 -0800 Subject: Remove J2ME compatibility layer for keys Use JCE instead of the DIY crypto library that is in Trilead. This was apparently for J2ME devices. Well, I'm sorry, J2ME devices, you're dead to me. --- src/com/trilead/ssh2/crypto/digest/MAC.java | 78 ++++++++++++++++++++--------- 1 file changed, 54 insertions(+), 24 deletions(-) (limited to 'src/com/trilead/ssh2/crypto/digest/MAC.java') diff --git a/src/com/trilead/ssh2/crypto/digest/MAC.java b/src/com/trilead/ssh2/crypto/digest/MAC.java index 0433b63..8138e63 100644 --- a/src/com/trilead/ssh2/crypto/digest/MAC.java +++ b/src/com/trilead/ssh2/crypto/digest/MAC.java @@ -1,6 +1,13 @@ package com.trilead.ssh2.crypto.digest; +import java.security.InvalidKeyException; +import java.security.NoSuchAlgorithmException; + +import javax.crypto.Mac; +import javax.crypto.ShortBufferException; +import javax.crypto.spec.SecretKeySpec; + /** * MAC. * @@ -9,14 +16,19 @@ package com.trilead.ssh2.crypto.digest; */ public final class MAC { - Digest mac; - int size; + Mac mac; + int outSize; + int macSize; + byte[] buffer; + + /* Higher Priority First */ + private static final String[] MAC_LIST = { + "hmac-sha1-96", "hmac-sha1", "hmac-md5-96", "hmac-md5" + }; public final static String[] getMacList() { - /* Higher Priority First */ - - return new String[] { "hmac-sha1-96", "hmac-sha1", "hmac-md5-96", "hmac-md5" }; + return MAC_LIST; } public final static void checkMacList(String[] macs) @@ -40,26 +52,35 @@ public final class MAC public MAC(String type, byte[] key) { - if (type.equals("hmac-sha1")) - { - mac = new HMAC(new SHA1(), key, 20); + try { + if ("hmac-sha1".equals(type) || "hmac-sha1-96".equals(type)) + { + mac = Mac.getInstance("HmacSHA1"); + } + else if ("hmac-md5".equals(type) || "hmac-md5-96".equals(type)) + { + mac = Mac.getInstance("HmacMD5"); + } + else + throw new IllegalArgumentException("Unkown algorithm " + type); + } catch (NoSuchAlgorithmException e) { + throw new IllegalArgumentException("Unknown algorithm " + type, e); } - else if (type.equals("hmac-sha1-96")) - { - mac = new HMAC(new SHA1(), key, 12); - } - else if (type.equals("hmac-md5")) - { - mac = new HMAC(new MD5(), key, 16); - } - else if (type.equals("hmac-md5-96")) - { - mac = new HMAC(new MD5(), key, 12); + + macSize = mac.getMacLength(); + if (type.endsWith("-96")) { + outSize = 12; + buffer = new byte[macSize]; + } else { + outSize = macSize; + buffer = null; } - else - throw new IllegalArgumentException("Unkown algorithm " + type); - size = mac.getDigestLength(); + try { + mac.init(new SecretKeySpec(key, type)); + } catch (InvalidKeyException e) { + throw new IllegalArgumentException(e); + } } public final void initMac(int seq) @@ -78,11 +99,20 @@ public final class MAC public final void getMac(byte[] out, int off) { - mac.digest(out, off); + try { + if (buffer != null) { + mac.doFinal(buffer, 0); + System.arraycopy(buffer, 0, out, off, out.length - off); + } else { + mac.doFinal(out, off); + } + } catch (ShortBufferException e) { + throw new IllegalStateException(e); + } } public final int size() { - return size; + return outSize; } } -- cgit v1.2.3