001: package ch.ethz.ssh2.crypto.dh;
002:
003: import java.math.BigInteger;
004: import java.security.SecureRandom;
005:
006: import ch.ethz.ssh2.crypto.digest.HashForSSH2Types;
007: import ch.ethz.ssh2.log.Logger;
008:
009: /**
010: * DhExchange.
011: *
012: * @author Christian Plattner, plattner@inf.ethz.ch
013: * @version $Id: DhExchange.java,v 1.5 2006/02/14 19:43:15 cplattne Exp $
014: */
015: public class DhExchange {
016: private static final Logger log = Logger
017: .getLogger(DhExchange.class);
018:
019: /* Given by the standard */
020:
021: static final BigInteger p1, p14;
022: static final BigInteger g;
023:
024: BigInteger p;
025:
026: /* Client public and private */
027:
028: BigInteger e;
029: BigInteger x;
030:
031: /* Server public */
032:
033: BigInteger f;
034:
035: /* Shared secret */
036:
037: BigInteger k;
038:
039: static {
040: final String p1_string = "17976931348623159077083915679378745319786029604875"
041: + "60117064444236841971802161585193689478337958649255415021805654859805036464"
042: + "40548199239100050792877003355816639229553136239076508735759914822574862575"
043: + "00742530207744771258955095793777842444242661733472762929938766870920560605"
044: + "0270810842907692932019128194467627007";
045:
046: final String p14_string = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129"
047: + "024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0"
048: + "A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB"
049: + "6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A"
050: + "163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208"
051: + "552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36C"
052: + "E3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF69558171"
053: + "83995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF";
054:
055: p1 = new BigInteger(p1_string);
056: p14 = new BigInteger(p14_string, 16);
057: g = new BigInteger("2");
058: }
059:
060: public DhExchange() {
061: }
062:
063: public void init(int group, SecureRandom rnd) {
064: k = null;
065:
066: if (group == 1)
067: p = p1;
068: else if (group == 14)
069: p = p14;
070: else
071: throw new IllegalArgumentException("Unknown DH group "
072: + group);
073:
074: x = new BigInteger(p.bitLength() - 1, rnd);
075:
076: e = g.modPow(x, p);
077: }
078:
079: /**
080: * @return Returns the e.
081: * @throws IllegalStateException
082: */
083: public BigInteger getE() {
084: if (e == null)
085: throw new IllegalStateException(
086: "DhDsaExchange not initialized!");
087:
088: return e;
089: }
090:
091: /**
092: * @return Returns the shared secret k.
093: * @throws IllegalStateException
094: */
095: public BigInteger getK() {
096: if (k == null)
097: throw new IllegalStateException(
098: "Shared secret not yet known, need f first!");
099:
100: return k;
101: }
102:
103: /**
104: * @param f
105: */
106: public void setF(BigInteger f) {
107: if (e == null)
108: throw new IllegalStateException(
109: "DhDsaExchange not initialized!");
110:
111: BigInteger zero = BigInteger.valueOf(0);
112:
113: if (zero.compareTo(f) >= 0 || p.compareTo(f) <= 0)
114: throw new IllegalArgumentException("Invalid f specified!");
115:
116: this .f = f;
117: this .k = f.modPow(x, p);
118: }
119:
120: public byte[] calculateH(byte[] clientversion,
121: byte[] serverversion, byte[] clientKexPayload,
122: byte[] serverKexPayload, byte[] hostKey) {
123: HashForSSH2Types hash = new HashForSSH2Types("SHA1");
124:
125: if (log.isEnabled()) {
126: log.log(90, "Client: '" + new String(clientversion) + "'");
127: log.log(90, "Server: '" + new String(serverversion) + "'");
128: }
129:
130: hash.updateByteString(clientversion);
131: hash.updateByteString(serverversion);
132: hash.updateByteString(clientKexPayload);
133: hash.updateByteString(serverKexPayload);
134: hash.updateByteString(hostKey);
135: hash.updateBigInt(e);
136: hash.updateBigInt(f);
137: hash.updateBigInt(k);
138:
139: return hash.getDigest();
140: }
141: }
|