DiffieHellmanGroupExchangeSha1 (J2SSH Maverick Javadocs)

Overview

Package

Class

Use

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.maverick.ssh.components.jce
Class DiffieHellmanGroupExchangeSha1

java.lang.Object
  com.maverick.ssh.components.SshKeyExchangeClient
      com.maverick.ssh.components.jce.DiffieHellmanGroupExchangeSha1

All Implemented Interfaces:: AbstractKeyExchange, SshKeyExchange

public class DiffieHellmanGroupExchangeSha1
extends SshKeyExchangeClient
implements AbstractKeyExchange

An implementation of the diffie-hellman-group-exchange key exchange mechanism that uses JCE provider for DH agreement and Digest.

Author:: Lee David Painter

Field Summary
`static java.lang.String`	`DIFFIE_HELLMAN_GROUP_EXCHANGE_SHA1` Constant for the algorithm name "diffie-hellman-group1-sha1".

Fields inherited from class com.maverick.ssh.components.SshKeyExchangeClient

exchangeHash, hostKey, secret, signature, transport

Constructor Summary
`DiffieHellmanGroupExchangeSha1()` Construct an uninitialized instance.

Method Summary
`protected void`	`calculateExchangeHash()` Calculates the exchange hash as an SHA1 hash of the following data.
`java.lang.String`	`getAlgorithm()` Get the algorithm name for this key exchange
`java.lang.String`	`getProvider()`
`boolean`	`isKeyExchangeMessage(int messageid)`
`void`	`performClientExchange(java.lang.String clientIdentification, java.lang.String serverIdentification, byte[] clientKexInit, byte[] serverKexInit)` The client requests a modulus from the server indicating the pre- ferred size.

Methods inherited from class com.maverick.ssh.components.SshKeyExchangeClient

getExchangeHash, getHostKey, getSecret, getSignature, init, reset

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

DIFFIE_HELLMAN_GROUP_EXCHANGE_SHA1

public static final java.lang.String DIFFIE_HELLMAN_GROUP_EXCHANGE_SHA1

Constant for the algorithm name "diffie-hellman-group1-sha1".

See Also:: Constant Field Values

Constructor Detail

DiffieHellmanGroupExchangeSha1

public DiffieHellmanGroupExchangeSha1()

Construct an uninitialized instance.

Method Detail

isKeyExchangeMessage

public boolean isKeyExchangeMessage(int messageid)

Specified by:: isKeyExchangeMessage in class SshKeyExchangeClient

getAlgorithm

public java.lang.String getAlgorithm()

Get the algorithm name for this key exchange

Specified by:: getAlgorithm in class SshKeyExchangeClient

Returns:: "diffie-hellman-group1-sha1"

performClientExchange

public void performClientExchange(java.lang.String clientIdentification,
                                  java.lang.String serverIdentification,
                                  byte[] clientKexInit,
                                  byte[] serverKexInit)
                           throws SshException

The client requests a modulus from the server indicating the pre- ferred size. In the following description (C is the client, S is the server; the modulus p is a large safe prime and g is a genera- tor for a subgroup of GF(p); min is the minimal size of p in bits that is acceptable to the client; n is the size of the modulus p in bits that the client would like to receive from the server; max is the maximal size of p in bits that the client can accept; V_S is S's version string; V_C is C's version string; K_S is S's public host key; I_C is C's KEXINIT message and I_S S's KEXINIT message which have been exchanged before this part begins):

  1.   C sends "min || n || max" to S, indicating the minimal accept-
       able group size, the preferred size of the group and the maxi-
       mal group size in bits the client will accept.

  2.   S finds a group that best matches the client's request, and
       sends "p || g" to C.

  3.   C generates a random number x (1 < x < (p-1)/2). It computes e
       = g^x mod p, and sends "e" to S.

  4.   S generates a random number y (0 < y < (p-1)/2) and computes f
       = g^y mod p. S receives "e".  It computes K = e^y mod p, H =
       hash(V_C || V_S || I_C || I_S || K_S || min || n || max || p
       || g || e || f || K) (these elements are encoded according to
       their types; see below), and signature s on H with its private
       host key.  S sends "K_S || f || s" to C.  The signing opera-
       tion may involve a second hashing operation.

       Implementation Notes:

            To increase the speed of the key exchange, both client
            and server may reduce the size of their private expo-
            nents. It should be at least twice as long as the key
            material that is generated from the shared secret.  For
            more details see the paper by van Oorschot and Wiener
            [1].

  5.   C verifies that K_S really is the host key for S (e.g. using
       certificates or a local database).  C is also allowed to
       accept the key without verification; however, doing so will
       render the protocol insecure against active attacks (but may
       be desirable for practical reasons in the short term in many
       environments).  C then computes K = f^x mod p, H = hash(V_C ||
       V_S || I_C || I_S || K_S || min || n || max || p || g || e ||
       f || K), and verifies the signature s on H.

Specified by:: performClientExchange in class SshKeyExchangeClient

Parameters:: clientIdentification -; serverIdentification -; clientKexInit -; serverKexInit -
Throws:: java.io.IOException; SshException

getProvider

public java.lang.String getProvider()

Specified by:: getProvider in interface AbstractKeyExchange

calculateExchangeHash

protected void calculateExchangeHash()
                              throws SshException

Calculates the exchange hash as an SHA1 hash of the following data.

  String         the client's version string (CR and NL excluded)
  String         the server's version string (CR and NL excluded)
  String         the payload of the client's SSH_MSG_KEXINIT
  String         the payload of the server's SSH_MSG_KEXINIT
  String         the host key
  UINT32         minimum size in bits of the acceptable group
  UINT32         preferred size in bits of the acceptable group
  UNIT32         maximum size in bits of the acceptable group
  BigInteger     p, safe prime
  BigInteger     g, generator for subgroup
  BigInteger     e, exchange value sent by the client
  BigInteger     f, exchange value sent by the server
  BigInteger     K, the shared secret

Throws:: java.io.IOException; SshException