📄 sshio.java
字号:
* String type (ssh-rsa) * Int32/byte[] signed signature */ int siglen = p.getInt32(); String sigstr = p.getString(); result += "Signature: ktype is " + sigstr + "\r\n"; byte sigdata[] = p.getBytes(p.getInt32()); return result; } default: return "SSH2: handlePacket2 Unknown type " + p.getType(); } return ""; } private String handlePacket1(SshPacket1 p) throws IOException { //the message to handle is data and its length is byte b; // of course, byte is a signed entity (-128 -> 127) //we have to deal with data.... if (debug > 0) System.out.println("1 packet to handle, type " + p.getType()); switch (p.getType()) { case SSH_MSG_IGNORE: return ""; case SSH_MSG_DISCONNECT: String str = p.getString(); disconnect(); return str; case SSH_SMSG_PUBLIC_KEY: byte[] anti_spoofing_cookie; //8 bytes byte[] server_key_bits; //32-bit int byte[] server_key_public_exponent; //mp-int byte[] server_key_public_modulus; //mp-int byte[] host_key_bits; //32-bit int byte[] host_key_public_exponent; //mp-int byte[] host_key_public_modulus; //mp-int byte[] protocol_flags; //32-bit int byte[] supported_ciphers_mask; //32-bit int byte[] supported_authentications_mask; //32-bit int anti_spoofing_cookie = p.getBytes(8); server_key_bits = p.getBytes(4); server_key_public_exponent = p.getMpInt(); server_key_public_modulus = p.getMpInt(); host_key_bits = p.getBytes(4); host_key_public_exponent = p.getMpInt(); host_key_public_modulus = p.getMpInt(); protocol_flags = p.getBytes(4); supported_ciphers_mask = p.getBytes(4); supported_authentications_mask = p.getBytes(4); // We have completely received the PUBLIC_KEY // We prepare the answer ... String ret = Send_SSH_CMSG_SESSION_KEY( anti_spoofing_cookie, server_key_public_modulus, host_key_public_modulus, supported_ciphers_mask, server_key_public_exponent, host_key_public_exponent ); if (ret != null) return ret; // we check if MD5(server_key_public_exponent) is equals to the // applet parameter if any . if (hashHostKey != null && hashHostKey.compareTo("") != 0) { // we compute hashHostKeyBis the hash value in hexa of // host_key_public_modulus byte[] Md5_hostKey = md5.digest(host_key_public_modulus); String hashHostKeyBis = ""; for (int i = 0; i < Md5_hostKey.length; i++) { String hex = ""; int[] v = new int[2]; v[0] = (Md5_hostKey[i] & 240) >> 4; v[1] = (Md5_hostKey[i] & 15); for (int j = 0; j < 1; j++) switch (v[j]) { case 10: hex += "a"; break; case 11: hex += "b"; break; case 12: hex += "c"; break; case 13: hex += "d"; break; case 14: hex += "e"; break; case 15: hex += "f"; break; default : hex += String.valueOf(v[j]); break; } hashHostKeyBis = hashHostKeyBis + hex; } //we compare the 2 values if (hashHostKeyBis.compareTo(hashHostKey) != 0) { login = password = ""; return "\nHash value of the host key not correct \r\n" + "login & password have been reset \r\n" + "- erase the 'hashHostKey' parameter in the Html\r\n" + "(it is used for auhentificating the server and " + "prevent you from connecting \r\n" + "to any other)\r\n"; } } break; case SSH_SMSG_SUCCESS: if (debug > 0) System.out.println("SSH_SMSG_SUCCESS (last packet was " + lastPacketSentType + ")"); if (lastPacketSentType == SSH_CMSG_SESSION_KEY) { //we have succefully sent the session key !! (at last :-) ) Send_SSH_CMSG_USER(); break; } if (lastPacketSentType == SSH_CMSG_USER) { // authentication is NOT needed for this user Send_SSH_CMSG_REQUEST_PTY(); //request a pseudo-terminal return "\nEmpty password login.\r\n"; } if (lastPacketSentType == SSH_CMSG_AUTH_PASSWORD) {// password correct !!! //yahoo if (debug > 0) System.out.println("login succesful"); //now we have to start the interactive session ... Send_SSH_CMSG_REQUEST_PTY(); //request a pseudo-terminal return "\nLogin & password accepted\r\n"; } if (lastPacketSentType == SSH_CMSG_REQUEST_PTY) {// pty accepted !! /* we can send data with a pty accepted ... no need for a shell. */ cansenddata = true; if (dataToSend != null) { Send_SSH_CMSG_STDIN_DATA(dataToSend); dataToSend = null; } Send_SSH_CMSG_EXEC_SHELL(); //we start a shell break; } if (lastPacketSentType == SSH_CMSG_EXEC_SHELL) {// shell is running ... /* empty */ } break; case SSH_SMSG_FAILURE: if (lastPacketSentType == SSH_CMSG_AUTH_PASSWORD) {// password incorrect ??? System.out.println("failed to log in"); disconnect(); return "\nLogin & password not accepted\r\n"; } if (lastPacketSentType == SSH_CMSG_USER) { // authentication is needed for the given user // (in most cases that's true) Send_SSH_CMSG_AUTH_PASSWORD(); break; } if (lastPacketSentType == SSH_CMSG_REQUEST_PTY) {// pty not accepted !! break; } break; case SSH_SMSG_STDOUT_DATA: //receive some data from the server return p.getString(); case SSH_SMSG_STDERR_DATA: //receive some error data from the server // if(debug > 1) str = "Error : " + p.getString(); System.out.println("SshIO.handlePacket : " + "STDERR_DATA " + str); return str; case SSH_SMSG_EXITSTATUS: //sent by the server to indicate that // the client program has terminated. //32-bit int exit status of the command int value = p.getInt32(); Send_SSH_CMSG_EXIT_CONFIRMATION(); System.out.println("SshIO : Exit status " + value); disconnect(); break; case SSH_MSG_DEBUG: str = p.getString(); if (debug > 0) { System.out.println("SshIO.handlePacket : " + " DEBUG " + str); // bad bad bad bad bad. We should not do actions in DEBUG messages, // but apparently some SSH demons does not send SSH_SMSG_FAILURE for // just USER CMS./* if(lastPacketSentType==SSH_CMSG_USER) { Send_SSH_CMSG_AUTH_PASSWORD(); break; }*/ return str; } return ""; default: System.err.print("SshIO.handlePacket1: Packet Type unknown: " + p.getType()); break; }// switch(b) return ""; } // handlePacket private void sendPacket1(SshPacket1 packet) throws IOException { write(packet.getPayLoad(crypto)); lastPacketSentType = packet.getType(); } private void sendPacket2(SshPacket2 packet) throws IOException { write(packet.getPayLoad(crypto, outgoingseq)); outgoingseq++; lastPacketSentType = packet.getType(); } // // Send_SSH_CMSG_SESSION_KEY // Create : // the session_id, // the session_key, // the Xored session_key, // the double_encrypted session key // send SSH_CMSG_SESSION_KEY // Turn the encryption on (initialise the block cipher) // private String Send_SSH_CMSG_SESSION_KEY(byte[] anti_spoofing_cookie, byte[] server_key_public_modulus, byte[] host_key_public_modulus, byte[] supported_ciphers_mask, byte[] server_key_public_exponent, byte[] host_key_public_exponent) throws IOException { String str; int boffset; byte cipher_types; //encryption types byte[] session_key; //mp-int // create the session id // session_id = md5(hostkey->n || servkey->n || cookie) //protocol V 1.5. (we use this one) // session_id = md5(servkey->n || hostkey->n || cookie) //protocol V 1.1.(Why is it different ??) // byte[] session_id_byte = new byte[host_key_public_modulus.length + server_key_public_modulus.length + anti_spoofing_cookie.length]; System.arraycopy(host_key_public_modulus, 0, session_id_byte, 0, host_key_public_modulus.length); System.arraycopy(server_key_public_modulus, 0, session_id_byte, host_key_public_modulus.length, server_key_public_modulus.length); System.arraycopy(anti_spoofing_cookie, 0, session_id_byte, host_key_public_modulus.length + server_key_public_modulus.length, anti_spoofing_cookie.length); byte[] hash_md5 = md5.digest(session_id_byte); // SSH_CMSG_SESSION_KEY : Sent by the client // 1 byte cipher_type (must be one of the supported values) // 8 bytes anti_spoofing_cookie (must match data sent by the server) // mp-int double-encrypted session key (uses the session-id) // 32-bit int protocol_flags // if ((supported_ciphers_mask[3] & (byte) (1 << SSH_CIPHER_BLOWFISH)) != 0) { cipher_types = (byte) SSH_CIPHER_BLOWFISH; cipher_type = "Blowfish"; } else { if ((supported_ciphers_mask[3] & (1 << SSH_CIPHER_IDEA)) != 0) { cipher_types = (byte) SSH_CIPHER_IDEA; cipher_type = "IDEA"; } else { if ((supported_ciphers_mask[3] & (1 << SSH_CIPHER_3DES)) != 0) { cipher_types = (byte) SSH_CIPHER_3DES; cipher_type = "DES3"; } else { if ((supported_ciphers_mask[3] & (1 << SSH_CIPHER_DES)) != 0) { cipher_types = (byte) SSH_CIPHER_DES; cipher_type = "DES"; } else { System.err.println("SshIO: remote server does not supported IDEA, BlowFish or 3DES, support cypher mask is " + supported_ciphers_mask[3] + ".\n"); disconnect(); return "\rRemote server does not support IDEA/Blowfish/3DES blockcipher, closing connection.\r\n"; } } } } if (debug > 0) System.out.println("SshIO: Using " + cipher_type + " blockcipher.\n"); // anti_spoofing_cookie : the same // double_encrypted_session_key : // 32 bytes of random bits // Xor the 16 first bytes with the session-id // encrypt with the server_key_public (small) then the host_key_public(big) using RSA. // //32 bytes of random bits byte[] random_bits1 = new byte[16], random_bits2 = new byte[16]; /// java.util.Date date = new java.util.Date(); ////the number of milliseconds since January 1, 1970, 00:00:00 GMT. //Math.random() a pseudorandom double between 0.0 and 1.0. // random_bits2 = random_bits1 = // md5.hash("" + Math.random() * (new java.util.Date()).getDate()); // md5.digest(("" + Math.random() * (new java.util.Date()).getTime()).getBytes()); //random_bits1 = md5.digest(SshMisc.addArrayOfBytes(md5.digest((password + login).getBytes()), random_bits1)); //random_bits2 = md5.digest(SshMisc.addArrayOfBytes(md5.digest((password + login).getBytes()), random_bits2)); SecureRandom random = new java.security.SecureRandom(random_bits1); //no supported by netscape :-( random.nextBytes(random_bits1); random.nextBytes(random_bits2); session_key = SshMisc.addArrayOfBytes(random_bits1, random_bits2); //Xor the 16 first bytes with the session-id byte[] session_keyXored = SshMisc.XORArrayOfBytes(random_bits1, hash_md5); session_keyXored = SshMisc.addArrayOfBytes(session_keyXored, random_bits2); //We encrypt now!! byte[] encrypted_session_key = SshCrypto.encrypteRSAPkcs1Twice(session_keyXored, server_key_public_exponent, server_key_public_modulus, host_key_public_exponent, host_key_public_modulus); // protocol_flags :protocol extension cf. page 18 int protocol_flags = 0; /* currently 0 */ SshPacket1 packet = new SshPacket1(SSH_CMSG_SESSION_KEY); packet.putByte((byte) cipher_types); packet.putBytes(anti_spoofing_cookie); packet.putBytes(encrypted_session_key); packet.putInt32(protocol_flags); sendPacket1(packet); crypto = new SshCrypto(cipher_type, session_key); return ""; } /** * SSH_CMSG_USER * string user login name on server */ private String Send_SSH_CMSG_USER() throws IOException { if (debug > 0) System.err.println("Send_SSH_CMSG_USER(" + login + ")"); SshPacket1 p = new SshPacket1(SSH_CMSG_USER); p.putString(login); sendPacket1(p); return ""; } /** * Send_SSH_CMSG_AUTH_PASSWORD * string user password */ private String Send_SSH_CMSG_AUTH_PASSWORD() throws IOException { SshPacket1 p = new SshPacket1(SSH_CMSG_AUTH_PASSWORD); p.putString(password); sendPacket1(p); return ""; } /** * Send_SSH_CMSG_EXEC_SHELL * (no arguments) * Starts a shell (command interpreter), and enters interactive * session mode. */ private String Send_SSH_CMSG_EXEC_SHELL() throws IOException { SshPacket1 packet = new SshPacket1(SSH_CMSG_EXEC_SHELL); sendPacket1(packet); return ""; } /** * Send_SSH_CMSG_STDIN_DATA * */ private String Send_SSH_CMSG_STDIN_DATA(String str) throws IOException { SshPacket1 packet = new SshPacket1(SSH_CMSG_STDIN_DATA); packet.putString(str); sendPacket1(packet); return ""; } /** * Send_SSH_CMSG_REQUEST_PTY * string TERM environment variable value (e.g. vt100) * 32-bit int terminal height, rows (e.g., 24) * 32-bit int terminal width, columns (e.g., 80) * 32-bit int terminal width, pixels (0 if no graphics) (e.g., 480) */ private String Send_SSH_CMSG_REQUEST_PTY() throws IOException { SshPacket1 p = new SshPacket1(SSH_CMSG_REQUEST_PTY); p.putString(getTerminalType()); p.putInt32(24); // Int32 rows p.putInt32(80); // Int32 columns p.putInt32(0); // Int32 x pixels p.putInt32(0); // Int32 y pixels p.putByte((byte) 0); // Int8 terminal modes sendPacket1(p); return ""; } private String Send_SSH_CMSG_EXIT_CONFIRMATION() throws IOException { SshPacket1 packet = new SshPacket1(SSH_CMSG_EXIT_CONFIRMATION); sendPacket1(packet); return ""; }}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -