📄 ssh2preferences.java
字号:
{ "cast128-ofb", "CAST128/OFB" }, { "idea-cbc", "IDEA/CBC" }, { "idea-ecb", "IDEA/ECB" }, { "idea-cfb", "IDEA/CFB" }, { "idea-ofb", "IDEA/OFB" }, { "arcfour", "RC4/OFB" } }; final static String[][] macs = { { "hmac-sha1", "HmacSHA1" }, { "hmac-md5", "HmacMD5" }, { "hmac-ripemd160", "HmacRIPEMD160" }, { "hmac-sha1-96", "HmacSHA1-96" }, { "hmac-md5-96", "HmacMD5-96" }, { "hmac-ripemd160-96", "HmacRIPEMD160-96" }, { "hmac-ripemd160@openssh.com", "HmacRIPEMD160" } }; private final static Properties defaultProperties = new Properties(); static { String stdCiphers = "aes128-ctr,aes128-cbc,blowfish-ctr,blowfish-cbc,aes256-ctr,aes256-cbc,3des-cre,3des-cbc,arcfour"; defaultProperties.put(KEX_ALGORITHMS, "diffie-hellman-group1-sha1"); defaultProperties.put(HOST_KEY_ALG, "ssh-dss,ssh-rsa"); defaultProperties.put(CIPHERS_C2S, stdCiphers); defaultProperties.put(CIPHERS_S2C, stdCiphers); defaultProperties.put(MACS_C2S, "hmac-md5,hmac-sha1"); defaultProperties.put(MACS_S2C, "hmac-md5,hmac-sha1"); defaultProperties.put(COMP_C2S, "none"); defaultProperties.put(COMP_S2C, "none"); defaultProperties.put(LANG_C2S, ""); defaultProperties.put(LANG_S2C, ""); defaultProperties.put(RX_INIT_WIN_SZ, "32768"); defaultProperties.put(RX_MAX_PKT_SZ, "8192"); defaultProperties.put(TX_MAX_PKT_SZ, "8192"); defaultProperties.put(X11_DISPLAY, "127.0.0.1:0"); defaultProperties.put(QUEUED_RX_CHAN, "true"); defaultProperties.put(DEFAULT_PKT_SZ, "8192"); defaultProperties.put(PKT_POOL_SZ, "64"); defaultProperties.put(TERM_MIN_LAT, "false"); defaultProperties.put(INT_IO_BUF_SZ, "65536"); defaultProperties.put(QUEUE_DEPTH, "64"); defaultProperties.put(QUEUE_HIWATER, "32"); defaultProperties.put(LOG_LEVEL, "3"); defaultProperties.put(ALIVE, "0"); }; private Properties preferences; private Hashtable kexAgreedAlgs; private boolean sameKEXGuess; private boolean haveAgreed; private String disagreeType; public SSH2Preferences() { this.preferences = new Properties(defaultProperties); this.kexAgreedAlgs = new Hashtable(); } public SSH2Preferences(Properties props) { this(); Enumeration names = props.propertyNames(); while(names.hasMoreElements()) { String name = (String)names.nextElement(); String value = props.getProperty(name); preferences.put(name, value); } } public static Properties getDefaultProperties() { return defaultProperties; } public void readFrom(SSH2TransportPDU pdu) { for(int i = 0; i < 10; i++) { setPreference(kexFields[i], pdu.readJavaString()); } } public void writeTo(SSH2TransportPDU pdu) { for(int i = 0; i < 10; i++) { pdu.writeString(getPreference(kexFields[i])); } } public String getPreference(String type) { return preferences.getProperty(type); } public int getIntPreference(String type) { try { return Integer.parseInt(getPreference(type)); } catch (NumberFormatException e) { throw new NumberFormatException("Illegal value of '" + type + "' expected integer but got '" + getPreference(type) + "'"); } } public void setPreference(String type, String value) { preferences.put(type, value); } public String getAgreedKEXAlgorithm() { return (String)kexAgreedAlgs.get(KEX_ALGORITHMS); } public String getAgreedHostKeyAlgorithm() { return (String)kexAgreedAlgs.get(HOST_KEY_ALG); } public String getAgreedCipher(boolean transmitter, boolean weAreAServer) { String type = ((transmitter ^ weAreAServer) ? CIPHERS_C2S : CIPHERS_S2C); return (String)kexAgreedAlgs.get(type); } public String getAgreedMac(boolean transmitter, boolean weAreAServer) { String type = ((transmitter ^ weAreAServer) ? MACS_C2S : MACS_S2C); return (String)kexAgreedAlgs.get(type); } public String getAgreedCompression(boolean transmitter, boolean weAreAServer) { String type = ((transmitter ^ weAreAServer) ? COMP_C2S : COMP_S2C); return (String)kexAgreedAlgs.get(type); } public boolean isSupported(String type, String item) { String list = getPreference(type); return SSH2ListUtil.isInList(list, item); } public SSH2KeyExchanger selectKEXAlgorithm(SSH2Preferences peerPrefs, boolean weAreAServer) throws SSH2KEXFailedException { SSH2KeyExchanger kexImpl = null; String cliKEXList, srvKEXList, cliHKAList, srvHKAList; if(weAreAServer) { cliKEXList = peerPrefs.getPreference(KEX_ALGORITHMS); srvKEXList = getPreference(KEX_ALGORITHMS); cliHKAList = peerPrefs.getPreference(HOST_KEY_ALG); srvHKAList = getPreference(HOST_KEY_ALG); } else { cliKEXList = getPreference(KEX_ALGORITHMS); srvKEXList = peerPrefs.getPreference(KEX_ALGORITHMS); cliHKAList = getPreference(HOST_KEY_ALG); srvHKAList = peerPrefs.getPreference(HOST_KEY_ALG); } String kexAlgorithm = SSH2ListUtil.getFirstInList(cliKEXList); String hostKeyAlgorithm = null; while(kexAlgorithm != null) { kexImpl = SSH2KeyExchanger.getInstance(kexAlgorithm); hostKeyAlgorithm = chooseHostKeyAlgorithm(cliHKAList, srvHKAList, kexImpl.getHostKeyAlgorithms()); if(hostKeyAlgorithm != null) { break; } cliKEXList = SSH2ListUtil.removeFirstFromList(cliKEXList, kexAlgorithm); kexAlgorithm = SSH2ListUtil.getFirstInList(cliKEXList); } if(kexAlgorithm == null) { String msg = "Couldn't agree on kex algorithm (our: '" + getPreference(KEX_ALGORITHMS) + "', peer: '" + peerPrefs.getPreference(KEX_ALGORITHMS) + "')"; throw new SSH2KEXFailedException(msg); } sameKEXGuess = kexAlgorithm.equals(SSH2ListUtil.getFirstInList(srvKEXList)) && hostKeyAlgorithm.equals(SSH2ListUtil.getFirstInList(srvHKAList)); kexAgreedAlgs.put(KEX_ALGORITHMS, kexAlgorithm); kexAgreedAlgs.put(HOST_KEY_ALG, hostKeyAlgorithm); return kexImpl; } public boolean sameKEXGuess() { return sameKEXGuess; } public boolean canAgree(SSH2Preferences peerPrefs, boolean weAreAServer) { haveAgreed = true; /* * !!! TODO: we currently ignore language preferences here */ for(int i = 2; i < 8; i++) { String type = kexFields[i]; String alg = choosePref(type, peerPrefs, weAreAServer); if(alg == null) { haveAgreed = false; sameKEXGuess = false; disagreeType = type; break; } kexAgreedAlgs.put(type, alg); } return haveAgreed; } public String getDisagreeType() { return disagreeType; } private String chooseHostKeyAlgorithm(String cliHKAList, String srvHKAList, String kexHKAList) { String alg = SSH2ListUtil.chooseFromList(cliHKAList, kexHKAList); while(alg != null && !SSH2ListUtil.isInList(srvHKAList, alg)) { cliHKAList = SSH2ListUtil.removeFirstFromList(cliHKAList, alg); alg = SSH2ListUtil.chooseFromList(cliHKAList, kexHKAList); } return alg; } private String choosePref(String type, SSH2Preferences peerPrefs, boolean weAreAServer) { String clientList, serverList; if(weAreAServer) { clientList = peerPrefs.getPreference(type); serverList = getPreference(type); } else { clientList = getPreference(type); serverList = peerPrefs.getPreference(type); } return SSH2ListUtil.chooseFromList(clientList, serverList); } public static String ssh2ToJCECipher(String prefCipher) { for(int i = 0; i < ciphers.length; i++) { if(ciphers[i][0].equals(prefCipher)) return ciphers[i][1]; } return null; } public static String ssh2ToJCEMac(String prefMac) { for(int i = 0; i < macs.length; i++) { if(macs[i][0].startsWith(prefMac)) return macs[i][1]; } return null; } public static int getCipherKeyLen(String cipherName) { int len = 128; if(cipherName != null) { cipherName = cipherName.toLowerCase(); if(cipherName.indexOf("128") != -1) { len = 128; } else if(cipherName.indexOf("192") != -1) { len = 192; } else if(cipherName.indexOf("256") != -1) { len = 256; } else if(cipherName.startsWith("twofish") || cipherName.startsWith("rijndael") || cipherName.startsWith("aes")) { len = 256; } else if(cipherName.startsWith("3des")) { len = 192; } } return len / 8; } public static int getMacKeyLen(String macName) { int len = 16; if(macName != null && ((macName.indexOf("SHA") != -1) || (macName.indexOf("sha") != -1) || (macName.indexOf("ripemd160") != -1))) { len = 20; } return len; }}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -