Re: [JSch-users] Problem with using a AES-256-CBC private key for authentification
Status: Alpha
Brought to you by:
ymnk
From: <ym...@jc...> - 2008-10-23 07:36:28
|
Hi, Here is a quick hack to support the private key ciphered by AES-256-CBC, diff -Naur jsch-0.1.40/src/com/jcraft/jsch/IdentityFile.java jsch-0.1.41/src/com/jcraft/jsch/IdentityFile.java --- jsch-0.1.40/src/com/jcraft/jsch/IdentityFile.java Mon Jan 21 05:47:55 2008 +++ jsch-0.1.41/src/com/jcraft/jsch/IdentityFile.java Thu Oct 23 02:36:12 2008 @@ -172,6 +172,20 @@ i+=3; continue; } + if(buf[i]=='A'&& buf[i+1]=='E'&& buf[i+2]=='S'&& buf[i+3]=='-' && + buf[i+4]=='2'&& buf[i+5]=='5'&& buf[i+6]=='6'&& buf[i+7]=='-'){ + i+=8; + if(Session.checkCipher((String)jsch.getConfig("aes256-cbc"))){ + c=Class.forName((String)jsch.getConfig("aes256-cbc")); + cipher=(Cipher)(c.newInstance()); + key=new byte[cipher.getBlockSize()]; + iv=new byte[cipher.getIVSize()]; + } + else{ + throw new JSchException("privatekey: aes256-cbc is not available "+identity); + } + continue; + } if(buf[i]=='C'&& buf[i+1]=='B'&& buf[i+2]=='C'&& buf[i+3]==','){ i+=4; for(int ii=0; ii<iv.length; ii++){ @@ -362,7 +376,7 @@ for(int index=0; index+hsize<=hn.length;){ if(tmp!=null){ hash.update(tmp, 0, tmp.length); } hash.update(passphrase, 0, passphrase.length); - hash.update(iv, 0, iv.length); + hash.update(iv, 0, iv.length > 8 ? 8: iv.length); tmp=hash.digest(); System.arraycopy(tmp, 0, hn, index, tmp.length); index+=tmp.length; diff -Naur jsch-0.1.40/src/com/jcraft/jsch/Session.java jsch-0.1.41/src/com/jcraft/jsch/Session.java --- jsch-0.1.40/src/com/jcraft/jsch/Session.java Fri Sep 26 09:00:48 2008 +++ jsch-0.1.41/src/com/jcraft/jsch/Session.java Thu Oct 23 02:37:04 2008 @@ -1858,14 +1858,7 @@ java.util.Vector result=new java.util.Vector(); String[] _ciphers=Util.split(ciphers, ","); for(int i=0; i<_ciphers.length; i++){ - try{ - Class c=Class.forName(getConfig(_ciphers[i])); - Cipher _c=(Cipher)(c.newInstance()); - _c.init(Cipher.ENCRYPT_MODE, - new byte[_c.getBlockSize()], - new byte[_c.getIVSize()]); - } - catch(Exception e){ + if(!checkCipher(getConfig(_ciphers[i]))){ result.addElement(_ciphers[i]); } } @@ -1883,4 +1876,18 @@ return foo; } + + static boolean checkCipher(String cipher){ + try{ + Class c=Class.forName(cipher); + Cipher _c=(Cipher)(c.newInstance()); + _c.init(Cipher.ENCRYPT_MODE, + new byte[_c.getBlockSize()], + new byte[_c.getIVSize()]); + return true; + } + catch(Exception e){ + return false; + } + } } |