* The select method will be invoked in ls method for each file entry.
* If this method returns BREAK, ls will be canceled.
*
diff --git a/src/main/java/com/jcraft/jsch/ChannelShell.java b/src/main/java/com/jcraft/jsch/ChannelShell.java
index 2dc582f0..7fc3d3d3 100644
--- a/src/main/java/com/jcraft/jsch/ChannelShell.java
+++ b/src/main/java/com/jcraft/jsch/ChannelShell.java
@@ -26,8 +26,6 @@
package com.jcraft.jsch;
-import java.util.*;
-
public class ChannelShell extends ChannelSession {
ChannelShell() {
diff --git a/src/main/java/com/jcraft/jsch/ChannelSubsystem.java b/src/main/java/com/jcraft/jsch/ChannelSubsystem.java
index 8c8ea5af..537ae391 100644
--- a/src/main/java/com/jcraft/jsch/ChannelSubsystem.java
+++ b/src/main/java/com/jcraft/jsch/ChannelSubsystem.java
@@ -26,7 +26,9 @@
package com.jcraft.jsch;
-import java.io.*;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
public class ChannelSubsystem extends ChannelSession {
boolean want_reply = true;
diff --git a/src/main/java/com/jcraft/jsch/ChannelX11.java b/src/main/java/com/jcraft/jsch/ChannelX11.java
index cbc442e9..92e29d26 100644
--- a/src/main/java/com/jcraft/jsch/ChannelX11.java
+++ b/src/main/java/com/jcraft/jsch/ChannelX11.java
@@ -27,15 +27,15 @@
package com.jcraft.jsch;
import java.io.IOException;
-import java.net.*;
+import java.net.Socket;
import java.util.Hashtable;
class ChannelX11 extends Channel {
- static private final int LOCAL_WINDOW_SIZE_MAX = 0x20000;
- static private final int LOCAL_MAXIMUM_PACKET_SIZE = 0x4000;
+ private static final int LOCAL_WINDOW_SIZE_MAX = 0x20000;
+ private static final int LOCAL_MAXIMUM_PACKET_SIZE = 0x4000;
- static private final int TIMEOUT = 10 * 1000;
+ private static final int TIMEOUT = 10 * 1000;
private static String host = "127.0.0.1";
private static int port = 6000;
@@ -114,9 +114,9 @@ static void removeFakedCookie(Session session) {
ChannelX11() {
super();
- setLocalWindowSizeMax(LOCAL_WINDOW_SIZE_MAX);
- setLocalWindowSize(LOCAL_WINDOW_SIZE_MAX);
- setLocalPacketSize(LOCAL_MAXIMUM_PACKET_SIZE);
+ lwsize_max = LOCAL_WINDOW_SIZE_MAX;
+ lwsize = LOCAL_WINDOW_SIZE_MAX;
+ lmpsize = LOCAL_MAXIMUM_PACKET_SIZE;
type = Util.str2byte("x11");
diff --git a/src/main/java/com/jcraft/jsch/Compression.java b/src/main/java/com/jcraft/jsch/Compression.java
index a961efd6..0c084409 100644
--- a/src/main/java/com/jcraft/jsch/Compression.java
+++ b/src/main/java/com/jcraft/jsch/Compression.java
@@ -27,8 +27,8 @@
package com.jcraft.jsch;
public interface Compression {
- static public final int INFLATER = 0;
- static public final int DEFLATER = 1;
+ public static final int INFLATER = 0;
+ public static final int DEFLATER = 1;
default void init(int type, int level, Session session) {
init(type, level);
diff --git a/src/main/java/com/jcraft/jsch/DH25519SNTRUP761.java b/src/main/java/com/jcraft/jsch/DH25519SNTRUP761.java
new file mode 100644
index 00000000..1c6732ce
--- /dev/null
+++ b/src/main/java/com/jcraft/jsch/DH25519SNTRUP761.java
@@ -0,0 +1,38 @@
+/*
+ * Copyright (c) 2015-2018 ymnk, JCraft,Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification, are permitted
+ * provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice, this list of conditions
+ * and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright notice, this list of
+ * conditions and the following disclaimer in the documentation and/or other materials provided with
+ * the distribution.
+ *
+ * 3. The names of the authors may not be used to endorse or promote products derived from this
+ * software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL JCRAFT, INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package com.jcraft.jsch;
+
+class DH25519SNTRUP761 extends DHXECKEM {
+ public DH25519SNTRUP761() {
+ kem_name = "sntrup761";
+ sha_name = "sha-512";
+ curve_name = "X25519";
+ kem_pubkey_len = 1158;
+ kem_encap_len = 1039;
+ xec_key_len = 32;
+ }
+}
diff --git a/src/main/java/com/jcraft/jsch/DHECN.java b/src/main/java/com/jcraft/jsch/DHECN.java
index e0455247..a20abf06 100644
--- a/src/main/java/com/jcraft/jsch/DHECN.java
+++ b/src/main/java/com/jcraft/jsch/DHECN.java
@@ -62,7 +62,7 @@ public void init(Session session, byte[] V_S, byte[] V_C, byte[] I_S, byte[] I_C
sha = c.getDeclaredConstructor().newInstance();
sha.init();
} catch (Exception e) {
- System.err.println(e);
+ throw new JSchException(e.toString(), e);
}
buf = new Buffer();
@@ -111,7 +111,9 @@ public boolean next(Buffer _buf) throws Exception {
j = _buf.getByte();
j = _buf.getByte();
if (j != SSH_MSG_KEX_ECDH_REPLY) {
- System.err.println("type: must be SSH_MSG_KEX_ECDH_REPLY " + j);
+ if (session.getLogger().isEnabled(Logger.ERROR)) {
+ session.getLogger().log(Logger.ERROR, "type: must be SSH_MSG_KEX_ECDH_REPLY " + j);
+ }
return false;
}
@@ -131,8 +133,7 @@ public boolean next(Buffer _buf) throws Exception {
return false;
}
- K = ecdh.getSecret(r_s[0], r_s[1]);
- K = normalize(K);
+ K = encodeAsMPInt(normalize(ecdh.getSecret(r_s[0], r_s[1])));
byte[] sig_of_H = _buf.getString();
@@ -157,11 +158,11 @@ public boolean next(Buffer _buf) throws Exception {
buf.putString(K_S);
buf.putString(Q_C);
buf.putString(Q_S);
- buf.putMPInt(K);
byte[] foo = new byte[buf.getLength()];
buf.getByte(foo);
sha.update(foo, 0, foo.length);
+ sha.update(K, 0, K.length);
H = sha.digest();
i = 0;
diff --git a/src/main/java/com/jcraft/jsch/DHGEX.java b/src/main/java/com/jcraft/jsch/DHGEX.java
index 1c13879a..393b0ba2 100644
--- a/src/main/java/com/jcraft/jsch/DHGEX.java
+++ b/src/main/java/com/jcraft/jsch/DHGEX.java
@@ -26,6 +26,8 @@
package com.jcraft.jsch;
+import java.math.BigInteger;
+
abstract class DHGEX extends KeyExchange {
private static final int SSH_MSG_KEX_DH_GEX_GROUP = 31;
@@ -68,7 +70,7 @@ public void init(Session session, byte[] V_S, byte[] V_C, byte[] I_S, byte[] I_C
sha = c.getDeclaredConstructor().newInstance();
sha.init();
} catch (Exception e) {
- System.err.println(e);
+ throw new JSchException(e.toString(), e);
}
buf = new Buffer();
@@ -79,15 +81,14 @@ public void init(Session session, byte[] V_S, byte[] V_C, byte[] I_S, byte[] I_C
min = Integer.parseInt(session.getConfig("dhgex_min"));
max = Integer.parseInt(session.getConfig("dhgex_max"));
preferred = Integer.parseInt(session.getConfig("dhgex_preferred"));
- if (checkInvalidSize(min) || checkInvalidSize(max) || checkInvalidSize(preferred)
- || preferred < min || max < preferred) {
+ if (min <= 0 || max <= 0 || preferred <= 0 || preferred < min || preferred > max) {
throw new JSchException(
"Invalid DHGEX sizes: min=" + min + " max=" + max + " preferred=" + preferred);
}
dh = c.getDeclaredConstructor().newInstance();
dh.init();
} catch (Exception e) {
- throw e;
+ throw new JSchException(e.toString(), e);
}
packet.reset();
@@ -118,13 +119,20 @@ public boolean next(Buffer _buf) throws Exception {
_buf.getByte();
j = _buf.getByte();
if (j != SSH_MSG_KEX_DH_GEX_GROUP) {
- System.err.println("type: must be SSH_MSG_KEX_DH_GEX_GROUP " + j);
+ if (session.getLogger().isEnabled(Logger.ERROR)) {
+ session.getLogger().log(Logger.ERROR, "type: must be SSH_MSG_KEX_DH_GEX_GROUP " + j);
+ }
return false;
}
p = _buf.getMPInt();
g = _buf.getMPInt();
+ int bits = new BigInteger(1, p).bitLength();
+ if (bits < min || bits > max) {
+ return false;
+ }
+
dh.setP(p);
dh.setG(g);
// The client responds with:
@@ -158,7 +166,9 @@ public boolean next(Buffer _buf) throws Exception {
j = _buf.getByte();
j = _buf.getByte();
if (j != SSH_MSG_KEX_DH_GEX_REPLY) {
- System.err.println("type: must be SSH_MSG_KEX_DH_GEX_REPLY " + j);
+ if (session.getLogger().isEnabled(Logger.ERROR)) {
+ session.getLogger().log(Logger.ERROR, "type: must be SSH_MSG_KEX_DH_GEX_REPLY " + j);
+ }
return false;
}
@@ -171,7 +181,7 @@ public boolean next(Buffer _buf) throws Exception {
dh.checkRange();
- K = normalize(dh.getK());
+ K = encodeAsMPInt(normalize(dh.getK()));
// The hash H is computed as the HASH hash of the concatenation of the
// following:
@@ -204,11 +214,11 @@ public boolean next(Buffer _buf) throws Exception {
buf.putMPInt(g);
buf.putMPInt(e);
buf.putMPInt(f);
- buf.putMPInt(K);
byte[] foo = new byte[buf.getLength()];
buf.getByte(foo);
sha.update(foo, 0, foo.length);
+ sha.update(K, 0, K.length);
H = sha.digest();
@@ -233,8 +243,4 @@ public boolean next(Buffer _buf) throws Exception {
public int getState() {
return state;
}
-
- static boolean checkInvalidSize(int size) {
- return (size < 1024 || size > 8192 || size % 1024 != 0);
- }
}
diff --git a/src/main/java/com/jcraft/jsch/DHGN.java b/src/main/java/com/jcraft/jsch/DHGN.java
index ea68ee72..ddb41dfb 100644
--- a/src/main/java/com/jcraft/jsch/DHGN.java
+++ b/src/main/java/com/jcraft/jsch/DHGN.java
@@ -64,7 +64,7 @@ public void init(Session session, byte[] V_S, byte[] V_C, byte[] I_S, byte[] I_C
sha = c.getDeclaredConstructor().newInstance();
sha.init();
} catch (Exception e) {
- System.err.println(e);
+ throw new JSchException(e.toString(), e);
}
buf = new Buffer();
@@ -75,8 +75,7 @@ public void init(Session session, byte[] V_S, byte[] V_C, byte[] I_S, byte[] I_C
dh = c.getDeclaredConstructor().newInstance();
dh.init();
} catch (Exception e) {
- // System.err.println(e);
- throw e;
+ throw new JSchException(e.toString(), e);
}
dh.setP(P());
@@ -119,8 +118,10 @@ public boolean next(Buffer _buf) throws Exception {
j = _buf.getInt();
j = _buf.getByte();
j = _buf.getByte();
- if (j != 31) {
- System.err.println("type: must be 31 " + j);
+ if (j != SSH_MSG_KEXDH_REPLY) {
+ if (session.getLogger().isEnabled(Logger.ERROR)) {
+ session.getLogger().log(Logger.ERROR, "type: must be SSH_MSG_KEXDH_REPLY " + j);
+ }
return false;
}
@@ -133,7 +134,7 @@ public boolean next(Buffer _buf) throws Exception {
dh.checkRange();
- K = normalize(dh.getK());
+ K = encodeAsMPInt(normalize(dh.getK()));
// The hash H is computed as the HASH hash of the concatenation of the
// following:
@@ -155,10 +156,11 @@ public boolean next(Buffer _buf) throws Exception {
buf.putString(K_S);
buf.putMPInt(e);
buf.putMPInt(f);
- buf.putMPInt(K);
byte[] foo = new byte[buf.getLength()];
buf.getByte(foo);
+
sha.update(foo, 0, foo.length);
+ sha.update(K, 0, K.length);
H = sha.digest();
// System.err.print("H -> "); //dump(H, 0, H.length);
diff --git a/src/main/java/com/jcraft/jsch/DHXEC.java b/src/main/java/com/jcraft/jsch/DHXEC.java
index b4942b80..b8cf55cc 100644
--- a/src/main/java/com/jcraft/jsch/DHXEC.java
+++ b/src/main/java/com/jcraft/jsch/DHXEC.java
@@ -63,7 +63,7 @@ public void init(Session session, byte[] V_S, byte[] V_C, byte[] I_S, byte[] I_C
sha = c.getDeclaredConstructor().newInstance();
sha.init();
} catch (Exception e) {
- System.err.println(e);
+ throw new JSchException(e.toString(), e);
}
buf = new Buffer();
@@ -111,7 +111,9 @@ public boolean next(Buffer _buf) throws Exception {
j = _buf.getByte();
j = _buf.getByte();
if (j != SSH_MSG_KEX_ECDH_REPLY) {
- System.err.println("type: must be SSH_MSG_KEX_ECDH_REPLY " + j);
+ if (session.getLogger().isEnabled(Logger.ERROR)) {
+ session.getLogger().log(Logger.ERROR, "type: must be SSH_MSG_KEX_ECDH_REPLY " + j);
+ }
return false;
}
@@ -129,8 +131,7 @@ public boolean next(Buffer _buf) throws Exception {
return false;
}
- K = xdh.getSecret(Q_S);
- K = normalize(K);
+ K = encodeAsMPInt(normalize(xdh.getSecret(Q_S)));
byte[] sig_of_H = _buf.getString();
@@ -169,11 +170,11 @@ public boolean next(Buffer _buf) throws Exception {
buf.putString(K_S);
buf.putString(Q_C);
buf.putString(Q_S);
- buf.putMPInt(K);
byte[] foo = new byte[buf.getLength()];
buf.getByte(foo);
sha.update(foo, 0, foo.length);
+ sha.update(K, 0, K.length);
H = sha.digest();
i = 0;
diff --git a/src/main/java/com/jcraft/jsch/DHXECKEM.java b/src/main/java/com/jcraft/jsch/DHXECKEM.java
new file mode 100644
index 00000000..1bee11fb
--- /dev/null
+++ b/src/main/java/com/jcraft/jsch/DHXECKEM.java
@@ -0,0 +1,229 @@
+/*
+ * Copyright (c) 2015-2018 ymnk, JCraft,Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification, are permitted
+ * provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice, this list of conditions
+ * and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright notice, this list of
+ * conditions and the following disclaimer in the documentation and/or other materials provided with
+ * the distribution.
+ *
+ * 3. The names of the authors may not be used to endorse or promote products derived from this
+ * software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL JCRAFT, INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package com.jcraft.jsch;
+
+abstract class DHXECKEM extends KeyExchange {
+
+ private static final int SSH_MSG_KEX_ECDH_INIT = 30;
+ private static final int SSH_MSG_KEX_ECDH_REPLY = 31;
+ private int state;
+
+ byte[] Q_C;
+
+ byte[] V_S;
+ byte[] V_C;
+ byte[] I_S;
+ byte[] I_C;
+
+ byte[] e;
+
+ private Buffer buf;
+ private Packet packet;
+
+ private KEM kem;
+ private XDH xdh;
+
+ protected String kem_name;
+ protected String sha_name;
+ protected String curve_name;
+ protected int kem_pubkey_len;
+ protected int kem_encap_len;
+ protected int xec_key_len;
+
+ @Override
+ public void init(Session session, byte[] V_S, byte[] V_C, byte[] I_S, byte[] I_C)
+ throws Exception {
+ this.V_S = V_S;
+ this.V_C = V_C;
+ this.I_S = I_S;
+ this.I_C = I_C;
+
+ try {
+ Class c = Class.forName(session.getConfig(sha_name)).asSubclass(HASH.class);
+ sha = c.getDeclaredConstructor().newInstance();
+ sha.init();
+ } catch (Exception e) {
+ throw new JSchException(e.toString(), e);
+ }
+
+ buf = new Buffer();
+ packet = new Packet(buf);
+
+ packet.reset();
+ // command + string len + Q_C len
+ buf.checkFreeSize(1 + 4 + kem_pubkey_len + xec_key_len);
+ buf.putByte((byte) SSH_MSG_KEX_ECDH_INIT);
+
+ try {
+ Class k = Class.forName(session.getConfig(kem_name)).asSubclass(KEM.class);
+ kem = k.getDeclaredConstructor().newInstance();
+ kem.init();
+
+ Class c = Class.forName(session.getConfig("xdh")).asSubclass(XDH.class);
+ xdh = c.getDeclaredConstructor().newInstance();
+ xdh.init(curve_name, xec_key_len);
+
+ byte[] kem_public_key_C = kem.getPublicKey();
+ byte[] xec_public_key_C = xdh.getQ();
+ Q_C = new byte[kem_pubkey_len + xec_key_len];
+ System.arraycopy(kem_public_key_C, 0, Q_C, 0, kem_pubkey_len);
+ System.arraycopy(xec_public_key_C, 0, Q_C, kem_pubkey_len, xec_key_len);
+ buf.putString(Q_C);
+ } catch (Exception | NoClassDefFoundError e) {
+ throw new JSchException(e.toString(), e);
+ }
+
+ if (V_S == null) { // This is a really ugly hack for Session.checkKexes ;-(
+ return;
+ }
+
+ session.write(packet);
+
+ if (session.getLogger().isEnabled(Logger.INFO)) {
+ session.getLogger().log(Logger.INFO, "SSH_MSG_KEX_ECDH_INIT sent");
+ session.getLogger().log(Logger.INFO, "expecting SSH_MSG_KEX_ECDH_REPLY");
+ }
+
+ state = SSH_MSG_KEX_ECDH_REPLY;
+ }
+
+ @Override
+ public boolean next(Buffer _buf) throws Exception {
+ int i, j;
+ switch (state) {
+ case SSH_MSG_KEX_ECDH_REPLY:
+ // The server responds with:
+ // byte SSH_MSG_KEX_ECDH_REPLY
+ // string K_S, server's public host key
+ // string Q_S, server's ephemeral public key octet string
+ // string the signature on the exchange hash
+ j = _buf.getInt();
+ j = _buf.getByte();
+ j = _buf.getByte();
+ if (j != SSH_MSG_KEX_ECDH_REPLY) {
+ if (session.getLogger().isEnabled(Logger.ERROR)) {
+ session.getLogger().log(Logger.ERROR, "type: must be SSH_MSG_KEX_ECDH_REPLY " + j);
+ }
+ return false;
+ }
+
+ K_S = _buf.getString();
+
+ byte[] Q_S = _buf.getString();
+ if (Q_S.length != kem_encap_len + xec_key_len) {
+ return false;
+ }
+
+ byte[] encapsulation = new byte[kem_encap_len];
+ byte[] xec_public_key_S = new byte[xec_key_len];
+ System.arraycopy(Q_S, 0, encapsulation, 0, kem_encap_len);
+ System.arraycopy(Q_S, kem_encap_len, xec_public_key_S, 0, xec_key_len);
+
+ // RFC 5656,
+ // 4. ECDH Key Exchange
+ // All elliptic curve public keys MUST be validated after they are
+ // received. An example of a validation algorithm can be found in
+ // Section 3.2.2 of [SEC1]. If a key fails validation,
+ // the key exchange MUST fail.
+ if (!xdh.validate(xec_public_key_S)) {
+ return false;
+ }
+
+ byte[] tmp = null;
+ try {
+ tmp = kem.decapsulate(encapsulation);
+ sha.update(tmp, 0, tmp.length);
+ } finally {
+ Util.bzero(tmp);
+ }
+ try {
+ tmp = normalize(xdh.getSecret(xec_public_key_S));
+ sha.update(tmp, 0, tmp.length);
+ } finally {
+ Util.bzero(tmp);
+ }
+ K = encodeAsString(sha.digest());
+
+ byte[] sig_of_H = _buf.getString();
+
+ // The hash H is computed as the HASH hash of the concatenation of the
+ // following:
+ // string V_C, client's identification string (CR and LF excluded)
+ // string V_S, server's identification string (CR and LF excluded)
+ // string I_C, payload of the client's SSH_MSG_KEXINIT
+ // string I_S, payload of the server's SSH_MSG_KEXINIT
+ // string K_S, server's public host key
+ // string Q_C, client's ephemeral public key octet string
+ // string Q_S, server's ephemeral public key octet string
+ // string K, shared secret
+
+ // draft-josefsson-ntruprime-ssh-02,
+ // 3. Key Exchange Method: sntrup761x25519-sha512
+ // ...
+ // The SSH_MSG_KEX_ECDH_REPLY's signature value is computed as described
+ // in [RFC5656] with the following changes. Instead of encoding the
+ // shared secret K as 'mpint', it MUST be encoded as 'string'. The
+ // shared secret K value MUST be the 64-byte output octet string of the
+ // SHA-512 hash computed with the input as the 32-byte octet string key
+ // output from the key encapsulation mechanism of sntrup761 concatenated
+ // with the 32-byte octet string of X25519(a, X25519(b, 9)) = X25519(b,
+ // X25519(a, 9)).
+ buf.reset();
+ buf.putString(V_C);
+ buf.putString(V_S);
+ buf.putString(I_C);
+ buf.putString(I_S);
+ buf.putString(K_S);
+ buf.putString(Q_C);
+ buf.putString(Q_S);
+ byte[] foo = new byte[buf.getLength()];
+ buf.getByte(foo);
+
+ sha.update(foo, 0, foo.length);
+ sha.update(K, 0, K.length);
+ H = sha.digest();
+
+ i = 0;
+ j = 0;
+ j = ((K_S[i++] << 24) & 0xff000000) | ((K_S[i++] << 16) & 0x00ff0000)
+ | ((K_S[i++] << 8) & 0x0000ff00) | ((K_S[i++]) & 0x000000ff);
+ String alg = Util.byte2str(K_S, i, j);
+ i += j;
+
+ boolean result = verify(alg, K_S, i, sig_of_H);
+
+ state = STATE_END;
+ return result;
+ }
+ return false;
+ }
+
+ @Override
+ public int getState() {
+ return state;
+ }
+}
diff --git a/src/main/java/com/jcraft/jsch/ForwardedTCPIPDaemon.java b/src/main/java/com/jcraft/jsch/ForwardedTCPIPDaemon.java
index d1233943..ef0fedc5 100644
--- a/src/main/java/com/jcraft/jsch/ForwardedTCPIPDaemon.java
+++ b/src/main/java/com/jcraft/jsch/ForwardedTCPIPDaemon.java
@@ -26,7 +26,8 @@
package com.jcraft.jsch;
-import java.io.*;
+import java.io.InputStream;
+import java.io.OutputStream;
public interface ForwardedTCPIPDaemon extends Runnable {
void setChannel(ChannelForwardedTCPIP channel, InputStream in, OutputStream out);
diff --git a/src/main/java/com/jcraft/jsch/HostKey.java b/src/main/java/com/jcraft/jsch/HostKey.java
index dd6178ac..0f9922b6 100644
--- a/src/main/java/com/jcraft/jsch/HostKey.java
+++ b/src/main/java/com/jcraft/jsch/HostKey.java
@@ -26,6 +26,8 @@
package com.jcraft.jsch;
+import java.util.Locale;
+
public class HostKey {
private static final byte[][] names =
@@ -118,11 +120,13 @@ public String getKey() {
public String getFingerPrint(JSch jsch) {
HASH hash = null;
try {
- String _c = JSch.getConfig("FingerprintHash").toLowerCase();
+ String _c = JSch.getConfig("FingerprintHash").toLowerCase(Locale.ROOT);
Class c = Class.forName(JSch.getConfig(_c)).asSubclass(HASH.class);
hash = c.getDeclaredConstructor().newInstance();
} catch (Exception e) {
- System.err.println("getFingerPrint: " + e);
+ if (jsch.getInstanceLogger().isEnabled(Logger.ERROR)) {
+ jsch.getInstanceLogger().log(Logger.ERROR, "getFingerPrint: " + e.getMessage(), e);
+ }
}
return Util.getFingerPrint(hash, key, false, true);
}
diff --git a/src/main/java/com/jcraft/jsch/IO.java b/src/main/java/com/jcraft/jsch/IO.java
index 9c84488b..d00241af 100644
--- a/src/main/java/com/jcraft/jsch/IO.java
+++ b/src/main/java/com/jcraft/jsch/IO.java
@@ -26,7 +26,9 @@
package com.jcraft.jsch;
-import java.io.*;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
import java.net.SocketException;
class IO {
diff --git a/src/main/java/com/jcraft/jsch/Identity.java b/src/main/java/com/jcraft/jsch/Identity.java
index 5aee38c8..2520cd2c 100644
--- a/src/main/java/com/jcraft/jsch/Identity.java
+++ b/src/main/java/com/jcraft/jsch/Identity.java
@@ -45,12 +45,12 @@ public interface Identity {
/**
* Signs on data with this identity, and returns the result.
+ *
*
* IMPORTANT NOTE:
* The {@link #getSignature(byte[], String)} method should be overridden to ensure {@code ssh-rsa}
* type public keys function with the {@code rsa-sha2-256} or {@code rsa-sha2-512} signature
* algorithms.
- *
* IMPORTANT NOTE:
* The default implementation of this method simply calls {@link #getSignature(byte[])}, which
* will fail with {@code ssh-rsa} type public keys when utilized with the {@code rsa-sha2-256} or
* {@code rsa-sha2-512} signature algorithms:
* it exists only to maintain backwards compatibility of this interface.
- *
* This default method should be overridden by implementations to ensure the {@code rsa-sha2-256} * and {@code rsa-sha2-512} signature algorithms function correctly. - *
* * @param data data to be signed * @param alg signature algorithm to use @@ -83,22 +83,30 @@ public default byte[] getSignature(byte[] data, String alg) { } /** + * This method is deprecated and the default implmentation of this method will throw an + * {@link UnsupportedOperationException}. + * * @deprecated The decryption should be done automatically in {@link #setPassphrase(byte[])} + * @returntrue if the decryption is succeeded or this identity is not cyphered.
* @see #setPassphrase(byte[])
*/
@Deprecated
- public boolean decrypt();
+ public default boolean decrypt() {
+ throw new UnsupportedOperationException("not implemented");
+ }
/**
* Returns the name of the key algorithm.
*
- * @return "ssh-rsa" or "ssh-dss"
+ * @return the name of the key algorithm
*/
public String getAlgName();
/**
* Returns the name of this identity. It will be useful to identify this object in the
* {@link IdentityRepository}.
+ *
+ * @return the name of this identity
*/
public String getName();
@@ -109,8 +117,6 @@ public default byte[] getSignature(byte[] data, String alg) {
*/
public boolean isEncrypted();
- /**
- * Disposes internally allocated data, like byte array for the private key.
- */
+ /** Disposes internally allocated data, like byte array for the private key. */
public void clear();
}
diff --git a/src/main/java/com/jcraft/jsch/IdentityFile.java b/src/main/java/com/jcraft/jsch/IdentityFile.java
index 6c804bfc..caf40135 100644
--- a/src/main/java/com/jcraft/jsch/IdentityFile.java
+++ b/src/main/java/com/jcraft/jsch/IdentityFile.java
@@ -26,27 +26,24 @@
package com.jcraft.jsch;
-import java.io.*;
-
class IdentityFile implements Identity {
- private JSch jsch;
private KeyPair kpair;
private String identity;
- static IdentityFile newInstance(String prvfile, String pubfile, JSch jsch) throws JSchException {
- KeyPair kpair = KeyPair.load(jsch, prvfile, pubfile);
- return new IdentityFile(jsch, prvfile, kpair);
+ static IdentityFile newInstance(String prvfile, String pubfile, JSch.InstanceLogger instLogger)
+ throws JSchException {
+ KeyPair kpair = KeyPair.load(instLogger, prvfile, pubfile);
+ return new IdentityFile(prvfile, kpair);
}
- static IdentityFile newInstance(String name, byte[] prvkey, byte[] pubkey, JSch jsch)
- throws JSchException {
+ static IdentityFile newInstance(String name, byte[] prvkey, byte[] pubkey,
+ JSch.InstanceLogger instLogger) throws JSchException {
- KeyPair kpair = KeyPair.load(jsch, prvkey, pubkey);
- return new IdentityFile(jsch, name, kpair);
+ KeyPair kpair = KeyPair.load(instLogger, prvkey, pubkey);
+ return new IdentityFile(name, kpair);
}
- private IdentityFile(JSch jsch, String name, KeyPair kpair) throws JSchException {
- this.jsch = jsch;
+ private IdentityFile(String name, KeyPair kpair) {
this.identity = name;
this.kpair = kpair;
}
@@ -95,30 +92,21 @@ public byte[] getSignature(byte[] data, String alg) {
return kpair.getSignature(data, alg);
}
- /**
- * @deprecated This method should not be invoked.
- * @see #setPassphrase(byte[] passphrase)
- */
- @Override
- @Deprecated
- public boolean decrypt() {
- throw new RuntimeException("not implemented");
- }
-
/**
* Returns the name of the key algorithm.
*
- * @return "ssh-rsa" or "ssh-dss"
+ * @return the name of the key algorithm
*/
@Override
public String getAlgName() {
- byte[] name = kpair.getKeyTypeName();
- return Util.byte2str(name);
+ return kpair.getKeyTypeString();
}
/**
* Returns the name of this identity. It will be useful to identify this object in the
* {@link IdentityRepository}.
+ *
+ * @return the name of this identity
*/
@Override
public String getName() {
@@ -135,9 +123,7 @@ public boolean isEncrypted() {
return kpair.isEncrypted();
}
- /**
- * Disposes internally allocated data, like byte array for the private key.
- */
+ /** Disposes internally allocated data, like byte array for the private key. */
@Override
public void clear() {
kpair.dispose();
diff --git a/src/main/java/com/jcraft/jsch/JSch.java b/src/main/java/com/jcraft/jsch/JSch.java
index 963c1f03..f942eaff 100644
--- a/src/main/java/com/jcraft/jsch/JSch.java
+++ b/src/main/java/com/jcraft/jsch/JSch.java
@@ -32,12 +32,11 @@
import java.util.Vector;
public class JSch {
- /**
- * The version number.
- */
+ /** The version number. */
public static final String VERSION = Version.getVersion();
static Hashtablenull is given, the default repository, which usually
* refers to ~/.ssh/, will be used.
- *
* @see #getIdentityRepository()
*/
public synchronized void setIdentityRepository(IdentityRepository identityRepository) {
@@ -291,7 +302,6 @@ public boolean isEnabled(int level) {
public void log(int level, String message) {}
};
static Logger logger = DEVNULL;
- private Logger instLogger;
public JSch() {}
@@ -301,11 +311,8 @@ public JSch() {}
* "user.name" will be referred.
*
* @param host hostname
- *
* @throws JSchException if username or host are invalid.
- *
* @return the instance of Session class.
- *
* @see #getSession(String username, String host, int port)
* @see com.jcraft.jsch.Session
* @see com.jcraft.jsch.ConfigRepository
@@ -321,11 +328,8 @@ public Session getSession(String host) throws JSchException {
*
* @param username user name
* @param host hostname
- *
* @throws JSchException if username or host are invalid.
- *
* @return the instance of Session class.
- *
* @see #getSession(String username, String host, int port)
* @see com.jcraft.jsch.Session
*/
@@ -341,11 +345,8 @@ public Session getSession(String username, String host) throws JSchException {
* @param username user name
* @param host hostname
* @param port port number
- *
* @throws JSchException if username or host are invalid.
- *
* @return the instance of Session class.
- *
* @see #getSession(String username, String host, int port)
* @see com.jcraft.jsch.Session
*/
@@ -373,7 +374,6 @@ protected boolean removeSession(Session session) {
* Sets the hostkey repository.
*
* @param hkrepo
- *
* @see com.jcraft.jsch.HostKeyRepository
* @see com.jcraft.jsch.KnownHosts
*/
@@ -385,9 +385,7 @@ public void setHostKeyRepository(HostKeyRepository hkrepo) {
* Sets the instance of KnownHosts, which refers to filename.
*
* @param filename filename of known_hosts file.
- *
* @throws JSchException if the given filename is invalid.
- *
* @see com.jcraft.jsch.KnownHosts
*/
public void setKnownHosts(String filename) throws JSchException {
@@ -404,9 +402,7 @@ public void setKnownHosts(String filename) throws JSchException {
* Sets the instance of KnownHosts generated with stream.
*
* @param stream the instance of InputStream from known_hosts file.
- *
* @throws JSchException if an I/O error occurs.
- *
* @see com.jcraft.jsch.KnownHosts
*/
public void setKnownHosts(InputStream stream) throws JSchException {
@@ -424,7 +420,6 @@ public void setKnownHosts(InputStream stream) throws JSchException {
* KnownHosts.
*
* @return current hostkey repository.
- *
* @see com.jcraft.jsch.HostKeyRepository
* @see com.jcraft.jsch.KnownHosts
*/
@@ -438,9 +433,7 @@ public HostKeyRepository getHostKeyRepository() {
* Sets the private key, which will be referred in the public key authentication.
*
* @param prvkey filename of the private key.
- *
* @throws JSchException if prvkey is invalid.
- *
* @see #addIdentity(String prvkey, String passphrase)
*/
public void addIdentity(String prvkey) throws JSchException {
@@ -453,9 +446,7 @@ public void addIdentity(String prvkey) throws JSchException {
*
* @param prvkey filename of the private key.
* @param passphrase passphrase for prvkey.
- *
* @throws JSchException if passphrase is not right.
- *
* @see #addIdentity(String prvkey, byte[] passphrase)
*/
public void addIdentity(String prvkey, String passphrase) throws JSchException {
@@ -474,13 +465,11 @@ public void addIdentity(String prvkey, String passphrase) throws JSchException {
*
* @param prvkey filename of the private key.
* @param passphrase passphrase for prvkey.
- *
* @throws JSchException if passphrase is not right.
- *
* @see #addIdentity(String prvkey, String pubkey, byte[] passphrase)
*/
public void addIdentity(String prvkey, byte[] passphrase) throws JSchException {
- Identity identity = IdentityFile.newInstance(prvkey, null, this);
+ Identity identity = IdentityFile.newInstance(prvkey, null, instLogger);
addIdentity(identity, passphrase);
}
@@ -491,11 +480,10 @@ public void addIdentity(String prvkey, byte[] passphrase) throws JSchException {
* @param prvkey filename of the private key.
* @param pubkey filename of the public key.
* @param passphrase passphrase for prvkey.
- *
* @throws JSchException if passphrase is not right.
*/
public void addIdentity(String prvkey, String pubkey, byte[] passphrase) throws JSchException {
- Identity identity = IdentityFile.newInstance(prvkey, pubkey, this);
+ Identity identity = IdentityFile.newInstance(prvkey, pubkey, instLogger);
addIdentity(identity, passphrase);
}
@@ -507,11 +495,10 @@ public void addIdentity(String prvkey, String pubkey, byte[] passphrase) throws
* @param prvkey private key in byte array.
* @param pubkey public key in byte array.
* @param passphrase passphrase for prvkey.
- *
*/
public void addIdentity(String name, byte[] prvkey, byte[] pubkey, byte[] passphrase)
throws JSchException {
- Identity identity = IdentityFile.newInstance(name, prvkey, pubkey, this);
+ Identity identity = IdentityFile.newInstance(name, prvkey, pubkey, instLogger);
addIdentity(identity, passphrase);
}
@@ -521,7 +508,6 @@ public void addIdentity(String name, byte[] prvkey, byte[] pubkey, byte[] passph
*
* @param identity private key.
* @param passphrase passphrase for identity.
- *
* @throws JSchException if passphrase is not right.
*/
public void addIdentity(Identity identity, byte[] passphrase) throws JSchException {
@@ -572,7 +558,6 @@ public void removeIdentity(String name) throws JSchException {
* Removes the identity from identityRepository.
*
* @param identity the indentity to be removed.
- *
* @throws JSchException if identity is invalid.
*/
public void removeIdentity(Identity identity) throws JSchException {
@@ -583,7 +568,6 @@ public void removeIdentity(Identity identity) throws JSchException {
* Lists names of identities included in the identityRepository.
*
* @return names of identities
- *
* @throws JSchException if identityReposory has problems.
*/
public Vectornull if no logging should take place
- *
* @see com.jcraft.jsch.Logger
*/
public static void setLogger(Logger logger) {
@@ -671,10 +654,7 @@ public static void setLogger(Logger logger) {
* statically set logger is returned.
*/
public Logger getInstanceLogger() {
- if (this.instLogger == null) {
- return logger;
- }
- return instLogger;
+ return instLogger.getLogger();
}
/**
@@ -684,7 +664,7 @@ public Logger getInstanceLogger() {
* used
*/
public void setInstanceLogger(Logger logger) {
- this.instLogger = logger;
+ instLogger.setLogger(logger);
}
/**
@@ -696,4 +676,21 @@ public void setInstanceLogger(Logger logger) {
public static Logger getLogger() {
return logger;
}
+
+ static class InstanceLogger {
+ private Logger logger;
+
+ private InstanceLogger() {}
+
+ Logger getLogger() {
+ if (logger == null) {
+ return JSch.logger;
+ }
+ return logger;
+ }
+
+ void setLogger(Logger logger) {
+ this.logger = logger;
+ }
+ }
}
diff --git a/src/main/java/com/jcraft/jsch/JSchAlgoNegoFailException.java b/src/main/java/com/jcraft/jsch/JSchAlgoNegoFailException.java
index fbdbf446..6e668250 100644
--- a/src/main/java/com/jcraft/jsch/JSchAlgoNegoFailException.java
+++ b/src/main/java/com/jcraft/jsch/JSchAlgoNegoFailException.java
@@ -1,5 +1,7 @@
package com.jcraft.jsch;
+import java.util.Locale;
+
/**
* Extension of {@link JSchException} to indicate when a connection fails during algorithm
* negotiation.
@@ -35,7 +37,7 @@ public String getServerProposal() {
}
private static String failString(int algorithmIndex, String jschProposal, String serverProposal) {
- return String.format(
+ return String.format(Locale.ROOT,
"Algorithm negotiation fail: algorithmName=\"%s\" jschProposal=\"%s\" serverProposal=\"%s\"",
algorithmNameFromIndex(algorithmIndex), jschProposal, serverProposal);
}
diff --git a/src/main/java/com/jcraft/jsch/JSchChangedHostKeyException.java b/src/main/java/com/jcraft/jsch/JSchChangedHostKeyException.java
new file mode 100644
index 00000000..4a1ee613
--- /dev/null
+++ b/src/main/java/com/jcraft/jsch/JSchChangedHostKeyException.java
@@ -0,0 +1,39 @@
+/*
+ * Copyright (c) 2002-2018 ymnk, JCraft,Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification, are permitted
+ * provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice, this list of conditions
+ * and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright notice, this list of
+ * conditions and the following disclaimer in the documentation and/or other materials provided with
+ * the distribution.
+ *
+ * 3. The names of the authors may not be used to endorse or promote products derived from this
+ * software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL JCRAFT, INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package com.jcraft.jsch;
+
+public class JSchChangedHostKeyException extends JSchHostKeyException {
+ private static final long serialVersionUID = -1L;
+
+ JSchChangedHostKeyException() {
+ super();
+ }
+
+ JSchChangedHostKeyException(String s) {
+ super(s);
+ }
+}
diff --git a/src/main/java/com/jcraft/jsch/JSchHostKeyException.java b/src/main/java/com/jcraft/jsch/JSchHostKeyException.java
new file mode 100644
index 00000000..91a3f896
--- /dev/null
+++ b/src/main/java/com/jcraft/jsch/JSchHostKeyException.java
@@ -0,0 +1,39 @@
+/*
+ * Copyright (c) 2002-2018 ymnk, JCraft,Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification, are permitted
+ * provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice, this list of conditions
+ * and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright notice, this list of
+ * conditions and the following disclaimer in the documentation and/or other materials provided with
+ * the distribution.
+ *
+ * 3. The names of the authors may not be used to endorse or promote products derived from this
+ * software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL JCRAFT, INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package com.jcraft.jsch;
+
+public abstract class JSchHostKeyException extends JSchException {
+ private static final long serialVersionUID = -1L;
+
+ JSchHostKeyException() {
+ super();
+ }
+
+ JSchHostKeyException(String s) {
+ super(s);
+ }
+}
diff --git a/src/main/java/com/jcraft/jsch/JSchProxyException.java b/src/main/java/com/jcraft/jsch/JSchProxyException.java
new file mode 100644
index 00000000..88f8d99f
--- /dev/null
+++ b/src/main/java/com/jcraft/jsch/JSchProxyException.java
@@ -0,0 +1,39 @@
+/*
+ * Copyright (c) 2002-2018 ymnk, JCraft,Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification, are permitted
+ * provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice, this list of conditions
+ * and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright notice, this list of
+ * conditions and the following disclaimer in the documentation and/or other materials provided with
+ * the distribution.
+ *
+ * 3. The names of the authors may not be used to endorse or promote products derived from this
+ * software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL JCRAFT, INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package com.jcraft.jsch;
+
+public class JSchProxyException extends JSchException {
+ private static final long serialVersionUID = -1L;
+
+ public JSchProxyException(String s) {
+ super(s);
+ }
+
+ public JSchProxyException(String s, Throwable e) {
+ super(s, e);
+ }
+}
diff --git a/src/main/java/com/jcraft/jsch/JSchRevokedHostKeyException.java b/src/main/java/com/jcraft/jsch/JSchRevokedHostKeyException.java
new file mode 100644
index 00000000..f25e2f67
--- /dev/null
+++ b/src/main/java/com/jcraft/jsch/JSchRevokedHostKeyException.java
@@ -0,0 +1,39 @@
+/*
+ * Copyright (c) 2002-2018 ymnk, JCraft,Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification, are permitted
+ * provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice, this list of conditions
+ * and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright notice, this list of
+ * conditions and the following disclaimer in the documentation and/or other materials provided with
+ * the distribution.
+ *
+ * 3. The names of the authors may not be used to endorse or promote products derived from this
+ * software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL JCRAFT, INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package com.jcraft.jsch;
+
+public class JSchRevokedHostKeyException extends JSchHostKeyException {
+ private static final long serialVersionUID = -1L;
+
+ JSchRevokedHostKeyException() {
+ super();
+ }
+
+ JSchRevokedHostKeyException(String s) {
+ super(s);
+ }
+}
diff --git a/src/main/java/com/jcraft/jsch/JSchSessionDisconnectException.java b/src/main/java/com/jcraft/jsch/JSchSessionDisconnectException.java
new file mode 100644
index 00000000..cb994f98
--- /dev/null
+++ b/src/main/java/com/jcraft/jsch/JSchSessionDisconnectException.java
@@ -0,0 +1,55 @@
+/*
+ * Copyright (c) 2002-2018 ymnk, JCraft,Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification, are permitted
+ * provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice, this list of conditions
+ * and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright notice, this list of
+ * conditions and the following disclaimer in the documentation and/or other materials provided with
+ * the distribution.
+ *
+ * 3. The names of the authors may not be used to endorse or promote products derived from this
+ * software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL JCRAFT, INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package com.jcraft.jsch;
+
+public class JSchSessionDisconnectException extends JSchException {
+ private static final long serialVersionUID = -1L;
+
+ // RFC 4253 11.1.
+ private final int reasonCode; // RFC 4250 4.2.2.
+ private final String description;
+ private final String languageTag;
+
+ JSchSessionDisconnectException(String s, int reasonCode, String description, String languageTag) {
+ super(s);
+ this.reasonCode = reasonCode;
+ this.description = description;
+ this.languageTag = languageTag;
+ }
+
+ public int getReasonCode() {
+ return reasonCode;
+ }
+
+ public String getDescription() {
+ return description;
+ }
+
+ public String getLanguageTag() {
+ return languageTag;
+ }
+}
diff --git a/src/main/java/com/jcraft/jsch/JSchStrictKexException.java b/src/main/java/com/jcraft/jsch/JSchStrictKexException.java
new file mode 100644
index 00000000..3454c1d2
--- /dev/null
+++ b/src/main/java/com/jcraft/jsch/JSchStrictKexException.java
@@ -0,0 +1,39 @@
+/*
+ * Copyright (c) 2002-2018 ymnk, JCraft,Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification, are permitted
+ * provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice, this list of conditions
+ * and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright notice, this list of
+ * conditions and the following disclaimer in the documentation and/or other materials provided with
+ * the distribution.
+ *
+ * 3. The names of the authors may not be used to endorse or promote products derived from this
+ * software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL JCRAFT, INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package com.jcraft.jsch;
+
+public class JSchStrictKexException extends JSchException {
+ private static final long serialVersionUID = -1L;
+
+ JSchStrictKexException() {
+ super();
+ }
+
+ JSchStrictKexException(String s) {
+ super(s);
+ }
+}
diff --git a/src/main/java/com/jcraft/jsch/JSchUnknownHostKeyException.java b/src/main/java/com/jcraft/jsch/JSchUnknownHostKeyException.java
new file mode 100644
index 00000000..1957bda7
--- /dev/null
+++ b/src/main/java/com/jcraft/jsch/JSchUnknownHostKeyException.java
@@ -0,0 +1,39 @@
+/*
+ * Copyright (c) 2002-2018 ymnk, JCraft,Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without modification, are permitted
+ * provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice, this list of conditions
+ * and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright notice, this list of
+ * conditions and the following disclaimer in the documentation and/or other materials provided with
+ * the distribution.
+ *
+ * 3. The names of the authors may not be used to endorse or promote products derived from this
+ * software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL JCRAFT, INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package com.jcraft.jsch;
+
+public class JSchUnknownHostKeyException extends JSchHostKeyException {
+ private static final long serialVersionUID = -1L;
+
+ JSchUnknownHostKeyException() {
+ super();
+ }
+
+ JSchUnknownHostKeyException(String s) {
+ super(s);
+ }
+}
diff --git a/src/main/java/com/jcraft/jsch/JUnixSocketFactory.java b/src/main/java/com/jcraft/jsch/JUnixSocketFactory.java
index d3038cdd..053e4947 100644
--- a/src/main/java/com/jcraft/jsch/JUnixSocketFactory.java
+++ b/src/main/java/com/jcraft/jsch/JUnixSocketFactory.java
@@ -26,17 +26,13 @@
package com.jcraft.jsch;
-import com.jcraft.jsch.AgentProxyException;
-import com.jcraft.jsch.USocketFactory;
-
-import org.newsclub.net.unix.AFUNIXServerSocketChannel;
-import org.newsclub.net.unix.AFUNIXSocketChannel;
-import org.newsclub.net.unix.AFUNIXSocketAddress;
-
import java.io.IOException;
import java.nio.channels.ServerSocketChannel;
import java.nio.channels.SocketChannel;
import java.nio.file.Path;
+import org.newsclub.net.unix.AFUNIXServerSocketChannel;
+import org.newsclub.net.unix.AFUNIXSocketAddress;
+import org.newsclub.net.unix.AFUNIXSocketChannel;
public class JUnixSocketFactory implements USocketFactory {
diff --git a/src/main/java/com/jcraft/jsch/JplLogger.java b/src/main/java/com/jcraft/jsch/JplLogger.java
new file mode 100644
index 00000000..baf437ed
--- /dev/null
+++ b/src/main/java/com/jcraft/jsch/JplLogger.java
@@ -0,0 +1,23 @@
+package com.jcraft.jsch;
+
+public class JplLogger implements com.jcraft.jsch.Logger {
+
+ public JplLogger() {
+ throw new UnsupportedOperationException("JplLogger requires Java9+.");
+ }
+
+ @Override
+ public boolean isEnabled(int level) {
+ throw new UnsupportedOperationException("JplLogger requires Java9+.");
+ }
+
+ @Override
+ public void log(int level, String message) {
+ throw new UnsupportedOperationException("JplLogger requires Java9+.");
+ }
+
+ @Override
+ public void log(int level, String message, Throwable cause) {
+ throw new UnsupportedOperationException("JplLogger requires Java9+.");
+ }
+}
diff --git a/src/main/java/com/jcraft/jsch/KeyPairGenXEC.java b/src/main/java/com/jcraft/jsch/KEM.java
similarity index 90%
rename from src/main/java/com/jcraft/jsch/KeyPairGenXEC.java
rename to src/main/java/com/jcraft/jsch/KEM.java
index fc4d5f0f..90dcaacf 100644
--- a/src/main/java/com/jcraft/jsch/KeyPairGenXEC.java
+++ b/src/main/java/com/jcraft/jsch/KEM.java
@@ -26,6 +26,10 @@
package com.jcraft.jsch;
-public interface KeyPairGenXEC {
- void init(String name) throws Exception;
+public interface KEM {
+ void init() throws Exception;
+
+ byte[] getPublicKey() throws Exception;
+
+ byte[] decapsulate(byte[] encapsulation) throws Exception;
}
diff --git a/src/main/java/com/jcraft/jsch/KeyExchange.java b/src/main/java/com/jcraft/jsch/KeyExchange.java
index 673dcfbd..3090391e 100644
--- a/src/main/java/com/jcraft/jsch/KeyExchange.java
+++ b/src/main/java/com/jcraft/jsch/KeyExchange.java
@@ -26,6 +26,8 @@
package com.jcraft.jsch;
+import java.util.Locale;
+
public abstract class KeyExchange {
static final int PROPOSAL_KEX_ALGS = 0;
@@ -198,11 +200,13 @@ protected static String[] guess(Session session, byte[] I_S, byte[] I_C) throws
public String getFingerPrint() {
HASH hash = null;
try {
- String _c = session.getConfig("FingerprintHash").toLowerCase();
+ String _c = session.getConfig("FingerprintHash").toLowerCase(Locale.ROOT);
Class c = Class.forName(session.getConfig(_c)).asSubclass(HASH.class);
hash = c.getDeclaredConstructor().newInstance();
} catch (Exception e) {
- System.err.println("getFingerPrint: " + e);
+ if (session.getLogger().isEnabled(Logger.ERROR)) {
+ session.getLogger().log(Logger.ERROR, "getFingerPrint: " + e.getMessage(), e);
+ }
}
return Util.getFingerPrint(hash, getHostKey(), true, false);
}
@@ -211,6 +215,11 @@ byte[] getK() {
return K;
}
+ void clearK() {
+ Util.bzero(K);
+ K = null;
+ }
+
byte[] getH() {
return H;
}
@@ -226,16 +235,59 @@ byte[] getHostKey() {
/*
* It seems JCE included in Oracle's Java7u6(and later) has suddenly changed its behavior. The
* secrete generated by KeyAgreement#generateSecret() may start with 0, even if it is a positive
- * value.
+ * value. See https://bugs.openjdk.org/browse/JDK-7146728.
*/
protected byte[] normalize(byte[] secret) {
- if (secret.length > 1 && secret[0] == 0 && (secret[1] & 0x80) == 0) {
- byte[] tmp = new byte[secret.length - 1];
- System.arraycopy(secret, 1, tmp, 0, tmp.length);
- return normalize(tmp);
- } else {
+ // This should be a timing safe version of the following:
+ // if (secret.length > 1 && secret[0] == 0 && (secret[1] & 0x80) == 0) {
+ // byte[] tmp = new byte[secret.length - 1];
+ // System.arraycopy(secret, 1, tmp, 0, tmp.length);
+ // Util.bzero(secret);
+ // return normalize(tmp);
+ // } else {
+ // return secret;
+ // }
+
+ int len = secret.length;
+ if (len < 2) {
return secret;
}
+
+ // secret[0] == 0
+ int a = 0;
+ int s0 = secret[0] & 0xff;
+ for (int i = 0; i < 8; i++) {
+ int j = s0 >>> i;
+ j &= 0x1;
+ a |= j;
+ }
+ a ^= 0x1;
+
+ // (secret[1..n] & 0x80) == 0 && secret[1..n] != 0
+ int offset = 0;
+ for (int i = 1; i < len; i++) {
+ int j = secret[i] & 0x80;
+ j >>>= 7;
+ j ^= 0x1;
+ a &= j;
+ offset += a;
+ j = secret[i] & 0x7f;
+ for (int k = 0; k < 7; k++) {
+ int l = j >>> k;
+ l &= 0x1;
+ l ^= 0x1;
+ a &= l;
+ }
+ }
+
+ len -= offset;
+ // Try to remain timing safe by performing an allocation + copy for leading bytes removed
+ byte[] foo = new byte[len];
+ byte[] bar = new byte[offset];
+ System.arraycopy(secret, 0, bar, 0, offset);
+ System.arraycopy(secret, offset, foo, 0, len);
+ Util.bzero(secret);
+ return foo;
}
protected boolean verify(String alg, byte[] K_S, int index, byte[] sig_of_H) throws Exception {
@@ -274,7 +326,7 @@ protected boolean verify(String alg, byte[] K_S, int index, byte[] sig_of_H) thr
sig = c.getDeclaredConstructor().newInstance();
sig.init();
} catch (Exception e) {
- System.err.println(e);
+ throw new JSchException(e.toString(), e);
}
sig.setPubKey(ee, n);
sig.update(H);
@@ -325,7 +377,7 @@ protected boolean verify(String alg, byte[] K_S, int index, byte[] sig_of_H) thr
sig = c.getDeclaredConstructor().newInstance();
sig.init();
} catch (Exception e) {
- System.err.println(e);
+ throw new JSchException(e.toString(), e);
}
sig.setPubKey(f, p, q, g);
sig.update(H);
@@ -368,7 +420,7 @@ protected boolean verify(String alg, byte[] K_S, int index, byte[] sig_of_H) thr
sig = c.getDeclaredConstructor().newInstance();
sig.init();
} catch (Exception e) {
- System.err.println(e);
+ throw new JSchException(e.toString(), e);
}
sig.setPubKey(r, s);
@@ -400,7 +452,7 @@ protected boolean verify(String alg, byte[] K_S, int index, byte[] sig_of_H) thr
sig = c.getDeclaredConstructor().newInstance();
sig.init();
} catch (Exception | NoClassDefFoundError e) {
- System.err.println(e);
+ throw new JSchException(e.toString(), e);
}
sig.setPubKey(tmp);
@@ -413,10 +465,38 @@ protected boolean verify(String alg, byte[] K_S, int index, byte[] sig_of_H) thr
session.getLogger().log(Logger.INFO, "ssh_eddsa_verify: " + alg + " signature " + result);
}
} else {
- System.err.println("unknown alg");
+ if (session.getLogger().isEnabled(Logger.ERROR)) {
+ session.getLogger().log(Logger.ERROR, "unknown alg: " + alg);
+ }
}
return result;
}
+ protected byte[] encodeAsMPInt(byte[] raw) {
+ int i = (raw[0] & 0x80) >>> 7;
+ int len = raw.length + i;
+ byte[] foo = new byte[len + 4];
+ // Try to remain timing safe by performing an extra allocation when i == 0
+ byte[] bar = new byte[i ^ 0x1];
+ foo[0] = (byte) (len >>> 24);
+ foo[1] = (byte) (len >>> 16);
+ foo[2] = (byte) (len >>> 8);
+ foo[3] = (byte) (len);
+ System.arraycopy(raw, 0, foo, 4 + i, len - i);
+ Util.bzero(raw);
+ return foo;
+ }
+
+ protected byte[] encodeAsString(byte[] raw) {
+ int len = raw.length;
+ byte[] foo = new byte[len + 4];
+ foo[0] = (byte) (len >>> 24);
+ foo[1] = (byte) (len >>> 16);
+ foo[2] = (byte) (len >>> 8);
+ foo[3] = (byte) (len);
+ System.arraycopy(raw, 0, foo, 4, len);
+ Util.bzero(raw);
+ return foo;
+ }
}
diff --git a/src/main/java/com/jcraft/jsch/KeyPair.java b/src/main/java/com/jcraft/jsch/KeyPair.java
index f6826bec..5492b469 100644
--- a/src/main/java/com/jcraft/jsch/KeyPair.java
+++ b/src/main/java/com/jcraft/jsch/KeyPair.java
@@ -26,7 +26,11 @@
package com.jcraft.jsch;
-import java.io.*;
+import java.io.File;
+import java.io.FileNotFoundException;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.io.OutputStream;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
@@ -37,6 +41,7 @@ public abstract class KeyPair {
/** DEFERRED should not be be used. */
public static final int DEFERRED = -1;
+
public static final int ERROR = 0;
public static final int DSA = 1;
public static final int RSA = 2;
@@ -64,15 +69,15 @@ public static KeyPair genKeyPair(JSch jsch, int type) throws JSchException {
public static KeyPair genKeyPair(JSch jsch, int type, int key_size) throws JSchException {
KeyPair kpair = null;
if (type == DSA) {
- kpair = new KeyPairDSA(jsch);
+ kpair = new KeyPairDSA(jsch.instLogger);
} else if (type == RSA) {
- kpair = new KeyPairRSA(jsch);
+ kpair = new KeyPairRSA(jsch.instLogger);
} else if (type == ECDSA) {
- kpair = new KeyPairECDSA(jsch);
+ kpair = new KeyPairECDSA(jsch.instLogger);
} else if (type == ED25519) {
- kpair = new KeyPairEd25519(jsch);
+ kpair = new KeyPairEd25519(jsch.instLogger);
} else if (type == ED448) {
- kpair = new KeyPairEd448(jsch);
+ kpair = new KeyPairEd448(jsch.instLogger);
}
if (kpair != null) {
kpair.generate(key_size);
@@ -108,7 +113,7 @@ public void setPublicKeyComment(String publicKeyComment) {
protected String publicKeyComment = "no comment";
- JSch jsch = null;
+ JSch.InstanceLogger instLogger;
protected Cipher cipher;
private KDF kdf;
private HASH sha1;
@@ -117,8 +122,8 @@ public void setPublicKeyComment(String publicKeyComment) {
private byte[] passphrase;
- public KeyPair(JSch jsch) {
- this.jsch = jsch;
+ KeyPair(JSch.InstanceLogger instLogger) {
+ this.instLogger = instLogger;
}
static byte[][] header =
@@ -184,8 +189,8 @@ public void writePrivateKey(OutputStream out, byte[] passphrase) {
out.write(cr);
// out.close();
} catch (Exception e) {
- if (jsch.getInstanceLogger().isEnabled(Logger.ERROR)) {
- jsch.getInstanceLogger().log(Logger.ERROR, "failed to write private key", e);
+ if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
+ instLogger.getLogger().log(Logger.ERROR, "failed to write private key", e);
}
}
}
@@ -234,8 +239,8 @@ public void writePublicKey(OutputStream out, String comment) {
out.write(Util.str2byte(comment));
out.write(cr);
} catch (Exception e) {
- if (jsch.getInstanceLogger().isEnabled(Logger.ERROR)) {
- jsch.getInstanceLogger().log(Logger.ERROR, "failed to write public key", e);
+ if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
+ instLogger.getLogger().log(Logger.ERROR, "failed to write public key", e);
}
}
}
@@ -249,9 +254,9 @@ public void writePublicKey(OutputStream out, String comment) {
*/
public void writePublicKey(String name, String comment)
throws FileNotFoundException, IOException {
- FileOutputStream fos = new FileOutputStream(name);
- writePublicKey(fos, comment);
- fos.close();
+ try (OutputStream fos = new FileOutputStream(name)) {
+ writePublicKey(fos, comment);
+ }
}
/**
@@ -281,8 +286,8 @@ public void writeSECSHPublicKey(OutputStream out, String comment) {
out.write(Util.str2byte("---- END SSH2 PUBLIC KEY ----"));
out.write(cr);
} catch (Exception e) {
- if (jsch.getInstanceLogger().isEnabled(Logger.ERROR)) {
- jsch.getInstanceLogger().log(Logger.ERROR, "failed to write public key", e);
+ if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
+ instLogger.getLogger().log(Logger.ERROR, "failed to write public key", e);
}
}
}
@@ -297,9 +302,9 @@ public void writeSECSHPublicKey(OutputStream out, String comment) {
*/
public void writeSECSHPublicKey(String name, String comment)
throws FileNotFoundException, IOException {
- FileOutputStream fos = new FileOutputStream(name);
- writeSECSHPublicKey(fos, comment);
- fos.close();
+ try (OutputStream fos = new FileOutputStream(name)) {
+ writeSECSHPublicKey(fos, comment);
+ }
}
/**
@@ -321,9 +326,9 @@ public void writePrivateKey(String name) throws FileNotFoundException, IOExcepti
*/
public void writePrivateKey(String name, byte[] passphrase)
throws FileNotFoundException, IOException {
- FileOutputStream fos = new FileOutputStream(name);
- writePrivateKey(fos, passphrase);
- fos.close();
+ try (OutputStream fos = new FileOutputStream(name)) {
+ writePrivateKey(fos, passphrase);
+ }
}
/**
@@ -372,8 +377,8 @@ private byte[] encrypt(byte[] plain, byte[][] _iv, byte[] passphrase) {
cipher.init(Cipher.ENCRYPT_MODE, key, iv);
cipher.update(encoded, 0, encoded.length, encoded, 0);
} catch (Exception e) {
- if (jsch.getInstanceLogger().isEnabled(Logger.ERROR)) {
- jsch.getInstanceLogger().log(Logger.ERROR, "failed to encrypt key", e);
+ if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
+ instLogger.getLogger().log(Logger.ERROR, "failed to encrypt key", e);
}
}
Util.bzero(key);
@@ -392,8 +397,8 @@ private byte[] decrypt(byte[] data, byte[] passphrase, byte[] iv) {
cipher.update(data, 0, data.length, plain, 0);
return plain;
} catch (Exception e) {
- if (jsch.getInstanceLogger().isEnabled(Logger.ERROR)) {
- jsch.getInstanceLogger().log(Logger.ERROR, "failed to decrypt key", e);
+ if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
+ instLogger.getLogger().log(Logger.ERROR, "failed to decrypt key", e);
}
}
return null;
@@ -463,8 +468,8 @@ private Random genRandom() {
Class.forName(JSch.getConfig("random")).asSubclass(Random.class);
random = c.getDeclaredConstructor().newInstance();
} catch (Exception e) {
- if (jsch.getInstanceLogger().isEnabled(Logger.ERROR)) {
- jsch.getInstanceLogger().log(Logger.ERROR, "failed to create random", e);
+ if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
+ instLogger.getLogger().log(Logger.ERROR, "failed to create random", e);
}
}
}
@@ -477,8 +482,8 @@ private HASH genHash() {
hash = c.getDeclaredConstructor().newInstance();
hash.init();
} catch (Exception e) {
- if (jsch.getInstanceLogger().isEnabled(Logger.ERROR)) {
- jsch.getInstanceLogger().log(Logger.ERROR, "failed to create hash", e);
+ if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
+ instLogger.getLogger().log(Logger.ERROR, "failed to create hash", e);
}
}
return hash;
@@ -490,8 +495,8 @@ private Cipher genCipher() {
Class.forName(JSch.getConfig("3des-cbc")).asSubclass(Cipher.class);
cipher = c.getDeclaredConstructor().newInstance();
} catch (Exception e) {
- if (jsch.getInstanceLogger().isEnabled(Logger.ERROR)) {
- jsch.getInstanceLogger().log(Logger.ERROR, "failed to create cipher", e);
+ if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
+ instLogger.getLogger().log(Logger.ERROR, "failed to create cipher", e);
}
}
return cipher;
@@ -562,8 +567,8 @@ synchronized byte[] genKey(byte[] passphrase, byte[] iv) {
Util.bzero(tmp);
}
} catch (Exception e) {
- if (jsch.getInstanceLogger().isEnabled(Logger.ERROR)) {
- jsch.getInstanceLogger().log(Logger.ERROR, "failed to generate key from passphrase", e);
+ if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
+ instLogger.getLogger().log(Logger.ERROR, "failed to generate key from passphrase", e);
}
}
return key;
@@ -637,10 +642,15 @@ public static KeyPair load(JSch jsch, String prvkey) throws JSchException {
if (!new File(pubkey).exists()) {
pubkey = null;
}
- return load(jsch, prvkey, pubkey);
+ return load(jsch.instLogger, prvkey, pubkey);
}
public static KeyPair load(JSch jsch, String prvfile, String pubfile) throws JSchException {
+ return load(jsch.instLogger, prvfile, pubfile);
+ }
+
+ static KeyPair load(JSch.InstanceLogger instLogger, String prvfile, String pubfile)
+ throws JSchException {
byte[] prvkey = null;
byte[] pubkey = null;
@@ -665,13 +675,18 @@ public static KeyPair load(JSch jsch, String prvfile, String pubfile) throws JSc
}
try {
- return load(jsch, prvkey, pubkey);
+ return load(instLogger, prvkey, pubkey);
} finally {
Util.bzero(prvkey);
}
}
public static KeyPair load(JSch jsch, byte[] prvkey, byte[] pubkey) throws JSchException {
+ return load(jsch.instLogger, prvkey, pubkey);
+ }
+
+ static KeyPair load(JSch.InstanceLogger instLogger, byte[] prvkey, byte[] pubkey)
+ throws JSchException {
byte[] iv = new byte[8]; // 8
boolean encrypted = true;
@@ -697,16 +712,16 @@ public static KeyPair load(JSch jsch, byte[] prvkey, byte[] pubkey) throws JSchE
KeyPair kpair = null;
if (_type.equals("ssh-rsa")) {
- kpair = KeyPairRSA.fromSSHAgent(jsch, buf);
+ kpair = KeyPairRSA.fromSSHAgent(instLogger, buf);
} else if (_type.equals("ssh-dss")) {
- kpair = KeyPairDSA.fromSSHAgent(jsch, buf);
+ kpair = KeyPairDSA.fromSSHAgent(instLogger, buf);
} else if (_type.equals("ecdsa-sha2-nistp256") || _type.equals("ecdsa-sha2-nistp384")
|| _type.equals("ecdsa-sha2-nistp521")) {
- kpair = KeyPairECDSA.fromSSHAgent(jsch, buf);
+ kpair = KeyPairECDSA.fromSSHAgent(instLogger, buf);
} else if (_type.equals("ssh-ed25519")) {
- kpair = KeyPairEd25519.fromSSHAgent(jsch, buf);
+ kpair = KeyPairEd25519.fromSSHAgent(instLogger, buf);
} else if (_type.equals("ssh-ed448")) {
- kpair = KeyPairEd448.fromSSHAgent(jsch, buf);
+ kpair = KeyPairEd448.fromSSHAgent(instLogger, buf);
} else {
throw new JSchException("privatekey: invalid key " + _type);
}
@@ -717,7 +732,7 @@ public static KeyPair load(JSch jsch, byte[] prvkey, byte[] pubkey) throws JSchE
byte[] buf = prvkey;
if (buf != null) {
- KeyPair ppk = loadPPK(jsch, buf);
+ KeyPair ppk = loadPPK(instLogger, buf);
if (ppk != null)
return ppk;
}
@@ -885,11 +900,13 @@ public static KeyPair load(JSch jsch, byte[] prvkey, byte[] pubkey) throws JSchE
int _len = _buf.length;
while (i < _len) {
if (_buf[i] == '\n') {
- boolean xd = (_buf[i - 1] == '\r');
+ boolean xd = (i > 0 && _buf[i - 1] == '\r');
// ignore \n (or \r\n)
System.arraycopy(_buf, i + 1, _buf, i - (xd ? 1 : 0), _len - (i + 1));
- if (xd)
+ if (xd) {
_len--;
+ i--;
+ }
_len--;
continue;
}
@@ -906,7 +923,7 @@ public static KeyPair load(JSch jsch, byte[] prvkey, byte[] pubkey) throws JSchE
}
if (vendor == VENDOR_OPENSSH_V1) {
- return loadOpenSSHKeyv1(jsch, data);
+ return loadOpenSSHKeyv1(instLogger, data);
} else if (data != null && data.length > 4 && // FSecure
data[0] == (byte) 0x3f && data[1] == (byte) 0x6f && data[2] == (byte) 0xf9
&& data[3] == (byte) 0xeb) {
@@ -1077,25 +1094,25 @@ public static KeyPair load(JSch jsch, byte[] prvkey, byte[] pubkey) throws JSchE
}
}
} catch (Exception ee) {
- if (jsch.getInstanceLogger().isEnabled(Logger.WARN)) {
- jsch.getInstanceLogger().log(Logger.WARN, "failed to parse public key", ee);
+ if (instLogger.getLogger().isEnabled(Logger.WARN)) {
+ instLogger.getLogger().log(Logger.WARN, "failed to parse public key", ee);
}
}
}
KeyPair kpair = null;
if (type == DSA) {
- kpair = new KeyPairDSA(jsch);
+ kpair = new KeyPairDSA(instLogger);
} else if (type == RSA) {
- kpair = new KeyPairRSA(jsch);
+ kpair = new KeyPairRSA(instLogger);
} else if (type == ECDSA) {
- kpair = new KeyPairECDSA(jsch, pubkey);
+ kpair = new KeyPairECDSA(instLogger, pubkey);
} else if (type == ED25519) {
- kpair = new KeyPairEd25519(jsch, pubkey, null);
+ kpair = new KeyPairEd25519(instLogger, pubkey, null);
} else if (type == ED448) {
- kpair = new KeyPairEd448(jsch, pubkey, null);
+ kpair = new KeyPairEd448(instLogger, pubkey, null);
} else if (vendor == VENDOR_PKCS8) {
- kpair = new KeyPairPKCS8(jsch);
+ kpair = new KeyPairPKCS8(instLogger);
}
if (kpair != null) {
@@ -1127,7 +1144,8 @@ public static KeyPair load(JSch jsch, byte[] prvkey, byte[] pubkey) throws JSchE
}
}
- static KeyPair loadOpenSSHKeyv1(JSch jsch, byte[] data) throws JSchException {
+ static KeyPair loadOpenSSHKeyv1(JSch.InstanceLogger instLogger, byte[] data)
+ throws JSchException {
if (data == null) {
throw new JSchException("invalid privatekey");
}
@@ -1149,7 +1167,7 @@ static KeyPair loadOpenSSHKeyv1(JSch jsch, byte[] data) throws JSchException {
}
byte[] publickeyblob = buffer.getString();
- KeyPair kpair = parsePubkeyBlob(jsch, publickeyblob, null);
+ KeyPair kpair = parsePubkeyBlob(instLogger, publickeyblob, null);
kpair.encrypted = !"none".equals(cipherName);
kpair.publickeyblob = publickeyblob;
kpair.vendor = VENDOR_OPENSSH_V1;
@@ -1204,13 +1222,13 @@ private static boolean isOpenSSHPrivateKey(byte[] buf, int i, int len) {
&& ident.equals(Util.byte2str(Arrays.copyOfRange(buf, i, i + ident.length())));
}
- static private byte a2b(byte c) {
+ private static byte a2b(byte c) {
if ('0' <= c && c <= '9')
return (byte) (c - '0');
return (byte) (c - 'a' + 10);
}
- static private byte b2a(byte c) {
+ private static byte b2a(byte c) {
if (0 <= c && c <= 9)
return (byte) (c + '0');
return (byte) (c - 10 + 'A');
@@ -1226,7 +1244,7 @@ public void finalize() {
dispose();
}
- static KeyPair loadPPK(JSch jsch, byte[] buf) throws JSchException {
+ static KeyPair loadPPK(JSch.InstanceLogger instLogger, byte[] buf) throws JSchException {
byte[] pubkey = null;
byte[] prvkey = null;
byte[] _prvkey = null;
@@ -1273,7 +1291,7 @@ static KeyPair loadPPK(JSch jsch, byte[] buf) throws JSchException {
prvkey = Util.fromBase64(_prvkey, 0, _prvkey.length);
pubkey = Util.fromBase64(pubkey, 0, pubkey.length);
- KeyPair kpair = parsePubkeyBlob(jsch, pubkey, typ);
+ KeyPair kpair = parsePubkeyBlob(instLogger, pubkey, typ);
kpair.encrypted = !v.get("Encryption").equals("none");
kpair.publickeyblob = pubkey;
kpair.vendor = ppkVersion;
@@ -1367,8 +1385,8 @@ static KeyPair loadPPK(JSch jsch, byte[] buf) throws JSchException {
}
}
- private static KeyPair parsePubkeyBlob(JSch jsch, byte[] pubkeyblob, String typ)
- throws JSchException {
+ private static KeyPair parsePubkeyBlob(JSch.InstanceLogger instLogger, byte[] pubkeyblob,
+ String typ) throws JSchException {
Buffer _buf = new Buffer(pubkeyblob);
_buf.skip(pubkeyblob.length);
@@ -1386,7 +1404,7 @@ private static KeyPair parsePubkeyBlob(JSch jsch, byte[] pubkeyblob, String typ)
byte[] n_array = new byte[_buf.getInt()];
_buf.getByte(n_array);
- return new KeyPairRSA(jsch, n_array, pub_array, null);
+ return new KeyPairRSA(instLogger, n_array, pub_array, null);
} else if (typ.equals("ssh-dss")) {
byte[] p_array = new byte[_buf.getInt()];
_buf.getByte(p_array);
@@ -1397,7 +1415,7 @@ private static KeyPair parsePubkeyBlob(JSch jsch, byte[] pubkeyblob, String typ)
byte[] y_array = new byte[_buf.getInt()];
_buf.getByte(y_array);
- return new KeyPairDSA(jsch, p_array, q_array, g_array, y_array, null);
+ return new KeyPairDSA(instLogger, p_array, q_array, g_array, y_array, null);
} else if (typ.equals("ecdsa-sha2-nistp256") || typ.equals("ecdsa-sha2-nistp384")
|| typ.equals("ecdsa-sha2-nistp521")) {
byte[] name = _buf.getString(); // nistpXXX
@@ -1410,15 +1428,15 @@ private static KeyPair parsePubkeyBlob(JSch jsch, byte[] pubkeyblob, String typ)
_buf.getByte(r_array);
_buf.getByte(s_array);
- return new KeyPairECDSA(jsch, name, r_array, s_array, null);
+ return new KeyPairECDSA(instLogger, name, r_array, s_array, null);
} else if (typ.equals("ssh-ed25519") || typ.equals("ssh-ed448")) {
byte[] pub_array = new byte[_buf.getInt()];
_buf.getByte(pub_array);
if (typ.equals("ssh-ed25519")) {
- return new KeyPairEd25519(jsch, pub_array, null);
+ return new KeyPairEd25519(instLogger, pub_array, null);
} else {
- return new KeyPairEd448(jsch, pub_array, null);
+ return new KeyPairEd448(instLogger, pub_array, null);
}
} else {
throw new JSchException("key type " + typ + " is not supported");
diff --git a/src/main/java/com/jcraft/jsch/KeyPairDSA.java b/src/main/java/com/jcraft/jsch/KeyPairDSA.java
index c4d15fa2..d030525c 100644
--- a/src/main/java/com/jcraft/jsch/KeyPairDSA.java
+++ b/src/main/java/com/jcraft/jsch/KeyPairDSA.java
@@ -38,13 +38,13 @@ class KeyPairDSA extends KeyPair {
// private int key_size=0;
private int key_size = 1024;
- KeyPairDSA(JSch jsch) {
- this(jsch, null, null, null, null, null);
+ KeyPairDSA(JSch.InstanceLogger instLogger) {
+ this(instLogger, null, null, null, null, null);
}
- KeyPairDSA(JSch jsch, byte[] P_array, byte[] Q_array, byte[] G_array, byte[] pub_array,
- byte[] prv_array) {
- super(jsch);
+ KeyPairDSA(JSch.InstanceLogger instLogger, byte[] P_array, byte[] Q_array, byte[] G_array,
+ byte[] pub_array, byte[] prv_array) {
+ super(instLogger);
this.P_array = P_array;
this.Q_array = Q_array;
this.G_array = G_array;
@@ -136,8 +136,8 @@ boolean parse(byte[] plain) {
byte[][] tmp = buf.getBytes(1, "");
prv_array = tmp[0];
} catch (JSchException e) {
- if (jsch.getInstanceLogger().isEnabled(Logger.ERROR)) {
- jsch.getInstanceLogger().log(Logger.ERROR, "failed to parse key", e);
+ if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
+ instLogger.getLogger().log(Logger.ERROR, "failed to parse key", e);
}
return false;
}
@@ -165,7 +165,6 @@ else if (vendor == VENDOR_OPENSSH_V1) {
publicKeyComment = Util.byte2str(prvKEyBuffer.getString());
// if(P_array!=null) key_size = (new BigInteger(P_array)).bitLength();
return true;
-
}
int index = 0;
@@ -264,8 +263,8 @@ else if (vendor == VENDOR_OPENSSH_V1) {
if (P_array != null)
key_size = (new BigInteger(P_array)).bitLength();
} catch (Exception e) {
- if (jsch.getInstanceLogger().isEnabled(Logger.ERROR)) {
- jsch.getInstanceLogger().log(Logger.ERROR, "failed to parse key", e);
+ if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
+ instLogger.getLogger().log(Logger.ERROR, "failed to parse key", e);
}
return false;
}
@@ -322,8 +321,8 @@ public byte[] getSignature(byte[] data) {
tmp[1] = sig;
return Buffer.fromBytes(tmp).buffer;
} catch (Exception e) {
- if (jsch.getInstanceLogger().isEnabled(Logger.ERROR)) {
- jsch.getInstanceLogger().log(Logger.ERROR, "failed to generate signature", e);
+ if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
+ instLogger.getLogger().log(Logger.ERROR, "failed to generate signature", e);
}
}
return null;
@@ -354,8 +353,8 @@ public Signature getVerifier() {
dsa.setPubKey(pub_array, P_array, Q_array, G_array);
return dsa;
} catch (Exception e) {
- if (jsch.getInstanceLogger().isEnabled(Logger.ERROR)) {
- jsch.getInstanceLogger().log(Logger.ERROR, "failed to create verifier", e);
+ if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
+ instLogger.getLogger().log(Logger.ERROR, "failed to create verifier", e);
}
}
return null;
@@ -366,7 +365,7 @@ public Signature getVerifier(String alg) {
return getVerifier();
}
- static KeyPair fromSSHAgent(JSch jsch, Buffer buf) throws JSchException {
+ static KeyPair fromSSHAgent(JSch.InstanceLogger instLogger, Buffer buf) throws JSchException {
byte[][] tmp = buf.getBytes(7, "invalid key format");
@@ -375,7 +374,7 @@ static KeyPair fromSSHAgent(JSch jsch, Buffer buf) throws JSchException {
byte[] G_array = tmp[3];
byte[] pub_array = tmp[4];
byte[] prv_array = tmp[5];
- KeyPairDSA kpair = new KeyPairDSA(jsch, P_array, Q_array, G_array, pub_array, prv_array);
+ KeyPairDSA kpair = new KeyPairDSA(instLogger, P_array, Q_array, G_array, pub_array, prv_array);
kpair.publicKeyComment = Util.byte2str(tmp[6]);
kpair.vendor = VENDOR_OPENSSH;
return kpair;
diff --git a/src/main/java/com/jcraft/jsch/KeyPairECDSA.java b/src/main/java/com/jcraft/jsch/KeyPairECDSA.java
index 489b16da..c3221353 100644
--- a/src/main/java/com/jcraft/jsch/KeyPairECDSA.java
+++ b/src/main/java/com/jcraft/jsch/KeyPairECDSA.java
@@ -46,12 +46,12 @@ class KeyPairECDSA extends KeyPair {
private int key_size = 256;
- KeyPairECDSA(JSch jsch) {
- this(jsch, null, null, null, null);
+ KeyPairECDSA(JSch.InstanceLogger instLogger) {
+ this(instLogger, null, null, null, null);
}
- KeyPairECDSA(JSch jsch, byte[] pubkey) {
- this(jsch, null, null, null, null);
+ KeyPairECDSA(JSch.InstanceLogger instLogger, byte[] pubkey) {
+ this(instLogger, null, null, null, null);
if (pubkey != null) {
byte[] name = new byte[8];
@@ -67,8 +67,9 @@ class KeyPairECDSA extends KeyPair {
}
}
- KeyPairECDSA(JSch jsch, byte[] name, byte[] r_array, byte[] s_array, byte[] prv_array) {
- super(jsch);
+ KeyPairECDSA(JSch.InstanceLogger instLogger, byte[] name, byte[] r_array, byte[] s_array,
+ byte[] prv_array) {
+ super(instLogger);
if (name != null)
this.name = name;
this.r_array = r_array;
@@ -166,8 +167,8 @@ boolean parse(byte[] plain) {
prv_array = tmp[0];
key_size = prv_array.length >= 64 ? 521 : (prv_array.length >= 48 ? 384 : 256);
} catch (JSchException e) {
- if (jsch.getInstanceLogger().isEnabled(Logger.ERROR)) {
- jsch.getInstanceLogger().log(Logger.ERROR, "failed to parse key", e);
+ if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
+ instLogger.getLogger().log(Logger.ERROR, "failed to parse key", e);
}
return false;
}
@@ -200,7 +201,6 @@ boolean parse(byte[] plain) {
prvKeyBuffer.getByte(x);
prvKeyBuffer.getByte(y);
-
prv_array = prvKeyBuffer.getString();
publicKeyComment = Util.byte2str(prvKeyBuffer.getString());
r_array = x;
@@ -208,7 +208,6 @@ boolean parse(byte[] plain) {
key_size = x.length >= 64 ? 521 : (x.length >= 48 ? 384 : 256);
return true;
-
}
int index = 0;
@@ -300,8 +299,8 @@ boolean parse(byte[] plain) {
if (prv_array != null)
key_size = prv_array.length >= 64 ? 521 : (prv_array.length >= 48 ? 384 : 256);
} catch (Exception e) {
- if (jsch.getInstanceLogger().isEnabled(Logger.ERROR)) {
- jsch.getInstanceLogger().log(Logger.ERROR, "failed to parse key", e);
+ if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
+ instLogger.getLogger().log(Logger.ERROR, "failed to parse key", e);
}
return false;
}
@@ -362,8 +361,8 @@ public byte[] getSignature(byte[] data) {
tmp[1] = sig;
return Buffer.fromBytes(tmp).buffer;
} catch (Exception e) {
- if (jsch.getInstanceLogger().isEnabled(Logger.ERROR)) {
- jsch.getInstanceLogger().log(Logger.ERROR, "failed to generate signature", e);
+ if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
+ instLogger.getLogger().log(Logger.ERROR, "failed to generate signature", e);
}
}
return null;
@@ -394,8 +393,8 @@ public Signature getVerifier() {
ecdsa.setPubKey(r_array, s_array);
return ecdsa;
} catch (Exception e) {
- if (jsch.getInstanceLogger().isEnabled(Logger.ERROR)) {
- jsch.getInstanceLogger().log(Logger.ERROR, "failed to create verifier", e);
+ if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
+ instLogger.getLogger().log(Logger.ERROR, "failed to create verifier", e);
}
}
return null;
@@ -406,7 +405,7 @@ public Signature getVerifier(String alg) {
return getVerifier();
}
- static KeyPair fromSSHAgent(JSch jsch, Buffer buf) throws JSchException {
+ static KeyPair fromSSHAgent(JSch.InstanceLogger instLogger, Buffer buf) throws JSchException {
byte[][] tmp = buf.getBytes(5, "invalid key format");
@@ -416,7 +415,7 @@ static KeyPair fromSSHAgent(JSch jsch, Buffer buf) throws JSchException {
byte[] s_array = foo[1];
byte[] prv_array = tmp[3];
- KeyPairECDSA kpair = new KeyPairECDSA(jsch, name, r_array, s_array, prv_array);
+ KeyPairECDSA kpair = new KeyPairECDSA(instLogger, name, r_array, s_array, prv_array);
kpair.publicKeyComment = Util.byte2str(tmp[4]);
kpair.vendor = VENDOR_OPENSSH;
return kpair;
diff --git a/src/main/java/com/jcraft/jsch/KeyPairEd25519.java b/src/main/java/com/jcraft/jsch/KeyPairEd25519.java
index 5552aeda..eb7990a5 100644
--- a/src/main/java/com/jcraft/jsch/KeyPairEd25519.java
+++ b/src/main/java/com/jcraft/jsch/KeyPairEd25519.java
@@ -32,12 +32,12 @@ class KeyPairEd25519 extends KeyPairEdDSA {
private static int keySize = 32;
- KeyPairEd25519(JSch jsch) {
- this(jsch, null, null);
+ KeyPairEd25519(JSch.InstanceLogger instLogger) {
+ this(instLogger, null, null);
}
- KeyPairEd25519(JSch jsch, byte[] pub_array, byte[] prv_array) {
- super(jsch, pub_array, prv_array);
+ KeyPairEd25519(JSch.InstanceLogger instLogger, byte[] pub_array, byte[] prv_array) {
+ super(instLogger, pub_array, prv_array);
}
@Override
@@ -60,13 +60,13 @@ String getJceName() {
return "Ed25519";
}
- static KeyPair fromSSHAgent(JSch jsch, Buffer buf) throws JSchException {
+ static KeyPair fromSSHAgent(JSch.InstanceLogger instLogger, Buffer buf) throws JSchException {
byte[][] tmp = buf.getBytes(4, "invalid key format");
byte[] pub_array = tmp[1];
byte[] prv_array = Arrays.copyOf(tmp[2], keySize);
- KeyPairEd25519 kpair = new KeyPairEd25519(jsch, pub_array, prv_array);
+ KeyPairEd25519 kpair = new KeyPairEd25519(instLogger, pub_array, prv_array);
kpair.publicKeyComment = Util.byte2str(tmp[3]);
kpair.vendor = VENDOR_OPENSSH;
return kpair;
diff --git a/src/main/java/com/jcraft/jsch/KeyPairEd448.java b/src/main/java/com/jcraft/jsch/KeyPairEd448.java
index 67c8da8c..e22093b6 100644
--- a/src/main/java/com/jcraft/jsch/KeyPairEd448.java
+++ b/src/main/java/com/jcraft/jsch/KeyPairEd448.java
@@ -32,12 +32,12 @@ class KeyPairEd448 extends KeyPairEdDSA {
private static int keySize = 57;
- KeyPairEd448(JSch jsch) {
- this(jsch, null, null);
+ KeyPairEd448(JSch.InstanceLogger instLogger) {
+ this(instLogger, null, null);
}
- KeyPairEd448(JSch jsch, byte[] pub_array, byte[] prv_array) {
- super(jsch, pub_array, prv_array);
+ KeyPairEd448(JSch.InstanceLogger instLogger, byte[] pub_array, byte[] prv_array) {
+ super(instLogger, pub_array, prv_array);
}
@Override
@@ -60,13 +60,13 @@ String getJceName() {
return "Ed448";
}
- static KeyPair fromSSHAgent(JSch jsch, Buffer buf) throws JSchException {
+ static KeyPair fromSSHAgent(JSch.InstanceLogger instLogger, Buffer buf) throws JSchException {
byte[][] tmp = buf.getBytes(4, "invalid key format");
byte[] pub_array = tmp[1];
byte[] prv_array = Arrays.copyOf(tmp[2], keySize);
- KeyPairEd448 kpair = new KeyPairEd448(jsch, pub_array, prv_array);
+ KeyPairEd448 kpair = new KeyPairEd448(instLogger, pub_array, prv_array);
kpair.publicKeyComment = Util.byte2str(tmp[3]);
kpair.vendor = VENDOR_OPENSSH;
return kpair;
diff --git a/src/main/java/com/jcraft/jsch/KeyPairEdDSA.java b/src/main/java/com/jcraft/jsch/KeyPairEdDSA.java
index a50f5b98..08ce3c23 100644
--- a/src/main/java/com/jcraft/jsch/KeyPairEdDSA.java
+++ b/src/main/java/com/jcraft/jsch/KeyPairEdDSA.java
@@ -32,8 +32,8 @@ abstract class KeyPairEdDSA extends KeyPair {
private byte[] pub_array;
private byte[] prv_array;
- KeyPairEdDSA(JSch jsch, byte[] pub_array, byte[] prv_array) {
- super(jsch);
+ KeyPairEdDSA(JSch.InstanceLogger instLogger, byte[] pub_array, byte[] prv_array) {
+ super(instLogger);
this.pub_array = pub_array;
this.prv_array = prv_array;
}
@@ -85,8 +85,8 @@ boolean parse(byte[] plain) {
byte[][] tmp = buf.getBytes(1, "");
prv_array = tmp[0];
} catch (JSchException e) {
- if (jsch.getInstanceLogger().isEnabled(Logger.ERROR)) {
- jsch.getInstanceLogger().log(Logger.ERROR, "failed to parse key", e);
+ if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
+ instLogger.getLogger().log(Logger.ERROR, "failed to parse key", e);
}
return false;
}
@@ -110,8 +110,8 @@ boolean parse(byte[] plain) {
publicKeyComment = Util.byte2str(buf.getString());
return true;
} catch (Exception e) {
- if (jsch.getInstanceLogger().isEnabled(Logger.ERROR)) {
- jsch.getInstanceLogger().log(Logger.ERROR, "failed to parse key", e);
+ if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
+ instLogger.getLogger().log(Logger.ERROR, "failed to parse key", e);
}
return false;
}
@@ -126,14 +126,14 @@ boolean parse(byte[] plain) {
prv_array = keypairgen.getPrv();
return true;
} catch (Exception | NoClassDefFoundError e) {
- if (jsch.getInstanceLogger().isEnabled(Logger.ERROR)) {
- jsch.getInstanceLogger().log(Logger.ERROR, "failed to parse key", e);
+ if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
+ instLogger.getLogger().log(Logger.ERROR, "failed to parse key", e);
}
return false;
}
} else {
- if (jsch.getInstanceLogger().isEnabled(Logger.ERROR)) {
- jsch.getInstanceLogger().log(Logger.ERROR, "failed to parse key");
+ if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
+ instLogger.getLogger().log(Logger.ERROR, "failed to parse key");
}
return false;
}
@@ -179,8 +179,8 @@ public byte[] getSignature(byte[] data, String alg) {
tmp[1] = sig;
return Buffer.fromBytes(tmp).buffer;
} catch (Exception | NoClassDefFoundError e) {
- if (jsch.getInstanceLogger().isEnabled(Logger.ERROR)) {
- jsch.getInstanceLogger().log(Logger.ERROR, "failed to generate signature", e);
+ if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
+ instLogger.getLogger().log(Logger.ERROR, "failed to generate signature", e);
}
}
return null;
@@ -208,8 +208,8 @@ public Signature getVerifier(String alg) {
eddsa.setPubKey(pub_array);
return eddsa;
} catch (Exception | NoClassDefFoundError e) {
- if (jsch.getInstanceLogger().isEnabled(Logger.ERROR)) {
- jsch.getInstanceLogger().log(Logger.ERROR, "failed to create verifier", e);
+ if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
+ instLogger.getLogger().log(Logger.ERROR, "failed to create verifier", e);
}
}
return null;
diff --git a/src/main/java/com/jcraft/jsch/KeyPairPKCS8.java b/src/main/java/com/jcraft/jsch/KeyPairPKCS8.java
index 36d5a418..131dd6db 100644
--- a/src/main/java/com/jcraft/jsch/KeyPairPKCS8.java
+++ b/src/main/java/com/jcraft/jsch/KeyPairPKCS8.java
@@ -122,11 +122,10 @@ class KeyPairPKCS8 extends KeyPair {
private static final byte[] pbeWithSHA1AndRC2CBC = {(byte) 0x2a, (byte) 0x86, (byte) 0x48,
(byte) 0x86, (byte) 0xf7, (byte) 0x0d, (byte) 0x01, (byte) 0x05, (byte) 0x0b};
-
private KeyPair kpair = null;
- KeyPairPKCS8(JSch jsch) {
- super(jsch);
+ KeyPairPKCS8(JSch.InstanceLogger instLogger) {
+ super(instLogger);
}
@Override
@@ -218,7 +217,7 @@ boolean parse(byte[] plain) {
throw new ASN1Exception();
}
- _kpair = new KeyPairRSA(jsch);
+ _kpair = new KeyPairRSA(instLogger);
_kpair.copy(this);
if (_kpair.parse(_data)) {
kpair = _kpair;
@@ -306,10 +305,10 @@ boolean parse(byte[] plain) {
byte[] pub_array = (new BigInteger(G_array))
.modPow(new BigInteger(prv_array), new BigInteger(P_array)).toByteArray();
- _key = new KeyPairDSA(jsch, P_array, Q_array, G_array, pub_array, prv_array);
+ _key = new KeyPairDSA(instLogger, P_array, Q_array, G_array, pub_array, prv_array);
_plain = _key.getPrivateKey();
- _kpair = new KeyPairDSA(jsch);
+ _kpair = new KeyPairDSA(instLogger);
_kpair.copy(this);
if (_kpair.parse(_plain)) {
kpair = _kpair;
@@ -408,10 +407,10 @@ boolean parse(byte[] plain) {
byte[] r_array = tmp[0];
byte[] s_array = tmp[1];
- _key = new KeyPairECDSA(jsch, name, r_array, s_array, prv_array);
+ _key = new KeyPairECDSA(instLogger, name, r_array, s_array, prv_array);
_plain = _key.getPrivateKey();
- _kpair = new KeyPairECDSA(jsch);
+ _kpair = new KeyPairECDSA(instLogger);
_kpair.copy(this);
if (_kpair.parse(_plain)) {
kpair = _kpair;
@@ -431,9 +430,9 @@ boolean parse(byte[] plain) {
prv_array = curvePrivateKey.getContent();
if (Util.array_equals(privateKeyAlgorithmID, ed25519)) {
- _kpair = new KeyPairEd25519(jsch);
+ _kpair = new KeyPairEd25519(instLogger);
} else {
- _kpair = new KeyPairEd448(jsch);
+ _kpair = new KeyPairEd448(instLogger);
}
_kpair.copy(this);
if (_kpair.parse(prv_array)) {
@@ -447,14 +446,14 @@ boolean parse(byte[] plain) {
"unsupported privateKeyAlgorithm oid: " + Util.toHex(privateKeyAlgorithmID));
}
} catch (ASN1Exception e) {
- if (jsch.getInstanceLogger().isEnabled(Logger.ERROR)) {
- jsch.getInstanceLogger().log(Logger.ERROR, "PKCS8: failed to parse key: ASN1 parsing error",
+ if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
+ instLogger.getLogger().log(Logger.ERROR, "PKCS8: failed to parse key: ASN1 parsing error",
e);
}
return false;
} catch (Exception e) {
- if (jsch.getInstanceLogger().isEnabled(Logger.ERROR)) {
- jsch.getInstanceLogger().log(Logger.ERROR, "PKCS8: failed to parse key: " + e.getMessage(),
+ if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
+ instLogger.getLogger().log(Logger.ERROR, "PKCS8: failed to parse key: " + e.getMessage(),
e);
}
return false;
@@ -766,15 +765,15 @@ public boolean decrypt(byte[] _passphrase) {
throw new JSchException("failed to parse decrypted key");
}
} catch (ASN1Exception e) {
- if (jsch.getInstanceLogger().isEnabled(Logger.ERROR)) {
- jsch.getInstanceLogger().log(Logger.ERROR,
- "PKCS8: failed to decrypt key: ASN1 parsing error", e);
+ if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
+ instLogger.getLogger().log(Logger.ERROR, "PKCS8: failed to decrypt key: ASN1 parsing error",
+ e);
}
return false;
} catch (Exception e) {
- if (jsch.getInstanceLogger().isEnabled(Logger.ERROR)) {
- jsch.getInstanceLogger().log(Logger.ERROR,
- "PKCS8: failed to decrypt key: " + e.getMessage(), e);
+ if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
+ instLogger.getLogger().log(Logger.ERROR, "PKCS8: failed to decrypt key: " + e.getMessage(),
+ e);
}
return false;
} finally {
@@ -797,9 +796,9 @@ static String getPBKDF2Name(byte[] id) throws JSchException {
} else if (Util.array_equals(id, hmacWithSha512)) {
name = "pbkdf2-hmac-sha512";
} else if (Util.array_equals(id, hmacWithSha512224)) {
- throw new JSchException("unsupported pbkdf2 function: pbkdf2-hmac-sha512-224");
+ name = "pbkdf2-hmac-sha512-224";
} else if (Util.array_equals(id, hmacWithSha512256)) {
- throw new JSchException("unsupported pbkdf2 function: pbkdf2-hmac-sha512-256");
+ name = "pbkdf2-hmac-sha512-256";
}
if (name == null) {
@@ -862,6 +861,13 @@ static Cipher getCipher(byte[] id, ASN1 encryptparams, byte[][] ivp) throws Exce
}
static int parseASN1IntegerAsInt(byte[] content) {
- return new BigInteger(content).intValueExact();
+ BigInteger b = new BigInteger(content);
+ // https://github.com/mwiede/jsch/issues/392 not using intValueExact() because of Android
+ // incompatibility.
+ if (b.bitLength() <= 31) {
+ return b.intValue();
+ } else {
+ throw new ArithmeticException("BigInteger out of int range");
+ }
}
}
diff --git a/src/main/java/com/jcraft/jsch/KeyPairRSA.java b/src/main/java/com/jcraft/jsch/KeyPairRSA.java
index 56b37491..af2c57f9 100644
--- a/src/main/java/com/jcraft/jsch/KeyPairRSA.java
+++ b/src/main/java/com/jcraft/jsch/KeyPairRSA.java
@@ -41,12 +41,12 @@ class KeyPairRSA extends KeyPair {
private int key_size = 1024;
- KeyPairRSA(JSch jsch) {
- this(jsch, null, null, null);
+ KeyPairRSA(JSch.InstanceLogger instLogger) {
+ this(instLogger, null, null, null);
}
- KeyPairRSA(JSch jsch, byte[] n_array, byte[] pub_array, byte[] prv_array) {
- super(jsch);
+ KeyPairRSA(JSch.InstanceLogger instLogger, byte[] n_array, byte[] pub_array, byte[] prv_array) {
+ super(instLogger);
this.n_array = n_array;
this.pub_array = pub_array;
this.prv_array = prv_array;
@@ -139,8 +139,8 @@ boolean parse(byte[] plain) {
q_array = tmp[2];
c_array = tmp[3];
} catch (JSchException e) {
- if (jsch.getInstanceLogger().isEnabled(Logger.ERROR)) {
- jsch.getInstanceLogger().log(Logger.ERROR, "failed to parse key", e);
+ if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
+ instLogger.getLogger().log(Logger.ERROR, "failed to parse key", e);
}
return false;
}
@@ -170,8 +170,8 @@ boolean parse(byte[] plain) {
return true;
}
- if (jsch.getInstanceLogger().isEnabled(Logger.ERROR)) {
- jsch.getInstanceLogger().log(Logger.ERROR, "failed to parse key");
+ if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
+ instLogger.getLogger().log(Logger.ERROR, "failed to parse key");
}
return false;
}
@@ -342,8 +342,8 @@ boolean parse(byte[] plain) {
}
} catch (Exception e) {
- if (jsch.getInstanceLogger().isEnabled(Logger.ERROR)) {
- jsch.getInstanceLogger().log(Logger.ERROR, "failed to parse key", e);
+ if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
+ instLogger.getLogger().log(Logger.ERROR, "failed to parse key", e);
}
return false;
}
@@ -403,8 +403,8 @@ public byte[] getSignature(byte[] data, String alg) {
tmp[1] = sig;
return Buffer.fromBytes(tmp).buffer;
} catch (Exception e) {
- if (jsch.getInstanceLogger().isEnabled(Logger.ERROR)) {
- jsch.getInstanceLogger().log(Logger.ERROR, "failed to generate signature", e);
+ if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
+ instLogger.getLogger().log(Logger.ERROR, "failed to generate signature", e);
}
}
return null;
@@ -433,21 +433,21 @@ public Signature getVerifier(String alg) {
rsa.setPubKey(pub_array, n_array);
return rsa;
} catch (Exception e) {
- if (jsch.getInstanceLogger().isEnabled(Logger.ERROR)) {
- jsch.getInstanceLogger().log(Logger.ERROR, "failed to create verifier", e);
+ if (instLogger.getLogger().isEnabled(Logger.ERROR)) {
+ instLogger.getLogger().log(Logger.ERROR, "failed to create verifier", e);
}
}
return null;
}
- static KeyPair fromSSHAgent(JSch jsch, Buffer buf) throws JSchException {
+ static KeyPair fromSSHAgent(JSch.InstanceLogger instLogger, Buffer buf) throws JSchException {
byte[][] tmp = buf.getBytes(8, "invalid key format");
byte[] n_array = tmp[1];
byte[] pub_array = tmp[2];
byte[] prv_array = tmp[3];
- KeyPairRSA kpair = new KeyPairRSA(jsch, n_array, pub_array, prv_array);
+ KeyPairRSA kpair = new KeyPairRSA(instLogger, n_array, pub_array, prv_array);
kpair.c_array = tmp[4]; // iqmp
kpair.p_array = tmp[5];
kpair.q_array = tmp[6];
diff --git a/src/main/java/com/jcraft/jsch/KnownHosts.java b/src/main/java/com/jcraft/jsch/KnownHosts.java
index 86e60f26..950c19ee 100644
--- a/src/main/java/com/jcraft/jsch/KnownHosts.java
+++ b/src/main/java/com/jcraft/jsch/KnownHosts.java
@@ -54,7 +54,7 @@ class KnownHosts implements HostKeyRepository {
void setKnownHosts(String filename) throws JSchException {
try {
known_hosts = filename;
- FileInputStream fis = new FileInputStream(Util.checkTilde(filename));
+ InputStream fis = new FileInputStream(Util.checkTilde(filename));
setKnownHosts(fis);
} catch (FileNotFoundException e) {
// The non-existing file should be allowed.
@@ -67,8 +67,7 @@ void setKnownHosts(InputStream input) throws JSchException {
byte i;
int j;
boolean error = false;
- try {
- InputStream fis = input;
+ try (InputStream fis = input) {
String host;
String key = null;
int type;
@@ -265,12 +264,6 @@ void setKnownHosts(InputStream input) throws JSchException {
if (e instanceof JSchException)
throw (JSchException) e;
throw new JSchException(e.toString(), e);
- } finally {
- try {
- input.close();
- } catch (IOException e) {
- throw new JSchException(e.toString(), e);
- }
}
}
diff --git a/src/main/java/com/jcraft/jsch/LocalIdentityRepository.java b/src/main/java/com/jcraft/jsch/LocalIdentityRepository.java
index 8daf3860..5b692d07 100644
--- a/src/main/java/com/jcraft/jsch/LocalIdentityRepository.java
+++ b/src/main/java/com/jcraft/jsch/LocalIdentityRepository.java
@@ -32,10 +32,10 @@ class LocalIdentityRepository implements IdentityRepository {
private static final String name = "Local Identity Repository";
private Vector* This password hashing system tries to thwart off-line password cracking using a * computationally-intensive hashing algorithm, based on Bruce Schneier's Blowfish cipher. The work * factor of the algorithm is parameterised, so it can be increased as computers get faster. + * *
* Usage is really simple. To hash a password for the first time, call the hashpw method with a * random salt, like this: + * *
*
* String pw_hash = BCrypt.hashpw(plain_password, BCrypt.gensalt());
+ *
*
*
* To check whether a plaintext password matches one that has been hashed previously, use the * checkpw method: + * *
*
* if (BCrypt.checkpw(candidate_password, stored_hash))
+ *
*
@@ -44,14 +49,17 @@
* else
* System.out.println("It does not match");
*
* The gensalt() method takes an optional parameter (log_rounds) that determines the computational * complexity of the hashing: + * *
*
* String strong_salt = BCrypt.gensalt(10)
+ *
*
* String stronger_salt = BCrypt.gensalt(12)
*
* The amount of work increases exponentially (2**log_rounds), so each increment is twice as much * work. The default log_rounds is 10, and the valid range is 4 to 30. @@ -226,17 +234,17 @@ public class BCrypt { // bcrypt IV: "OrpheanBeholderScryDoubt". The C implementation calls // this "ciphertext", but it is really plaintext or an IV. We keep // the name to make code comparison easier. - static private final int bf_crypt_ciphertext[] = + private static final int bf_crypt_ciphertext[] = {0x4f727068, 0x65616e42, 0x65686f6c, 0x64657253, 0x63727944, 0x6f756274}; // Table for Base64 encoding - static private final char base64_code[] = {'.', '/', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', + private static final char base64_code[] = {'.', '/', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9'}; // Table for Base64 decoding - static private final byte index_64[] = {-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + private static final byte index_64[] = {-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 0, 1, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, -1, -1, -1, -1, -1, -1, -1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, @@ -325,7 +333,7 @@ private static byte[] decode_base64(String s, int maxolen) throws IllegalArgumen if (c1 == -1 || c2 == -1) break; o = (byte) (c1 << 2); - o |= (c2 & 0x30) >> 4; + o |= (byte) ((c2 & 0x30) >> 4); rs.append((char) o); if (++olen >= maxolen || off >= slen) break; @@ -333,7 +341,7 @@ private static byte[] decode_base64(String s, int maxolen) throws IllegalArgumen if (c3 == -1) break; o = (byte) ((c2 & 0x0f) << 4); - o |= (c3 & 0x3c) >> 2; + o |= (byte) ((c3 & 0x3c) >> 2); rs.append((char) o); if (++olen >= maxolen || off >= slen) break; @@ -400,9 +408,7 @@ private static int streamtoword(byte data[], int offp[]) { return word; } - /** - * Initialise the Blowfish key schedule - */ + /** Initialise the Blowfish key schedule */ private void init_key() { P = P_orig.clone(); S = S_orig.clone(); @@ -468,9 +474,7 @@ private void ekskey(byte data[], byte key[]) { } } - /** - * Compatibility with new OpenBSD function. - */ + /** Compatibility with new OpenBSD function. */ public void hash(byte[] hpass, byte[] hsalt, byte[] output) { init_key(); ekskey(hsalt, hpass); @@ -496,9 +500,7 @@ public void hash(byte[] hpass, byte[] hsalt, byte[] output) { } } - /** - * Compatibility with new OpenBSD function. - */ + /** Compatibility with new OpenBSD function. */ public void pbkdf(byte[] password, byte[] salt, int rounds, byte[] output) { try { MessageDigest sha512 = MessageDigest.getInstance("SHA-512"); @@ -710,7 +712,7 @@ public static boolean checkpw(String plaintext, String hashed) { return false; byte ret = 0; for (int i = 0; i < try_bytes.length; i++) - ret |= hashed_bytes[i] ^ try_bytes[i]; + ret |= (byte) (hashed_bytes[i] ^ try_bytes[i]); return ret == 0; } } diff --git a/src/main/java/com/jcraft/jsch/jce/AES128CBC.java b/src/main/java/com/jcraft/jsch/jce/AES128CBC.java index 62bb4ba4..860f4571 100644 --- a/src/main/java/com/jcraft/jsch/jce/AES128CBC.java +++ b/src/main/java/com/jcraft/jsch/jce/AES128CBC.java @@ -26,13 +26,14 @@ package com.jcraft.jsch.jce; -import com.jcraft.jsch.Cipher; -import javax.crypto.spec.*; +import javax.crypto.Cipher; +import javax.crypto.spec.IvParameterSpec; +import javax.crypto.spec.SecretKeySpec; -public class AES128CBC implements Cipher { +public class AES128CBC implements com.jcraft.jsch.Cipher { private static final int ivsize = 16; private static final int bsize = 16; - private javax.crypto.Cipher cipher; + private Cipher cipher; @Override public int getIVSize() { @@ -46,7 +47,6 @@ public int getBlockSize() { @Override public void init(int mode, byte[] key, byte[] iv) throws Exception { - String pad = "NoPadding"; byte[] tmp; if (iv.length > ivsize) { tmp = new byte[ivsize]; @@ -61,9 +61,10 @@ public void init(int mode, byte[] key, byte[] iv) throws Exception { try { SecretKeySpec keyspec = new SecretKeySpec(key, "AES"); - cipher = javax.crypto.Cipher.getInstance("AES/CBC/" + pad); - cipher.init((mode == ENCRYPT_MODE ? javax.crypto.Cipher.ENCRYPT_MODE - : javax.crypto.Cipher.DECRYPT_MODE), keyspec, new IvParameterSpec(iv)); + cipher = Cipher.getInstance("AES/CBC/NoPadding"); + cipher.init( + (mode == com.jcraft.jsch.Cipher.ENCRYPT_MODE ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE), + keyspec, new IvParameterSpec(iv)); } catch (Exception e) { cipher = null; throw e; diff --git a/src/main/java/com/jcraft/jsch/jce/AES128CTR.java b/src/main/java/com/jcraft/jsch/jce/AES128CTR.java index 38c0c79a..1cd5dd80 100644 --- a/src/main/java/com/jcraft/jsch/jce/AES128CTR.java +++ b/src/main/java/com/jcraft/jsch/jce/AES128CTR.java @@ -26,13 +26,14 @@ package com.jcraft.jsch.jce; -import com.jcraft.jsch.Cipher; -import javax.crypto.spec.*; +import javax.crypto.Cipher; +import javax.crypto.spec.IvParameterSpec; +import javax.crypto.spec.SecretKeySpec; -public class AES128CTR implements Cipher { +public class AES128CTR implements com.jcraft.jsch.Cipher { private static final int ivsize = 16; private static final int bsize = 16; - private javax.crypto.Cipher cipher; + private Cipher cipher; @Override public int getIVSize() { @@ -46,7 +47,6 @@ public int getBlockSize() { @Override public void init(int mode, byte[] key, byte[] iv) throws Exception { - String pad = "NoPadding"; byte[] tmp; if (iv.length > ivsize) { tmp = new byte[ivsize]; @@ -61,9 +61,10 @@ public void init(int mode, byte[] key, byte[] iv) throws Exception { try { SecretKeySpec keyspec = new SecretKeySpec(key, "AES"); - cipher = javax.crypto.Cipher.getInstance("AES/CTR/" + pad); - cipher.init((mode == ENCRYPT_MODE ? javax.crypto.Cipher.ENCRYPT_MODE - : javax.crypto.Cipher.DECRYPT_MODE), keyspec, new IvParameterSpec(iv)); + cipher = Cipher.getInstance("AES/CTR/NoPadding"); + cipher.init( + (mode == com.jcraft.jsch.Cipher.ENCRYPT_MODE ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE), + keyspec, new IvParameterSpec(iv)); } catch (Exception e) { cipher = null; throw e; diff --git a/src/main/java/com/jcraft/jsch/jce/AES192CBC.java b/src/main/java/com/jcraft/jsch/jce/AES192CBC.java index 1dcb8639..1d1e16bb 100644 --- a/src/main/java/com/jcraft/jsch/jce/AES192CBC.java +++ b/src/main/java/com/jcraft/jsch/jce/AES192CBC.java @@ -26,13 +26,14 @@ package com.jcraft.jsch.jce; -import com.jcraft.jsch.Cipher; -import javax.crypto.spec.*; +import javax.crypto.Cipher; +import javax.crypto.spec.IvParameterSpec; +import javax.crypto.spec.SecretKeySpec; -public class AES192CBC implements Cipher { +public class AES192CBC implements com.jcraft.jsch.Cipher { private static final int ivsize = 16; private static final int bsize = 24; - private javax.crypto.Cipher cipher; + private Cipher cipher; @Override public int getIVSize() { @@ -46,7 +47,6 @@ public int getBlockSize() { @Override public void init(int mode, byte[] key, byte[] iv) throws Exception { - String pad = "NoPadding"; byte[] tmp; if (iv.length > ivsize) { tmp = new byte[ivsize]; @@ -60,9 +60,10 @@ public void init(int mode, byte[] key, byte[] iv) throws Exception { } try { SecretKeySpec keyspec = new SecretKeySpec(key, "AES"); - cipher = javax.crypto.Cipher.getInstance("AES/CBC/" + pad); - cipher.init((mode == ENCRYPT_MODE ? javax.crypto.Cipher.ENCRYPT_MODE - : javax.crypto.Cipher.DECRYPT_MODE), keyspec, new IvParameterSpec(iv)); + cipher = Cipher.getInstance("AES/CBC/NoPadding"); + cipher.init( + (mode == com.jcraft.jsch.Cipher.ENCRYPT_MODE ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE), + keyspec, new IvParameterSpec(iv)); } catch (Exception e) { cipher = null; throw e; diff --git a/src/main/java/com/jcraft/jsch/jce/AES192CTR.java b/src/main/java/com/jcraft/jsch/jce/AES192CTR.java index 12b21066..8d266391 100644 --- a/src/main/java/com/jcraft/jsch/jce/AES192CTR.java +++ b/src/main/java/com/jcraft/jsch/jce/AES192CTR.java @@ -26,13 +26,14 @@ package com.jcraft.jsch.jce; -import com.jcraft.jsch.Cipher; -import javax.crypto.spec.*; +import javax.crypto.Cipher; +import javax.crypto.spec.IvParameterSpec; +import javax.crypto.spec.SecretKeySpec; -public class AES192CTR implements Cipher { +public class AES192CTR implements com.jcraft.jsch.Cipher { private static final int ivsize = 16; private static final int bsize = 24; - private javax.crypto.Cipher cipher; + private Cipher cipher; @Override public int getIVSize() { @@ -46,7 +47,6 @@ public int getBlockSize() { @Override public void init(int mode, byte[] key, byte[] iv) throws Exception { - String pad = "NoPadding"; byte[] tmp; if (iv.length > ivsize) { tmp = new byte[ivsize]; @@ -60,9 +60,10 @@ public void init(int mode, byte[] key, byte[] iv) throws Exception { } try { SecretKeySpec keyspec = new SecretKeySpec(key, "AES"); - cipher = javax.crypto.Cipher.getInstance("AES/CTR/" + pad); - cipher.init((mode == ENCRYPT_MODE ? javax.crypto.Cipher.ENCRYPT_MODE - : javax.crypto.Cipher.DECRYPT_MODE), keyspec, new IvParameterSpec(iv)); + cipher = Cipher.getInstance("AES/CTR/NoPadding"); + cipher.init( + (mode == com.jcraft.jsch.Cipher.ENCRYPT_MODE ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE), + keyspec, new IvParameterSpec(iv)); } catch (Exception e) { cipher = null; throw e; diff --git a/src/main/java/com/jcraft/jsch/jce/AES256CBC.java b/src/main/java/com/jcraft/jsch/jce/AES256CBC.java index 8fe2028b..9a736c41 100644 --- a/src/main/java/com/jcraft/jsch/jce/AES256CBC.java +++ b/src/main/java/com/jcraft/jsch/jce/AES256CBC.java @@ -26,13 +26,14 @@ package com.jcraft.jsch.jce; -import com.jcraft.jsch.Cipher; -import javax.crypto.spec.*; +import javax.crypto.Cipher; +import javax.crypto.spec.IvParameterSpec; +import javax.crypto.spec.SecretKeySpec; -public class AES256CBC implements Cipher { +public class AES256CBC implements com.jcraft.jsch.Cipher { private static final int ivsize = 16; private static final int bsize = 32; - private javax.crypto.Cipher cipher; + private Cipher cipher; @Override public int getIVSize() { @@ -46,7 +47,6 @@ public int getBlockSize() { @Override public void init(int mode, byte[] key, byte[] iv) throws Exception { - String pad = "NoPadding"; byte[] tmp; if (iv.length > ivsize) { tmp = new byte[ivsize]; @@ -60,9 +60,10 @@ public void init(int mode, byte[] key, byte[] iv) throws Exception { } try { SecretKeySpec keyspec = new SecretKeySpec(key, "AES"); - cipher = javax.crypto.Cipher.getInstance("AES/CBC/" + pad); - cipher.init((mode == ENCRYPT_MODE ? javax.crypto.Cipher.ENCRYPT_MODE - : javax.crypto.Cipher.DECRYPT_MODE), keyspec, new IvParameterSpec(iv)); + cipher = Cipher.getInstance("AES/CBC/NoPadding"); + cipher.init( + (mode == com.jcraft.jsch.Cipher.ENCRYPT_MODE ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE), + keyspec, new IvParameterSpec(iv)); } catch (Exception e) { cipher = null; throw e; diff --git a/src/main/java/com/jcraft/jsch/jce/AES256CTR.java b/src/main/java/com/jcraft/jsch/jce/AES256CTR.java index d78b2daa..c1f72dcc 100644 --- a/src/main/java/com/jcraft/jsch/jce/AES256CTR.java +++ b/src/main/java/com/jcraft/jsch/jce/AES256CTR.java @@ -26,13 +26,14 @@ package com.jcraft.jsch.jce; -import com.jcraft.jsch.Cipher; -import javax.crypto.spec.*; +import javax.crypto.Cipher; +import javax.crypto.spec.IvParameterSpec; +import javax.crypto.spec.SecretKeySpec; -public class AES256CTR implements Cipher { +public class AES256CTR implements com.jcraft.jsch.Cipher { private static final int ivsize = 16; private static final int bsize = 32; - private javax.crypto.Cipher cipher; + private Cipher cipher; @Override public int getIVSize() { @@ -46,7 +47,6 @@ public int getBlockSize() { @Override public void init(int mode, byte[] key, byte[] iv) throws Exception { - String pad = "NoPadding"; byte[] tmp; if (iv.length > ivsize) { tmp = new byte[ivsize]; @@ -60,9 +60,10 @@ public void init(int mode, byte[] key, byte[] iv) throws Exception { } try { SecretKeySpec keyspec = new SecretKeySpec(key, "AES"); - cipher = javax.crypto.Cipher.getInstance("AES/CTR/" + pad); - cipher.init((mode == ENCRYPT_MODE ? javax.crypto.Cipher.ENCRYPT_MODE - : javax.crypto.Cipher.DECRYPT_MODE), keyspec, new IvParameterSpec(iv)); + cipher = Cipher.getInstance("AES/CTR/NoPadding"); + cipher.init( + (mode == com.jcraft.jsch.Cipher.ENCRYPT_MODE ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE), + keyspec, new IvParameterSpec(iv)); } catch (Exception e) { cipher = null; throw e; diff --git a/src/main/java/com/jcraft/jsch/jce/AESGCM.java b/src/main/java/com/jcraft/jsch/jce/AESGCM.java index 7a521ceb..ae94e7c3 100644 --- a/src/main/java/com/jcraft/jsch/jce/AESGCM.java +++ b/src/main/java/com/jcraft/jsch/jce/AESGCM.java @@ -26,15 +26,16 @@ package com.jcraft.jsch.jce; -import com.jcraft.jsch.Cipher; import java.nio.ByteBuffer; -import javax.crypto.spec.*; +import javax.crypto.Cipher; +import javax.crypto.spec.GCMParameterSpec; +import javax.crypto.spec.SecretKeySpec; -abstract class AESGCM implements Cipher { +abstract class AESGCM implements com.jcraft.jsch.Cipher { // Actually the block size, not IV size private static final int ivsize = 16; private static final int tagsize = 16; - private javax.crypto.Cipher cipher; + private Cipher cipher; private SecretKeySpec keyspec; private int mode; private ByteBuffer iv; @@ -52,7 +53,6 @@ public int getTagSize() { @Override public void init(int mode, byte[] key, byte[] iv) throws Exception { - String pad = "NoPadding"; byte[] tmp; if (iv.length > 12) { tmp = new byte[12]; @@ -65,13 +65,13 @@ public void init(int mode, byte[] key, byte[] iv) throws Exception { System.arraycopy(key, 0, tmp, 0, tmp.length); key = tmp; } - this.mode = ((mode == ENCRYPT_MODE) ? javax.crypto.Cipher.ENCRYPT_MODE - : javax.crypto.Cipher.DECRYPT_MODE); + this.mode = + ((mode == com.jcraft.jsch.Cipher.ENCRYPT_MODE) ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE); this.iv = ByteBuffer.wrap(iv); this.initcounter = this.iv.getLong(4); try { keyspec = new SecretKeySpec(key, "AES"); - cipher = javax.crypto.Cipher.getInstance("AES/GCM/" + pad); + cipher = Cipher.getInstance("AES/GCM/NoPadding"); cipher.init(this.mode, keyspec, new GCMParameterSpec(tagsize * 8, iv)); } catch (Exception e) { cipher = null; diff --git a/src/main/java/com/jcraft/jsch/jce/ARCFOUR.java b/src/main/java/com/jcraft/jsch/jce/ARCFOUR.java index d2a71fd2..5b6ea72f 100644 --- a/src/main/java/com/jcraft/jsch/jce/ARCFOUR.java +++ b/src/main/java/com/jcraft/jsch/jce/ARCFOUR.java @@ -26,14 +26,13 @@ package com.jcraft.jsch.jce; -import com.jcraft.jsch.Cipher; -import javax.crypto.*; -import javax.crypto.spec.*; +import javax.crypto.Cipher; +import javax.crypto.spec.SecretKeySpec; -public class ARCFOUR implements Cipher { +public class ARCFOUR implements com.jcraft.jsch.Cipher { private static final int ivsize = 8; private static final int bsize = 16; - private javax.crypto.Cipher cipher; + private Cipher cipher; @Override public int getIVSize() { @@ -47,7 +46,6 @@ public int getBlockSize() { @Override public void init(int mode, byte[] key, byte[] iv) throws Exception { - String pad = "NoPadding"; byte[] tmp; if (key.length > bsize) { tmp = new byte[bsize]; @@ -56,10 +54,11 @@ public void init(int mode, byte[] key, byte[] iv) throws Exception { } try { - cipher = javax.crypto.Cipher.getInstance("RC4"); + cipher = Cipher.getInstance("RC4"); SecretKeySpec _key = new SecretKeySpec(key, "RC4"); - cipher.init((mode == ENCRYPT_MODE ? javax.crypto.Cipher.ENCRYPT_MODE - : javax.crypto.Cipher.DECRYPT_MODE), _key); + cipher.init( + (mode == com.jcraft.jsch.Cipher.ENCRYPT_MODE ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE), + _key); } catch (Exception e) { cipher = null; throw e; diff --git a/src/main/java/com/jcraft/jsch/jce/ARCFOUR128.java b/src/main/java/com/jcraft/jsch/jce/ARCFOUR128.java index b0962fea..7d10fafe 100644 --- a/src/main/java/com/jcraft/jsch/jce/ARCFOUR128.java +++ b/src/main/java/com/jcraft/jsch/jce/ARCFOUR128.java @@ -26,15 +26,14 @@ package com.jcraft.jsch.jce; -import com.jcraft.jsch.Cipher; -import javax.crypto.*; -import javax.crypto.spec.*; +import javax.crypto.Cipher; +import javax.crypto.spec.SecretKeySpec; -public class ARCFOUR128 implements Cipher { +public class ARCFOUR128 implements com.jcraft.jsch.Cipher { private static final int ivsize = 8; private static final int bsize = 16; private static final int skip = 1536; - private javax.crypto.Cipher cipher; + private Cipher cipher; @Override public int getIVSize() { @@ -55,10 +54,11 @@ public void init(int mode, byte[] key, byte[] iv) throws Exception { key = tmp; } try { - cipher = javax.crypto.Cipher.getInstance("RC4"); + cipher = Cipher.getInstance("RC4"); SecretKeySpec _key = new SecretKeySpec(key, "RC4"); - cipher.init((mode == ENCRYPT_MODE ? javax.crypto.Cipher.ENCRYPT_MODE - : javax.crypto.Cipher.DECRYPT_MODE), _key); + cipher.init( + (mode == com.jcraft.jsch.Cipher.ENCRYPT_MODE ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE), + _key); byte[] foo = new byte[1]; for (int i = 0; i < skip; i++) { cipher.update(foo, 0, 1, foo, 0); diff --git a/src/main/java/com/jcraft/jsch/jce/ARCFOUR256.java b/src/main/java/com/jcraft/jsch/jce/ARCFOUR256.java index 6e160382..5f822a1a 100644 --- a/src/main/java/com/jcraft/jsch/jce/ARCFOUR256.java +++ b/src/main/java/com/jcraft/jsch/jce/ARCFOUR256.java @@ -26,15 +26,14 @@ package com.jcraft.jsch.jce; -import com.jcraft.jsch.Cipher; -import javax.crypto.*; -import javax.crypto.spec.*; +import javax.crypto.Cipher; +import javax.crypto.spec.SecretKeySpec; -public class ARCFOUR256 implements Cipher { +public class ARCFOUR256 implements com.jcraft.jsch.Cipher { private static final int ivsize = 8; private static final int bsize = 32; private static final int skip = 1536; - private javax.crypto.Cipher cipher; + private Cipher cipher; @Override public int getIVSize() { @@ -55,10 +54,11 @@ public void init(int mode, byte[] key, byte[] iv) throws Exception { key = tmp; } try { - cipher = javax.crypto.Cipher.getInstance("RC4"); + cipher = Cipher.getInstance("RC4"); SecretKeySpec _key = new SecretKeySpec(key, "RC4"); - cipher.init((mode == ENCRYPT_MODE ? javax.crypto.Cipher.ENCRYPT_MODE - : javax.crypto.Cipher.DECRYPT_MODE), _key); + cipher.init( + (mode == com.jcraft.jsch.Cipher.ENCRYPT_MODE ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE), + _key); byte[] foo = new byte[1]; for (int i = 0; i < skip; i++) { cipher.update(foo, 0, 1, foo, 0); diff --git a/src/main/java/com/jcraft/jsch/jce/BlowfishCBC.java b/src/main/java/com/jcraft/jsch/jce/BlowfishCBC.java index d3c048ba..443993e3 100644 --- a/src/main/java/com/jcraft/jsch/jce/BlowfishCBC.java +++ b/src/main/java/com/jcraft/jsch/jce/BlowfishCBC.java @@ -26,13 +26,14 @@ package com.jcraft.jsch.jce; -import com.jcraft.jsch.Cipher; -import javax.crypto.spec.*; +import javax.crypto.Cipher; +import javax.crypto.spec.IvParameterSpec; +import javax.crypto.spec.SecretKeySpec; -public class BlowfishCBC implements Cipher { +public class BlowfishCBC implements com.jcraft.jsch.Cipher { private static final int ivsize = 8; private static final int bsize = 16; - private javax.crypto.Cipher cipher; + private Cipher cipher; @Override public int getIVSize() { @@ -46,8 +47,6 @@ public int getBlockSize() { @Override public void init(int mode, byte[] key, byte[] iv) throws Exception { - String pad = "NoPadding"; - // if(padding) pad="PKCS5Padding"; byte[] tmp; if (iv.length > ivsize) { tmp = new byte[ivsize]; @@ -61,9 +60,10 @@ public void init(int mode, byte[] key, byte[] iv) throws Exception { } try { SecretKeySpec skeySpec = new SecretKeySpec(key, "Blowfish"); - cipher = javax.crypto.Cipher.getInstance("Blowfish/CBC/" + pad); - cipher.init((mode == ENCRYPT_MODE ? javax.crypto.Cipher.ENCRYPT_MODE - : javax.crypto.Cipher.DECRYPT_MODE), skeySpec, new IvParameterSpec(iv)); + cipher = Cipher.getInstance("Blowfish/CBC/NoPadding"); + cipher.init( + (mode == com.jcraft.jsch.Cipher.ENCRYPT_MODE ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE), + skeySpec, new IvParameterSpec(iv)); } catch (Exception e) { throw e; } diff --git a/src/main/java/com/jcraft/jsch/jce/BlowfishCTR.java b/src/main/java/com/jcraft/jsch/jce/BlowfishCTR.java index 04978e8d..40b52d1e 100644 --- a/src/main/java/com/jcraft/jsch/jce/BlowfishCTR.java +++ b/src/main/java/com/jcraft/jsch/jce/BlowfishCTR.java @@ -26,13 +26,14 @@ package com.jcraft.jsch.jce; -import com.jcraft.jsch.Cipher; -import javax.crypto.spec.*; +import javax.crypto.Cipher; +import javax.crypto.spec.IvParameterSpec; +import javax.crypto.spec.SecretKeySpec; -public class BlowfishCTR implements Cipher { +public class BlowfishCTR implements com.jcraft.jsch.Cipher { private static final int ivsize = 8; private static final int bsize = 32; - private javax.crypto.Cipher cipher; + private Cipher cipher; @Override public int getIVSize() { @@ -46,8 +47,6 @@ public int getBlockSize() { @Override public void init(int mode, byte[] key, byte[] iv) throws Exception { - String pad = "NoPadding"; - // if(padding) pad="PKCS5Padding"; byte[] tmp; if (iv.length > ivsize) { tmp = new byte[ivsize]; @@ -61,9 +60,10 @@ public void init(int mode, byte[] key, byte[] iv) throws Exception { } try { SecretKeySpec skeySpec = new SecretKeySpec(key, "Blowfish"); - cipher = javax.crypto.Cipher.getInstance("Blowfish/CTR/" + pad); - cipher.init((mode == ENCRYPT_MODE ? javax.crypto.Cipher.ENCRYPT_MODE - : javax.crypto.Cipher.DECRYPT_MODE), skeySpec, new IvParameterSpec(iv)); + cipher = Cipher.getInstance("Blowfish/CTR/NoPadding"); + cipher.init( + (mode == com.jcraft.jsch.Cipher.ENCRYPT_MODE ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE), + skeySpec, new IvParameterSpec(iv)); } catch (Exception e) { throw e; } diff --git a/src/main/java/com/jcraft/jsch/jce/DH.java b/src/main/java/com/jcraft/jsch/jce/DH.java index 114102ea..c9673e63 100644 --- a/src/main/java/com/jcraft/jsch/jce/DH.java +++ b/src/main/java/com/jcraft/jsch/jce/DH.java @@ -26,12 +26,16 @@ package com.jcraft.jsch.jce; -import java.math.BigInteger; -import java.security.*; -import javax.crypto.*; -import javax.crypto.interfaces.*; -import javax.crypto.spec.*; import com.jcraft.jsch.JSchException; +import java.math.BigInteger; +import java.security.KeyFactory; +import java.security.KeyPair; +import java.security.KeyPairGenerator; +import java.security.PublicKey; +import javax.crypto.KeyAgreement; +import javax.crypto.interfaces.DHPublicKey; +import javax.crypto.spec.DHParameterSpec; +import javax.crypto.spec.DHPublicKeySpec; public class DH implements com.jcraft.jsch.DH { BigInteger p; @@ -39,8 +43,6 @@ public class DH implements com.jcraft.jsch.DH { BigInteger e; // my public key byte[] e_array; BigInteger f; // your public key - BigInteger K; // shared secret key - byte[] K_array; private KeyPairGenerator myKpairGen; private KeyAgreement myKeyAgree; @@ -66,17 +68,11 @@ public byte[] getE() throws Exception { @Override public byte[] getK() throws Exception { - if (K == null) { - KeyFactory myKeyFac = KeyFactory.getInstance("DH"); - DHPublicKeySpec keySpec = new DHPublicKeySpec(f, p, g); - PublicKey yourPubKey = myKeyFac.generatePublic(keySpec); - myKeyAgree.doPhase(yourPubKey, true); - byte[] mySharedSecret = myKeyAgree.generateSecret(); - K = new BigInteger(1, mySharedSecret); - K_array = K.toByteArray(); - K_array = mySharedSecret; - } - return K_array; + KeyFactory myKeyFac = KeyFactory.getInstance("DH"); + DHPublicKeySpec keySpec = new DHPublicKeySpec(f, p, g); + PublicKey yourPubKey = myKeyFac.generatePublic(keySpec); + myKeyAgree.doPhase(yourPubKey, true); + return myKeyAgree.generateSecret(); } @Override diff --git a/src/main/java/com/jcraft/jsch/jce/ECDH256.java b/src/main/java/com/jcraft/jsch/jce/ECDH256.java index 7a40ab87..872a8b95 100644 --- a/src/main/java/com/jcraft/jsch/jce/ECDH256.java +++ b/src/main/java/com/jcraft/jsch/jce/ECDH256.java @@ -26,7 +26,7 @@ package com.jcraft.jsch.jce; -public class ECDH256 extends ECDHN implements com.jcraft.jsch.ECDH { +public class ECDH256 extends ECDHN { public void init() throws Exception { super.init(256); } diff --git a/src/main/java/com/jcraft/jsch/jce/ECDH384.java b/src/main/java/com/jcraft/jsch/jce/ECDH384.java index 85b57a0f..8477f040 100644 --- a/src/main/java/com/jcraft/jsch/jce/ECDH384.java +++ b/src/main/java/com/jcraft/jsch/jce/ECDH384.java @@ -26,7 +26,7 @@ package com.jcraft.jsch.jce; -public class ECDH384 extends ECDHN implements com.jcraft.jsch.ECDH { +public class ECDH384 extends ECDHN { public void init() throws Exception { super.init(384); } diff --git a/src/main/java/com/jcraft/jsch/jce/ECDH521.java b/src/main/java/com/jcraft/jsch/jce/ECDH521.java index 42f3a393..77f6237b 100644 --- a/src/main/java/com/jcraft/jsch/jce/ECDH521.java +++ b/src/main/java/com/jcraft/jsch/jce/ECDH521.java @@ -26,7 +26,7 @@ package com.jcraft.jsch.jce; -public class ECDH521 extends ECDHN implements com.jcraft.jsch.ECDH { +public class ECDH521 extends ECDHN { public void init() throws Exception { super.init(521); } diff --git a/src/main/java/com/jcraft/jsch/jce/ECDHN.java b/src/main/java/com/jcraft/jsch/jce/ECDHN.java index 9cca4b35..84f9e164 100644 --- a/src/main/java/com/jcraft/jsch/jce/ECDHN.java +++ b/src/main/java/com/jcraft/jsch/jce/ECDHN.java @@ -26,13 +26,19 @@ package com.jcraft.jsch.jce; +import com.jcraft.jsch.ECDH; import java.math.BigInteger; -import java.security.*; -import javax.crypto.*; -import java.security.spec.*; -import java.security.interfaces.*; - -public class ECDHN implements com.jcraft.jsch.ECDH { +import java.security.KeyFactory; +import java.security.PublicKey; +import java.security.interfaces.ECPublicKey; +import java.security.spec.ECFieldFp; +import java.security.spec.ECParameterSpec; +import java.security.spec.ECPoint; +import java.security.spec.ECPublicKeySpec; +import java.security.spec.EllipticCurve; +import javax.crypto.KeyAgreement; + +public class ECDHN implements ECDH { byte[] Q_array; ECPublicKey publicKey; diff --git a/src/main/java/com/jcraft/jsch/jce/HMAC.java b/src/main/java/com/jcraft/jsch/jce/HMAC.java index 96705062..4b23f18e 100644 --- a/src/main/java/com/jcraft/jsch/jce/HMAC.java +++ b/src/main/java/com/jcraft/jsch/jce/HMAC.java @@ -26,9 +26,12 @@ package com.jcraft.jsch.jce; +import com.jcraft.jsch.JSch; +import com.jcraft.jsch.Logger; import com.jcraft.jsch.MAC; -import javax.crypto.*; -import javax.crypto.spec.*; +import javax.crypto.Mac; +import javax.crypto.ShortBufferException; +import javax.crypto.spec.SecretKeySpec; abstract class HMAC implements MAC { protected String name; @@ -75,7 +78,9 @@ public void doFinal(byte[] buf, int offset) { try { mac.doFinal(buf, offset); } catch (ShortBufferException e) { - System.err.println(e); + if (JSch.getLogger().isEnabled(Logger.ERROR)) { + JSch.getLogger().log(Logger.ERROR, e.getMessage(), e); + } } } diff --git a/src/main/java/com/jcraft/jsch/jce/HMACMD5.java b/src/main/java/com/jcraft/jsch/jce/HMACMD5.java index 00581652..681d3baa 100644 --- a/src/main/java/com/jcraft/jsch/jce/HMACMD5.java +++ b/src/main/java/com/jcraft/jsch/jce/HMACMD5.java @@ -26,10 +26,6 @@ package com.jcraft.jsch.jce; -import com.jcraft.jsch.MAC; -import javax.crypto.*; -import javax.crypto.spec.*; - public class HMACMD5 extends HMAC { public HMACMD5() { name = "hmac-md5"; diff --git a/src/main/java/com/jcraft/jsch/jce/HMACMD5ETM.java b/src/main/java/com/jcraft/jsch/jce/HMACMD5ETM.java index 97b835b9..e490fad4 100644 --- a/src/main/java/com/jcraft/jsch/jce/HMACMD5ETM.java +++ b/src/main/java/com/jcraft/jsch/jce/HMACMD5ETM.java @@ -26,10 +26,6 @@ package com.jcraft.jsch.jce; -import com.jcraft.jsch.MAC; -import javax.crypto.*; -import javax.crypto.spec.*; - public class HMACMD5ETM extends HMACMD5 { public HMACMD5ETM() { name = "hmac-md5-etm@openssh.com"; diff --git a/src/main/java/com/jcraft/jsch/jce/KeyPairGenDSA.java b/src/main/java/com/jcraft/jsch/jce/KeyPairGenDSA.java index 56682dea..29c06c96 100644 --- a/src/main/java/com/jcraft/jsch/jce/KeyPairGenDSA.java +++ b/src/main/java/com/jcraft/jsch/jce/KeyPairGenDSA.java @@ -26,8 +26,15 @@ package com.jcraft.jsch.jce; -import java.security.*; -import java.security.interfaces.*; +import java.security.KeyPair; +import java.security.KeyPairGenerator; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.SecureRandom; +import java.security.interfaces.DSAKey; +import java.security.interfaces.DSAParams; +import java.security.interfaces.DSAPrivateKey; +import java.security.interfaces.DSAPublicKey; public class KeyPairGenDSA implements com.jcraft.jsch.KeyPairGenDSA { byte[] x; // private diff --git a/src/main/java/com/jcraft/jsch/jce/KeyPairGenECDSA.java b/src/main/java/com/jcraft/jsch/jce/KeyPairGenECDSA.java index d0587e1e..ac678491 100644 --- a/src/main/java/com/jcraft/jsch/jce/KeyPairGenECDSA.java +++ b/src/main/java/com/jcraft/jsch/jce/KeyPairGenECDSA.java @@ -26,10 +26,14 @@ package com.jcraft.jsch.jce; -import java.security.*; -import java.security.interfaces.*; -import java.security.spec.*; import com.jcraft.jsch.JSchException; +import java.security.KeyPair; +import java.security.KeyPairGenerator; +import java.security.interfaces.ECPrivateKey; +import java.security.interfaces.ECPublicKey; +import java.security.spec.ECGenParameterSpec; +import java.security.spec.ECParameterSpec; +import java.security.spec.ECPoint; public class KeyPairGenECDSA implements com.jcraft.jsch.KeyPairGenECDSA { byte[] d; diff --git a/src/main/java/com/jcraft/jsch/jce/KeyPairGenEdDSA.java b/src/main/java/com/jcraft/jsch/jce/KeyPairGenEdDSA.java new file mode 100644 index 00000000..3f684ebc --- /dev/null +++ b/src/main/java/com/jcraft/jsch/jce/KeyPairGenEdDSA.java @@ -0,0 +1,49 @@ +/* + * Copyright (c) 2002-2018 ymnk, JCraft,Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, are permitted + * provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this list of conditions + * and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, this list of + * conditions and the following disclaimer in the documentation and/or other materials provided with + * the distribution. + * + * 3. The names of the authors may not be used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL JCRAFT, INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY + * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +package com.jcraft.jsch.jce; + +public class KeyPairGenEdDSA implements com.jcraft.jsch.KeyPairGenEdDSA { + + public KeyPairGenEdDSA() { + throw new UnsupportedOperationException("KeyPairGenEdDSA requires Java15+."); + } + + @Override + public void init(String name, int keylen) throws Exception { + throw new UnsupportedOperationException("KeyPairGenEdDSA requires Java15+."); + } + + @Override + public byte[] getPrv() { + throw new UnsupportedOperationException("KeyPairGenEdDSA requires Java15+."); + } + + @Override + public byte[] getPub() { + throw new UnsupportedOperationException("KeyPairGenEdDSA requires Java15+."); + } +} diff --git a/src/main/java/com/jcraft/jsch/jce/KeyPairGenRSA.java b/src/main/java/com/jcraft/jsch/jce/KeyPairGenRSA.java index 32c82d5f..5a04940c 100644 --- a/src/main/java/com/jcraft/jsch/jce/KeyPairGenRSA.java +++ b/src/main/java/com/jcraft/jsch/jce/KeyPairGenRSA.java @@ -26,8 +26,14 @@ package com.jcraft.jsch.jce; -import java.security.*; -import java.security.interfaces.*; +import java.security.KeyPair; +import java.security.KeyPairGenerator; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.SecureRandom; +import java.security.interfaces.RSAPrivateCrtKey; +import java.security.interfaces.RSAPrivateKey; +import java.security.interfaces.RSAPublicKey; public class KeyPairGenRSA implements com.jcraft.jsch.KeyPairGenRSA { byte[] d; // private diff --git a/src/main/java/com/jcraft/jsch/jce/MD5.java b/src/main/java/com/jcraft/jsch/jce/MD5.java index 19267302..21afabb7 100644 --- a/src/main/java/com/jcraft/jsch/jce/MD5.java +++ b/src/main/java/com/jcraft/jsch/jce/MD5.java @@ -27,8 +27,7 @@ package com.jcraft.jsch.jce; import com.jcraft.jsch.HASH; - -import java.security.*; +import java.security.MessageDigest; public class MD5 implements HASH { MessageDigest md; @@ -40,11 +39,7 @@ public int getBlockSize() { @Override public void init() throws Exception { - try { - md = MessageDigest.getInstance("MD5"); - } catch (Exception e) { - System.err.println(e); - } + md = MessageDigest.getInstance("MD5"); } @Override diff --git a/src/main/java/com/jcraft/jsch/jce/PBKDF.java b/src/main/java/com/jcraft/jsch/jce/PBKDF.java index 8cc6a315..2cfb574b 100644 --- a/src/main/java/com/jcraft/jsch/jce/PBKDF.java +++ b/src/main/java/com/jcraft/jsch/jce/PBKDF.java @@ -26,16 +26,12 @@ package com.jcraft.jsch.jce; -import com.jcraft.jsch.HASH; - -import javax.crypto.spec.PBEKeySpec; -import javax.crypto.SecretKeyFactory; -import java.security.spec.InvalidKeySpecException; import java.security.NoSuchAlgorithmException; +import java.security.spec.InvalidKeySpecException; +import javax.crypto.SecretKeyFactory; +import javax.crypto.spec.PBEKeySpec; -/** - * Use PBKDF2 instead. - */ +/** Use PBKDF2 instead. */ @Deprecated public class PBKDF implements com.jcraft.jsch.PBKDF { @Override diff --git a/src/main/java/com/jcraft/jsch/jce/PBKDF2.java b/src/main/java/com/jcraft/jsch/jce/PBKDF2.java index ef466e15..8279d69a 100644 --- a/src/main/java/com/jcraft/jsch/jce/PBKDF2.java +++ b/src/main/java/com/jcraft/jsch/jce/PBKDF2.java @@ -26,10 +26,9 @@ package com.jcraft.jsch.jce; -import javax.crypto.spec.PBEKeySpec; -import javax.crypto.SecretKeyFactory; import java.security.spec.InvalidKeySpecException; -import java.security.NoSuchAlgorithmException; +import javax.crypto.SecretKeyFactory; +import javax.crypto.spec.PBEKeySpec; abstract class PBKDF2 implements com.jcraft.jsch.PBKDF2 { private SecretKeyFactory skf; diff --git a/src/main/java/com/jcraft/jsch/jce/PBKDF2HMACSHA512224.java b/src/main/java/com/jcraft/jsch/jce/PBKDF2HMACSHA512224.java new file mode 100644 index 00000000..de9a04ba --- /dev/null +++ b/src/main/java/com/jcraft/jsch/jce/PBKDF2HMACSHA512224.java @@ -0,0 +1,34 @@ +/* + * Copyright (c) 2013-2018 ymnk, JCraft,Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, are permitted + * provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this list of conditions + * and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, this list of + * conditions and the following disclaimer in the documentation and/or other materials provided with + * the distribution. + * + * 3. The names of the authors may not be used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL JCRAFT, INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY + * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +package com.jcraft.jsch.jce; + +public class PBKDF2HMACSHA512224 extends PBKDF2 { + @Override + String getName() { + return "PBKDF2WithHmacSHA512/224"; + } +} diff --git a/src/main/java/com/jcraft/jsch/jce/PBKDF2HMACSHA512256.java b/src/main/java/com/jcraft/jsch/jce/PBKDF2HMACSHA512256.java new file mode 100644 index 00000000..cf1db901 --- /dev/null +++ b/src/main/java/com/jcraft/jsch/jce/PBKDF2HMACSHA512256.java @@ -0,0 +1,34 @@ +/* + * Copyright (c) 2013-2018 ymnk, JCraft,Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, are permitted + * provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this list of conditions + * and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, this list of + * conditions and the following disclaimer in the documentation and/or other materials provided with + * the distribution. + * + * 3. The names of the authors may not be used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL JCRAFT, INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY + * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +package com.jcraft.jsch.jce; + +public class PBKDF2HMACSHA512256 extends PBKDF2 { + @Override + String getName() { + return "PBKDF2WithHmacSHA512/256"; + } +} diff --git a/src/main/java/com/jcraft/jsch/jce/SHA1.java b/src/main/java/com/jcraft/jsch/jce/SHA1.java index 5684536e..47967818 100644 --- a/src/main/java/com/jcraft/jsch/jce/SHA1.java +++ b/src/main/java/com/jcraft/jsch/jce/SHA1.java @@ -27,8 +27,7 @@ package com.jcraft.jsch.jce; import com.jcraft.jsch.HASH; - -import java.security.*; +import java.security.MessageDigest; public class SHA1 implements HASH { MessageDigest md; @@ -40,11 +39,7 @@ public int getBlockSize() { @Override public void init() throws Exception { - try { - md = MessageDigest.getInstance("SHA-1"); - } catch (Exception e) { - System.err.println(e); - } + md = MessageDigest.getInstance("SHA-1"); } @Override diff --git a/src/main/java/com/jcraft/jsch/jce/SHA224.java b/src/main/java/com/jcraft/jsch/jce/SHA224.java index 44105378..7eef4fa4 100644 --- a/src/main/java/com/jcraft/jsch/jce/SHA224.java +++ b/src/main/java/com/jcraft/jsch/jce/SHA224.java @@ -27,8 +27,7 @@ package com.jcraft.jsch.jce; import com.jcraft.jsch.HASH; - -import java.security.*; +import java.security.MessageDigest; public class SHA224 implements HASH { MessageDigest md; @@ -40,11 +39,7 @@ public int getBlockSize() { @Override public void init() throws Exception { - try { - md = MessageDigest.getInstance("SHA-224"); - } catch (Exception e) { - System.err.println(e); - } + md = MessageDigest.getInstance("SHA-224"); } @Override diff --git a/src/main/java/com/jcraft/jsch/jce/SHA256.java b/src/main/java/com/jcraft/jsch/jce/SHA256.java index fbd1a0bc..67288a1a 100644 --- a/src/main/java/com/jcraft/jsch/jce/SHA256.java +++ b/src/main/java/com/jcraft/jsch/jce/SHA256.java @@ -27,8 +27,7 @@ package com.jcraft.jsch.jce; import com.jcraft.jsch.HASH; - -import java.security.*; +import java.security.MessageDigest; public class SHA256 implements HASH { MessageDigest md; @@ -40,11 +39,7 @@ public int getBlockSize() { @Override public void init() throws Exception { - try { - md = MessageDigest.getInstance("SHA-256"); - } catch (Exception e) { - System.err.println(e); - } + md = MessageDigest.getInstance("SHA-256"); } @Override diff --git a/src/main/java/com/jcraft/jsch/jce/SHA384.java b/src/main/java/com/jcraft/jsch/jce/SHA384.java index bb176a75..662f3e0b 100644 --- a/src/main/java/com/jcraft/jsch/jce/SHA384.java +++ b/src/main/java/com/jcraft/jsch/jce/SHA384.java @@ -26,9 +26,10 @@ package com.jcraft.jsch.jce; -import java.security.*; +import com.jcraft.jsch.HASH; +import java.security.MessageDigest; -public class SHA384 implements com.jcraft.jsch.HASH { +public class SHA384 implements HASH { MessageDigest md; @Override @@ -38,11 +39,7 @@ public int getBlockSize() { @Override public void init() throws Exception { - try { - md = MessageDigest.getInstance("SHA-384"); - } catch (Exception e) { - System.err.println(e); - } + md = MessageDigest.getInstance("SHA-384"); } @Override diff --git a/src/main/java/com/jcraft/jsch/jce/SHA512.java b/src/main/java/com/jcraft/jsch/jce/SHA512.java index b7c5c291..5c2df9c3 100644 --- a/src/main/java/com/jcraft/jsch/jce/SHA512.java +++ b/src/main/java/com/jcraft/jsch/jce/SHA512.java @@ -26,9 +26,10 @@ package com.jcraft.jsch.jce; -import java.security.*; +import com.jcraft.jsch.HASH; +import java.security.MessageDigest; -public class SHA512 implements com.jcraft.jsch.HASH { +public class SHA512 implements HASH { MessageDigest md; @Override @@ -38,11 +39,7 @@ public int getBlockSize() { @Override public void init() throws Exception { - try { - md = MessageDigest.getInstance("SHA-512"); - } catch (Exception e) { - System.err.println(e); - } + md = MessageDigest.getInstance("SHA-512"); } @Override diff --git a/src/main/java/com/jcraft/jsch/jce/SignatureDSA.java b/src/main/java/com/jcraft/jsch/jce/SignatureDSA.java index fbbe11b0..5f6a687e 100644 --- a/src/main/java/com/jcraft/jsch/jce/SignatureDSA.java +++ b/src/main/java/com/jcraft/jsch/jce/SignatureDSA.java @@ -26,20 +26,24 @@ package com.jcraft.jsch.jce; +import com.jcraft.jsch.Buffer; import java.math.BigInteger; import java.nio.charset.StandardCharsets; -import java.security.*; -import java.security.spec.*; -import com.jcraft.jsch.Buffer; +import java.security.KeyFactory; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.Signature; +import java.security.spec.DSAPrivateKeySpec; +import java.security.spec.DSAPublicKeySpec; public class SignatureDSA implements com.jcraft.jsch.SignatureDSA { - java.security.Signature signature; + Signature signature; KeyFactory keyFactory; @Override public void init() throws Exception { - signature = java.security.Signature.getInstance("SHA1withDSA"); + signature = Signature.getInstance("SHA1withDSA"); keyFactory = KeyFactory.getInstance("DSA"); } @@ -131,15 +135,15 @@ public boolean verify(byte[] sig) throws Exception { tmp = new byte[length]; tmp[0] = (byte) 0x30; tmp[1] = (byte) (_frst.length + _scnd.length + 4); - tmp[1] += frst; - tmp[1] += scnd; + tmp[1] += (byte) frst; + tmp[1] += (byte) scnd; tmp[2] = (byte) 0x02; tmp[3] = (byte) _frst.length; - tmp[3] += frst; + tmp[3] += (byte) frst; System.arraycopy(_frst, 0, tmp, 4 + frst, _frst.length); tmp[4 + tmp[3]] = (byte) 0x02; tmp[5 + tmp[3]] = (byte) _scnd.length; - tmp[5 + tmp[3]] += scnd; + tmp[5 + tmp[3]] += (byte) scnd; System.arraycopy(_scnd, 0, tmp, 6 + tmp[3] + scnd, _scnd.length); sig = tmp; diff --git a/src/main/java/com/jcraft/jsch/jce/SignatureECDSAN.java b/src/main/java/com/jcraft/jsch/jce/SignatureECDSAN.java index b11755bb..307a043f 100644 --- a/src/main/java/com/jcraft/jsch/jce/SignatureECDSAN.java +++ b/src/main/java/com/jcraft/jsch/jce/SignatureECDSAN.java @@ -26,12 +26,21 @@ package com.jcraft.jsch.jce; -import java.math.BigInteger; -import java.security.*; -import java.security.spec.*; import com.jcraft.jsch.Buffer; - -abstract class SignatureECDSAN implements com.jcraft.jsch.SignatureECDSA { +import com.jcraft.jsch.SignatureECDSA; +import java.math.BigInteger; +import java.security.AlgorithmParameters; +import java.security.KeyFactory; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.Signature; +import java.security.spec.ECGenParameterSpec; +import java.security.spec.ECParameterSpec; +import java.security.spec.ECPoint; +import java.security.spec.ECPrivateKeySpec; +import java.security.spec.ECPublicKeySpec; + +abstract class SignatureECDSAN implements SignatureECDSA { Signature signature; KeyFactory keyFactory; @@ -46,7 +55,7 @@ public void init() throws Exception { foo = "SHA384withECDSA"; else if (name.equals("ecdsa-sha2-nistp521")) foo = "SHA512withECDSA"; - signature = java.security.Signature.getInstance(foo); + signature = Signature.getInstance(foo); keyFactory = KeyFactory.getInstance("EC"); } @@ -99,7 +108,7 @@ public byte[] sign() throws Exception { // so we have to convert it. if (sig[0] == 0x30 && // in ASN.1 ((sig[1] + 2 == sig.length) - || ((sig[1] & 0x80) != 0 && (sig[2] & 0xff) + 3 == sig.length))) {// 2bytes for len + || ((sig[1] & 0x80) != 0 && (sig[2] & 0xff) + 3 == sig.length))) { // 2bytes for len int index = 3; if ((sig[1] & 0x80) != 0 && (sig[2] & 0xff) + 3 == sig.length) diff --git a/src/main/java/com/jcraft/jsch/jce/SignatureEd25519.java b/src/main/java/com/jcraft/jsch/jce/SignatureEd25519.java new file mode 100644 index 00000000..0c1b604d --- /dev/null +++ b/src/main/java/com/jcraft/jsch/jce/SignatureEd25519.java @@ -0,0 +1,66 @@ +/* + * Copyright (c) 2015-2018 ymnk, JCraft,Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, are permitted + * provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this list of conditions + * and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, this list of + * conditions and the following disclaimer in the documentation and/or other materials provided with + * the distribution. + * + * 3. The names of the authors may not be used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL JCRAFT, INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY + * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +package com.jcraft.jsch.jce; + +import com.jcraft.jsch.SignatureEdDSA; + +public class SignatureEd25519 implements SignatureEdDSA { + + public SignatureEd25519() { + throw new UnsupportedOperationException("SignatureEd25519 requires Java15+."); + } + + @Override + public void init() throws Exception { + throw new UnsupportedOperationException("SignatureEd25519 requires Java15+."); + } + + @Override + public void setPubKey(byte[] y_arr) throws Exception { + throw new UnsupportedOperationException("SignatureEd25519 requires Java15+."); + } + + @Override + public void setPrvKey(byte[] bytes) throws Exception { + throw new UnsupportedOperationException("SignatureEd25519 requires Java15+."); + } + + @Override + public byte[] sign() throws Exception { + throw new UnsupportedOperationException("SignatureEd25519 requires Java15+."); + } + + @Override + public void update(byte[] foo) throws Exception { + throw new UnsupportedOperationException("SignatureEd25519 requires Java15+."); + } + + @Override + public boolean verify(byte[] sig) throws Exception { + throw new UnsupportedOperationException("SignatureEd25519 requires Java15+."); + } +} diff --git a/src/main/java/com/jcraft/jsch/jce/SignatureEd448.java b/src/main/java/com/jcraft/jsch/jce/SignatureEd448.java new file mode 100644 index 00000000..2addd66f --- /dev/null +++ b/src/main/java/com/jcraft/jsch/jce/SignatureEd448.java @@ -0,0 +1,66 @@ +/* + * Copyright (c) 2015-2018 ymnk, JCraft,Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, are permitted + * provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this list of conditions + * and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, this list of + * conditions and the following disclaimer in the documentation and/or other materials provided with + * the distribution. + * + * 3. The names of the authors may not be used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL JCRAFT, INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY + * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +package com.jcraft.jsch.jce; + +import com.jcraft.jsch.SignatureEdDSA; + +public class SignatureEd448 implements SignatureEdDSA { + + public SignatureEd448() { + throw new UnsupportedOperationException("SignatureEd448 requires Java15+."); + } + + @Override + public void init() throws Exception { + throw new UnsupportedOperationException("SignatureEd448 requires Java15+."); + } + + @Override + public void setPubKey(byte[] y_arr) throws Exception { + throw new UnsupportedOperationException("SignatureEd448 requires Java15+."); + } + + @Override + public void setPrvKey(byte[] bytes) throws Exception { + throw new UnsupportedOperationException("SignatureEd448 requires Java15+."); + } + + @Override + public byte[] sign() throws Exception { + throw new UnsupportedOperationException("SignatureEd448 requires Java15+."); + } + + @Override + public void update(byte[] foo) throws Exception { + throw new UnsupportedOperationException("SignatureEd448 requires Java15+."); + } + + @Override + public boolean verify(byte[] sig) throws Exception { + throw new UnsupportedOperationException("SignatureEd448 requires Java15+."); + } +} diff --git a/src/main/java/com/jcraft/jsch/jce/SignatureRSAN.java b/src/main/java/com/jcraft/jsch/jce/SignatureRSAN.java index 1a98267f..e1f5f392 100644 --- a/src/main/java/com/jcraft/jsch/jce/SignatureRSAN.java +++ b/src/main/java/com/jcraft/jsch/jce/SignatureRSAN.java @@ -26,15 +26,20 @@ package com.jcraft.jsch.jce; +import com.jcraft.jsch.Buffer; +import com.jcraft.jsch.SignatureRSA; import java.math.BigInteger; import java.nio.charset.StandardCharsets; -import java.security.*; -import java.security.spec.*; -import com.jcraft.jsch.Buffer; +import java.security.KeyFactory; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.Signature; +import java.security.spec.RSAPrivateKeySpec; +import java.security.spec.RSAPublicKeySpec; -abstract class SignatureRSAN implements com.jcraft.jsch.SignatureRSA { +abstract class SignatureRSAN implements SignatureRSA { - java.security.Signature signature; + Signature signature; KeyFactory keyFactory; abstract String getName(); @@ -51,7 +56,7 @@ else if (name.equals("ssh-rsa-sha384@ssh.com")) foo = "SHA384withRSA"; else if (name.equals("ssh-rsa-sha224@ssh.com")) foo = "SHA224withRSA"; - signature = java.security.Signature.getInstance(foo); + signature = Signature.getInstance(foo); keyFactory = KeyFactory.getInstance("RSA"); } diff --git a/src/main/java/com/jcraft/jsch/jce/TripleDESCBC.java b/src/main/java/com/jcraft/jsch/jce/TripleDESCBC.java index 93442843..35150857 100644 --- a/src/main/java/com/jcraft/jsch/jce/TripleDESCBC.java +++ b/src/main/java/com/jcraft/jsch/jce/TripleDESCBC.java @@ -26,14 +26,16 @@ package com.jcraft.jsch.jce; -import com.jcraft.jsch.Cipher; -import javax.crypto.*; -import javax.crypto.spec.*; +import javax.crypto.Cipher; +import javax.crypto.SecretKey; +import javax.crypto.SecretKeyFactory; +import javax.crypto.spec.DESedeKeySpec; +import javax.crypto.spec.IvParameterSpec; -public class TripleDESCBC implements Cipher { +public class TripleDESCBC implements com.jcraft.jsch.Cipher { private static final int ivsize = 8; private static final int bsize = 24; - private javax.crypto.Cipher cipher; + private Cipher cipher; @Override public int getIVSize() { @@ -47,8 +49,6 @@ public int getBlockSize() { @Override public void init(int mode, byte[] key, byte[] iv) throws Exception { - String pad = "NoPadding"; - // if(padding) pad="PKCS5Padding"; byte[] tmp; if (iv.length > ivsize) { tmp = new byte[ivsize]; @@ -62,18 +62,18 @@ public void init(int mode, byte[] key, byte[] iv) throws Exception { } try { - cipher = javax.crypto.Cipher.getInstance("DESede/CBC/" + pad); + cipher = Cipher.getInstance("DESede/CBC/NoPadding"); /* * // The following code does not work on IBM's JDK 1.4.1 SecretKeySpec skeySpec = new - * SecretKeySpec(key, "DESede"); cipher.init((mode==ENCRYPT_MODE? - * javax.crypto.Cipher.ENCRYPT_MODE: javax.crypto.Cipher.DECRYPT_MODE), skeySpec, new - * IvParameterSpec(iv)); + * SecretKeySpec(key, "DESede"); cipher.init((mode==com.jcraft.jsch.Cipher.ENCRYPT_MODE? + * Cipher.ENCRYPT_MODE: Cipher.DECRYPT_MODE), skeySpec, new IvParameterSpec(iv)); */ DESedeKeySpec keyspec = new DESedeKeySpec(key); SecretKeyFactory keyfactory = SecretKeyFactory.getInstance("DESede"); SecretKey _key = keyfactory.generateSecret(keyspec); - cipher.init((mode == ENCRYPT_MODE ? javax.crypto.Cipher.ENCRYPT_MODE - : javax.crypto.Cipher.DECRYPT_MODE), _key, new IvParameterSpec(iv)); + cipher.init( + (mode == com.jcraft.jsch.Cipher.ENCRYPT_MODE ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE), + _key, new IvParameterSpec(iv)); } catch (Exception e) { cipher = null; throw e; diff --git a/src/main/java/com/jcraft/jsch/jce/TripleDESCTR.java b/src/main/java/com/jcraft/jsch/jce/TripleDESCTR.java index c4fd3338..de10ca35 100644 --- a/src/main/java/com/jcraft/jsch/jce/TripleDESCTR.java +++ b/src/main/java/com/jcraft/jsch/jce/TripleDESCTR.java @@ -26,14 +26,16 @@ package com.jcraft.jsch.jce; -import com.jcraft.jsch.Cipher; -import javax.crypto.*; -import javax.crypto.spec.*; +import javax.crypto.Cipher; +import javax.crypto.SecretKey; +import javax.crypto.SecretKeyFactory; +import javax.crypto.spec.DESedeKeySpec; +import javax.crypto.spec.IvParameterSpec; -public class TripleDESCTR implements Cipher { +public class TripleDESCTR implements com.jcraft.jsch.Cipher { private static final int ivsize = 8; private static final int bsize = 24; - private javax.crypto.Cipher cipher; + private Cipher cipher; @Override public int getIVSize() { @@ -47,8 +49,6 @@ public int getBlockSize() { @Override public void init(int mode, byte[] key, byte[] iv) throws Exception { - String pad = "NoPadding"; - // if(padding) pad="PKCS5Padding"; byte[] tmp; if (iv.length > ivsize) { tmp = new byte[ivsize]; @@ -62,18 +62,18 @@ public void init(int mode, byte[] key, byte[] iv) throws Exception { } try { - cipher = javax.crypto.Cipher.getInstance("DESede/CTR/" + pad); + cipher = Cipher.getInstance("DESede/CTR/NoPadding"); /* * // The following code does not work on IBM's JDK 1.4.1 SecretKeySpec skeySpec = new - * SecretKeySpec(key, "DESede"); cipher.init((mode==ENCRYPT_MODE? - * javax.crypto.Cipher.ENCRYPT_MODE: javax.crypto.Cipher.DECRYPT_MODE), skeySpec, new - * IvParameterSpec(iv)); + * SecretKeySpec(key, "DESede"); cipher.init((mode==com.jcraft.jsch.Cipher.ENCRYPT_MODE? + * Cipher.ENCRYPT_MODE: Cipher.DECRYPT_MODE), skeySpec, new IvParameterSpec(iv)); */ DESedeKeySpec keyspec = new DESedeKeySpec(key); SecretKeyFactory keyfactory = SecretKeyFactory.getInstance("DESede"); SecretKey _key = keyfactory.generateSecret(keyspec); - cipher.init((mode == ENCRYPT_MODE ? javax.crypto.Cipher.ENCRYPT_MODE - : javax.crypto.Cipher.DECRYPT_MODE), _key, new IvParameterSpec(iv)); + cipher.init( + (mode == com.jcraft.jsch.Cipher.ENCRYPT_MODE ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE), + _key, new IvParameterSpec(iv)); } catch (Exception e) { cipher = null; throw e; diff --git a/src/main/java11/com/jcraft/jsch/jce/KeyPairGenXEC.java b/src/main/java/com/jcraft/jsch/jce/XDH.java similarity index 69% rename from src/main/java11/com/jcraft/jsch/jce/KeyPairGenXEC.java rename to src/main/java/com/jcraft/jsch/jce/XDH.java index 1935bfd3..83379f1e 100644 --- a/src/main/java11/com/jcraft/jsch/jce/KeyPairGenXEC.java +++ b/src/main/java/com/jcraft/jsch/jce/XDH.java @@ -26,29 +26,29 @@ package com.jcraft.jsch.jce; -import java.security.*; -import java.security.interfaces.*; -import java.security.spec.*; +public class XDH implements com.jcraft.jsch.XDH { -public class KeyPairGenXEC implements com.jcraft.jsch.KeyPairGenXEC { - XECPublicKey pubKey; - XECPrivateKey prvKey; + public XDH() { + throw new UnsupportedOperationException("XDH requires Java11+."); + } + + @Override + public void init(String name, int keylen) throws Exception { + throw new UnsupportedOperationException("XDH requires Java11+."); + } @Override - public void init(String name) throws Exception { - KeyPairGenerator kpg = KeyPairGenerator.getInstance("XDH"); - NamedParameterSpec paramSpec = new NamedParameterSpec(name); - kpg.initialize(paramSpec); - KeyPair kp = kpg.genKeyPair(); - prvKey = (XECPrivateKey) kp.getPrivate(); - pubKey = (XECPublicKey) kp.getPublic(); + public byte[] getQ() throws Exception { + throw new UnsupportedOperationException("XDH requires Java11+."); } - XECPublicKey getPublicKey() { - return pubKey; + @Override + public byte[] getSecret(byte[] Q) throws Exception { + throw new UnsupportedOperationException("XDH requires Java11+."); } - XECPrivateKey getPrivateKey() { - return prvKey; + @Override + public boolean validate(byte[] u) throws Exception { + throw new UnsupportedOperationException("XDH requires Java11+."); } } diff --git a/src/main/java/com/jcraft/jsch/jgss/GSSContextKrb5.java b/src/main/java/com/jcraft/jsch/jgss/GSSContextKrb5.java index 5a2a1698..689da9c4 100644 --- a/src/main/java/com/jcraft/jsch/jgss/GSSContextKrb5.java +++ b/src/main/java/com/jcraft/jsch/jgss/GSSContextKrb5.java @@ -27,7 +27,6 @@ package com.jcraft.jsch.jgss; import com.jcraft.jsch.JSchException; - import java.net.InetAddress; import java.net.UnknownHostException; import org.ietf.jgss.GSSContext; diff --git a/src/main/java/com/jcraft/jsch/juz/Compression.java b/src/main/java/com/jcraft/jsch/juz/Compression.java index 0fbd5667..990c40e3 100644 --- a/src/main/java/com/jcraft/jsch/juz/Compression.java +++ b/src/main/java/com/jcraft/jsch/juz/Compression.java @@ -1,13 +1,17 @@ package com.jcraft.jsch.juz; -import com.jcraft.jsch.*; +import com.jcraft.jsch.JSch; +import com.jcraft.jsch.Logger; +import com.jcraft.jsch.Session; import java.util.function.Supplier; +import java.util.zip.DataFormatException; import java.util.zip.Deflater; import java.util.zip.Inflater; /** * This example demonstrates the packet compression without using jzlib[1]. * + *
* The ssh protocol adopts zlib[2] for the packet compression. Fortunately, JDK has provided wrapper * classes for zlib(j.u.z.{Deflater, Inflater}), but it does not expose enough functionality of * zlib, unfortunately; it must not allow to compress data with SYNC_FLUSH. So, JSch has been using @@ -15,12 +19,12 @@ * j.u.z.Deflater, and SYNC_FLUSH has been supported at last. This example shows how to enable the * packet compression by using JDK's java.util.zip package. * - * + *
* [1] http://www.jcraft.com/jzlib/ [2] http://www.zlib.net/ [3]
* https://bugs.openjdk.java.net/browse/JDK-4206909
*/
public class Compression implements com.jcraft.jsch.Compression {
- static private final int BUF_SIZE = 4096;
+ private static final int BUF_SIZE = 4096;
private final int buffer_margin = 32 + 20; // AES256 + HMACSHA1
private Deflater deflater;
private Inflater inflater;
@@ -115,7 +119,7 @@ public byte[] uncompress(byte[] buf, int start, int[] len) {
System.arraycopy(tmpbuf, 0, inflated_buf, inflated_end, result);
inflated_end += result;
} while (inflater.getRemaining() > 0);
- } catch (java.util.zip.DataFormatException e) {
+ } catch (DataFormatException e) {
logMessage(Logger.WARN, () -> "an exception during uncompress\n" + e.toString());
}
diff --git a/src/main/java/com/jcraft/jsch/jzlib/Adler32.java b/src/main/java/com/jcraft/jsch/jzlib/Adler32.java
index 6fbfad83..a20b8907 100644
--- a/src/main/java/com/jcraft/jsch/jzlib/Adler32.java
+++ b/src/main/java/com/jcraft/jsch/jzlib/Adler32.java
@@ -33,9 +33,9 @@
final class Adler32 implements Checksum {
// largest prime smaller than 65536
- static final private int BASE = 65521;
+ private static final int BASE = 65521;
// NMAX is the largest n such that 255n(n+1)/2 + (n+1)(BASE-1) <= 2^32-1
- static final private int NMAX = 5552;
+ private static final int NMAX = 5552;
private long s1 = 1L;
private long s2 = 0L;
diff --git a/src/main/java/com/jcraft/jsch/jzlib/CRC32.java b/src/main/java/com/jcraft/jsch/jzlib/CRC32.java
index 7c311a8d..6e9591ec 100644
--- a/src/main/java/com/jcraft/jsch/jzlib/CRC32.java
+++ b/src/main/java/com/jcraft/jsch/jzlib/CRC32.java
@@ -37,6 +37,7 @@ final class CRC32 implements Checksum {
*/
private int v = 0;
private static int[] crc_table = null;
+
static {
crc_table = new int[256];
for (int n = 0; n < 256; n++) {
diff --git a/src/main/java/com/jcraft/jsch/jzlib/Compression.java b/src/main/java/com/jcraft/jsch/jzlib/Compression.java
index 809373d8..279ee189 100644
--- a/src/main/java/com/jcraft/jsch/jzlib/Compression.java
+++ b/src/main/java/com/jcraft/jsch/jzlib/Compression.java
@@ -26,14 +26,14 @@
package com.jcraft.jsch.jzlib;
-import java.util.function.Supplier;
import com.jcraft.jsch.JSch;
import com.jcraft.jsch.Logger;
import com.jcraft.jsch.Session;
import java.io.UncheckedIOException;
+import java.util.function.Supplier;
public class Compression implements com.jcraft.jsch.Compression {
- static private final int BUF_SIZE = 4096;
+ private static final int BUF_SIZE = 4096;
private final int buffer_margin = 32 + 20; // AES256 + HMACSHA1
private Deflater deflater;
private Inflater inflater;
diff --git a/src/main/java/com/jcraft/jsch/jzlib/Deflate.java b/src/main/java/com/jcraft/jsch/jzlib/Deflate.java
index e2dd7068..4e15b04c 100644
--- a/src/main/java/com/jcraft/jsch/jzlib/Deflate.java
+++ b/src/main/java/com/jcraft/jsch/jzlib/Deflate.java
@@ -32,12 +32,12 @@
final class Deflate implements Cloneable {
- static final private int MAX_MEM_LEVEL = 9;
+ private static final int MAX_MEM_LEVEL = 9;
- static final private int Z_DEFAULT_COMPRESSION = -1;
+ private static final int Z_DEFAULT_COMPRESSION = -1;
- static final private int MAX_WBITS = 15; // 32K LZ77 window
- static final private int DEF_MEM_LEVEL = 8;
+ private static final int MAX_WBITS = 15; // 32K LZ77 window
+ private static final int DEF_MEM_LEVEL = 8;
static class Config {
int good_length; // reduce lazy search above this match length
@@ -55,10 +55,11 @@ static class Config {
}
}
- static final private int STORED = 0;
- static final private int FAST = 1;
- static final private int SLOW = 2;
- static final private Config[] config_table;
+ private static final int STORED = 0;
+ private static final int FAST = 1;
+ private static final int SLOW = 2;
+ private static final Config[] config_table;
+
static {
config_table = new Config[10];
// good lazy nice chain
@@ -75,7 +76,7 @@ static class Config {
config_table[9] = new Config(32, 258, 258, 4096, SLOW);
}
- static final private String[] z_errmsg = {"need dictionary", // Z_NEED_DICT 2
+ private static final String[] z_errmsg = {"need dictionary", // Z_NEED_DICT 2
"stream end", // Z_STREAM_END 1
"", // Z_OK 0
"file error", // Z_ERRNO (-1)
@@ -87,80 +88,80 @@ static class Config {
""};
// block not completed, need more input or more output
- static final private int NeedMore = 0;
+ private static final int NeedMore = 0;
// block flush performed
- static final private int BlockDone = 1;
+ private static final int BlockDone = 1;
// finish started, need only more output at next deflate
- static final private int FinishStarted = 2;
+ private static final int FinishStarted = 2;
// finish done, accept no more input or output
- static final private int FinishDone = 3;
+ private static final int FinishDone = 3;
// preset dictionary flag in zlib header
- static final private int PRESET_DICT = 0x20;
-
- static final private int Z_FILTERED = 1;
- static final private int Z_HUFFMAN_ONLY = 2;
- static final private int Z_DEFAULT_STRATEGY = 0;
-
- static final private int Z_NO_FLUSH = 0;
- static final private int Z_PARTIAL_FLUSH = 1;
- static final private int Z_SYNC_FLUSH = 2;
- static final private int Z_FULL_FLUSH = 3;
- static final private int Z_FINISH = 4;
-
- static final private int Z_OK = 0;
- static final private int Z_STREAM_END = 1;
- static final private int Z_NEED_DICT = 2;
- static final private int Z_ERRNO = -1;
- static final private int Z_STREAM_ERROR = -2;
- static final private int Z_DATA_ERROR = -3;
- static final private int Z_MEM_ERROR = -4;
- static final private int Z_BUF_ERROR = -5;
- static final private int Z_VERSION_ERROR = -6;
-
- static final private int INIT_STATE = 42;
- static final private int BUSY_STATE = 113;
- static final private int FINISH_STATE = 666;
+ private static final int PRESET_DICT = 0x20;
+
+ private static final int Z_FILTERED = 1;
+ private static final int Z_HUFFMAN_ONLY = 2;
+ private static final int Z_DEFAULT_STRATEGY = 0;
+
+ private static final int Z_NO_FLUSH = 0;
+ private static final int Z_PARTIAL_FLUSH = 1;
+ private static final int Z_SYNC_FLUSH = 2;
+ private static final int Z_FULL_FLUSH = 3;
+ private static final int Z_FINISH = 4;
+
+ private static final int Z_OK = 0;
+ private static final int Z_STREAM_END = 1;
+ private static final int Z_NEED_DICT = 2;
+ private static final int Z_ERRNO = -1;
+ private static final int Z_STREAM_ERROR = -2;
+ private static final int Z_DATA_ERROR = -3;
+ private static final int Z_MEM_ERROR = -4;
+ private static final int Z_BUF_ERROR = -5;
+ private static final int Z_VERSION_ERROR = -6;
+
+ private static final int INIT_STATE = 42;
+ private static final int BUSY_STATE = 113;
+ private static final int FINISH_STATE = 666;
// The deflate compression method
- static final private int Z_DEFLATED = 8;
+ private static final int Z_DEFLATED = 8;
- static final private int STORED_BLOCK = 0;
- static final private int STATIC_TREES = 1;
- static final private int DYN_TREES = 2;
+ private static final int STORED_BLOCK = 0;
+ private static final int STATIC_TREES = 1;
+ private static final int DYN_TREES = 2;
// The three kinds of block type
- static final private int Z_BINARY = 0;
- static final private int Z_ASCII = 1;
- static final private int Z_UNKNOWN = 2;
+ private static final int Z_BINARY = 0;
+ private static final int Z_ASCII = 1;
+ private static final int Z_UNKNOWN = 2;
- static final private int Buf_size = 8 * 2;
+ private static final int Buf_size = 8 * 2;
// repeat previous bit length 3-6 times (2 bits of repeat count)
- static final private int REP_3_6 = 16;
+ private static final int REP_3_6 = 16;
// repeat a zero length 3-10 times (3 bits of repeat count)
- static final private int REPZ_3_10 = 17;
+ private static final int REPZ_3_10 = 17;
// repeat a zero length 11-138 times (7 bits of repeat count)
- static final private int REPZ_11_138 = 18;
+ private static final int REPZ_11_138 = 18;
- static final private int MIN_MATCH = 3;
- static final private int MAX_MATCH = 258;
- static final private int MIN_LOOKAHEAD = (MAX_MATCH + MIN_MATCH + 1);
+ private static final int MIN_MATCH = 3;
+ private static final int MAX_MATCH = 258;
+ private static final int MIN_LOOKAHEAD = (MAX_MATCH + MIN_MATCH + 1);
- static final private int MAX_BITS = 15;
- static final private int D_CODES = 30;
- static final private int BL_CODES = 19;
- static final private int LENGTH_CODES = 29;
- static final private int LITERALS = 256;
- static final private int L_CODES = (LITERALS + 1 + LENGTH_CODES);
- static final private int HEAP_SIZE = (2 * L_CODES + 1);
+ private static final int MAX_BITS = 15;
+ private static final int D_CODES = 30;
+ private static final int BL_CODES = 19;
+ private static final int LENGTH_CODES = 29;
+ private static final int LITERALS = 256;
+ private static final int L_CODES = (LITERALS + 1 + LENGTH_CODES);
+ private static final int HEAP_SIZE = (2 * L_CODES + 1);
- static final private int END_BLOCK = 256;
+ private static final int END_BLOCK = 256;
ZStream strm; // pointer back to this zlib stream
int status; // as the name implies
@@ -435,7 +436,7 @@ void scan_tree(short[] tree, // the tree to be scanned
if (++count < max_count && curlen == nextlen) {
continue;
} else if (count < min_count) {
- bl_tree[curlen * 2] += count;
+ bl_tree[curlen * 2] += (short) count;
} else if (curlen != 0) {
if (curlen != prevlen)
bl_tree[curlen * 2]++;
@@ -487,7 +488,6 @@ int build_bl_tree() {
return max_blindex;
}
-
// Send the header for a block using dynamic Huffman trees: the counts, the
// lengths of the bit length codes, the literal tree and the distance tree.
// IN assertion: lcodes >= 257, dcodes >= 1, blcodes >= 4.
@@ -572,13 +572,13 @@ final void put_byte(byte c) {
}
final void put_short(int w) {
- put_byte((byte) (w/* &0xff */));
+ put_byte((byte) (w /* &0xff */));
put_byte((byte) (w >>> 8));
}
final void putShortMSB(int b) {
put_byte((byte) (b >> 8));
- put_byte((byte) (b/* &0xff */));
+ put_byte((byte) (b /* &0xff */));
}
final void send_code(int c, short[] tree) {
@@ -591,13 +591,13 @@ void send_bits(int value, int length) {
if (bi_valid > Buf_size - len) {
int val = value;
// bi_buf |= (val << bi_valid);
- bi_buf |= ((val << bi_valid) & 0xffff);
+ bi_buf |= (short) ((val << bi_valid) & 0xffff);
put_short(bi_buf);
bi_buf = (short) (val >>> (Buf_size - bi_valid));
bi_valid += len - Buf_size;
} else {
// bi_buf |= (value) << bi_valid;
- bi_buf |= (((value) << bi_valid) & 0xffff);
+ bi_buf |= (short) (((value) << bi_valid) & 0xffff);
bi_valid += len;
}
}
@@ -629,7 +629,6 @@ void _tr_align() {
last_eob_len = 7;
}
-
// Save the match info and tally the frequency counts. Return true if
// the current block must be flushed.
boolean _tr_tally(int dist, // distance of matched string
@@ -659,7 +658,7 @@ boolean _tr_tally(int dist, // distance of matched string
int in_length = strstart - block_start;
int dcode;
for (dcode = 0; dcode < D_CODES; dcode++) {
- out_length += (int) dyn_dtree[dcode * 2] * (5L + Tree.extra_dbits[dcode]);
+ out_length += (int) dyn_dtree[dcode * 2] * (5 + Tree.extra_dbits[dcode]);
}
out_length >>>= 3;
if ((matches < (last_lit / 2)) && out_length < in_length / 2)
@@ -835,7 +834,6 @@ int deflate_stored(int flush) {
flush_block_only(false);
if (strm.avail_out == 0)
return NeedMore;
-
}
// Flush if we may have to slide, otherwise block_start may become
@@ -869,7 +867,7 @@ void _tr_flush_block(int buf, // input block, or NULL if too old
int stored_len, // length of input block
boolean eof // true if this is the last block for a file
) {
- int opt_lenb, static_lenb;// opt_len and static_len in bytes
+ int opt_lenb, static_lenb; // opt_len and static_len in bytes
int max_blindex = 0; // index of last bit length code of non zero freq
// Build the Huffman trees unless a stored block is forced
@@ -1541,7 +1539,6 @@ int deflate(int flush) {
status = BUSY_STATE;
putShortMSB(header);
-
// Save the adler32 of the preset dictionary:
if (strstart != 0) {
long adler = strm.adler.getValue();
@@ -1620,7 +1617,7 @@ int deflate(int flush) {
// as a special marker by inflate_sync().
if (flush == Z_FULL_FLUSH) {
// state.head[s.hash_size-1]=0;
- for (int i = 0; i < hash_size/*-1*/; i++) // forget history
+ for (int i = 0; i < hash_size /*-1*/; i++) // forget history
head[i] = 0;
}
}
diff --git a/src/main/java/com/jcraft/jsch/jzlib/Deflater.java b/src/main/java/com/jcraft/jsch/jzlib/Deflater.java
index af2a74da..0941a214 100644
--- a/src/main/java/com/jcraft/jsch/jzlib/Deflater.java
+++ b/src/main/java/com/jcraft/jsch/jzlib/Deflater.java
@@ -32,26 +32,26 @@
final class Deflater extends ZStream {
- static final private int MAX_WBITS = 15; // 32K LZ77 window
- static final private int DEF_WBITS = MAX_WBITS;
-
- static final private int Z_NO_FLUSH = 0;
- static final private int Z_PARTIAL_FLUSH = 1;
- static final private int Z_SYNC_FLUSH = 2;
- static final private int Z_FULL_FLUSH = 3;
- static final private int Z_FINISH = 4;
-
- static final private int MAX_MEM_LEVEL = 9;
-
- static final private int Z_OK = 0;
- static final private int Z_STREAM_END = 1;
- static final private int Z_NEED_DICT = 2;
- static final private int Z_ERRNO = -1;
- static final private int Z_STREAM_ERROR = -2;
- static final private int Z_DATA_ERROR = -3;
- static final private int Z_MEM_ERROR = -4;
- static final private int Z_BUF_ERROR = -5;
- static final private int Z_VERSION_ERROR = -6;
+ private static final int MAX_WBITS = 15; // 32K LZ77 window
+ private static final int DEF_WBITS = MAX_WBITS;
+
+ private static final int Z_NO_FLUSH = 0;
+ private static final int Z_PARTIAL_FLUSH = 1;
+ private static final int Z_SYNC_FLUSH = 2;
+ private static final int Z_FULL_FLUSH = 3;
+ private static final int Z_FINISH = 4;
+
+ private static final int MAX_MEM_LEVEL = 9;
+
+ private static final int Z_OK = 0;
+ private static final int Z_STREAM_END = 1;
+ private static final int Z_NEED_DICT = 2;
+ private static final int Z_ERRNO = -1;
+ private static final int Z_STREAM_ERROR = -2;
+ private static final int Z_DATA_ERROR = -3;
+ private static final int Z_MEM_ERROR = -4;
+ private static final int Z_BUF_ERROR = -5;
+ private static final int Z_VERSION_ERROR = -6;
private boolean finished = false;
diff --git a/src/main/java/com/jcraft/jsch/jzlib/DeflaterOutputStream.java b/src/main/java/com/jcraft/jsch/jzlib/DeflaterOutputStream.java
index b0b252e4..ce4be27f 100644
--- a/src/main/java/com/jcraft/jsch/jzlib/DeflaterOutputStream.java
+++ b/src/main/java/com/jcraft/jsch/jzlib/DeflaterOutputStream.java
@@ -26,7 +26,9 @@
package com.jcraft.jsch.jzlib;
-import java.io.*;
+import java.io.FilterOutputStream;
+import java.io.IOException;
+import java.io.OutputStream;
final class DeflaterOutputStream extends FilterOutputStream {
diff --git a/src/main/java/com/jcraft/jsch/jzlib/GZIPHeader.java b/src/main/java/com/jcraft/jsch/jzlib/GZIPHeader.java
index bfa2f245..8c69a1cd 100644
--- a/src/main/java/com/jcraft/jsch/jzlib/GZIPHeader.java
+++ b/src/main/java/com/jcraft/jsch/jzlib/GZIPHeader.java
@@ -31,7 +31,6 @@
package com.jcraft.jsch.jzlib;
import java.nio.charset.StandardCharsets;
-import java.util.Arrays;
/**
* @see http://www.ietf.org/rfc/rfc1952.txt
diff --git a/src/main/java/com/jcraft/jsch/jzlib/InfBlocks.java b/src/main/java/com/jcraft/jsch/jzlib/InfBlocks.java
index 02a8aba6..458ff5d2 100644
--- a/src/main/java/com/jcraft/jsch/jzlib/InfBlocks.java
+++ b/src/main/java/com/jcraft/jsch/jzlib/InfBlocks.java
@@ -31,10 +31,10 @@
package com.jcraft.jsch.jzlib;
final class InfBlocks {
- static final private int MANY = 1440;
+ private static final int MANY = 1440;
// And'ing with mask[n] masks the lower n bits
- static final private int[] inflate_mask = {0x00000000, 0x00000001, 0x00000003, 0x00000007,
+ private static final int[] inflate_mask = {0x00000000, 0x00000001, 0x00000003, 0x00000007,
0x0000000f, 0x0000001f, 0x0000003f, 0x0000007f, 0x000000ff, 0x000001ff, 0x000003ff,
0x000007ff, 0x00000fff, 0x00001fff, 0x00003fff, 0x00007fff, 0x0000ffff};
@@ -42,26 +42,26 @@ final class InfBlocks {
static final int[] border = { // Order of the bit length code lengths
16, 17, 18, 0, 8, 7, 9, 6, 10, 5, 11, 4, 12, 3, 13, 2, 14, 1, 15};
- static final private int Z_OK = 0;
- static final private int Z_STREAM_END = 1;
- static final private int Z_NEED_DICT = 2;
- static final private int Z_ERRNO = -1;
- static final private int Z_STREAM_ERROR = -2;
- static final private int Z_DATA_ERROR = -3;
- static final private int Z_MEM_ERROR = -4;
- static final private int Z_BUF_ERROR = -5;
- static final private int Z_VERSION_ERROR = -6;
-
- static final private int TYPE = 0; // get type bits (3, including end bit)
- static final private int LENS = 1; // get lengths for stored
- static final private int STORED = 2;// processing stored block
- static final private int TABLE = 3; // get table lengths
- static final private int BTREE = 4; // get bit lengths tree for a dynamic block
- static final private int DTREE = 5; // get length, distance trees for a dynamic block
- static final private int CODES = 6; // processing fixed or dynamic block
- static final private int DRY = 7; // output remaining window bytes
- static final private int DONE = 8; // finished last block, done
- static final private int BAD = 9; // ot a data error--stuck here
+ private static final int Z_OK = 0;
+ private static final int Z_STREAM_END = 1;
+ private static final int Z_NEED_DICT = 2;
+ private static final int Z_ERRNO = -1;
+ private static final int Z_STREAM_ERROR = -2;
+ private static final int Z_DATA_ERROR = -3;
+ private static final int Z_MEM_ERROR = -4;
+ private static final int Z_BUF_ERROR = -5;
+ private static final int Z_VERSION_ERROR = -6;
+
+ private static final int TYPE = 0; // get type bits (3, including end bit)
+ private static final int LENS = 1; // get lengths for stored
+ private static final int STORED = 2; // processing stored block
+ private static final int TABLE = 3; // get table lengths
+ private static final int BTREE = 4; // get bit lengths tree for a dynamic block
+ private static final int DTREE = 5; // get length, distance trees for a dynamic block
+ private static final int CODES = 6; // processing fixed or dynamic block
+ private static final int DRY = 7; // output remaining window bytes
+ private static final int DONE = 8; // finished last block, done
+ private static final int BAD = 9; // ot a data error--stuck here
int mode; // current inflate_block mode
@@ -151,7 +151,6 @@ int proc(int r) {
while (true) {
switch (mode) {
case TYPE:
-
while (k < (3)) {
if (n != 0) {
r = Z_OK;
@@ -197,7 +196,6 @@ int proc(int r) {
mode = CODES;
break;
case 2: // dynamic
-
{
b >>>= (3);
k -= (3);
@@ -206,7 +204,6 @@ int proc(int r) {
mode = TABLE;
break;
case 3: // illegal
-
{
b >>>= (3);
k -= (3);
@@ -225,7 +222,6 @@ int proc(int r) {
}
break;
case LENS:
-
while (k < (32)) {
if (n != 0) {
r = Z_OK;
@@ -313,7 +309,6 @@ int proc(int r) {
mode = last != 0 ? DRY : TYPE;
break;
case TABLE:
-
while (k < (14)) {
if (n != 0) {
r = Z_OK;
diff --git a/src/main/java/com/jcraft/jsch/jzlib/InfCodes.java b/src/main/java/com/jcraft/jsch/jzlib/InfCodes.java
index 028b222e..edfd0891 100644
--- a/src/main/java/com/jcraft/jsch/jzlib/InfCodes.java
+++ b/src/main/java/com/jcraft/jsch/jzlib/InfCodes.java
@@ -32,33 +32,33 @@
final class InfCodes {
- static final private int[] inflate_mask = {0x00000000, 0x00000001, 0x00000003, 0x00000007,
+ private static final int[] inflate_mask = {0x00000000, 0x00000001, 0x00000003, 0x00000007,
0x0000000f, 0x0000001f, 0x0000003f, 0x0000007f, 0x000000ff, 0x000001ff, 0x000003ff,
0x000007ff, 0x00000fff, 0x00001fff, 0x00003fff, 0x00007fff, 0x0000ffff};
- static final private int Z_OK = 0;
- static final private int Z_STREAM_END = 1;
- static final private int Z_NEED_DICT = 2;
- static final private int Z_ERRNO = -1;
- static final private int Z_STREAM_ERROR = -2;
- static final private int Z_DATA_ERROR = -3;
- static final private int Z_MEM_ERROR = -4;
- static final private int Z_BUF_ERROR = -5;
- static final private int Z_VERSION_ERROR = -6;
+ private static final int Z_OK = 0;
+ private static final int Z_STREAM_END = 1;
+ private static final int Z_NEED_DICT = 2;
+ private static final int Z_ERRNO = -1;
+ private static final int Z_STREAM_ERROR = -2;
+ private static final int Z_DATA_ERROR = -3;
+ private static final int Z_MEM_ERROR = -4;
+ private static final int Z_BUF_ERROR = -5;
+ private static final int Z_VERSION_ERROR = -6;
// waiting for "i:"=input,
// "o:"=output,
// "x:"=nothing
- static final private int START = 0; // x: set up for LEN
- static final private int LEN = 1; // i: get length/literal/eob next
- static final private int LENEXT = 2; // i: getting length extra (have base)
- static final private int DIST = 3; // i: get distance next
- static final private int DISTEXT = 4;// i: getting distance extra
- static final private int COPY = 5; // o: copying bytes in window, waiting for space
- static final private int LIT = 6; // o: got literal, waiting for output space
- static final private int WASH = 7; // o: got eob, possibly still output waiting
- static final private int END = 8; // x: got eob and all data flushed
- static final private int BADCODE = 9;// x: got error
+ private static final int START = 0; // x: set up for LEN
+ private static final int LEN = 1; // i: get length/literal/eob next
+ private static final int LENEXT = 2; // i: getting length extra (have base)
+ private static final int DIST = 3; // i: get distance next
+ private static final int DISTEXT = 4; // i: getting distance extra
+ private static final int COPY = 5; // o: copying bytes in window, waiting for space
+ private static final int LIT = 6; // o: got literal, waiting for output space
+ private static final int WASH = 7; // o: got eob, possibly still output waiting
+ private static final int END = 8; // x: got eob and all data flushed
+ private static final int BADCODE = 9; // x: got error
int mode; // current inflate_codes mode
@@ -433,7 +433,6 @@ int proc(int r) {
return s.inflate_flush(r);
case BADCODE: // x: got error
-
r = Z_DATA_ERROR;
s.bitb = b;
@@ -599,7 +598,6 @@ int inflate_fast(int bl, int bd, int[] tl, int tl_index, int[] td, int td_index,
}
r = 0; // copy rest from start of window
}
-
}
// copy all or what's left
diff --git a/src/main/java/com/jcraft/jsch/jzlib/InfTree.java b/src/main/java/com/jcraft/jsch/jzlib/InfTree.java
index 0c8f0ba0..26b6fa6d 100644
--- a/src/main/java/com/jcraft/jsch/jzlib/InfTree.java
+++ b/src/main/java/com/jcraft/jsch/jzlib/InfTree.java
@@ -32,17 +32,17 @@
final class InfTree {
- static final private int MANY = 1440;
-
- static final private int Z_OK = 0;
- static final private int Z_STREAM_END = 1;
- static final private int Z_NEED_DICT = 2;
- static final private int Z_ERRNO = -1;
- static final private int Z_STREAM_ERROR = -2;
- static final private int Z_DATA_ERROR = -3;
- static final private int Z_MEM_ERROR = -4;
- static final private int Z_BUF_ERROR = -5;
- static final private int Z_VERSION_ERROR = -6;
+ private static final int MANY = 1440;
+
+ private static final int Z_OK = 0;
+ private static final int Z_STREAM_END = 1;
+ private static final int Z_NEED_DICT = 2;
+ private static final int Z_ERRNO = -1;
+ private static final int Z_STREAM_ERROR = -2;
+ private static final int Z_DATA_ERROR = -3;
+ private static final int Z_MEM_ERROR = -4;
+ private static final int Z_BUF_ERROR = -5;
+ private static final int Z_VERSION_ERROR = -6;
static final int fixed_bl = 9;
static final int fixed_bd = 5;
@@ -77,7 +77,6 @@ final class InfTree {
8, 135, 0, 8, 71, 0, 9, 238, 80, 7, 9, 0, 8, 95, 0, 8, 31, 0, 9, 158, 84, 7, 99, 0, 8, 127, 0,
8, 63, 0, 9, 222, 82, 7, 27, 0, 8, 111, 0, 8, 47, 0, 9, 190, 0, 8, 15, 0, 8, 143, 0, 8, 79, 0,
9, 254, 96, 7, 256, 0, 8, 80, 0, 8, 16, 84, 8, 115, 82, 7, 31, 0, 8, 112, 0, 8, 48, 0, 9, 193,
-
80, 7, 10, 0, 8, 96, 0, 8, 32, 0, 9, 161, 0, 8, 0, 0, 8, 128, 0, 8, 64, 0, 9, 225, 80, 7, 6,
0, 8, 88, 0, 8, 24, 0, 9, 145, 83, 7, 59, 0, 8, 120, 0, 8, 56, 0, 9, 209, 81, 7, 17, 0, 8,
104, 0, 8, 40, 0, 9, 177, 0, 8, 8, 0, 8, 136, 0, 8, 72, 0, 9, 241, 80, 7, 4, 0, 8, 84, 0, 8,
diff --git a/src/main/java/com/jcraft/jsch/jzlib/Inflate.java b/src/main/java/com/jcraft/jsch/jzlib/Inflate.java
index b6f487fc..c937d6a9 100644
--- a/src/main/java/com/jcraft/jsch/jzlib/Inflate.java
+++ b/src/main/java/com/jcraft/jsch/jzlib/Inflate.java
@@ -34,10 +34,10 @@
final class Inflate {
- static final private int MAX_WBITS = 15; // 32K LZ77 window
+ private static final int MAX_WBITS = 15; // 32K LZ77 window
// preset dictionary flag in zlib header
- static final private int PRESET_DICT = 0x20;
+ private static final int PRESET_DICT = 0x20;
static final int Z_NO_FLUSH = 0;
static final int Z_PARTIAL_FLUSH = 1;
@@ -45,43 +45,43 @@ final class Inflate {
static final int Z_FULL_FLUSH = 3;
static final int Z_FINISH = 4;
- static final private int Z_DEFLATED = 8;
-
- static final private int Z_OK = 0;
- static final private int Z_STREAM_END = 1;
- static final private int Z_NEED_DICT = 2;
- static final private int Z_ERRNO = -1;
- static final private int Z_STREAM_ERROR = -2;
- static final private int Z_DATA_ERROR = -3;
- static final private int Z_MEM_ERROR = -4;
- static final private int Z_BUF_ERROR = -5;
- static final private int Z_VERSION_ERROR = -6;
-
- static final private int METHOD = 0; // waiting for method byte
- static final private int FLAG = 1; // waiting for flag byte
- static final private int DICT4 = 2; // four dictionary check bytes to go
- static final private int DICT3 = 3; // three dictionary check bytes to go
- static final private int DICT2 = 4; // two dictionary check bytes to go
- static final private int DICT1 = 5; // one dictionary check byte to go
- static final private int DICT0 = 6; // waiting for inflateSetDictionary
- static final private int BLOCKS = 7; // decompressing blocks
- static final private int CHECK4 = 8; // four check bytes to go
- static final private int CHECK3 = 9; // three check bytes to go
- static final private int CHECK2 = 10; // two check bytes to go
- static final private int CHECK1 = 11; // one check byte to go
- static final private int DONE = 12; // finished check, done
- static final private int BAD = 13; // got an error--stay here
-
- static final private int HEAD = 14;
- static final private int LENGTH = 15;
- static final private int TIME = 16;
- static final private int OS = 17;
- static final private int EXLEN = 18;
- static final private int EXTRA = 19;
- static final private int NAME = 20;
- static final private int COMMENT = 21;
- static final private int HCRC = 22;
- static final private int FLAGS = 23;
+ private static final int Z_DEFLATED = 8;
+
+ private static final int Z_OK = 0;
+ private static final int Z_STREAM_END = 1;
+ private static final int Z_NEED_DICT = 2;
+ private static final int Z_ERRNO = -1;
+ private static final int Z_STREAM_ERROR = -2;
+ private static final int Z_DATA_ERROR = -3;
+ private static final int Z_MEM_ERROR = -4;
+ private static final int Z_BUF_ERROR = -5;
+ private static final int Z_VERSION_ERROR = -6;
+
+ private static final int METHOD = 0; // waiting for method byte
+ private static final int FLAG = 1; // waiting for flag byte
+ private static final int DICT4 = 2; // four dictionary check bytes to go
+ private static final int DICT3 = 3; // three dictionary check bytes to go
+ private static final int DICT2 = 4; // two dictionary check bytes to go
+ private static final int DICT1 = 5; // one dictionary check byte to go
+ private static final int DICT0 = 6; // waiting for inflateSetDictionary
+ private static final int BLOCKS = 7; // decompressing blocks
+ private static final int CHECK4 = 8; // four check bytes to go
+ private static final int CHECK3 = 9; // three check bytes to go
+ private static final int CHECK2 = 10; // two check bytes to go
+ private static final int CHECK1 = 11; // one check byte to go
+ private static final int DONE = 12; // finished check, done
+ private static final int BAD = 13; // got an error--stay here
+
+ private static final int HEAD = 14;
+ private static final int LENGTH = 15;
+ private static final int TIME = 16;
+ private static final int OS = 17;
+ private static final int EXLEN = 18;
+ private static final int EXTRA = 19;
+ private static final int NAME = 20;
+ private static final int COMMENT = 21;
+ private static final int HCRC = 22;
+ private static final int FLAGS = 23;
static final int INFLATE_ANY = 0x40000000;
@@ -288,7 +288,6 @@ int inflate(int f) {
}
this.mode = DICT4;
case DICT4:
-
if (z.avail_in == 0)
return r;
r = f;
@@ -298,7 +297,6 @@ int inflate(int f) {
this.need = ((z.next_in[z.next_in_index++] & 0xff) << 24) & 0xff000000L;
this.mode = DICT3;
case DICT3:
-
if (z.avail_in == 0)
return r;
r = f;
@@ -308,7 +306,6 @@ int inflate(int f) {
this.need += ((z.next_in[z.next_in_index++] & 0xff) << 16) & 0xff0000L;
this.mode = DICT2;
case DICT2:
-
if (z.avail_in == 0)
return r;
r = f;
@@ -318,7 +315,6 @@ int inflate(int f) {
this.need += ((z.next_in[z.next_in_index++] & 0xff) << 8) & 0xff00L;
this.mode = DICT1;
case DICT1:
-
if (z.avail_in == 0)
return r;
r = f;
@@ -356,7 +352,6 @@ int inflate(int f) {
}
this.mode = CHECK4;
case CHECK4:
-
if (z.avail_in == 0)
return r;
r = f;
@@ -366,7 +361,6 @@ int inflate(int f) {
this.need = ((z.next_in[z.next_in_index++] & 0xff) << 24) & 0xff000000L;
this.mode = CHECK3;
case CHECK3:
-
if (z.avail_in == 0)
return r;
r = f;
@@ -376,7 +370,6 @@ int inflate(int f) {
this.need += ((z.next_in[z.next_in_index++] & 0xff) << 16) & 0xff0000L;
this.mode = CHECK2;
case CHECK2:
-
if (z.avail_in == 0)
return r;
r = f;
@@ -386,7 +379,6 @@ int inflate(int f) {
this.need += ((z.next_in[z.next_in_index++] & 0xff) << 8) & 0xff00L;
this.mode = CHECK1;
case CHECK1:
-
if (z.avail_in == 0)
return r;
r = f;
@@ -447,7 +439,6 @@ int inflate(int f) {
return Z_DATA_ERROR;
case FLAGS:
-
try {
r = readBytes(2, r, f);
} catch (Return e) {
@@ -625,7 +616,7 @@ int inflateSetDictionary(byte[] dictionary, int dictLength) {
return Z_OK;
}
- static private byte[] mark = {(byte) 0, (byte) 0, (byte) 0xff, (byte) 0xff};
+ private static byte[] mark = {(byte) 0, (byte) 0, (byte) 0xff, (byte) 0xff};
int inflateSync() {
int n; // number of bytes to look at
diff --git a/src/main/java/com/jcraft/jsch/jzlib/Inflater.java b/src/main/java/com/jcraft/jsch/jzlib/Inflater.java
index 6e8d97d7..d4aede85 100644
--- a/src/main/java/com/jcraft/jsch/jzlib/Inflater.java
+++ b/src/main/java/com/jcraft/jsch/jzlib/Inflater.java
@@ -32,26 +32,26 @@
final class Inflater extends ZStream {
- static final private int MAX_WBITS = 15; // 32K LZ77 window
- static final private int DEF_WBITS = MAX_WBITS;
-
- static final private int Z_NO_FLUSH = 0;
- static final private int Z_PARTIAL_FLUSH = 1;
- static final private int Z_SYNC_FLUSH = 2;
- static final private int Z_FULL_FLUSH = 3;
- static final private int Z_FINISH = 4;
-
- static final private int MAX_MEM_LEVEL = 9;
-
- static final private int Z_OK = 0;
- static final private int Z_STREAM_END = 1;
- static final private int Z_NEED_DICT = 2;
- static final private int Z_ERRNO = -1;
- static final private int Z_STREAM_ERROR = -2;
- static final private int Z_DATA_ERROR = -3;
- static final private int Z_MEM_ERROR = -4;
- static final private int Z_BUF_ERROR = -5;
- static final private int Z_VERSION_ERROR = -6;
+ private static final int MAX_WBITS = 15; // 32K LZ77 window
+ private static final int DEF_WBITS = MAX_WBITS;
+
+ private static final int Z_NO_FLUSH = 0;
+ private static final int Z_PARTIAL_FLUSH = 1;
+ private static final int Z_SYNC_FLUSH = 2;
+ private static final int Z_FULL_FLUSH = 3;
+ private static final int Z_FINISH = 4;
+
+ private static final int MAX_MEM_LEVEL = 9;
+
+ private static final int Z_OK = 0;
+ private static final int Z_STREAM_END = 1;
+ private static final int Z_NEED_DICT = 2;
+ private static final int Z_ERRNO = -1;
+ private static final int Z_STREAM_ERROR = -2;
+ private static final int Z_DATA_ERROR = -3;
+ private static final int Z_MEM_ERROR = -4;
+ private static final int Z_BUF_ERROR = -5;
+ private static final int Z_VERSION_ERROR = -6;
private int param_w = -1;
private JZlib.WrapperType param_wrapperType = null;
diff --git a/src/main/java/com/jcraft/jsch/jzlib/InflaterInputStream.java b/src/main/java/com/jcraft/jsch/jzlib/InflaterInputStream.java
index 12287c8d..28e92360 100644
--- a/src/main/java/com/jcraft/jsch/jzlib/InflaterInputStream.java
+++ b/src/main/java/com/jcraft/jsch/jzlib/InflaterInputStream.java
@@ -26,7 +26,11 @@
package com.jcraft.jsch.jzlib;
-import java.io.*;
+import java.io.EOFException;
+import java.io.FilterInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.nio.charset.StandardCharsets;
final class InflaterInputStream extends FilterInputStream {
protected final Inflater inflater;
@@ -223,7 +227,7 @@ byte[] getAvailIn() {
void readHeader() throws IOException {
- byte[] empty = "".getBytes();
+ byte[] empty = "".getBytes(StandardCharsets.UTF_8);
inflater.setInput(empty, 0, 0, false);
inflater.setOutput(empty, 0, 0);
@@ -239,7 +243,7 @@ void readHeader() throws IOException {
throw new IOException("no input");
inflater.setInput(b1);
err = inflater.inflate(JZlib.Z_NO_FLUSH);
- if (err != 0/* Z_OK */)
+ if (err != 0 /* Z_OK */)
throw new IOException(inflater.msg);
} while (inflater.istate.inParsingHeader());
}
diff --git a/src/main/java/com/jcraft/jsch/jzlib/StaticTree.java b/src/main/java/com/jcraft/jsch/jzlib/StaticTree.java
index 41f8fcc7..12a1f863 100644
--- a/src/main/java/com/jcraft/jsch/jzlib/StaticTree.java
+++ b/src/main/java/com/jcraft/jsch/jzlib/StaticTree.java
@@ -31,13 +31,13 @@
package com.jcraft.jsch.jzlib;
final class StaticTree {
- static final private int MAX_BITS = 15;
+ private static final int MAX_BITS = 15;
- static final private int BL_CODES = 19;
- static final private int D_CODES = 30;
- static final private int LITERALS = 256;
- static final private int LENGTH_CODES = 29;
- static final private int L_CODES = (LITERALS + 1 + LENGTH_CODES);
+ private static final int BL_CODES = 19;
+ private static final int D_CODES = 30;
+ private static final int LITERALS = 256;
+ private static final int LENGTH_CODES = 29;
+ private static final int L_CODES = (LITERALS + 1 + LENGTH_CODES);
// Bit length codes must not exceed MAX_BL_BITS bits
static final int MAX_BL_BITS = 7;
diff --git a/src/main/java/com/jcraft/jsch/jzlib/Tree.java b/src/main/java/com/jcraft/jsch/jzlib/Tree.java
index 261311eb..9668bdf2 100644
--- a/src/main/java/com/jcraft/jsch/jzlib/Tree.java
+++ b/src/main/java/com/jcraft/jsch/jzlib/Tree.java
@@ -31,13 +31,13 @@
package com.jcraft.jsch.jzlib;
final class Tree {
- static final private int MAX_BITS = 15;
- static final private int BL_CODES = 19;
- static final private int D_CODES = 30;
- static final private int LITERALS = 256;
- static final private int LENGTH_CODES = 29;
- static final private int L_CODES = (LITERALS + 1 + LENGTH_CODES);
- static final private int HEAP_SIZE = (2 * L_CODES + 1);
+ private static final int MAX_BITS = 15;
+ private static final int BL_CODES = 19;
+ private static final int D_CODES = 30;
+ private static final int LITERALS = 256;
+ private static final int LENGTH_CODES = 29;
+ private static final int L_CODES = (LITERALS + 1 + LENGTH_CODES);
+ private static final int HEAP_SIZE = (2 * L_CODES + 1);
// Bit length codes must not exceed MAX_BL_BITS bits
static final int MAX_BL_BITS = 7;
@@ -67,7 +67,6 @@ final class Tree {
static final byte[] bl_order = {16, 17, 18, 0, 8, 7, 9, 6, 10, 5, 11, 4, 12, 3, 13, 2, 14, 1, 15};
-
// The lengths of the bit length codes are sent in order of decreasing
// probability, to avoid transmitting the lengths for unused bit
// length codes.
@@ -205,7 +204,7 @@ void gen_bitlen(Deflate s) {
if (m > max_code)
continue;
if (tree[m * 2 + 1] != bits) {
- s.opt_len += ((long) bits - (long) tree[m * 2 + 1]) * (long) tree[m * 2];
+ s.opt_len += (int) (((long) bits - (long) tree[m * 2 + 1]) * (long) tree[m * 2]);
tree[m * 2 + 1] = (short) bits;
}
n--;
@@ -304,7 +303,7 @@ void build_tree(Deflate s) {
// the given tree and the field len is set for all tree elements.
// OUT assertion: the field code is set for all tree elements of non
// zero code length.
- private final static void gen_codes(short[] tree, // the tree to decorate
+ private static final void gen_codes(short[] tree, // the tree to decorate
int max_code, // largest code with non zero frequency
short[] bl_count, // number of codes at each bit length
short[] next_code) {
@@ -337,7 +336,7 @@ private final static void gen_codes(short[] tree, // the tree to decorate
// Reverse the first len bits of a code, using straightforward code (a faster
// method would use a table)
// IN assertion: 1 <= len <= 15
- private final static int bi_reverse(int code, // the value to invert
+ private static final int bi_reverse(int code, // the value to invert
int len // its bit length
) {
int res = 0;
@@ -349,4 +348,3 @@ private final static int bi_reverse(int code, // the value to invert
return res >>> 1;
}
}
-
diff --git a/src/main/java/com/jcraft/jsch/jzlib/ZStream.java b/src/main/java/com/jcraft/jsch/jzlib/ZStream.java
index 5064ca3e..bffc0938 100644
--- a/src/main/java/com/jcraft/jsch/jzlib/ZStream.java
+++ b/src/main/java/com/jcraft/jsch/jzlib/ZStream.java
@@ -32,26 +32,26 @@
class ZStream {
- static final private int MAX_WBITS = 15; // 32K LZ77 window
- static final private int DEF_WBITS = MAX_WBITS;
-
- static final private int Z_NO_FLUSH = 0;
- static final private int Z_PARTIAL_FLUSH = 1;
- static final private int Z_SYNC_FLUSH = 2;
- static final private int Z_FULL_FLUSH = 3;
- static final private int Z_FINISH = 4;
-
- static final private int MAX_MEM_LEVEL = 9;
-
- static final private int Z_OK = 0;
- static final private int Z_STREAM_END = 1;
- static final private int Z_NEED_DICT = 2;
- static final private int Z_ERRNO = -1;
- static final private int Z_STREAM_ERROR = -2;
- static final private int Z_DATA_ERROR = -3;
- static final private int Z_MEM_ERROR = -4;
- static final private int Z_BUF_ERROR = -5;
- static final private int Z_VERSION_ERROR = -6;
+ private static final int MAX_WBITS = 15; // 32K LZ77 window
+ private static final int DEF_WBITS = MAX_WBITS;
+
+ private static final int Z_NO_FLUSH = 0;
+ private static final int Z_PARTIAL_FLUSH = 1;
+ private static final int Z_SYNC_FLUSH = 2;
+ private static final int Z_FULL_FLUSH = 3;
+ private static final int Z_FINISH = 4;
+
+ private static final int MAX_MEM_LEVEL = 9;
+
+ private static final int Z_OK = 0;
+ private static final int Z_STREAM_END = 1;
+ private static final int Z_NEED_DICT = 2;
+ private static final int Z_ERRNO = -1;
+ private static final int Z_STREAM_ERROR = -2;
+ private static final int Z_DATA_ERROR = -3;
+ private static final int Z_MEM_ERROR = -4;
+ private static final int Z_BUF_ERROR = -5;
+ private static final int Z_VERSION_ERROR = -6;
byte[] next_in; // next input byte
int next_in_index;
@@ -358,7 +358,6 @@ void setNextOutIndex(int next_out_index) {
int getAvailOut() {
return avail_out;
-
}
void setAvailOut(int avail_out) {
diff --git a/src/main/java11/com/jcraft/jsch/jce/XDH.java b/src/main/java11/com/jcraft/jsch/jce/XDH.java
index 3e1dadb5..4c07a54c 100644
--- a/src/main/java11/com/jcraft/jsch/jce/XDH.java
+++ b/src/main/java11/com/jcraft/jsch/jce/XDH.java
@@ -27,11 +27,15 @@
package com.jcraft.jsch.jce;
import java.math.BigInteger;
+import java.security.KeyFactory;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.PublicKey;
+import java.security.interfaces.XECPublicKey;
+import java.security.spec.NamedParameterSpec;
+import java.security.spec.XECPublicKeySpec;
import java.util.Arrays;
-import java.security.*;
-import javax.crypto.*;
-import java.security.spec.*;
-import java.security.interfaces.*;
+import javax.crypto.KeyAgreement;
public class XDH implements com.jcraft.jsch.XDH {
byte[] Q_array;
@@ -44,11 +48,13 @@ public class XDH implements com.jcraft.jsch.XDH {
public void init(String name, int keylen) throws Exception {
this.keylen = keylen;
myKeyAgree = KeyAgreement.getInstance("XDH");
- KeyPairGenXEC kpair = new KeyPairGenXEC();
- kpair.init(name);
- publicKey = kpair.getPublicKey();
+ KeyPairGenerator kpg = KeyPairGenerator.getInstance("XDH");
+ NamedParameterSpec paramSpec = new NamedParameterSpec(name);
+ kpg.initialize(paramSpec);
+ KeyPair kp = kpg.genKeyPair();
+ publicKey = (XECPublicKey) kp.getPublic();
Q_array = rotate(publicKey.getU().toByteArray());
- myKeyAgree.init(kpair.getPrivateKey());
+ myKeyAgree.init(kp.getPrivate());
}
@Override
diff --git a/src/main/java15/com/jcraft/jsch/jce/KeyPairGenEdDSA.java b/src/main/java15/com/jcraft/jsch/jce/KeyPairGenEdDSA.java
index cf648614..fa02abb4 100644
--- a/src/main/java15/com/jcraft/jsch/jce/KeyPairGenEdDSA.java
+++ b/src/main/java15/com/jcraft/jsch/jce/KeyPairGenEdDSA.java
@@ -26,9 +26,11 @@
package com.jcraft.jsch.jce;
-import java.security.*;
-import java.security.interfaces.*;
-import java.security.spec.*;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.interfaces.EdECPrivateKey;
+import java.security.interfaces.EdECPublicKey;
+import java.security.spec.EdECPoint;
import java.util.Arrays;
public class KeyPairGenEdDSA implements com.jcraft.jsch.KeyPairGenEdDSA {
@@ -50,7 +52,7 @@ public void init(String name, int keylen) throws Exception {
prv = prvKey.getBytes().get();
pub = rotate(point.getY().toByteArray());
if (point.isXOdd()) {
- pub[pub.length - 1] |= 0x80;
+ pub[pub.length - 1] |= (byte) 0x80;
}
}
diff --git a/src/main/java15/com/jcraft/jsch/jce/SignatureEdDSA.java b/src/main/java15/com/jcraft/jsch/jce/SignatureEdDSA.java
index ee0d8828..2386e20f 100644
--- a/src/main/java15/com/jcraft/jsch/jce/SignatureEdDSA.java
+++ b/src/main/java15/com/jcraft/jsch/jce/SignatureEdDSA.java
@@ -26,12 +26,18 @@
package com.jcraft.jsch.jce;
+import com.jcraft.jsch.Buffer;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
-import java.security.*;
-import java.security.spec.*;
+import java.security.KeyFactory;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.Signature;
+import java.security.spec.EdECPoint;
+import java.security.spec.EdECPrivateKeySpec;
+import java.security.spec.EdECPublicKeySpec;
+import java.security.spec.NamedParameterSpec;
import java.util.Arrays;
-import com.jcraft.jsch.Buffer;
abstract class SignatureEdDSA implements com.jcraft.jsch.SignatureEdDSA {
@@ -46,7 +52,7 @@ abstract class SignatureEdDSA implements com.jcraft.jsch.SignatureEdDSA {
@Override
public void init() throws Exception {
- signature = java.security.Signature.getInstance("EdDSA");
+ signature = Signature.getInstance("EdDSA");
keyFactory = KeyFactory.getInstance("EdDSA");
}
diff --git a/src/main/java16/com/jcraft/jsch/UnixDomainSocketFactory.java b/src/main/java16/com/jcraft/jsch/UnixDomainSocketFactory.java
index 48995918..cb0f42f5 100644
--- a/src/main/java16/com/jcraft/jsch/UnixDomainSocketFactory.java
+++ b/src/main/java16/com/jcraft/jsch/UnixDomainSocketFactory.java
@@ -26,9 +26,6 @@
package com.jcraft.jsch;
-import com.jcraft.jsch.AgentProxyException;
-import com.jcraft.jsch.USocketFactory;
-
import java.io.IOException;
import java.net.StandardProtocolFamily;
import java.net.UnixDomainSocketAddress;
diff --git a/src/main/java9/com/jcraft/jsch/JavaVersion.java b/src/main/java9/com/jcraft/jsch/JavaVersion.java
index c3f8afb3..6d9fd0d9 100644
--- a/src/main/java9/com/jcraft/jsch/JavaVersion.java
+++ b/src/main/java9/com/jcraft/jsch/JavaVersion.java
@@ -1,7 +1,10 @@
package com.jcraft.jsch;
+import com.jcraft.jsch.annotations.SuppressForbiddenApi;
+
final class JavaVersion {
+ @SuppressForbiddenApi("jdk-deprecated")
static int getVersion() {
return Runtime.version().major();
}
diff --git a/src/main/java9/module-info.java b/src/main/java9/module-info.java
index 28e87027..10139cc9 100644
--- a/src/main/java9/module-info.java
+++ b/src/main/java9/module-info.java
@@ -1,12 +1,12 @@
module com.jcraft.jsch {
- exports com.jcraft.jsch;
+ exports com.jcraft.jsch;
- requires java.security.jgss;
- requires static java.logging;
- requires static org.apache.logging.log4j;
- requires static org.slf4j;
- requires static org.bouncycastle.provider;
- requires static org.newsclub.net.unix;
- requires static com.sun.jna;
- requires static com.sun.jna.platform;
+ requires static com.sun.jna;
+ requires static com.sun.jna.platform;
+ requires static java.logging;
+ requires static java.security.jgss;
+ requires static org.apache.logging.log4j;
+ requires static org.bouncycastle.provider;
+ requires static org.newsclub.net.unix;
+ requires static org.slf4j;
}
diff --git a/src/test/java/com/jcraft/jsch/AbstractBufferMargin.java b/src/test/java/com/jcraft/jsch/AbstractBufferMargin.java
index 98cadfc2..3d85fa53 100644
--- a/src/test/java/com/jcraft/jsch/AbstractBufferMargin.java
+++ b/src/test/java/com/jcraft/jsch/AbstractBufferMargin.java
@@ -6,7 +6,6 @@
import com.github.valfirst.slf4jtest.LoggingEvent;
import com.github.valfirst.slf4jtest.TestLogger;
import com.github.valfirst.slf4jtest.TestLoggerFactory;
-import com.google.common.io.ByteStreams;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
@@ -15,8 +14,10 @@
import java.nio.file.Paths;
import java.util.Base64;
import java.util.List;
+import java.util.Locale;
import java.util.Random;
import org.apache.commons.codec.digest.DigestUtils;
+import org.apache.commons.io.input.BoundedInputStream;
import org.junit.jupiter.api.AfterAll;
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.BeforeEach;
@@ -45,26 +46,30 @@ public abstract class AbstractBufferMargin {
private Slf4jLogConsumer sshdLogConsumer;
@Container
- public GenericContainer sshd = new GenericContainer<>(
- new ImageFromDockerfile().withFileFromClasspath("asyncsshd.py", "docker/asyncsshd.py")
- .withFileFromClasspath("ssh_host_ed448_key", "docker/ssh_host_ed448_key")
- .withFileFromClasspath("ssh_host_ed448_key.pub", "docker/ssh_host_ed448_key.pub")
- .withFileFromClasspath("ssh_host_rsa_key", "docker/ssh_host_rsa_key")
- .withFileFromClasspath("ssh_host_rsa_key.pub", "docker/ssh_host_rsa_key.pub")
- .withFileFromClasspath("ssh_host_ecdsa256_key", "docker/ssh_host_ecdsa256_key")
- .withFileFromClasspath("ssh_host_ecdsa256_key.pub", "docker/ssh_host_ecdsa256_key.pub")
- .withFileFromClasspath("ssh_host_ecdsa384_key", "docker/ssh_host_ecdsa384_key")
- .withFileFromClasspath("ssh_host_ecdsa384_key.pub", "docker/ssh_host_ecdsa384_key.pub")
- .withFileFromClasspath("ssh_host_ecdsa521_key", "docker/ssh_host_ecdsa521_key")
- .withFileFromClasspath("ssh_host_ecdsa521_key.pub", "docker/ssh_host_ecdsa521_key.pub")
- .withFileFromClasspath("ssh_host_ed25519_key", "docker/ssh_host_ed25519_key")
- .withFileFromClasspath("ssh_host_ed25519_key.pub", "docker/ssh_host_ed25519_key.pub")
- .withFileFromClasspath("ssh_host_dsa_key", "docker/ssh_host_dsa_key")
- .withFileFromClasspath("ssh_host_dsa_key.pub", "docker/ssh_host_dsa_key.pub")
- .withFileFromClasspath("authorized_keys", "docker/authorized_keys")
- .withFileFromClasspath("Dockerfile", "docker/Dockerfile.asyncssh")
- .withBuildArg("MAX_PKTSIZE", Integer.toString(maxPktSize())))
- .withExposedPorts(22);
+ public GenericContainer sshd;
+
+ protected AbstractBufferMargin(int maxPktSize) {
+ sshd = new GenericContainer<>(
+ new ImageFromDockerfile().withFileFromClasspath("asyncsshd.py", "docker/asyncsshd.py")
+ .withFileFromClasspath("ssh_host_ed448_key", "docker/ssh_host_ed448_key")
+ .withFileFromClasspath("ssh_host_ed448_key.pub", "docker/ssh_host_ed448_key.pub")
+ .withFileFromClasspath("ssh_host_rsa_key", "docker/ssh_host_rsa_key")
+ .withFileFromClasspath("ssh_host_rsa_key.pub", "docker/ssh_host_rsa_key.pub")
+ .withFileFromClasspath("ssh_host_ecdsa256_key", "docker/ssh_host_ecdsa256_key")
+ .withFileFromClasspath("ssh_host_ecdsa256_key.pub", "docker/ssh_host_ecdsa256_key.pub")
+ .withFileFromClasspath("ssh_host_ecdsa384_key", "docker/ssh_host_ecdsa384_key")
+ .withFileFromClasspath("ssh_host_ecdsa384_key.pub", "docker/ssh_host_ecdsa384_key.pub")
+ .withFileFromClasspath("ssh_host_ecdsa521_key", "docker/ssh_host_ecdsa521_key")
+ .withFileFromClasspath("ssh_host_ecdsa521_key.pub", "docker/ssh_host_ecdsa521_key.pub")
+ .withFileFromClasspath("ssh_host_ed25519_key", "docker/ssh_host_ed25519_key")
+ .withFileFromClasspath("ssh_host_ed25519_key.pub", "docker/ssh_host_ed25519_key.pub")
+ .withFileFromClasspath("ssh_host_dsa_key", "docker/ssh_host_dsa_key")
+ .withFileFromClasspath("ssh_host_dsa_key.pub", "docker/ssh_host_dsa_key.pub")
+ .withFileFromClasspath("authorized_keys", "docker/authorized_keys")
+ .withFileFromClasspath("Dockerfile", "docker/Dockerfile.asyncssh")
+ .withBuildArg("MAX_PKTSIZE", Integer.toString(maxPktSize)))
+ .withExposedPorts(22);
+ }
@BeforeAll
public static void beforeAll() {
@@ -101,8 +106,6 @@ public static void afterAll() {
sshdLogger.clearAll();
}
- protected abstract int maxPktSize();
-
protected void doTestSftp(String cipher, String mac, String compression) throws Exception {
JSch ssh = createRSAIdentity();
Session session = createSession(ssh);
@@ -138,7 +141,8 @@ private JSch createRSAIdentity() throws Exception {
private HostKey readHostKey(String fileName) throws Exception {
List