From 0301d4537f775b5731168a27b9d9135daf8d301e Mon Sep 17 00:00:00 2001 From: Jeroen van Erp Date: Fri, 16 Nov 2018 11:48:15 +0100 Subject: [PATCH] Enable 'curve25519-sha256@libssh.org' in DefaultConfig (Fixes #464) --- src/main/java/net/schmizz/sshj/DefaultConfig.java | 1 + src/main/java/net/schmizz/sshj/SSHClient.java | 4 +--- .../com/hierynomus/sshj/test/BaseAlgorithmTest.java | 9 +++++++-- .../sshj/transport/kex/KeyExchangeTest.java | 13 ++++++++++--- 4 files changed, 19 insertions(+), 8 deletions(-) diff --git a/src/main/java/net/schmizz/sshj/DefaultConfig.java b/src/main/java/net/schmizz/sshj/DefaultConfig.java index fe310ccdd..dd45b2bfb 100644 --- a/src/main/java/net/schmizz/sshj/DefaultConfig.java +++ b/src/main/java/net/schmizz/sshj/DefaultConfig.java @@ -109,6 +109,7 @@ protected void initKeyExchangeFactories(boolean bouncyCastleRegistered) { if (bouncyCastleRegistered) { setKeyExchangeFactories( new Curve25519SHA256.Factory(), + new Curve25519SHA256.FactoryLibSsh(), new DHGexSHA256.Factory(), new ECDHNistP.Factory521(), new ECDHNistP.Factory384(), diff --git a/src/main/java/net/schmizz/sshj/SSHClient.java b/src/main/java/net/schmizz/sshj/SSHClient.java index 378b24e84..e6f8e34ba 100644 --- a/src/main/java/net/schmizz/sshj/SSHClient.java +++ b/src/main/java/net/schmizz/sshj/SSHClient.java @@ -61,7 +61,6 @@ import java.net.ServerSocket; import java.nio.charset.Charset; import java.security.KeyPair; -import java.security.PublicKey; import java.util.*; /** @@ -360,8 +359,7 @@ public void authPublickey(String username, Iterable keyProviders) * @throws TransportException if there was a transport-layer error */ public void authPublickey(String username, KeyProvider... keyProviders) - throws UserAuthException, - TransportException { + throws UserAuthException, TransportException { authPublickey(username, Arrays.asList(keyProviders)); } diff --git a/src/test/java/com/hierynomus/sshj/test/BaseAlgorithmTest.java b/src/test/java/com/hierynomus/sshj/test/BaseAlgorithmTest.java index 7567ac245..975f7d9e9 100644 --- a/src/test/java/com/hierynomus/sshj/test/BaseAlgorithmTest.java +++ b/src/test/java/com/hierynomus/sshj/test/BaseAlgorithmTest.java @@ -18,6 +18,8 @@ import net.schmizz.sshj.Config; import net.schmizz.sshj.DefaultConfig; import net.schmizz.sshj.SSHClient; +import net.schmizz.sshj.transport.random.JCERandom; +import net.schmizz.sshj.transport.random.SingletonRandomFactory; import org.apache.sshd.server.SshServer; import org.junit.After; import org.junit.Rule; @@ -32,6 +34,8 @@ public abstract class BaseAlgorithmTest { private final Logger logger = LoggerFactory.getLogger(this.getClass()); + private SingletonRandomFactory randomFactory = new SingletonRandomFactory(new JCERandom.Factory()); + private DefaultConfig config = new DefaultConfig(); @Rule public SshFixture fixture = new SshFixture(false); @@ -42,11 +46,12 @@ public void stopServer() { @Test public void shouldVerifyAlgorithm() throws IOException { - for (int i = 0; i < 100; i++) { + for (int i = 0; i < 10; i++) { logger.info("--> Attempt {}", i); configureServer(fixture.getServer()); fixture.start(); - Config config = getClientConfig(new DefaultConfig()); + config.setRandomFactory(randomFactory); + Config config = getClientConfig(this.config); SSHClient sshClient = fixture.connectClient(fixture.setupClient(config)); assertThat("should be connected", sshClient.isConnected()); sshClient.disconnect(); diff --git a/src/test/java/com/hierynomus/sshj/transport/kex/KeyExchangeTest.java b/src/test/java/com/hierynomus/sshj/transport/kex/KeyExchangeTest.java index ad68318bb..1a9e7a513 100644 --- a/src/test/java/com/hierynomus/sshj/transport/kex/KeyExchangeTest.java +++ b/src/test/java/com/hierynomus/sshj/transport/kex/KeyExchangeTest.java @@ -19,6 +19,7 @@ import net.schmizz.sshj.Config; import net.schmizz.sshj.DefaultConfig; import net.schmizz.sshj.common.Factory; +import net.schmizz.sshj.transport.kex.Curve25519SHA256; import net.schmizz.sshj.transport.kex.DHGexSHA1; import net.schmizz.sshj.transport.kex.DHGexSHA256; import net.schmizz.sshj.transport.kex.ECDHNistP; @@ -38,15 +39,21 @@ @RunWith(Parameterized.class) public class KeyExchangeTest extends BaseAlgorithmTest { - @Parameterized.Parameters + @Parameterized.Parameters(name = "algorithm={0}") public static Collection getParameters() { return Arrays.asList(new Object[][]{ {DHGEXServer.newFactory(BuiltinDHFactories.dhgex), new DHGexSHA1.Factory()}, {DHGEXServer.newFactory(BuiltinDHFactories.dhgex256), new DHGexSHA256.Factory()}, {DHGServer.newFactory(BuiltinDHFactories.ecdhp256), new ECDHNistP.Factory256()}, {DHGServer.newFactory(BuiltinDHFactories.ecdhp384), new ECDHNistP.Factory384()}, - {DHGServer.newFactory(BuiltinDHFactories.ecdhp521), new ECDHNistP.Factory521()} - // Not supported yet by MINA {null, new Curve25519SHA256.Factory()} + {DHGServer.newFactory(BuiltinDHFactories.ecdhp521), new ECDHNistP.Factory521()}, + {DHGServer.newFactory(BuiltinDHFactories.dhg1), DHGroups.Group1SHA1()}, + {DHGServer.newFactory(BuiltinDHFactories.dhg14), DHGroups.Group14SHA1()}, + {DHGServer.newFactory(BuiltinDHFactories.dhg14_256), DHGroups.Group14SHA256()}, + {DHGServer.newFactory(BuiltinDHFactories.dhg15_512), DHGroups.Group15SHA512()}, + {DHGServer.newFactory(BuiltinDHFactories.dhg16_512), DHGroups.Group16SHA512()}, + {DHGServer.newFactory(BuiltinDHFactories.dhg17_512), DHGroups.Group17SHA512()}, + {DHGServer.newFactory(BuiltinDHFactories.dhg18_512), DHGroups.Group18SHA512()}, }); }