Re: [JSch-users] Diffie-Helman-Group-14 on Java < 1.8

Thu, 05 Jun 2014 00:51:29 -0700 

Hi,

   +-From: Lothar Kimmeringer <j...@kimmeringer.de> --
   |_Date: Wed, 04 Jun 2014 18:25:11 +0200 __________
   |
   |Since DH-Keys > 1024 bytes aren't supported with Java VMs < 8,
   |this KEX is removed from the list of supported KEXes. Problem
   |"here" is that the system to be connected is only allowing
   |precisely this KEX, so connections fail and the system in
   |question needs to stay on Java 7 for a while, so updating
   |to Java 8 is not an option at the moment.

According to the source code of com.sun.crypto.provider.DHKeyPairGenerator[1],
the following change will allow to use Diffie-Helman-Group-14 on java6 and 
java7,
but it depends on a bug of DHKeyPairGenerator.

--- jsch-0.1.51/src/main/java/com/jcraft/jsch/jce/DH.java       2014-01-02 
08:15:41.000000000 +0000
+++ jsch-0.1.51.group14/src/main/java/com/jcraft/jsch/jce/DH.java       
2014-06-05 07:35:43.000000000 +0000
@@ -54,7 +54,12 @@
   public byte[] getE() throws Exception{
     if(e==null){
       DHParameterSpec dhSkipParamSpec=new DHParameterSpec(p, g);
-      myKpairGen.initialize(dhSkipParamSpec);
+      try{ myKpairGen.initialize(dhSkipParamSpec); }
+      catch(InvalidAlgorithmParameterException e){
+        String msg="Prime size must be multiple of 64, and can only range from 
512 to 1024 (inclusive)";
+        if(!e.getMessage().equals(msg))
+          throw e;
+      }
       KeyPair myKpair=myKpairGen.generateKeyPair();
       myKeyAgree.init(myKpair.getPrivate());
 //    BigInteger 
x=((javax.crypto.interfaces.DHPrivateKey)(myKpair.getPrivate())).getX();


[1] 
http://grepcode.com/file/repository.grepcode.com/java/root/jdk/openjdk/6-b14/com/sun/crypto/provider/DHKeyPairGenerator.java#109


Sincerely,
--
Atsuhiko Yamanaka
JCraft,Inc.
1-14-20 HONCHO AOBA-KU,
SENDAI, MIYAGI 980-0014 Japan.
Tel +81-22-723-2150
Skype callto://jcraft/
Twitter: http://twitter.com/ymnk
Facebook: http://facebook.com/aymnk

------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their 
applications. Written by three acclaimed leaders in the field, 
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/NeoTech
_______________________________________________
JSch-users mailing list
JSch-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jsch-users

Reply via email to