Home | Trees | Indices | Help |
---|
|
1 # Copyright (C) 2003-2007 Robey Pointer <robeypointer@gmail.com> 2 # 3 # This file is part of paramiko. 4 # 5 # Paramiko is free software; you can redistribute it and/or modify it under the 6 # terms of the GNU Lesser General Public License as published by the Free 7 # Software Foundation; either version 2.1 of the License, or (at your option) 8 # any later version. 9 # 10 # Paramiko is distributed in the hope that it will be useful, but WITHOUT ANY 11 # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR 12 # A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more 13 # details. 14 # 15 # You should have received a copy of the GNU Lesser General Public License 16 # along with Paramiko; if not, write to the Free Software Foundation, Inc., 17 # 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. 18 19 """ 20 Standard SSH key exchange ("kex" if you wanna sound cool). Diffie-Hellman of 21 1024 bit key halves, using a known "p" prime and "g" generator. 22 """ 23 24 import os 25 from hashlib import sha1 26 27 from paramiko import util 28 from paramiko.common import max_byte, zero_byte 29 from paramiko.message import Message 30 from paramiko.py3compat import byte_chr, long, byte_mask 31 from paramiko.ssh_exception import SSHException 32 33 34 _MSG_KEXDH_INIT, _MSG_KEXDH_REPLY = range(30, 32) 35 c_MSG_KEXDH_INIT, c_MSG_KEXDH_REPLY = [byte_chr(c) for c in range(30, 32)] 36 37 # draft-ietf-secsh-transport-09.txt, page 17 38 P = 0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF 39 G = 2 40 41 b7fffffffffffffff = byte_chr(0x7f) + max_byte * 7 42 b0000000000000000 = zero_byte * 8 43 4446 47 name = 'diffie-hellman-group1-sha1' 48 5414056 self._generate_x() 57 if self.transport.server_mode: 58 # compute f = g^x mod p, but don't send it yet 59 self.f = pow(G, self.x, P) 60 self.transport._expect_packet(_MSG_KEXDH_INIT) 61 return 62 # compute e = g^x mod p (where g=2), and send it 63 self.e = pow(G, self.x, P) 64 m = Message() 65 m.add_byte(c_MSG_KEXDH_INIT) 66 m.add_mpint(self.e) 67 self.transport._send_message(m) 68 self.transport._expect_packet(_MSG_KEXDH_REPLY)6971 if self.transport.server_mode and (ptype == _MSG_KEXDH_INIT): 72 return self._parse_kexdh_init(m) 73 elif not self.transport.server_mode and (ptype == _MSG_KEXDH_REPLY): 74 return self._parse_kexdh_reply(m) 75 raise SSHException('KexGroup1 asked to handle packet type %d' % ptype)76 77 ### internals... 7880 # generate an "x" (1 < x < q), where q is (p-1)/2. 81 # p is a 128-byte (1024-bit) number, where the first 64 bits are 1. 82 # therefore q can be approximated as a 2^1023. we drop the subset of 83 # potential x where the first 63 bits are 1, because some of those will be 84 # larger than q (but this is a tiny tiny subset of potential x). 85 while 1: 86 x_bytes = os.urandom(128) 87 x_bytes = byte_mask(x_bytes[0], 0x7f) + x_bytes[1:] 88 if (x_bytes[:8] != b7fffffffffffffff and 89 x_bytes[:8] != b0000000000000000): 90 break 91 self.x = util.inflate_long(x_bytes)9294 # client mode 95 host_key = m.get_string() 96 self.f = m.get_mpint() 97 if (self.f < 1) or (self.f > P - 1): 98 raise SSHException('Server kex "f" is out of range') 99 sig = m.get_binary() 100 K = pow(self.f, self.x, P) 101 # okay, build up the hash H of (V_C || V_S || I_C || I_S || K_S || e || f || K) 102 hm = Message() 103 hm.add(self.transport.local_version, self.transport.remote_version, 104 self.transport.local_kex_init, self.transport.remote_kex_init) 105 hm.add_string(host_key) 106 hm.add_mpint(self.e) 107 hm.add_mpint(self.f) 108 hm.add_mpint(K) 109 self.transport._set_K_H(K, sha1(hm.asbytes()).digest()) 110 self.transport._verify_key(host_key, sig) 111 self.transport._activate_outbound()112114 # server mode 115 self.e = m.get_mpint() 116 if (self.e < 1) or (self.e > P - 1): 117 raise SSHException('Client kex "e" is out of range') 118 K = pow(self.e, self.x, P) 119 key = self.transport.get_server_key().asbytes() 120 # okay, build up the hash H of (V_C || V_S || I_C || I_S || K_S || e || f || K) 121 hm = Message() 122 hm.add(self.transport.remote_version, self.transport.local_version, 123 self.transport.remote_kex_init, self.transport.local_kex_init) 124 hm.add_string(key) 125 hm.add_mpint(self.e) 126 hm.add_mpint(self.f) 127 hm.add_mpint(K) 128 H = sha1(hm.asbytes()).digest() 129 self.transport._set_K_H(K, H) 130 # sign it 131 sig = self.transport.get_server_key().sign_ssh_data(H) 132 # send reply 133 m = Message() 134 m.add_byte(c_MSG_KEXDH_REPLY) 135 m.add_string(key) 136 m.add_mpint(self.f) 137 m.add_string(sig) 138 self.transport._send_message(m) 139 self.transport._activate_outbound()
Home | Trees | Indices | Help |
---|
Generated by Epydoc 3.0.1 on Thu May 7 11:49:48 2015 | http://epydoc.sourceforge.net |