Package paramiko :: Module kex_group1
[frames] | no frames]

Source Code for Module paramiko.kex_group1

  1  # Copyright (C) 2003-2007  Robey Pointer <robeypointer@gmail.com> 
  2  # 
  3  # This file is part of paramiko. 
  4  # 
  5  # Paramiko is free software; you can redistribute it and/or modify it under the 
  6  # terms of the GNU Lesser General Public License as published by the Free 
  7  # Software Foundation; either version 2.1 of the License, or (at your option) 
  8  # any later version. 
  9  # 
 10  # Paramiko is distributed in the hope that it will be useful, but WITHOUT ANY 
 11  # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR 
 12  # A PARTICULAR PURPOSE.  See the GNU Lesser General Public License for more 
 13  # details. 
 14  # 
 15  # You should have received a copy of the GNU Lesser General Public License 
 16  # along with Paramiko; if not, write to the Free Software Foundation, Inc., 
 17  # 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA. 
 18   
 19  """ 
 20  Standard SSH key exchange ("kex" if you wanna sound cool).  Diffie-Hellman of 
 21  1024 bit key halves, using a known "p" prime and "g" generator. 
 22  """ 
 23   
 24  import os 
 25  from hashlib import sha1 
 26   
 27  from paramiko import util 
 28  from paramiko.common import max_byte, zero_byte 
 29  from paramiko.message import Message 
 30  from paramiko.py3compat import byte_chr, long, byte_mask 
 31  from paramiko.ssh_exception import SSHException 
 32   
 33   
 34  _MSG_KEXDH_INIT, _MSG_KEXDH_REPLY = range(30, 32) 
 35  c_MSG_KEXDH_INIT, c_MSG_KEXDH_REPLY = [byte_chr(c) for c in range(30, 32)] 
 36   
 37  # draft-ietf-secsh-transport-09.txt, page 17 
 38  P = 0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF 
 39  G = 2 
 40   
 41  b7fffffffffffffff = byte_chr(0x7f) + max_byte * 7 
 42  b0000000000000000 = zero_byte * 8 
 43   
 44   
45 -class KexGroup1(object):
46 47 name = 'diffie-hellman-group1-sha1' 48
49 - def __init__(self, transport):
50 self.transport = transport 51 self.x = long(0) 52 self.e = long(0) 53 self.f = long(0)
54
55 - def start_kex(self):
56 self._generate_x() 57 if self.transport.server_mode: 58 # compute f = g^x mod p, but don't send it yet 59 self.f = pow(G, self.x, P) 60 self.transport._expect_packet(_MSG_KEXDH_INIT) 61 return 62 # compute e = g^x mod p (where g=2), and send it 63 self.e = pow(G, self.x, P) 64 m = Message() 65 m.add_byte(c_MSG_KEXDH_INIT) 66 m.add_mpint(self.e) 67 self.transport._send_message(m) 68 self.transport._expect_packet(_MSG_KEXDH_REPLY)
69
70 - def parse_next(self, ptype, m):
71 if self.transport.server_mode and (ptype == _MSG_KEXDH_INIT): 72 return self._parse_kexdh_init(m) 73 elif not self.transport.server_mode and (ptype == _MSG_KEXDH_REPLY): 74 return self._parse_kexdh_reply(m) 75 raise SSHException('KexGroup1 asked to handle packet type %d' % ptype)
76 77 ### internals... 78
79 - def _generate_x(self):
80 # generate an "x" (1 < x < q), where q is (p-1)/2. 81 # p is a 128-byte (1024-bit) number, where the first 64 bits are 1. 82 # therefore q can be approximated as a 2^1023. we drop the subset of 83 # potential x where the first 63 bits are 1, because some of those will be 84 # larger than q (but this is a tiny tiny subset of potential x). 85 while 1: 86 x_bytes = os.urandom(128) 87 x_bytes = byte_mask(x_bytes[0], 0x7f) + x_bytes[1:] 88 if (x_bytes[:8] != b7fffffffffffffff and 89 x_bytes[:8] != b0000000000000000): 90 break 91 self.x = util.inflate_long(x_bytes)
92
93 - def _parse_kexdh_reply(self, m):
94 # client mode 95 host_key = m.get_string() 96 self.f = m.get_mpint() 97 if (self.f < 1) or (self.f > P - 1): 98 raise SSHException('Server kex "f" is out of range') 99 sig = m.get_binary() 100 K = pow(self.f, self.x, P) 101 # okay, build up the hash H of (V_C || V_S || I_C || I_S || K_S || e || f || K) 102 hm = Message() 103 hm.add(self.transport.local_version, self.transport.remote_version, 104 self.transport.local_kex_init, self.transport.remote_kex_init) 105 hm.add_string(host_key) 106 hm.add_mpint(self.e) 107 hm.add_mpint(self.f) 108 hm.add_mpint(K) 109 self.transport._set_K_H(K, sha1(hm.asbytes()).digest()) 110 self.transport._verify_key(host_key, sig) 111 self.transport._activate_outbound()
112
113 - def _parse_kexdh_init(self, m):
114 # server mode 115 self.e = m.get_mpint() 116 if (self.e < 1) or (self.e > P - 1): 117 raise SSHException('Client kex "e" is out of range') 118 K = pow(self.e, self.x, P) 119 key = self.transport.get_server_key().asbytes() 120 # okay, build up the hash H of (V_C || V_S || I_C || I_S || K_S || e || f || K) 121 hm = Message() 122 hm.add(self.transport.remote_version, self.transport.local_version, 123 self.transport.remote_kex_init, self.transport.local_kex_init) 124 hm.add_string(key) 125 hm.add_mpint(self.e) 126 hm.add_mpint(self.f) 127 hm.add_mpint(K) 128 H = sha1(hm.asbytes()).digest() 129 self.transport._set_K_H(K, H) 130 # sign it 131 sig = self.transport.get_server_key().sign_ssh_data(H) 132 # send reply 133 m = Message() 134 m.add_byte(c_MSG_KEXDH_REPLY) 135 m.add_string(key) 136 m.add_mpint(self.f) 137 m.add_string(sig) 138 self.transport._send_message(m) 139 self.transport._activate_outbound()
140