def verify_ssh_sig(self, key_data, sig_msg):
i, v = sshtype.parseString(sig_msg)
if v != 'ssh-rsa':
log.warning("Not an ssh-rsa signature!")
return False
if log.isEnabledFor(logging.DEBUG):
log.debug("l[{}][{}]".format(i, len(sig_msg)))
sig = util.inflate_long(sshtype.parseBinary(sig_msg[i:])[1], True)
# verify the signature by SHA'ing the key_data and encrypting it using the
# public key. some wackiness ensues where we "pkcs1imify" the 20-byte
# hash into a string as long as the RSA key.
if log.isEnabledFor(logging.DEBUG):
log.debug("sig=[{}].".format(sig))
hash_obj = util.inflate_long(self._pkcs1imify(sha1(key_data).digest()), True)
rsa = self._public_key()
return rsa.verify(hash_obj, (sig, ))
def verify_ssh_sig(self, key_data, sig_msg):
i, v = sshtype.parseString(sig_msg)
if v != "ssh-rsa":
log.warning("Not an ssh-rsa signature!")
return False
if log.isEnabledFor(logging.DEBUG):
log.debug("l[{}][{}]".format(i, len(sig_msg)))
sig = util.inflate_long(sshtype.parseBinary(sig_msg[i:])[1], True)
# verify the signature by SHA'ing the key_data and encrypting it using the
# public key. some wackiness ensues where we "pkcs1imify" the 20-byte
# hash into a string as long as the RSA key.
if log.isEnabledFor(logging.DEBUG):
log.debug("sig=[{}].".format(sig))
hash_obj = util.inflate_long(self._pkcs1imify(sha1(key_data).digest()), True)
rsa = self._public_key()
return rsa.verify(hash_obj, (sig,))
def verify_ssh_sig(self, data, msg):
if len(msg.asbytes()) == 40:
# spies.com bug: signature has no header
sig = msg.asbytes()
else:
kind = msg.get_text()
if kind != 'ssh-dss':
return 0
sig = msg.get_binary()
# pull out (r, s) which are NOT encoded as mpints
sigR = util.inflate_long(sig[:20], 1)
sigS = util.inflate_long(sig[20:], 1)
sigM = util.inflate_long(sha1(data).digest(), 1)
dss = DSA.construct((int(self.y), int(self.g), int(self.p), int(self.q)))
return dss.verify(sigM, (sigR, sigS))
def verify_ssh_sig(self, data, msg):
if len(msg.asbytes()) == 40:
# spies.com bug: signature has no header
sig = msg.asbytes()
else:
kind = msg.get_text()
if kind != 'ssh-dss':
return 0
sig = msg.get_binary()
# pull out (r, s) which are NOT encoded as mpints
sigR = util.inflate_long(sig[:20], 1)
sigS = util.inflate_long(sig[20:], 1)
sigM = util.inflate_long(sha1(data).digest(), 1)
dss = DSA.construct(
(int(self.y), int(self.g), int(self.p), int(self.q)))
return dss.verify(sigM, (sigR, sigS))
def sign_ssh_data(self, data):
digest = sha1(data).digest()
dss = DSA.construct((int(self.y), int(self.g), int(self.p), int(self.q), int(self.x)))
# generate a suitable k
qsize = len(util.deflate_long(self.q, 0))
while True:
k = util.inflate_long(os.urandom(qsize), 1)
if (k > 2) and (k < self.q):
break
r, s = dss.sign(util.inflate_long(digest, 1), k)
m = bytearray()
m += sshtype.encodeString("ssh-dss")
# apparently, in rare cases, r or s may be shorter than 20 bytes!
rstr = util.deflate_long(r, 0)
sstr = util.deflate_long(s, 0)
if len(rstr) < 20:
rstr = zero_byte * (20 - len(rstr)) + rstr
if len(sstr) < 20:
sstr = zero_byte * (20 - len(sstr)) + sstr
m += sshtype.encodeBinary(rstr + sstr)
return m
def parse_mpint_from(buf, i):
length = struct.unpack_from(">L", buf, i)[0]
if log.isEnabledFor(logging.DEBUG):
log.debug("length={}".format(length))
start = i + 4
end = start + length
value = putil.inflate_long(buf[start:end])
return end, value
def parse_mpint_from(buf, i):
length = struct.unpack_from(">L", buf, i)[0]
if log.isEnabledFor(logging.DEBUG):
log.debug("length={}".format(length))
start = i + 4
end = start + length
value = putil.inflate_long(buf[start:end])
return end, value
def _generate_x(self):
# generate an "x" (1 < x < q), where q is (p-1)/2.
# p is a 256-byte (2048-bit) number, where the first ?? bits are 1.
# therefore ?? q can be approximated as a 2^2047. we drop the subset of
# potential x where the first 63 bits are 1, because some of those will be
# larger than q (but this is a tiny tiny subset of potential x).
while 1:
x_bytes = os.urandom(256)
x_bytes = byte_mask(x_bytes[0], 0x7f) + x_bytes[1:]
if (x_bytes[:8] != b7fffffffffffffff and
x_bytes[:8] != b0000000000000000):
break
self.x = putil.inflate_long(x_bytes)
def sign_ssh_data(self, data):
digest = sha1(data).digest()
dss = DSA.construct(
(int(self.y), int(self.g), int(self.p), int(self.q), int(self.x)))
# generate a suitable k
qsize = len(util.deflate_long(self.q, 0))
while True:
k = util.inflate_long(os.urandom(qsize), 1)
if (k > 2) and (k < self.q):
break
r, s = dss.sign(util.inflate_long(digest, 1), k)
m = bytearray()
m += sshtype.encodeString("ssh-dss")
# apparently, in rare cases, r or s may be shorter than 20 bytes!
rstr = util.deflate_long(r, 0)
sstr = util.deflate_long(s, 0)
if len(rstr) < 20:
rstr = zero_byte * (20 - len(rstr)) + rstr
if len(sstr) < 20:
sstr = zero_byte * (20 - len(sstr)) + sstr
m += sshtype.encodeBinary(rstr + sstr)
return m
def parseMpint(buf):
length = struct.unpack(">L", buf[0:4])[0]
if log.isEnabledFor(logging.DEBUG):
log.debug("length={}".format(length))
return length + 4, putil.inflate_long(buf[4:4 + length])
def parseMpint(buf):
length = struct.unpack(">L", buf[0:4])[0]
if log.isEnabledFor(logging.DEBUG):
log.debug("length={}".format(length))
return length + 4, putil.inflate_long(buf[4:4+length])
