def msg_kexdh_init(self, packet):
# mpint e
msg, self.client_exchange_value = ssh_packet.unpack_payload(
KEXDH_INIT_PAYLOAD, packet)
# XXX make sure e is a valid number
# This is y.
self.server_random_value = ssh_random.get_random_number(512)
# p is large safe prime (DH_PRIME)
# g is a generator for a subgroup of GF(p) (DH_GENERATOR)
# compute f=g**y mod p
self.server_exchange_value = pow(DH_GENERATOR,
self.server_random_value, DH_PRIME)
self.shared_secret = pow(self.client_exchange_value,
self.server_random_value, DH_PRIME)
K_S = self.transport.server_key.get_public_key_blob()
payload_inputs = (self.c2s_version_string, self.s2c_version_string,
self.c2s_kexinit_packet, self.s2c_kexinit_packet,
K_S, self.client_exchange_value,
self.server_exchange_value, self.shared_secret)
H = ssh_packet.pack_payload(KEXDH_HASH_PAYLOAD, payload_inputs)
self.exchange_hash = hashlib.sha1(H).digest()
if self.session_id is None:
# The session id is the first exchange hash.
self.session_id = self.exchange_hash
H_sig = self.transport.server_key.sign(self.exchange_hash)
packet = ssh_packet.pack_payload(
KEXDH_REPLY_PAYLOAD,
(SSH_MSG_KEXDH_REPLY, K_S, self.server_exchange_value, H_sig))
self.transport.send_packet(packet)
def get_initial_client_kex_packet(self):
self.transport.debug.write(ssh_debug.DEBUG_3, 'get_initial_kex_packet()')
# Send initial key.
# This is x.
self.client_random_value = ssh_random.get_random_number(512)
# p is large safe prime (DH_PRIME)
# g is a generator for a subgroup of GF(p) (DH_GENERATOR)
# compute e=g**x mod p
self.client_exchange_value = pow(DH_GENERATOR, self.client_random_value, DH_PRIME)
return ssh_packet.pack_payload(KEXDH_INIT_PAYLOAD,
(SSH_MSG_KEXDH_INIT,
self.client_exchange_value)
)
def get_initial_client_kex_packet(self):
self.transport.debug.write(ssh_debug.DEBUG_3,
'get_initial_kex_packet()')
# Send initial key.
# This is x.
self.client_random_value = ssh_random.get_random_number(512)
# p is large safe prime (DH_PRIME)
# g is a generator for a subgroup of GF(p) (DH_GENERATOR)
# compute e=g**x mod p
self.client_exchange_value = pow(DH_GENERATOR,
self.client_random_value, DH_PRIME)
return ssh_packet.pack_payload(
KEXDH_INIT_PAYLOAD,
(SSH_MSG_KEXDH_INIT, self.client_exchange_value))
def msg_kexdh_init (self, packet):
# mpint e
msg, self.client_exchange_value = ssh_packet.unpack_payload (KEXDH_INIT_PAYLOAD, packet)
# XXX make sure e is a valid number
# This is y.
self.server_random_value = ssh_random.get_random_number(512)
# p is large safe prime (DH_PRIME)
# g is a generator for a subgroup of GF(p) (DH_GENERATOR)
# compute f=g**y mod p
self.server_exchange_value = pow(DH_GENERATOR, self.server_random_value, DH_PRIME)
self.shared_secret = pow (self.client_exchange_value, self.server_random_value, DH_PRIME)
K_S = self.transport.server_key.get_public_key_blob()
payload_inputs = (
self.c2s_version_string,
self.s2c_version_string,
self.c2s_kexinit_packet,
self.s2c_kexinit_packet,
K_S,
self.client_exchange_value,
self.server_exchange_value,
self.shared_secret
)
H = ssh_packet.pack_payload (KEXDH_HASH_PAYLOAD, payload_inputs)
self.exchange_hash = hashlib.sha1(H).digest()
if self.session_id is None:
# The session id is the first exchange hash.
self.session_id = self.exchange_hash
H_sig = self.transport.server_key.sign (self.exchange_hash)
packet = ssh_packet.pack_payload (
KEXDH_REPLY_PAYLOAD, (
SSH_MSG_KEXDH_REPLY,
K_S,
self.server_exchange_value,
H_sig
)
)
self.transport.send_packet (packet)
