3 ›äL]rã@sÈdZddlmZmZmZddlmZddlmZm Z ddl m Z ddl m Z ddlmZddlmZdd lmZed d ƒ\ZZd d „ed d ƒDƒ\ZZGdd„dƒZGdd„deƒZGdd„deƒZdS)zQ Ephemeral Elliptic Curve Diffie-Hellman (ECDH) key exchange RFC 5656, Section 4 é)Úsha256Úsha384Úsha512)ÚMessage)Úbyte_chrÚlong)Ú SSHException)Údefault_backend)Úec)Ú serialization)Úhexlifyéé cCsg|] }t|ƒ‘qS©)r)Ú.0Úcrrúsrc@sLeZdZdZeZejƒZdd„Z dd„Z dd„Z dd „Z d d „Z d d „ZdS)Ú KexNistp256zecdh-sha2-nistp256cCs ||_tdƒ|_d|_d|_dS)Nr)Ú transportrÚPÚQ_CÚQ_S)ÚselfrrrrÚ__init__s zKexNistp256.__init__cCsh|jƒ|jjr |jjtƒdStƒ}|jtƒ|j|j j t j j t jjƒƒ|jj|ƒ|jjtƒdS)N)Ú_generate_key_pairrÚ server_modeZ_expect_packetÚ_MSG_KEXECDH_INITrÚadd_byteÚc_MSG_KEXECDH_INITÚ add_stringrÚ public_bytesr ÚEncodingÚX962Ú PublicFormatÚUncompressedPointÚ _send_messageÚ_MSG_KEXECDH_REPLY)rÚmrrrÚ start_kex s    zKexNistp256.start_kexcCsH|jjr|tkr|j|ƒS|jj r6|tkr6|j|ƒStdj|ƒƒ‚dS)Nz(KexECDH asked to handle packet type {:d})rrrÚ_parse_kexecdh_initr'Ú_parse_kexecdh_replyrÚformat)rÚptyper(rrrÚ parse_next1s   zKexNistp256.parse_nextcCs:tj|jtƒƒ|_|jjr*|jjƒ|_dS|jjƒ|_ dS)N) r Zgenerate_private_keyÚcurver rrrZ public_keyrr)rrrrr:s  zKexNistp256._generate_key_paircCs8|jƒ}tjj|j|ƒ|_|jjƒjƒ}|j j tj ƒ|jƒ}t t |ƒdƒ}tƒ}|j|jj|jj|jj|jjƒ|j|ƒ|j|ƒ|j|jjtjjtjjƒƒ|jt |ƒƒ|j|jƒƒjƒ}|jj||ƒ|jjƒj |ƒ}tƒ}|j!t"ƒ|j|ƒ|j|jjtjjtjjƒƒ|j|ƒ|jj#|ƒ|jj$ƒdS)Né)%Ú get_stringr ÚEllipticCurvePublicKeyÚfrom_encoded_pointr/rrZget_server_keyÚasbytesrÚexchangeÚECDHrr rÚaddÚremote_versionÚ local_versionÚremote_kex_initÚlocal_kex_initr rr!r r"r#r$r%Ú add_mpintÚ hash_algoÚdigestÚ_set_K_HZ sign_ssh_datarÚc_MSG_KEXECDH_REPLYr&Ú_activate_outbound)rr(Z Q_C_bytesÚK_SÚKÚhmÚHÚsigrrrr*As@          zKexNistp256._parse_kexecdh_initcCsä|jƒ}|jƒ}tjj|j|ƒ|_|jƒ}|jjtj ƒ|jƒ}t t |ƒdƒ}t ƒ}|j |jj|jj|jj|jjƒ|j|ƒ|j|jjtjjtjjƒƒ|j|ƒ|j|ƒ|jj||j|jƒƒjƒƒ|jj ||ƒ|jj!ƒdS)Nr0)"r1r r2r3r/rZ get_binaryrr5r6rr rr7rr9r8r;r:r rr!r r"r#r$r%r<r?r=r4r>Z _verify_keyrA)rr(rBZ Q_S_bytesrFrCrDrrrr+ls.      z KexNistp256._parse_kexecdh_replyN)Ú__name__Ú __module__Ú __qualname__Únamerr=r Z SECP256R1r/rr)r.rr*r+rrrrrs +rc@seZdZdZeZejƒZdS)Ú KexNistp384zecdh-sha2-nistp384N) rGrHrIrJrr=r Z SECP384R1r/rrrrrKŒsrKc@seZdZdZeZejƒZdS)Ú KexNistp521zecdh-sha2-nistp521N) rGrHrIrJrr=r Z SECP521R1r/rrrrrL’srLN)Ú__doc__ÚhashlibrrrZparamiko.messagerZparamiko.py3compatrrZparamiko.ssh_exceptionrZcryptography.hazmat.backendsr Z)cryptography.hazmat.primitives.asymmetricr Zcryptography.hazmat.primitivesr Úbinasciir Úrangerr'rr@rrKrLrrrrÚs      y