3 ›äL]>(ã@s¶dZddlZddlmZmZddlmZddlmZddl m Z ddlmZm Z mZddlmZed d ƒ\ZZZZZdd„ed d ƒDƒ\ZZZZZGd d„deƒZGdd„deƒZdS)zÒ Variant on `KexGroup1 ` where the prime "p" and generator "g" are provided by the server. A bit more work is required on the client side, and a **lot** more on the server side. éN)Úsha1Úsha256)Úutil)ÚDEBUG)ÚMessage)Úbyte_chrÚbyte_ordÚ byte_mask)ÚSSHExceptionéé#cCsg|]}t|ƒ‘qS©)r)Ú.0Úcr r ú6/tmp/pip-install-wfra5znf/paramiko/paramiko/kex_gex.pyú 1src@sjeZdZdZdZdZdZeZdd„Z ddd „Z d d„Zdd „Zdd„Z dd„Zdd„Zdd„Zdd„ZdS)ÚKexGexz"diffie-hellman-group-exchange-sha1ii icCs4||_d|_d|_d|_d|_d|_d|_d|_dS)NF)Ú transportÚpÚqÚgÚxÚeÚfÚ old_style)Úselfrr r rÚ__init__<szKexGex.__init__FcCsŒ|jjr|jjttƒdStƒ}|rB|jtƒ|j|j ƒd|_ n.|jtƒ|j|jƒ|j|j ƒ|j|j ƒ|jj|ƒ|jjtƒdS)NT)rZserver_modeÚ_expect_packetÚ_MSG_KEXDH_GEX_REQUESTÚ_MSG_KEXDH_GEX_REQUEST_OLDrÚadd_byteÚc_MSG_KEXDH_GEX_REQUEST_OLDÚadd_intÚpreferred_bitsrÚc_MSG_KEXDH_GEX_REQUESTÚmin_bitsÚmax_bitsÚ _send_messageÚ_MSG_KEXDH_GEX_GROUP)rZ_test_old_styleÚmr r rÚ start_kexFs zKexGex.start_kexcCst|tkr|j|ƒS|tkr$|j|ƒS|tkr6|j|ƒS|tkrH|j|ƒS|tkrZ|j |ƒSd}t |j|j|ƒƒ‚dS)Nz*KexGex {} asked to handle packet type {:d}) rÚ_parse_kexdh_gex_requestr(Ú_parse_kexdh_gex_groupÚ_MSG_KEXDH_GEX_INITÚ_parse_kexdh_gex_initÚ_MSG_KEXDH_GEX_REPLYÚ_parse_kexdh_gex_replyrÚ_parse_kexdh_gex_request_oldr ÚformatÚname)rÚptyper)Úmsgr r rÚ parse_next]s zKexGex.parse_nextcCs¢|jdd}tj|dƒ}t|dƒ}t|ƒ}d}x|d@sN|dK}|dL}q4WxFtj|ƒ}t|d|ƒ|dd…}tj|dƒ}|dkrR||krRPqRW||_ dS)Nééréÿé€) rrZdeflate_longrÚlenÚosÚurandomr Zinflate_longr)rrZqnormZqhbyteZ byte_countZqmaskZx_bytesrr r rÚ_generate_xms zKexGex._generate_xcCsî|jƒ}|jƒ}|jƒ}||jkr(|j}||jkr8|j}||krD|}||krP|}||_||_||_|jjƒ}|dkr|tdƒ‚|jjtdj |||ƒƒ|j |||ƒ\|_|_t ƒ}|jtƒ|j|jƒ|j|jƒ|jj|ƒ|jjtƒdS)Nz-Can't do server-side gex with no modulus packzPicking p ({} <= {} <= {} bits))Úget_intr&r%r#rÚ_get_modulus_packr Ú_logrr2Úget_modulusrrrr Úc_MSG_KEXDH_GEX_GROUPÚ add_mpintr'rr-)rr)ZminbitsZ preferredbitsZmaxbitsÚpackr r rr+s8 zKexGex._parse_kexdh_gex_requestcCsÈ|jƒ|_|j|jkr|j|_|j|jkr2|j|_|jjƒ}|dkrLtdƒ‚|jjtdj |jƒƒ|j |j|j|jƒ\|_|_t ƒ}|jtƒ|j|jƒ|j|jƒ|jj|ƒ|jjtƒd|_dS)Nz-Can't do server-side gex with no modulus packzPicking p (~ {} bits)T)r?r#r&r%rr@r rArr2rBrrrr rCrDr'rr-r)rr)rEr r rr1¥s& z#KexGex._parse_kexdh_gex_request_oldcCs¦|jƒ|_|jƒ|_tj|jƒ}|dks0|dkr>tdj|ƒƒ‚|jjt dj|ƒƒ|j ƒt|j|j|jƒ|_ tƒ}|jtƒ|j|j ƒ|jj|ƒ|jjtƒdS)Nii zÚpowrrrr Úc_MSG_KEXDH_GEX_INITrDr'rr/)rr)Zbitlenr r rr,Às zKexGex._parse_kexdh_gex_groupcCst|jƒ|_|jdks$|j|jdkr,tdƒ‚|jƒt|j|j|jƒ|_t|j|j|jƒ}|j j ƒjƒ}tƒ}|j |j j|j j|j j|j j|ƒ|js¢|j|jƒ|j|jƒ|jsÀ|j|jƒ|j|jƒ|j|jƒ|j|jƒ|j|jƒ|j|ƒ|j|jƒƒjƒ}|j j||ƒ|j j ƒj|ƒ}tƒ}|jtƒ|j|ƒ|j|jƒ|j|ƒ|j j|ƒ|j j ƒdS)Nr7zClient kex "e" is out of range)!rFrrr r>rHrrrrZget_server_keyÚasbytesrÚaddÚremote_versionÚ local_versionÚremote_kex_initÚlocal_kex_initrr"r%r#r&rDÚ hash_algoÚdigestÚ_set_K_HZ sign_ssh_datar Úc_MSG_KEXDH_GEX_REPLYZ add_stringr'Ú_activate_outbound)rr)ÚKÚkeyÚhmÚHÚsigr r rr.ÔsD zKexGex._parse_kexdh_gex_initcCs|jƒ}|jƒ|_|jƒ}|jdks4|j|jdkrr+r1r,r.r0r r r rr4s &)rc@seZdZdZeZdS)ÚKexGexSHA256z$diffie-hellman-group-exchange-sha256N)rZr[r\r3rrPr r r rr]sr])Ú__doc__r<ÚhashlibrrZparamikorZparamiko.commonrZparamiko.messagerZparamiko.py3compatrrr Zparamiko.ssh_exceptionr Úrangerr(r-r/rr!rCrIrSr$Úobjectrr]r r r rÚs j