ϪfUdZddlZddlZddlZddlZddlZddlmZmZm Z m Z m Z ddl m Z mZmZmZmZddlmZddlmZddlmZmZmZddlmZdd lmZdd lm Z dd l!m"Z"dd l#m$Z$dd l%m&Z&ddl'm(Z(ddl)m*Z*e&dZ+ee,e-d<e+rDdZ.ddl/m0Z0ddl1m2Z2ddl3m4Z4ddl5m6Z6m7Z7ddlm8Z8m9Z9m:Z:m;Z;ddleReMZSGd?d@eRZTGdAdBeTeNeMZUGdCdDeTeOeMZVGdEdFeTePeMZWe@GdGdHeTeQeMZXGdIdJZYGdKdLeYZZGdMdNeZeMZ[GdOdPeZZ\GdQdRe\eNeMZ]GdSdTe\eOeMZ^GdUdVeZZ_GdWdXe_ePeMZ`e@GdYdZe_eQeMZaGd[d\eYZbGd]d^ebeMZcGd_d`ebZdGdadbedeNeMZeGdcddedeOeMZfGdedfebZgGdgdhegePeMZhe@GdidjegeQeMZiGdkdle*ZjGdmdne*ZkGdodpe*Zly)qz5 Tests for ssh/transport.py and the classes therein. N)md5sha1sha256sha384sha512)DictListOptionalTupleType) __version__) ConchError)_kexaddressservice)defer)loopback) randbytes) iterbytesinsecureRandom) requireModule) proto_helpers)TestCase cryptographydependencySkip)UnsupportedAlgorithm)default_backend) serialization)dhec)commonfactorykeys transport)keydatazcan't run without cryptographyFcHeZdZGddZGddZGddZy)r%c eZdZy)transport.SSHTransportBaseN__name__ __module__ __qualname__C/usr/lib/python3/dist-packages/twisted/conch/test/test_transport.pySSHTransportBaser)2 r/r1c eZdZy)transport.SSHServerTransportNr*r.r/r0SSHServerTransportr45r2r/r5c eZdZy)transport.SSHClientTransportNr*r.r/r0SSHClientTransportr78r2r/r8N)r+r,r-r1r5r8r.r/r0r%r%1s       r/r%c eZdZGddZy)r#c eZdZy)factory.SSHFactoryNr*r.r/r0 SSHFactoryr;<r2r/r<N)r+r,r-r<r.r/r0r#r#;s   r/r#ceZdZedZy)r"cy)Nr/r.)selfargs r0NSz common.NS@sr/N)r+r,r- classmethodrAr.r/r0r"r"?s    r/r"c tsd|_|S)Nz#x25519 not supported on this system)X25519_SUPPORTEDskipfs r0skipWithoutX25519rHEs 6 Hr/cBtjt|||S)z3 Return the MP version of C{(x ** y) % z}. )r"MPpow)xyzs r0_MPpowrOKs 99SAq\ ""r/c4eZdZdZdZdZdZdZdZdZ y) MockTransportBasean A base class for the client and server protocols. Stores the messages it receives instead of ignoring them. @ivar errors: a list of tuples: (reasonCode, description) @ivar unimplementeds: a list of integers: sequence number @ivar debugs: a list of tuples: (alwaysDisplay, message, lang) @ivar ignoreds: a list of strings: ignored data ctjj|g|_g|_g|_g|_d|_y)z, Set up instance variables. N)r%r1connectionMadeerrorsunimplementedsdebugsignoredsgotUnsupportedVersionr?s r0rSz MockTransportBase.connectionMade]s= ""11$7    %)"r/cP||_tjj||S)zZ Intercept unsupported version call. @type remoteVersion: L{str} )rXr%r1_unsupportedVersionReceived)r? remoteVersions r0r[z-MockTransportBase._unsupportedVersionReceivedhs* &3"))EE -  r/c>|jj||fy)zp Store any errors received. @type reasonCode: L{int} @type description: L{str} NrTappend)r? reasonCode descriptions r0 receiveErrorzMockTransportBase.receiveErrorss J 45r/c:|jj|y)zX Store any unimplemented packet messages. @type seqnum: L{int} N)rUr_)r?seqnums r0receiveUnimplementedz&MockTransportBase.receiveUnimplemented|s ""6*r/c@|jj|||fy)z Store any debug messages. @type alwaysDisplay: L{bool} @type message: L{str} @type lang: L{str} N)rVr_)r? alwaysDisplaymessagelangs r0 receiveDebugzMockTransportBase.receiveDebugs M7D9:r/c:|jj|y)zG Store any ignored data. @type packet: L{str} N)rWr_r?packets r0 ssh_IGNOREzMockTransportBase.ssh_IGNOREs V$r/N) r+r,r-__doc__rSr[rbrerjrnr.r/r0rQrQRs% *  6+;%r/rQc^eZdZdZdZdZdZdZdZdZ dZ dZ dZ dZ dZdZdZd Zd Zd Zd Zy ) MockCipherzH A mocked-up version of twisted.conch.ssh.transport.SSHCiphers. testF)Nr/r/rtr.cd|_t||jzdk7r:tdt||jt||jzfz|S)z~ Called to encrypt the packet. Simply record that encryption was used and return the data unchanged. Tr*length %i modulo blocksize %i is not 0: %i) usedEncryptlen encBlockSize RuntimeErrorr?rLs r0encryptzMockCipher.encryptc   FT&& &1 ,<q64,,c!ft7H7H.HIJ r/cd|_t||jzdk7r:tdt||jt||jzfz|S)z~ Called to decrypt the packet. Simply record that decryption was used and return the data unchanged. Trrv) usedDecryptrxryrz decBlockSizer{s r0decryptzMockCipher.decryptr}r/ct|fS)zs Make a Message Authentication Code by sending the character value of the outgoing packet. bytes)r?outgoingPacketSequencepayloads r0makeMACzMockCipher.makeMACs ,.//r/c t|f|k(S)zy Verify the Message Authentication Code by checking that the packet sequence number is the same. r)r?incomingPacketSequencermmacDatas r0verifyzMockCipher.verifys ,./7::r/c||||||f|_y)z" Record the keys. N)r$)r?ivOutkeyOutivInkeyInmacInmacOuts r0setKeyszMockCipher.setKeyssFD%? r/N)r+r,r-ro outCipTypery inCipTyper inMACType outMACTypeverifyDigestSizerwroutMACinMACr$r|rrrrr.r/r0rqrqs`JLILIJKK F E D  0;@r/rqc"eZdZdZdZdZdZy)MockCompressionz A mocked-up compression, based on the zlib interface. Instead of compressing, it reverses the data and adds a 0x66 byte to the end. c|dddSNr.r?rs r0compresszMockCompression.compressstt}r/c|dddddSrr.rs r0 decompresszMockCompression.decompressss|DbD!!r/cy)Nfr.r?kinds r0flushzMockCompression.flushsr/N)r+r,r-rorrrr.r/r0rrs "r/rc>eZdZdZdZdZdZdddZdZdZ d Z d Z y ) MockServicez A mocked-up service, based on twisted.conch.ssh.service.SSHService. @ivar started: True if this service has been started. @ivar stopped: True if this service has been stopped. MockServiceFMSG_TEST MSG_fiction)Gcy)Nrr.rYs r0 logPrefixzMockService.logPrefixsr/cd|_y)z6 Record that the service was started. TN)startedrYs r0serviceStartedzMockService.serviceStarted  r/cd|_y)z6 Record that the service was stopped. TN)stoppedrYs r0serviceStoppedzMockService.serviceStoppedrr/c<|jjd|y)z: A message that this service responds to. rN)r% sendPacketrls r0ssh_TESTzMockService.ssh_TESTs !!$/r/N) r+r,r-ronamerrprotocolMessagesrrrrr.r/r0rrs7 DGG(m<  0r/rcJeZdZdZdeiZdZdZdee e e e e fffdZ y) MockFactoryzL A mocked-up factory based on twisted.conch.ssh.factory.SSHFactory. ssh-userauthctjjtjtjjtj dS)zG Return the public keys that authenticate this server. ssh-rsasssh-dsa)r$Key fromStringr&publicRSA_opensshpublicDSA_opensshrYs r0 getPublicKeyszMockFactory.getPublicKeyss> ++G,E,EF++G,E,EF  r/ctjjtjtjjtj dS)zH Return the private keys that authenticate this server. r)r$rrr&privateRSA_opensshprivateDSA_opensshrYs r0getPrivateKeyszMockFactory.getPrivateKeyss> ++G,F,FG++G,F,FG  r/returnc:tjd}|gdgdS)a/ Diffie-Hellman primes that can be used for key exchange algorithms that use group exchange to establish a prime / generator group. @return: The primes and generators. @rtype: L{dict} mapping the key size to a C{list} of C{(generator, prime)} tuple. diffie-hellman-group14-sha1))i)rgetDHGeneratorAndPrime)r?group14s r0 getPrimeszMockFactory.getPrimes$s$--.LMix00r/N) r+r,r-rorservicesrrrintr r rr.r/r0rr s@ -H  14T%S/%: :;1r/rceZdZdZdZy)MockOldFactoryPublicKeysz The old SSHFactory returned mappings from key names to strings from getPublicKeys(). We return those here for testing. ctj|}|jddD]\}}|j||<|S)zJ We used to map key types to public key blobs as strings. N)rritemsblobr?r$rkeys r0rz&MockOldFactoryPublicKeys.getPublicKeys<sG((.#a $ID#DJ $ r/N)r+r,r-rorr.r/r0rr6  r/rceZdZdZdZy)MockOldFactoryPrivateKeysz The old SSHFactory returned mappings from key names to cryptography key objects from getPrivateKeys(). We return those here for testing. ctj|}|jddD]\}}|j||<|S)zG We used to map key types to cryptography key objects. N)rrr keyObjectrs r0rz(MockOldFactoryPrivateKeys.getPrivateKeysLsE))$/#a 'ID#DJ ' r/N)r+r,r-rorr.r/r0rrFrr/rc >|j}|j}|j}tdt d|dz dD}t |||} t j|t j|t j||jt|_ tj |jj#j%j&|_y#t$rtd|d|d|dwxYw) Nc3&K|] }d|z yw) Nr.).0rLs r0 z)generatePredictableKey..Zs 4C1H 4srz p=z g=z x= )pg bit_lengthsumrangerKr DHPrivateNumbersDHPublicNumbersDHParameterNumbers private_keyr dhSecretKey ValueErrorprintr"rJ public_keypublic_numbersrMdhSecretKeyPublicMP)r%rrbitsrLrMs r0generatePredictableKeyrVs A A <<>D 4eAtax3 44A Aq! A " 3 3 r!!!R%:%:1a%@A! +o' (  %+II((*99;==%I!  QCtA3d1#R() s AC<< DcZeZdZUdZdZeeeje d<e re Z dZ dZ dZy)TransportTestCasez. Base class for transport test cases. Nklassctj_j_g_d}j td|tjtjj_ fd}jjj|j_ y)Nc d|zS)z; Return a consistent entropy value r.)rxs r0 secureRandomz-TransportTestCase.setUp..secureRandomysS= r/rc@jj||fyN)packetsr_) messageTyperr?s r0stubSendPacketz/TransportTestCase.setUp..stubSendPackets LL  g 6 7r/)rStringTransportr%rprotorpatchrtypes MethodTyper_startEphemeralDHmakeConnectionr)r?rrs` r0setUpzTransportTestCase.setUpts&668ZZ\   ! 9nl;','7'7 "DJJ(  $ 8 !!$..1 . r/c|jd|jtj|j|j dd|j |_y)z Deliver enough additional messages to C{proto} so that the key exchange which is started in L{SSHTransportBase.connectionMade} completes and non-key exchange messages can be sent and received. sSSH-2.0-BogoClient-1.2i foosbarN) dataReceiveddispatchMessager% MSG_KEXINIT_A_KEXINIT_MESSAGE _keySetup_KEY_EXCHANGE_NONE_keyExchangeStater?r s r0finishKeyExchangez#TransportTestCase.finishKeyExchangesM 9: i33T5L5LM '#(":":r/c|jj|j_g|j_|jj ||y)z Finish a key exchange by calling C{_keySetup} with the given arguments. Also do extra whitebox stuff to satisfy that method's assumption that some kind of key exchange has actually taken place. N)r _KEY_EXCHANGE_REQUESTEDr_blockedByKeyExchanger)r? sharedSecret exchangeHashs r0simulateKeyExchangez%TransportTestCase.simulateKeyExchanges: (,zz'I'I $+- ( \<8r/)r+r,r-rorr r r%r1__annotations__rrErrr!r.r/r0rrjs:9=E8D334 5</.;"9r/rceZdZdZdZeZy)DHGroupExchangeSHA1Mixinz= Mixin for diffie-hellman-group-exchange-sha1 tests. "diffie-hellman-group-exchange-sha1N)r+r,r-ro kexAlgorithmr hashProcessorr.r/r0r$r$s9LMr/r$ceZdZdZdZeZy)DHGroupExchangeSHA256Mixinz? Mixin for diffie-hellman-group-exchange-sha256 tests. $diffie-hellman-group-exchange-sha256Nr+r,r-ror&rr'r.r/r0r)r)s;LMr/r)ceZdZdZdZeZy) ECDHMixinz8 Mixin for elliptic curve diffie-hellman tests. ecdh-sha2-nistp256Nr+r.r/r0r-r-s)LMr/r-ceZdZdZdZeZy)Curve25519SHA256Mixinz, Mixin for curve25519-sha256 tests. scurve25519-sha256Nr+r.r/r0r0r0s(LMr/r0c@eZdZUdZeZeeeje d<y)BaseSSHTransportBaseCasez, Base case for TransportBase tests. rN) r+r,r-rorQrr r r%r1r"r.r/r0r2r2s$9JE8D334 5Ir/r2ceZdZdZereZdejdzejdzejdzejdzejdzejdzejdzejdzejdzejdzd zd zZd Z d Z d Z dZ dZ dZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZd Zd!Zd"Z d#Z!d$Z"d%Z#d&Z$d'Z%d(Z&d)Z'd*Z(d+Z)d,Z*d-Z+d.Z,d/Z-d0Z.d1Z/d2Z0d3Z1d4Z2d5Z3y6)7BaseSSHTransportTestszs Test TransportBase. It implements the non-server/client specific parts of the SSH transport protocol. rr aes256-ctr hmac-sha1noner/cd|jjjddd}|j|dt j dz|j dtdd}dd jd tjDzd z}|j||y) a Test that the first thing sent over the connection is the version string. The 'softwareversion' part must consist of printable US-ASCII characters, with the exception of whitespace characters and the minus sign. RFC 4253, section 4.2.  rtrsSSH-2.0-Twisted_asciizSSH-2.0-Nz^(|c3tK|]0}|dk7s |jrtj|2yw)-N)isspacereescape)rcs r0rz9BaseSSHTransportTests.test_sendVersion..s+!"!s(199; ! s 888z)*$) r%valuesplit assertEqualtwisted_versionencodedecoderxjoinstring printable assertRegex)r?versionsoftwareVersionsoftwareVersionRegexs r0test_sendVersionz&BaseSSHTransportTests.test_sendVersions..&&(..w:1= "58N8Nw8W"WX!..1#j/2CD hh&,&6&6     *>?r/ct}|j|j|jd|jd|jd|j |jj |jd|j |jj |jd|jjy)z When the peer is not sending its SSH version but keeps sending data, the connection is disconnected after 4KB to prevent buffering too much and running our of memory. sSSH-2-Server-Identifiers1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890s1235678s1234567s%Preventing a denial of service attackN) rQrr%r assertFalse disconnecting assertTrueassertInrEr?suts r0'test_dataReceiveVersionNotSentMemoryDOSz=BaseSSHTransportTests.test_dataReceiveVersionNotSentMemoryDOSs  ! 4>>* 34 ,- $ 556 $ 445 >@T@T@VWr/c:t}|j|j|j||jj t d}d}|j |||jj}|j|dy)a@ Test that plain (unencrypted, uncompressed) packets are sent correctly. The format is:: uint32 length (including type and padding length) byte padding length byte type bytes[length-padding length-2] data bytes[padding length] padding ABCDEFGs ABCDEFGN) rQrr%rclearordrrErG)r?r rhrrEs r0test_sendPacketPlainz*BaseSSHTransportTests.test_sendPacketPlains}"# T^^, u% c( '*$$&  NOr/ct}|j|j|j|t x|_}t d}d}|jj|j|||j|j|jj}|j|dy)z Test that packets sent while encryption is enabled are sent correctly. The whole packet should be encrypted. r\BCs ABCN) rQrr%rrqcurrentEncryptionsr_r^rrVrwrErGr?r  testCipherrhrrEs r0test_sendPacketEncryptedz.BaseSSHTransportTests.test_sendPacketEncrypted-s "# T^^, u%0: < :c(  '*  ../$$&    r/cPt}|j|j|j|t |_|jj |jtdd|jj}|j|dy)z Test that packets sent while compression is enabled are sent correctly. The packet type and data should be encrypted. r\Bs BAfN) rQrr%rroutgoingCompressionr^rr_rErG)r?r rEs r0test_sendPacketCompressedz/BaseSSHTransportTests.test_sendPacketCompressedJs "# T^^, u%$3$5!  S4($$&  P r/ct}|j|j|j|t x|_}t |_td}d}|jj|j|||j|j|jj}|j|dy)z Test that packets sent while compression and encryption are enabled are sent correctly. The packet type and data should be compressed and then the whole packet should be encrypted. r\rbs CBAfN)rQrr%rrqrcrrir_r^rrVrwrErGrds r0test_sendPacketBothz)BaseSSHTransportTests.test_sendPacketBothZs "# T^^, u%0: < :$3$5!c(  '*  ../$$&    r/ct}|j|j|j||jj |j t dd|jjdz|_|j|jd|j|jdy)zt Test that packets are retrieved correctly out of the buffer when no encryption is enabled. r\rbsextrasABCN) rQrr%rr^rr_rEbufrG getPacketrs r0test_getPacketPlainz)BaseSSHTransportTests.test_getPacketPlainys "# T^^, u%  S5)NN((*X5  *F3 H-r/ct}d|_|j|j|jj t x|_}|jtdd|jj}|dt j|_ |j|j|j|j|j!|j"d|xj|t jdz c_ |j!|jd|j!|jdy)zl Test that encrypted packets are retrieved correctly. See test_sendPacketEncrypted. cyrr.r.r/r0z?BaseSSHTransportTests.test_getPacketEncrypted..r/r\BCDNs AABCDr/)rQ sendKexInitrr%r^rqrcrr_rErrn assertIsNonerorVrrGfirst)r?r rerEs r0test_getPacketEncryptedz-BaseSSHTransportTests.test_getPacketEncrypteds "#( T^^, 0: < : S6*$$&3J334  %//+,  ../ &>? U:22455  *G4 C(r/ct}|j|j|j||jj t |_|j |_|jtdd|jj|_ |j|jdy)zo Test that compressed packets are retrieved correctly. See test_sendPacketCompressed. r\rurvN)rQrr%rr^rriincomingCompressionrr_rErnrGrors r0test_getPacketCompressedz.BaseSSHTransportTests.test_getPacketCompresseds "# T^^, u% $3$5!$)$=$=! S6*NN((*  *G4r/ct}d|_|j|j|jj t |_t|_|j|_ |jtdd|jj|_ |j|jdy)zv Test that compressed and encrypted packets are retrieved correctly. See test_sendPacketBoth. cyrr.r.r/r0rsz:BaseSSHTransportTests.test_getPacketBoth..rtr/r\r]sABCDEFGN)rQrwrr%r^rqrcrrir|rr_rErnrGrors r0test_getPacketBothz(BaseSSHTransportTests.test_getPacketBoths "#( T^^, #-< $3$5!$)$=$=! S9-NN((*  *J7r/ctjdddd}dx}}|jjD]$}|j |j |||&y)z? Test that all the supportedCiphers are valid. ArhCDN)r% SSHCiphersr supportedCiphersrV _getCipher)r?ciphersivrcipNames r0test_ciphersAreValidz*BaseSSHTransportTests.test_ciphersAreValidsZ&&tT4>Szz22 BG OOG..wC@ A Br/c |jjjddd}||j_|jj }|j |ddttjf|j |dddtj|ddd\ }}}}}}} } } } } |j |dj|jjd gz|j |dj|jj|j |dj|jj|j |dj|jj|j |dj|jj|j |dj|jj|j | dj|jj |j | dj|jj |j | dj|jj"|j | dj|jj"|j | d y) a Test that the KEXINIT (key exchange initiation) message is sent correctly. Payload:: bytes[16] cookie string key exchange algorithms string public key algorithms string outgoing ciphers string incoming ciphers string outgoing MACs string incoming MACs string outgoing compressions string incoming compressions bool first packet follows uint32 0 r<rtrsN ,s ext-info-ss)r%rErFr rnrorGrrr"getNSrKsupportedKeyExchangessupportedPublicKeysr supportedMACssupportedCompressionssupportedLanguages)r?rErm keyExchangespubkeysciphers1ciphers2macs1macs2 compressions1 compressions2 languages1 languages2rns r0test_sendKexInitz&BaseSSHTransportTests.test_sendKexInits7 $$&,,Wa8; %%' !eY-B-B,D&EF "|4 LLb )             $))DJJ$D$D $VW  $))DJJ,J,J"KL 499TZZ-H-H#IJ 499TZZ-H-H#IJ  $***B*B CD  $***B*B CD  $**2R2R(ST  $**2R2R(ST TYYtzz/L/L%MN TYYtzz/L/L%MN k*r/c|jj|jjtj|j |j |jgy)zy Immediately after connecting, the transport expects a KEXINIT message and does not reply to it. N)r%r^r rrrrGrrYs r0test_receiveKEXINITReplyz.BaseSSHTransportTests.test_receiveKEXINITReplysH  ""9#8#8$:Q:QR r*r/cj|j|j|jdd=|jjtj |j |jt|jd|j|jddtj y)z When a KEXINIT message is received which is not a reply to an earlier KEXINIT message which was sent, a KEXINIT reply is sent. Nrtr) rr rrr%rrrGrxrYs r0test_sendKEXINITReplyz+BaseSSHTransportTests.test_sendKEXINITReplys} tzz* LLO ""9#8#8$:Q:QR T\\*A. a+Y-B-BCr/cX|jt|jjy)a( A new key exchange cannot be started while a key exchange is already in progress. If an attempt is made to send a I{KEXINIT} message using L{SSHTransportBase.sendKexInit} while a key exchange is in progress causes that method to raise a L{RuntimeError}. N) assertRaisesrzr rwrYs r0test_sendKexInitTwiceFailsz0BaseSSHTransportTests.test_sendKexInitTwiceFails s , (>(>?r/c8tjtjg}|jj|j`|D]H}|jj |d|j |jjdJ|j|jt|j_ |jj|j |jjjddy)z After L{SSHTransportBase.sendKexInit} has been called, messages types other than the following are queued and not sent until after I{NEWKEYS} is sent by L{SSHTransportBase._keySetup}. RFC 4253, section 7.1. rr/N) r%MSG_SERVICE_REQUESTrr^r rrGrErrqnextEncryptions_newKeyscount)r?disallowedMessageTypesrs r0test_sendKexInitBlocksOthersz2BaseSSHTransportTests.test_sendKexInitBlocksOtherss  ) )  ! !"   JJ !1 :K JJ ! !+v 6   T^^113S 9 : tzz*&0\ "  --/55f=qAr/cjd|j_|jjddg|j|jt j dtjdztjdztjdztjdzfgy ) ze Test that EXT_INFO messages are sent correctly. See RFC 8308, section 2.3. Tserver-sig-algsssh-rsa,rsa-sha2-256) elevationdrrrrN) r _peerSupportsExtensions sendExtInforGrr% MSG_EXT_INFOr"rArYs r0test_sendExtInfoz&BaseSSHTransportTests.test_sendExtInfo6s .2 * =$   LL**'ii 234ii 789ii -.iio &  r/ct|jjdg|j|jgy)z If the peer has not advertised support for extension negotiation, no EXT_INFO message is sent, since RFC 8308 only guarantees that the peer will be prepared to accept it if it has advertised support. rN)r rrGrrYs r0test_sendExtInfoUnsupportedz1BaseSSHTransportTests.test_sendExtInfoUnsupportedPs.  MNO r*r/cZ|jjtjdt j dzt j dzt j dzt j dz|j |jjdddy)z When an EXT_INFO message is received, the transport stores a mapping of the peer's advertised extensions. See RFC 8308, section 2.3. rr!ssh-rsa,rsa-sha2-256,rsa-sha2-512no-flow-controls)rrN)r rr%rr"rArGpeerExtensionsrYs r0 test_EXT_INFOz#BaseSSHTransportTests.test_EXT_INFOYs ""  " " ii*+ ,ii<= >ii*+ ,iio     JJ % %$H$(  r/c|jjddd|j|jtj dfgy)z Test that debug messages are sent correctly. Payload:: bool always display string debug message string language rrTentestenN)r  sendDebugrGrr% MSG_DEBUGrYs r0test_sendDebugz$BaseSSHTransportTests.test_sendDebugnsA WdE2  LL!!#P Q R r/c|jjtjd|jjtjd|j |jj ddgy)zW Test that debug messages are received correctly. See test_sendDebug. rssilenten)Trrr)FssilentrN)r rr%rrGrVrYs r0test_receiveDebugz'BaseSSHTransportTests.test_receiveDebug{sh ""   !N  ""   !P   JJ   68QR r/c|jjd|j|jtj dfgy)zk Test that ignored messages are sent correctly. Payload:: string ignored data rrstestN)r  sendIgnorerGrr% MSG_IGNORErYs r0test_sendIgnorez%BaseSSHTransportTests.test_sendIgnores< g&  LLI002IJK r/c|jjtjd|j |jj dgy)zb Test that ignored messages are received correctly. See test_sendIgnore. rrN)r rr%rrGrWrYs r0test_receiveIgnorez(BaseSSHTransportTests.test_receiveIgnores: ""9#7#7A ,,wi8r/c|jj|j|jtj dfgy)zt Test that unimplemented messages are sent correctly. Payload:: uint32 sequence number r:N)r sendUnimplementedrGrr%MSG_UNIMPLEMENTEDrYs r0test_sendUnimplementedz,BaseSSHTransportTests.test_sendUnimplementeds: $$&  LLI779LMN r/c|jjtjd|j |jj dgy)zo Test that unimplemented messages are received correctly. See test_sendUnimplemented. srN)r rr%rrGrUrYs r0test_receiveUnimplementedz/BaseSSHTransportTests.test_receiveUnimplementeds; ""9#>#>@ST 22SE:r/cdgfd}||j_|jjdd|j |j tj dfg|jdy)z Test that disconnection messages are sent correctly. Payload:: uint32 reason code string reason description string language Fcdd<yNTrr. disconnectedsr0stubLoseConnectionzEBaseSSHTransportTests.test_sendDisconnect..stubLoseConnection "LOr/rrrstestrN)r%loseConnectionr sendDisconnectrGrMSG_DISCONNECTrVr?rrs @r0test_sendDisconnectz)BaseSSHTransportTests.test_sendDisconnectsrw  #);% !!$0  LL,,K    Q(r/cdgfd}||j_|jjtjd|j |jj dg|jdy)zl Test that disconnection messages are received correctly. See test_sendDisconnect. Fcdd<yrr.rsr0rzHBaseSSHTransportTests.test_receiveDisconnect..stubLoseConnectionrr/s testrrrrN)r%rr rrrGrTrVrs @r0test_receiveDisconnectz,BaseSSHTransportTests.test_receiveDisconnectsl w  #);% ""  $ $&M  **^,<=  Q(r/cdgfd}||j_|jj|jj |j |jj |j|jj|jj|j dy)ze Test that dataReceived parses packets and dispatches them to ssh_* methods. Fcdd<yrr.)rmkexInits r0 stubKEXINITz.stubKEXINITs GAJr/rN) r  ssh_KEXINITrr%rErV gotVersionrGourVersionStringotherVersionString)r?rrs @r0test_dataReceivedz'BaseSSHTransportTests.test_dataReceiveds ' "-   4 4 67  --. 44djj6S6ST  #r/cdt}|jj||j|jj||j |j |jjdd|j|jdgt}|jj||j |j |j |j|jjd|j |jy)z Test that the transport can set the running service and dispatches packets to the service's packetReceived method. rrrrN) rr  setServicerGrrVrrrrconnectionLost)r?rservice2s r0 test_servicez"BaseSSHTransportTests.test_services - g& ++W5 ( ""41 '89= h' (() ( !!$' (()r/cdgfd}||j_d|j_|jjd|j dy)zP Test that the transport notifies the avatar of disconnections. Fcdd<yrr.rsr0logoutz1BaseSSHTransportTests.test_avatar..logoutrr/TNr)r logoutFunctionavatarrrV)r?rrs @r0 test_avatarz!BaseSSHTransportTests.test_avatarsMw  #%+ !   !!$'  Q(r/c|j|jjd|j|jjd|j|jjdt|j_|j |jjd|j |jjd|j |jjdt jdddd|j_|j|jjd|j|jjd|j|jjd|jt|jjdy)zS Test that the transport accurately reflects its encrypted status. inoutbothr8badN) rTr  isEncryptedrqrcrVr%rr TypeErrorrYs r0test_isEncryptedz&BaseSSHTransportTests.test_isEncrypted sO //56 //67 //78(2  %  ..t45  ..u56  ..v67(1(<(< Wgw)  % //56 //67 //78 )TZZ%;%;UCr/c|j|jjd|j|jjd|j|jjdt|j_|j |jjd|j |jjd|j |jjdt jdddd|j_|j|jjd|j|jjd|j|jjd|jt|jjdy)zR Test that the transport accurately reflects its verified status. rrrr8rN) rTr  isVerifiedrqrcrVr%rrrrYs r0test_isVerifiedz%BaseSSHTransportTests.test_isVerifiedsO ..t45 ..u56 ..v67(2  %  --d34  --e45  --f56(1(<(< Wgw)  % ..t45 ..u56 ..v67 )TZZ%:%:EBr/cFdgfd}||j_|jj|j|jddtj |j|jddddt tjfy)zh Test that loseConnection sends a disconnect message and closes the connection. Fcdd<yrr.rsr0rzEBaseSSHTransportTests.test_loseConnection..stubLoseConnection9rr/rrtrrN)r%rr rGrrrDISCONNECT_CONNECTION_LOSTrs @r0test_loseConnectionz)BaseSSHTransportTests.test_loseConnection2s w  #);% !!# a+Y-E-EF  LLOA q #UI,P,P+R%S r/c@fd}|d|d|dy)zU Test that the transport disconnects when it receives a bad version. cg_dj_dgfd}|j_t |dzD]}jj |jdjjddtjjjddddttjfy)NFcdd<yrr.rsr0rzRBaseSSHTransportTests.test_badVersion..testBad..stubLoseConnectionMs "& Qr/r<rrtrr) rr rr%rrrrVrGrr)DISCONNECT_PROTOCOL_VERSION_NOT_SUPPORTED)rOrrDrr?s @r0testBadz6BaseSSHTransportTests.test_badVersion..testBadHsDL$)DJJ !!7L '-?DNN )w01 + ''* + OOLO ,   T\\!_Q/1I1I J    Q"1Q'yJJLM r/sSSH-1.5-OpenSSHsSSH-3.0-TwistedsGET / HTTP/1.1Nr.)r?rs` r0test_badVersionz%BaseSSHTransportTests.test_badVersionCs%  $ "#"#!"r/c^t}|jtjd|jzdz}t |Dcgc]}|j |c}|j|j|j|j|jycc}w)zV Test that the transport ignores data sent before the version string. s5here's some stuff beforehand here's some other stuff r<N) rQrrr rrrrVrrGr)r?r datarDs r0test_dataBeforeVersionz,BaseSSHTransportTests.test_dataBeforeVersion^s"# ]::<= $$ %   )2$81  A 8 (() 1153I3IJ 9s B*ct}|jtj|j d|j |j |j|jdy)zw Test that the transport treats the compatibility version (1.99) as equivalent to version 2.0. sSSH-1.99-OpenSSH sSSH-1.99-OpenSSHN rQrrr rrVrrGrrs r0test_compatabilityVersionz/BaseSSHTransportTests.test_compatabilityVersionos[ "# ]::<= 01 (() 113FGr/ct}|jtj|j d|j |j |j|jdy)z It can parse the SSH version string even when it ends only in Unix newlines (CR) and does not follows the RFC 4253 to use network newlines (CR LF). s,SSH-2.0-PoorSSHD Some-comment here more-datas"SSH-2.0-PoorSSHD Some-comment hereNrrXs r0&test_dataReceivedSSHVersionUnixNewlinezSSH-2.0-9.99 FlowSsh: Bitvise SSH Server (WinSSHD) more-datas3SSH-2.0-9.99 FlowSsh: Bitvise SSH Server (WinSSHD) NrrXs r0)test_dataReceivedSSHVersionTrailingSpacesz?BaseSSHTransportTests.test_dataReceivedSSHVersionTrailingSpacess` ! =88:;  S  '   " " B r/ct}d|_|jtj|j d|j |jy)z If an unusual SSH version is received and is included in C{supportedVersions}, an unsupported version error is not emitted. )9.99SSH-9.99-OpenSSH N)rQsupportedVersionsrrr rrTrXrs r0 test_supportedVersionsAreAllowedz6BaseSSHTransportTests.test_supportedVersionsAreAllowedsN "#", ]::<= 01 445r/ct}d|_|jtj|j d|j d|jy)z If an unusual SSH version is received and is not included in C{supportedVersions}, an unsupported version error is emitted. )s2.0rrN)rQrrrr rrGrXrs r06test_unsupportedVersionsCallUnsupportedVersionReceivedzLBaseSSHTransportTests.test_unsupportedVersionsCallUnsupportedVersionReceivedsP "#"+ ]::<= 01 %"="=>r/ctjffd }|d|djj}t j_|dtj djj_|d|j_tj_d}|jj_ |dtjjy ) zi Test that the transport disconnects with an error when it receives bad packets. cg_|j_jjj j t jdj jddtjj jddddt|fy)Nrtrrr) rr rnrxrorGrxr%rr)rmerrorr?s r0rz6BaseSSHTransportTests.test_badPackets..testBadsDL#DJJN   djj224 5   S. 2   T\\!_Q/1I1I J   T\\!_Q/!4eUHo Fr/ss BCDEs AB123456c |ddSrr.)rLs r0rsz7BaseSSHTransportTests.test_badPackets..s !CR&r/sBCDEFGHIJKctd)Nzbad compression) Exception)rs r0stubDecompressz=BaseSSHTransportTests.test_badPackets..stubDecompresss-. .r/s BCDEN) r%DISCONNECT_PROTOCOL_ERRORr rcrqDISCONNECT_MAC_ERRORrrr|rDISCONNECT_COMPRESSION_ERRORflushLoggedErrors)r?roldEncryptionsr(s` r0test_badPacketsz%BaseSSHTransportTests.test_badPacketss #,"E"E G  +,66(2  % +Y-K-K 1A %%-12(6 %)8): & /5C &&1 '  2 2   r/c jj}|ffd }jjdd|dtjd<jjdd|jjdd|jj t jjdd|jjdd|y ) zj Test that unimplemented packet types cause MSG_UNIMPLEMENTED packets to be sent. cjjddtjjjddddt |fgj _|dz }y)Nrrtrr)rGrr%rrr )rdr?s r0checkUnimplementedzKBaseSSHTransportTests.test_unimplementedPackets..checkUnimplementedsf   T\\!_Q/1L1L M   T\\!_Q/!4eVI6F G!#DJJ  aKFr/(r/s MSG_fiction)<FrN)r rrr%messagesrr)r?rdr1s` r0test_unimplementedPacketsz/BaseSSHTransportTests.test_unimplementedPacketss 22&,  ""2s+!/ 2 ""2s+ ""2s+ km, ""2s+ ""2s+r/c>|j}|j|jjt |_t |_t |_|jtt}|jtj|jd|j!|j"|j"|j!|j|j|j!|j$|j$|j!|j&|j&|j!|j |j |j!|j(|j(y)zD Test that multiple instances have distinct states. r/N)r rr%rErqrcrrir|rrrQrrr rassertNotEqualrrrr)r?r proto2s r0test_multipleClassesz*BaseSSHTransportTests.test_multipleClassess'  4>>//12#-< $3$5!$3$5! '"$m;;=># E,,f.?.?@ EOOV-=-=> E88&:W:WX E88&:W:WX E44f6O6OP EMM6>>:r/N)4r+r,r-rorrEr"rArrRrZr`rfrjrlrprzr}rrrrrrrrrrrrrrrrrrrrrrrr rrrrrrr!r.r7r;r.r/r0r4r4s   &))2 3 4 &))J   &))M " # &))M "  # &))L !  " &))L !  " &))G   &))G   &))C.  &))C.      @.X,P( :  > .)( 58 B/+b+ D@"BH 4+ *     9 ;)2)"$ *( )D(C( "#6K" H X . 6 ?"!H4;r/r4ceZdZdZdZy)'BaseSSHTransportDHGroupExchangeBaseCasez@ Diffie-Hellman group exchange tests for TransportBase. c|j|j_d|j_|j d|jjzj }|j d|zj }|j d|z|zj }|j d|z|z|zj }|j |jjddd||z|z|zy)z? Test that _getKey generates the correct keys. EFsABCDKrvKABCDN)r&r kexAlg sessionIDr'digestrG_getKey)r?k1k2k3k4s r0 test_getKeyz3BaseSSHTransportDHGroupExchangeBaseCase.test_getKey s!-- $     4tzz7K7K K L S S U   " - 4 4 6   " r 1 2 9 9 ;   " r 1B 6 7 > > @ ++D%?b2PRARSr/N)r+r,r-rorKr.r/r0r=r=s  Tr/r=ceZdZdZy)(BaseSSHTransportDHGroupExchangeSHA1TestszE diffie-hellman-group-exchange-sha1 tests for TransportBase. Nr+r,r-ror.r/r0rMrMr/rMceZdZdZy)*BaseSSHTransportDHGroupExchangeSHA256TestszG diffie-hellman-group-exchange-sha256 tests for TransportBase. NrNr.r/r0rQrQ# r/rQceZdZdZy)"BaseSSHTransportEllipticCurveTestsz4 ecdh-sha2-nistp256 tests for TransportBase NrNr.r/r0rTrT-rOr/rTceZdZdZy)%BaseSSHTransportCurve25519SHA256Testsz3 curve25519-sha256 tests for TransportBase NrNr.r/r0rVrV5r/rVcJeZdZdZd dZd dZdZdZdZdZ d Z d Z d Z y) #ServerAndClientSSHTransportBaseCasezF Tests that need to be run on both the server and the client. Nc|tj}|j|jddtj|j|jddddt |fy)zI Helper function to check if the transport disconnected. Nrrrtrr)r%r)rGrrrrs r0checkDisconnectedz5ServerAndClientSSHTransportBaseCase.checkDisconnectedCsc <66D b)!,i.F.FG b)!,Qq15$>Br/c,|tj}|j}|||jt j |j j|jj|r|j||S)zy Helper function to connect a modified protocol to the test protocol and test for disconnection. ) r%DISCONNECT_KEY_EXCHANGE_FAILEDrrrr r rrEr[)r?protoModificationrr:s r0connectModifiedProtocolz;ServerAndClientSSHTransportBaseCase.connectModifiedProtocolLsu <;;D&!m;;=>  0 0 6 6 89   " "4 ( r/c,d}|j|y)z` Test that the transport disconnects if it can't match the key exchange cg|_yrrr:s r0blankKeyExchangesz\ServerAndClientSSHTransportBaseCase.test_disconnectIfCantMatchKex..blankKeyExchangesa +-F (r/Nr_)r?rds r0test_disconnectIfCantMatchKexzAServerAndClientSSHTransportBaseCase.test_disconnectIfCantMatchKex[s  . $$%67r/c,d}|j|y)zP Like test_disconnectIfCantMatchKex, but for the key algorithm. cg|_yr)rrcs r0blankPublicKeysz]ServerAndClientSSHTransportBaseCase.test_disconnectIfCantMatchKeyAlg..blankPublicKeysks )+F &r/Nrf)r?rjs r0 test_disconnectIfCantMatchKeyAlgzDServerAndClientSSHTransportBaseCase.test_disconnectIfCantMatchKeyAlgfs  , $$_5r/c,d}|j|y)zN Like test_disconnectIfCantMatchKex, but for the compression. cg|_yrrrcs r0blankCompressionszdServerAndClientSSHTransportBaseCase.test_disconnectIfCantMatchCompression..blankCompressionsurer/Nrf)r?ros r0%test_disconnectIfCantMatchCompressionzIServerAndClientSSHTransportBaseCase.test_disconnectIfCantMatchCompressionps  . $$%67r/c,d}|j|y)zM Like test_disconnectIfCantMatchKex, but for the encryption. cg|_yrrrcs r0 blankCipherszZServerAndClientSSHTransportBaseCase.test_disconnectIfCantMatchCipher..blankCipherss &(F #r/Nrf)r?rts r0 test_disconnectIfCantMatchCipherzDServerAndClientSSHTransportBaseCase.test_disconnectIfCantMatchCipherzs  ) $$\2r/c,d}|j|y)zF Like test_disconnectIfCantMatchKex, but for the MAC. cg|_yrrrcs r0 blankMACszTServerAndClientSSHTransportBaseCase.test_disconnectIfCantMatchMAC..blankMACss #%F r/Nrf)r?rys r0test_disconnectIfCantMatchMACzAServerAndClientSSHTransportBaseCase.test_disconnectIfCantMatchMACs  & $$Y/r/c|j|jjtj|jj jy)z Test that the transport's L{getPeer} method returns an L{SSHTransportAddress} with the L{IAddress} of the peer. N)rGr getPeerrSSHTransportAddressr%rYs r0 test_getPeerz0ServerAndClientSSHTransportBaseCase.test_getPeerC  JJ    ' ' (<(<(D(D(F G r/c|j|jjtj|jj jy)z Test that the transport's L{getHost} method returns an L{SSHTransportAddress} with the L{IAddress} of the host. N)rGr getHostrr}r%rYs r0 test_getHostz0ServerAndClientSSHTransportBaseCase.test_getHostrr/r) r+r,r-ror[r_rgrkrprurzr~rr.r/r0rYrY>s5C  86830  r/rYc`eZdZUdZej Zeeeje d<dZ dZ y)ServerSSHTransportBaseCasez1 Base case for SSHServerTransport tests. rctj|t|j_|jjj yr)rrrr r# startFactoryrYs r0rz ServerSSHTransportBaseCase.setUps4%(]  '')r/ctj||jjj |j`yr)rtearDownr r# stopFactoryrYs r0rz#ServerSSHTransportBaseCase.tearDowns0""4( &&( JJ r/N) r+r,r-ror%r5rr r r1r"rrr.r/r0rrs49B8T8TE8D334 5T* r/rc|eZdZdZdZdZdZdZdZdZ dZ d Z d Z d Z d Zd ZdZdZdZdZdZdZy)ServerSSHTransportTestsz' Tests for SSHServerTransport. ctjjtjtjjtj tjjtj tjjtjd|jj_ tjjtjtjjtjtjjtjtjjtjd|jj_|j!|jj#d|jjjd|jjjdf|j!|jj#d|jjjd|jjjdf|j!|jj#d|jjjd|jjjdf|j!|jj#d|jjjd|jjjdf|j!|jj#d|jjjd|jjjdf|j!|jj#d|jjjd|jjjdf|j%t&|jj"dy ) z L{transport.SSHServerTransport._getHostKeys} returns host keys from the factory, looked up by public key signature algorithm. )rssh-dssecdsa-sha2-nistp256 ssh-ed25519r rsa-sha2-256 rsa-sha2-512rrrsecdsa-sha2-nistp384N)r$rrr&rrpublicECDSA_opensshpublicEd25519_opensshr r# publicKeysrrprivateECDSA_opensshprivateEd25519_openssh_new privateKeysrG _getHostKeysrKeyErrorrYs r0test__getHostKeysz)ServerSSHTransportTests.test__getHostKeyss ++G,E,EF++G,E,EF$(HH$7$78S8S$T HH//0M0MN )  %++G,F,FG++G,F,FG$(HH$7$78T8T$U HH//0R0RS *  &  JJ # #J / ""--j9 ""..z:    JJ # #O 4 ""--j9 ""..z:    JJ # #O 4 ""--j9 ""..z:    JJ # #J / ""--j9 ""..z:    JJ # #$: ; ""--.DE ""../EF    JJ # #N 3 ""--n= ""..~>   (DJJ$;$;=STr/c|jjd|j|jjd|j|jjd|j|jj d|j|jj d|j|jj|jj}|j|jd|j|jd|j|jd|j|jdy)z Receiving a KEXINIT packet listing multiple supported algorithms will set up the first common algorithm found in the client's preference list. s SSH-2.0-Twisted bdiffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256ssh-dss,ssh-rsaaes128-ctr,aes128-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc,cast128-ctr,cast128-cbc,blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbcaes128-ctr,aes128-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc,cast128-ctr,cast128-cbc,blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbchmac-md5,hmac-sha1hmac-md5,hmac-sha1 none,zlib none,zlibr%rr8s aes128-ctrhmac-md5N)r rrGrCkeyAlgoutgoingCompressionTypeincomingCompressionTyperTrrrrrrr?nes r0test_KEXINITMultipleAlgorithmsz6ServerSSHTransportTests.test_KEXINITMultipleAlgorithmss  ( $ **,QR **J7 ;;WE ;;WE ;;< ZZ ' '  6 }5  4 {3r/cdtjdztjdztjdztjdztjdztjdztjdztjdztjdztjdzdzd z}|jj||j |jj d |j |jjy ) z If the client sends "ext-info-c" in its key exchange algorithms, then the server notes that the client supports extension negotiation. See RFC 8308, section 2.1. rs/diffie-hellman-group-exchange-sha256,ext-info-crr6r7r8r/r9r:r*N)r"rAr rrGrCrVrr? kexInitPackets r0 test_KEXINITExtensionNegotiationz8ServerSSHTransportTests.test_KEXINITExtensionNegotiations iiJK Lii # $ii & 'ii &  ' ii %  & ii %  &ii  !ii  !iin iin  " "  }- **,ST  ::;r/c ddj|jjddd|jj|jj|jj|jj |jj |jj |jj |jj|jjf Dcgc]}dj|c}Dcgc]}tj|c}zdz}|jj||j|jj|jjd|j|jj|jjd|j|jj|j!|j"gd |j_ |jj%d |j|jj|j!|j"gycc}wcc}w) a< The client is allowed to send a guessed key exchange packet after it sends the KEXINIT packet. However, if the key exchanges do not match, that guess packet must be ignored. This tests that the packet is ignored in the case of the key exchange method not matching. rr/Nrr testT rKr rrrrrrr"rArrVignoreNextPacket ssh_DEBUGssh_KEX_DH_GEX_REQUEST_OLDrTrGrssh_KEX_DH_GEX_REQUESTr?rMrLrs r0test_ignoreGuessPacketKexz1ServerSSHTransportTests.test_ignoreGuessPacketKex3s  !% @ @2 F $ > > $ ; ; $ ; ; $ 8 8 $ 8 8 $ @ @ $ @ @ $ = = $ = = &" !!IIaL" !  .'/ ( 4 }-  334 HI  334 --.AB 445 r*&* # ))*AB 445 r*A" )I8 I= c ddj|jj|jjddd|jj|jj|jj |jj |jj |jj |jj|jjf Dcgc]}dj|c}Dcgc]}tj|c}zdz}|jj||j|jj|jjd|j|jj|jjd|j|jj|j!|j"gd |j_ |jj%d |j|jj|j!|j"gycc}wcc}w) zk Like test_ignoreGuessPacketKex, but for an incorrectly guessed public key format. rr/NrrrrrTrrrs r0test_ignoreGuessPacketKeyz1ServerSSHTransportTests.test_ignoreGuessPacketKeycs  !% @ @ $ > >tt D $ ; ; $ ; ; $ 8 8 $ 8 8 $ @ @ $ @ @ $ = = $ = = &" !!IIaL" !  .'/ ( 4 }-  334 HI  334 --.AB 445 r*&* # ))*AB 445 r*A"rc|g|j_|g|j_|jj|jj |jj |\}}tj|\}}t|d|}|jjtj|tjtjd|dzzd} t|jj | |jj"} |j%|jj&| t|| |jj"} t)} | j+tj|jj,dz| j+tj|jj.dz| j+tj|j1| j+tj|| j+| | j+| | j3} |j5| |}|j%|j6tj8tj|j1| ztj|zftj:dfgy) a Test that the KEXDH_INIT packet causes the server to send a KEXDH_REPLY with the server's public key and a signature. @param kexAlgorithm: The key exchange algorithm to use. @type kexAlgorithm: L{bytes} @param keyAlgorithm: The public key signature algorithm to use. @type keyAlgorithm: L{bytes} @param bits: The bit length of the DH modulus. @type bits: L{int} irrr signatureTyper/N)r rrrr%rErrrrKrr"rJgetMPrArOrrrGrrupdaterourKexInitPayloadrrEsignrMSG_KEXDH_REPLY MSG_NEWKEYS)r?r& keyAlgorithmr pubHostKey privHostKeyrrerMrGrhr  signatures r0assertKexDHInitResponsez/ServerSSHTransportTests.assertKexDHInitResponses-9> (*6 &  4 4 67"&**"9"9,"G K**<81 4O --fiil; LL7dai#89 :1 = 4::<<DJJLL 1 77;aDJJLL1 F 4::667!;< 4::7781<= :??,-. 1   xxz $$\$N   LL--IIjoo/014vyy7KK&&,   r/cd|j_d|j_|jt|jj t jdy) Test that if the server receives a KEX_DH_GEX_REQUEST_OLD message and the key exchange algorithm is not set, we raise a ConchError. s bad-curvers unused-keyN)r rCrrr_ssh_KEX_ECDH_INITr"rArYs r0%test_checkBad_KEX_ECDH_INIT_CurveNamez=ServerSSHTransportTests.test_checkBad_KEX_ECDH_INIT_CurveNamesF ) &   JJ ) ) IIm $ r/cVdtjdztjdztjdztjdztjdztjdztjdztjdztjdztjdzdzd z}|jj||j t |j t y ) zy Test that if the server received a bad name for a curve we raise an UnsupportedAlgorithm error. r5r.rr6r7r8r/r9r:N)r"rAr rrAttributeErrorr)r?kexmsgs r0 test_checkBad_KEX_INIT_CurveNamez8ServerSSHTransportTests.test_checkBad_KEX_INIT_CurveNames  ii-. /ii # $ii & 'ii &  ' ii %  & ii %  &ii  !ii  !iin iin  " "  v& .) ./r/c*|jdddy)z KEXDH_INIT messages are processed when the diffie-hellman-group14-sha1 key exchange algorithm and the ssh-rsa public key signature algorithm are requested. rrrNrrYs r0test_KEXDH_INIT_GROUP14z/ServerSSHTransportTests.test_KEXDH_INIT_GROUP14s $$%CZQUVr/c*|jdddy) KEXDH_INIT messages are processed when the diffie-hellman-group14-sha1 key exchange algorithm and the rsa-sha2-256 public key signature algorithm are requested. rrrNrrYs r0$test_KEXDH_INIT_GROUP14_rsa_sha2_256z (*4 &  4 4 67 --.AB#zz11;;=AA$GJ W  LL22IIg&)@@   q) w/r/c|d|j_|jt|jjdy)rN)r rCrrrrYs r0%test_KEX_DH_GEX_REQUEST_OLD_badKexAlgzOServerSSHTransportDHGroupExchangeBaseCase.test_KEX_DH_GEX_REQUEST_OLD_badKexAlgs, !  *djj&K&KTRr/c|jg|j_|g|j_|jj |j j |jjd|jjjjdd\}}|j|jt jtj|dzfg|j|jj d|j|jj"|y)z Test that the KEX_DH_GEX_REQUEST message causes the server to reply with a KEX_DH_GEX_GROUP message with the correct Diffie-Hellman group.  rrrrN)r&r rrrr%rErr#rrrGrrr"rJrr)r?rrrs r0test_KEX_DH_GEX_REQUESTzAServerSSHTransportDHGroupExchangeBaseCase.test_KEX_DH_GEX_REQUESTs -1,=,=+> (*6 &  4 4 67 )) E  $zz11;;=AA$GJ W  LL22IIg&)@@   q) w/r/c |j|jjd\}}t|jjd|jj }t jdd}|j|jjjj|t|jj||jj }|j|jj|t|||jj }|j}|jt j |jj"dz|jt j |jj$dz|jt j |j'|jd|jt j(|jj |jt j(|jj|jt j(||j||j||j+}|jj-t j(||j|j.ddt0j2t j |j'|zt j |j5|zft0j6d fgy) z Test that the KEX_DH_GEX_INIT message after the client sends KEX_DH_GEX_REQUEST_OLD causes the server to send a KEX_DH_GEX_INIT message with a public key and signature. rrsrrrrtNr/)rr rrKrrr"rrGrprivate_numbersrLrOrr'rrArrrrJrEssh_KEX_DH_GEX_INITrr%MSG_KEX_DH_GEX_REPLYrr r?rrrrMrGrrr s r0&test_KEX_DH_GEX_INIT_after_REQUEST_OLDzPServerSSHTransportDHGroupExchangeBaseCase.test_KEX_DH_GEX_INIT_after_REQUEST_OLDsT ((*"&**"9"9*"E K  a . LL< =a @ //??ACCQG 4::<<DJJLL 1 77;aDJJLL1     4::667!;< 4::7781<= :??,-. $% 4::<<() 4::<<() 1   xxz  &&vyy|4  LL 22IIjoo/0ii 0 0 >?@ &&,  r/c |j|jjd\}}t|jjd|jj }t jdd}t|jj||jj }t|||jj }|j}|jt j|jjdz|jt j|jjdz|jt j|j|jd|jt j|jj |jt j|jj|jt j||j||j||j!}|jj#t j||j%|j&dt(j*t j|j|zt j|j-|zfy) z Test that the KEX_DH_GEX_INIT message after the client sends KEX_DH_GEX_REQUEST causes the server to send a KEX_DH_GEX_INIT message with a public key and signature. rrrrrrtNrr rrKrrr"rrOr'rrArrrrJrEr rGrr%r rr s r0"test_KEX_DH_GEX_INIT_after_REQUESTzLServerSSHTransportDHGroupExchangeBaseCase.test_KEX_DH_GEX_INIT_after_REQUESTs $$&"&**"9"9*"E K  a . LL< =a @ 4::<<DJJLL 1aDJJLL1     4::667!;< 4::7781<= :??,-. DE 4::<<() 4::<<() 1   xxz  &&vyy|4  LLO.. *//+,))K,,\:;<  r/c |jd|jjd\}}t|jjd|jj }t jdd}t|jj||jj }t|||jj }|j}|jt j|jjdz|jt j|jjdz|jt j|j|jd|jt j|jj |jt j|jj|jt j||j||j||j!}|jj#t j||j%|j&dt(j*t j|j|zt j|j-|d zfy ) a& Test that the KEX_DH_GEX_INIT message after the client sends KEX_DH_GEX_REQUEST using a public key signature algorithm other than the default for the public key format causes the server to send a KEX_DH_GEX_INIT message with a public key and signature. r)rrrrrrrtrNrr s r0/test_KEX_DH_GEX_INIT_after_REQUEST_rsa_sha2_512zYServerSSHTransportDHGroupExchangeBaseCase.test_KEX_DH_GEX_INIT_after_REQUEST_rsa_sha2_512s $$/$B"&**"9"9/"J K  a . LL< =a @ 4::<<DJJLL 1aDJJLL1     4::667!;< 4::7781<= :??,-. DE 4::<<() 4::<<() 1   xxz  &&vyy|4  LLO.. *//+,))$$\$Q  r/N)r) r+r,r-rorrrr rrr.r/r0rrqs(0.S02% N" H% r/rceZdZdZy)*ServerSSHTransportDHGroupExchangeSHA1TestszJ diffie-hellman-group-exchange-sha1 tests for SSHServerTransport. NrNr.r/r0rr!rRr/rceZdZdZy),ServerSSHTransportDHGroupExchangeSHA256TestszL diffie-hellman-group-exchange-sha256 tests for SSHServerTransport. NrNr.r/r0rr+rRr/rceZdZdZdZy)ServerSSHTransportECDHBaseCasezE Elliptic Curve Diffie-Hellman tests for SSHServerTransport. c ||jg|j_dg|j_|jj |j j |jjd\}}|jj}|j}|jj|}|jjtj||jj||jj|jj}|j!}|j#tj|jj$|j#tj|jj&|j#tj|jj(|j#tj|jj*|j#tj|j-|j#tj||j#tj|jj|jj|j#||j/}|j1|} |j3|j4t j6tj|j-tj|jj|jjztj| zft j8dfgy)z Test that the KEXDH_INIT message causes the server to send a KEXDH_REPLY with the server's public key and a signature. rr/N)r&r rrrr%rEr_generateECPrivateKeyr_encodeECPublicKeyrr"rA_generateECSharedSecretecPubr'rrrotherKexInitPayloadrrrErrGrrr) r?rrecPrivrencPubrrr rs r0test_KEX_ECDH_INITz1ServerSSHTransportECDHBaseCase.test_KEX_ECDH_INIT:s{ -1,=,=+> (*4 &  4 4 67"&**"9"9*"E K113!!#..u5 --fii.?@zz99 DJJ11$**2B2BC      4::889: 4::6678 4::99:; 4::7789 :??,-. 6"# 4::889I9IJKL xxz $$\2   LL--IIjoo/0ii = =djj>N>N OPQii *+ &&,  r/N)r+r,r-ror!r.r/r0rr5s , r/rceZdZdZy)ServerSSHTransportECDHTestsz: ecdh-sha2-nistp256 tests for SSHServerTransport. NrNr.r/r0r#r#irOr/r#ceZdZdZy)'ServerSSHTransportCurve25519SHA256Testsz9 curve25519-sha256 tests for SSHServerTransport. NrNr.r/r0r%r%qrWr/r%c`eZdZUdZej Zeeeje d<dZ dZ y)ClientSSHTransportBaseCasez1 Base case for SSHClientTransport tests. rc d|_|j||j|j|jddt j t |jtjdS)zC Mock version of SSHClientTransport.verifyHostKey. T:r/) calledVerifyHostKeyrGrreplacebinasciihexlifyrrErsucceed)r?pubKey fingerprints r0 verifyHostKeyz(ClientSSHTransportBaseCase.verifyHostKeysi$(  +    c *H,<,._checkRaisess FF& 'r/N)rr:rconnectionSecurer1 addCallbackfail addErrback)r?r;ds r0 test_notImplementedClientMethodsz8ClientSSHTransportTests.test_notImplementedClientMethodss^ -tzz|/L/LM ( JJL & &tT 2}}TYY'22<@@r/c|g|j_|jj|jj |jj j j}|jtj|ddd|dzz|j|jtj|jjfgy)z Test that a KEXINIT packet with a group1 or group14 key exchange results in a correct KEXDH_INIT response. @param kexAlgorithm: The key exchange algorithm to use @type kexAlgorithm: L{str} rNrr)r rrr%rErrrLrGr"rJrMSG_KEXDH_INITr)r?r&rrLs r0assertKexInitResponseForDHz2ClientSSHTransportTests.assertKexInitResponseForDHs-9> (  4 4 67 JJ " " 2 2 4 6 6 1ab)7dai+@A  LLI44djj6T6TUV r/c(|jddy)zq KEXINIT messages requesting diffie-hellman-group14-sha1 result in KEXDH_INIT responses. rrN)rDrYs r0test_KEXINIT_group14z,ClientSSHTransportTests.test_KEXINIT_group14s ''(FMr/cdg|j_|jjj dd}|j t |jj|y)z Test that the client raises a ConchError if it receives a KEXINIT message but doesn't have a key exchange algorithm that we understand. sdiffie-hellman-group24-sha1sgroup14sgroup24N)r rr%rEr+rrr)r?rs r0test_KEXINIT_badKexAlgz.ClientSSHTransportTests.test_KEXINIT_badKexAlgsO -K+K (~~##%--j*E *djj&=&=tDr/cLdtjdztjdztjdztjdztjdztjdztjdztjdztjdztjdzdzd z}|jj||j |jj y ) z If the server sends "ext-info-s" in its key exchange algorithms, then the client notes that the server supports extension negotiation. See RFC 8308, section 2.1. rs/diffie-hellman-group-exchange-sha256,ext-info-srr6r7r8r/r9r:N)r"rAr rrVrrs r0rz8ClientSSHTransportTests.test_KEXINITExtensionNegotiations iiJK Lii # $ii & 'ii &  ' ii %  & ii %  &ii  !ii  !iin iin  " "  }-  ::;r/c||jd}tj|}|jjj j }|jj}t|||}t}|jtj|jjdz|jtj|jjdz|jtj|j|j|jj|j||j||j!}|j"j%|}||tj|j|zfS)a Utility for test_KEXDH_REPLY and test_disconnectKEXDH_REPLYBadSignature. Begins a Diffie-Hellman key exchange in the named group Group-14 and computes information needed to return either a correct or incorrect signature. r)rFr"rJr rrrLrrOrrrArrrrrEr3r) r?rGfMPrLrrrr rs r0begin_KEXDH_REPLYz)ClientSSHTransportTests.begin_KEXDH_REPLY s- !!# iil JJ " " 2 2 4 6 6 JJLLaA F 4::667!;< 4::7781<= 499%& //0   xxz LL%%l3 i499)=)CDDr/cj\}}fd}jj|tj|z}|j ||S)zH Test that the KEXDH_REPLY message verifies the server. cj|jjjjj yrrxrVr*rGr rDrEr r?s r0_cbTestKEXDH_REPLYzDClientSSHTransportTests.test_KEXDH_REPLY.._cbTestKEXDH_REPLY- =   e $ OOD44 5   TZZ11< @r/rLr ssh_KEX_DH_GEX_GROUPr"rAr=r?r packetStartrQr@r s` @r0test_KEXDH_REPLYz(ClientSSHTransportTests.test_KEXDH_REPLY' sV261G1G1I.y+ A JJ + +K&))I:N,N O ()r/c d|j_t|j_|j dd|j |jj d|j dd|j |jj d|j |jdtjdftdDcgc]}|jj|dd!}}|j |jjj|d|d |d |d |d |d fycc}w)rrrArBr?rr/rrrrtrrrNrrs r0rz%ClientSSHTransportTests.test_keySetup7 rrcb|jdgfd}||j_tjdddd|j_|j dd|j|jj|jj t|j_|jjd|j|jj|j|jj|j|jj|jj |jdd|j_|j dd |jjd|j#|jjd|j_|j dd |jjd|j#|jjy ) zl Test that NEWKEYS transitions the keys from nextEncryptions to currentEncryptions. Fcdd<yrr.)securesr0stubConnectionSecurezBClientSSHTransportTests.test_NEWKEYS..stubConnectionSecureP s F1Ir/r8rArBr/rrsGHsIJN)rr r<r%rrr! assertIsNotrcrqrrxrir|rrVrrr)r?r\r[s @r0rz$ClientSSHTransportTests.test_NEWKEYSH s ++- '; #%.%9%9 Wgw&  "   . 66 8R8RS%/\ " s# $**889 $**889 djj33TZZ5O5OP q "-4 *   . s# TZZ;;<-4 *   . s# TZZ;;. d,,Y-U-UVr/rSr?r rrVr@s` r0&test_disconnectKEXDH_REPLYBadSignaturez>ClientSSHTransportTests.test_disconnectKEXDH_REPLYBadSignature| Q261G1G1I.y+ JJ + +K&))DT:U,U V}} V  r/cdtjdztjdztjdztjdztjdztjdztjdztjdztjdztjdzdzd z}|jj||jj d t j t jt|j_ |jjj|j_ t j t jt}|j}|jtjjtj j"}t j|j_d|j_|jj)tjt+j-dj/tj|ztjd z|j1t2j4y O Test that KEX_ECDH_REPLY disconnects if the signature is bad. r5r.rr6r7r8r/r9r:sSSH-2.0-OpenSSH s bad-signatureNr"rAr rrr!generate_private_key SECP256R1rrrr public_bytesrEncodingX962 PublicFormatUncompressedPointcurverC_ssh_KEX_ECDH_REPLYrrrr[r%r]r?rthisPrivthisPubr s r0)test_disconnectKEX_ECDH_REPLYBadSignaturezAClientSSHTransportTests.test_disconnectKEX_ECDH_REPLYBadSignature ) ii-. /ii # $ii & 'ii &  ' ii %  & ii %  &ii  !ii  !iin iin  " "  v&  6733BLLNODUV ::,,779 **2<<>?;LM%%'%%  " " ' ')C)C)U)U <<> 1  && IIkm113J?DDF Gii ii() * yGGHr/cZ|jjd|jyrrrYs r0rz2ClientSSHTransportTests.test_disconnectNEWKEYSData rr/ct|j_|jjd|j y)z Test that SERVICE_ACCEPT disconnects if the accepted protocol is differet from the asked-for protocol. sbadN)rr r`rar[rYs r0test_disconnectSERVICE_ACCEPTz5ClientSSHTransportTests.test_disconnectSERVICE_ACCEPT s1 *m  %%&<=  r/ct|j_|jjd|j |jjj |j t|jdy)z Some commercial SSH servers don't send a payload with the SERVICE_ACCEPT message. Conch pretends that it got the correct name of the service. r/rN) rr r`rarVrrGrxrrYs r0test_noPayloadSERVICE_ACCEPTz4ClientSSHTransportTests.test_noPayloadSERVICE_ACCEPT sY *m  %%c*  ++334 T\\*A.r/N)r+r,r-rorrArDrFrHrrLrWrrrbrernrrrrr.r/r0r5r5sd 5D A .NE<0E<  " =D5   ,I\!! /r/r5cHeZdZdZ eddZdZdZdZdZ dZ d Z y ) )ClientSSHTransportDHGroupExchangeBaseCasezE Diffie-Hellman group exchange tests for SSHClientTransport. FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFFc|jg|j_|jj|jj |j |jtjdfgy)zt KEXINIT packet with a group-exchange key exchange results in a KEX_DH_GEX_REQUEST message.  N) r&r rrr%rErGrMSG_KEX_DH_GEX_REQUESTrYs r0test_KEXINIT_groupexchangezDClientSSHTransportDHGroupExchangeBaseCase.test_KEXINIT_groupexchange se -1,=,=+> (  4 4 67  LL44G  r/c <|j|jjtj|j tjdz|j |jj|j |j |jjd|jjjj}|j tj|ddd|j |jjtjtd||j |j |jddtj |jjfgy)z Test that the KEX_DH_GEX_GROUP message results in a KEX_DH_GEX_INIT message with the client's Diffie-Hellman public key. rrNsrt)rr rTr"rJP1536rGrrrrrLrrKrr%MSG_KEX_DH_GEX_INITr{s r0test_KEX_DH_GEX_GROUPz?ClientSSHTransportDHGroupExchangeBaseCase.test_KEX_DH_GEX_GROUP s '') '' $**(= ! (LM tzz2 q) JJ " " 2 2 4 6 6 1ab)=9  JJ * *FIIc!Q 6K,L   LL ++TZZ-K-K L M r/c.|j|jj}d}tj|}t ||jj jj|}|j}|jtj|jjdz|jtj|jjdz|jtj|j|jd|jtj|jtjdz|j|jj |j||j||j#}|j$j'|}||tj|j|zfS)a Utility for test_KEX_DH_GEX_REPLY and test_disconnectGEX_REPLYBadSignature. Begins a Diffie-Hellman key exchange in an unnamed (server-specified) group and computes information needed to return either a correct or incorrect signature. rrr)rr rr"rJrOrrrLr'rrArrrrrrEr3r)r?rrGrKrrr rs r0begin_KEX_DH_GEX_REPLYz@ClientSSHTransportDHGroupExchangeBaseCase.begin_KEX_DH_GEX_REPLY sc ""$ JJLL iila!7!7!G!G!I!K!KQO     4::667!;< 4::7781<= 499%& DE 4::&156 //0   xxz LL%%l3 i499)=)CDDr/cj\}}fd}jj|tj|z}|j ||S)z^ Test that the KEX_DH_GEX_REPLY message results in a verified server. cj|jjjjj yrrOrPs r0_cbTestKEX_DH_GEX_REPLYz`ClientSSHTransportDHGroupExchangeBaseCase.test_KEX_DH_GEX_REPLY.._cbTestKEX_DH_GEX_REPLY0 rRr/rr ssh_KEX_DH_GEX_REPLYr"rAr=)r?rrVrr@r s` @r0test_KEX_DH_GEX_REPLYz?ClientSSHTransportDHGroupExchangeBaseCase.test_KEX_DH_GEX_REPLY) sV 261L1L1N.y+ A JJ + +K&))I:N,N O -.r/cj\}}}jj|tjdz}|j fdS)zQ Test that KEX_DH_GEX_REPLY disconnects if the signature is bad. rgcBjtjSrrirjs r0rsz`ClientSSHTransportDHGroupExchangeBaseCase.test_disconnectGEX_REPLYBadSignature..A rlr/rrms` r0$test_disconnectGEX_REPLYBadSignaturezNClientSSHTransportDHGroupExchangeBaseCase.test_disconnectGEX_REPLYBadSignature9 sQ261L1L1N.y+ JJ + +K&))DT:U,U V}} V  r/cdtjdztjdztjdztjdztjdztjdztjdztjdztjdztjdzdzd z}|jj||jj d t j t jt|j_ |jjj|j_ t j t jt}|j}|jtjjtj j"}t j|j_d|j_|jj)tjt+j-dj/tj|ztjd z|j1t2j4y rqrsr}s r0rzSClientSSHTransportDHGroupExchangeBaseCase.test_disconnectKEX_ECDH_REPLYBadSignatureD rr/N) r+r,r-rorrrrrrrrr.r/r0rr sB  ;  E $ &E>  ,Ir/rceZdZdZy)*ClientSSHTransportDHGroupExchangeSHA1TestszJ diffie-hellman-group-exchange-sha1 tests for SSHClientTransport. NrNr.r/r0rrs rRr/rceZdZdZy),ClientSSHTransportDHGroupExchangeSHA256TestszL diffie-hellman-group-exchange-sha256 tests for SSHClientTransport. NrNr.r/r0rr} rRr/rc(eZdZdZdZdZdZdZy)ClientSSHTransportECDHBaseCasezE Elliptic Curve Diffie-Hellman tests for SSHClientTransport. c ||jg|j_|jj|jj |j |jtjtj|jj|jjfgy)zm KEXINIT packet with an elliptic curve key exchange results in a KEXDH_INIT message. N) r&r rrr%rErGrrCr"rArrrYs r0 test_KEXINITz+ClientSSHTransportECDHBaseCase.test_KEXINIT s -1,=,=+> (  4 4 67  LL,,IIdjj;;DJJ._cbTestKEXDH_REPLY rRr/rSrUs` @r0rWz/ClientSSHTransportECDHBaseCase.test_KEXDH_REPLY sV261G1G1I.y+ A JJ + +K&))I:N,N O ()r/cj\}}}jj|tjdz}|j fdS)rrrgcBjtjSrrirjs r0rszWClientSSHTransportECDHBaseCase.test_disconnectKEXDH_REPLYBadSignature.. rlr/rSrms` r0rnzEClientSSHTransportECDHBaseCase.test_disconnectKEXDH_REPLYBadSignature ror/N)r+r,r-rorrLrWrnr.r/r0rr s $"WH   r/rceZdZdZy)ClientSSHTransportECDHTestsz: ecdh-sha2-nistp256 tests for SSHClientTransport. NrNr.r/r0rr rOr/rceZdZdZy)'ClientSSHTransportCurve25519SHA256Testsz9 curve25519-sha256 tests for SSHClientTransport. NrNr.r/r0rr rWr/rcNeZdZdZereZdZdZdZdZ dZ dZ dZ d Z d Zy ) GetMACTestsz* Tests for L{SSHCiphers._getMAC}. c>tjdddd|_y)Nrrhrr)r%rrrYs r0rzGetMACTests.setUp s ++D$dC r/ctdS)z Generate a new shared secret to be used with the tests. @return: A new secret. @rtype: L{bytes} @rrYs r0getSharedSecretzGetMACTests.getSharedSecret sb!!r/cB|j}|jj||}|d|d|zz}tdt |D}tdt |D} |j ||| |f||j ||j y)a Check that when L{SSHCiphers._getMAC} is called with a supportd HMAC algorithm name it returns a tuple of (digest object, inner pad, outer pad, digest size) with a C{key} attribute set to the value of the key supplied. @param hmacName: Identifier of HMAC algorithm. @type hmacName: L{bytes} @param hashProcessor: Callable for the hash algorithm. @type hashProcessor: C{callable} @param digestSize: Size of the digest for algorithm. @type digestSize: L{int} @param blockPadSize: Size of padding applied to the shared secret to match the block size. @type blockPadSize: L{int} Nr9c38K|]}t|dz yw)6Nr_rbs r0rz+GetMACTests.assertGetMAC.. ?1Q$?c38K|]}t|dz yw)\Nrrs r0rz+GetMACTests.assertGetMAC.. rr)rr_getMACrrrGr) r?hmacNamer' digestSize blockPadSizesecretparamsrinnerPadouterPads r0 assertGetMACzGetMACTests.assertGetMAC s(%%'%%h7[j!Gl$::? #??? #?? -8ZH&Q fjj)r/c6|jdtddy)a When L{SSHCiphers._getMAC} is called with the C{b"hmac-sha2-512"} MAC algorithm name it returns a tuple of (sha512 digest object, inner pad, outer pad, sha512 digest size) with a C{key} attribute set to the value of the key supplied. s hmac-sha2-512rrrN)rrrYs r0test_hmacsha2512zGetMACTests.test_hmacsha2512  *FrPRSr/c6|jdtddy)a When L{SSHCiphers._getMAC} is called with the C{b"hmac-sha2-384"} MAC algorithm name it returns a tuple of (sha384 digest object, inner pad, outer pad, sha384 digest size) with a C{key} attribute set to the value of the key supplied. s hmac-sha2-3840PrN)rrrYs r0test_hmacsha2384zGetMACTests.test_hmacsha2384) rr/c6|jdtddy)a When L{SSHCiphers._getMAC} is called with the C{b"hmac-sha2-256"} MAC algorithm name it returns a tuple of (sha256 digest object, inner pad, outer pad, sha256 digest size) with a C{key} attribute set to the value of the key supplied. s hmac-sha2-256 rN)rrrYs r0test_hmacsha2256zGetMACTests.test_hmacsha22562 rr/c6|jdtddy)a  When L{SSHCiphers._getMAC} is called with the C{b"hmac-sha1"} MAC algorithm name it returns a tuple of (sha1 digest object, inner pad, outer pad, sha1 digest size) with a C{key} attribute set to the value of the key supplied. r7,rN)rrrYs r0 test_hmacsha1zGetMACTests.test_hmacsha1; s ,"Mr/c6|jdtddy)a When L{SSHCiphers._getMAC} is called with the C{b"hmac-md5"} MAC algorithm name it returns a tuple of (md5 digest object, inner pad, outer pad, md5 digest size) with a C{key} attribute set to the value of the key supplied. rrrrN)rrrYs r0 test_hmacmd5zGetMACTests.test_hmacmd5D s +srKr/c|j}|jjd|}|jd|y)z When L{SSHCiphers._getMAC} is called with the C{b"none"} MAC algorithm name it returns a tuple of (None, "", "", 0). r8)Nr/r/rN)rrrrG)r?rrs r0 test_nonezGetMACTests.test_noneM s9 ""$%%gs3 ,f5r/N)r+r,r-rorrErrrrrrrrrr.r/r0rr sDD"*<TTTNL 6r/rc6eZdZdZereZdZdZdZdZ dZ y)SSHCiphersTestsz0 Tests for the SSHCiphers helper class. ctjdddd}|j|jd|j|jd|j|j d|j|j dy)zJ Test that the initializer sets up the SSHCiphers object. rrhrrN)r%rrGrrrr)r?rs r0 test_initzSSHCiphersTests.test_inita sr&&tT4> ++T2 **D1 ++T2 **D1r/c2tjdddd}dx}}|jjD]^\}\}}}|j |||}|dk(r!|j |tj C|j |j|`y)zM Test that the _getCipher method returns the correct cipher. rrhrrrr8N)r%r cipherMaprrassertIsInstance _DummyCipher algorithm) r?rrrralgClasskeySizecountercips r0test_getCipherzSSHCiphersTests.test_getCipherk s&&tT4>S5<5F5F5L5L5N ? 1G1h$$Wb#6C'!%%c9+A+AB%%cmmX>  ?r/c d}tjjD]}tjj|\}}}tj|ddd}tjd|dd}|j |||}|j jdz} |j||dddd|jdd||dd|j|j| |j|j| |j} | j|d| } | j|d| } |j|j|d| | |j|j|d| | |j|j| |d| |j|j| |d| y)z8 Test that setKeys sets up the ciphers. @r8rr/N)r%r1rrrrr block_sizerrGryr encryptorrr|r) r?rrmodNamerr encCipher decCipherrbsrencenc2s r0test_setKeysCiphersz#SSHCiphersTests.test_setKeysCiphersx s 11BB @G(1(<(<(F(Fw(O %GWg!,,WgwPI!,,WgwPI&&wS9C))Q.B   c3S#s ;   c3S#s ;   Y33R 8   Y33R 8 I""3s8,C##CH-D   Y..s3Bx8# >   Y..s3Bx8$ ?   Y..s3S"X >   Y..t4c#2h ?! @r/c d}tjjjD]/\}}tjdd|d}tjddd|}|j dddd|d|j ddddd||r|j }nd}|j |j||r|j||\}}}}d} |} d|z} |r1||| zjzj} nd} |j |j| | | |j|j| | | 2y)z5 Test that setKeys sets up the MACs. rr8r/rr:N) r%rmacMaprr digest_sizerGrrrErrVr) r?rmacNamemodoutMacinMacdsioseqidrrmmacs r0test_setKeysMACsz SSHCiphersTests.test_setKeysMACs sH%0077==? >@   V^^E48# > OOELLc: ;) LNrzFailed HMAC test vector; key=z data=) r%rrrstructunpackrGr,r-r)r?vectorsrrrrr shorteneds r0 test_makeMACzSSHCiphersTests.test_makeMAC s  & NCs))'7KQF"NN;jj||fSrr^)codedescservers r0rsz9TransportLoopbackTests._runClientServer.. 1E1EtTl1Sr/c,tjdSr)rr.)rLrMs r0rsz9TransportLoopbackTests._runClientServer.. sEMM$,?r/c>jj||fSrr^)r rclients r0rsz9TransportLoopbackTests._runClientServer.. rr/c$jSr)r)rsr0rsz9TransportLoopbackTests._runClientServer.. s&*?*?*Ar/cjt|jd|jd|jd|jdg}j |j gj |j tjdfg|jddk(rAj|j|j|j|n@j|j|j|j||jddk(rAj|j|j|j|yj|j|j|j|y)Nrsuser closed connectionr8) reprrrrrrGrTr%r rTrrVr)ignoredrrrr?s r0checkz6TransportLoopbackTests._runClientServer..check so++A.((+003003 D   V]]B /    668QRS &&q)W4  !3!3!5t<  !3!3!5t< 2 2 4d; 2 2 4d;##A&'1  !2!2!4d;  !2!2!4d; 1 1 3T: 1 1 3T:r/)rr%r5r#rrTrbr8r1r<listrr$rr loopbackAsyncr=)r?rr#rr@rrs` @@r0_runClientServerz'TransportLoopbackTests._runClientServer s---/  S--/? S"A%)&..*F*F*H*M*M*O%P"VV ;6  " "66 2 eVV,r/cg}tjjdgzD]'fd}|j|j |)t j |dS)z{ Test that the client and server play nicely together, in all the various combinations of ciphers. r8cg|_|Srrs)r ciphers r0 setCipherz6TransportLoopbackTests.test_ciphers..setCipher s*0& r/TfireOnOneErrback)r%r1rr_rr DeferredList)r? deferredsrrs @r0 test_ciphersz#TransportLoopbackTests.test_ciphers sa  00AAWIM ?F    T229= >  ?!!)dCCr/cg}tjjdgzD]'fd}|j|j |)t j |dS)z> Like test_ciphers, but for the various MACs. r8cg|_|Srrx)r rs r0setMACz0TransportLoopbackTests.test_macs..setMAC s'*e# r/Tr )r%r1rr_rrr")r?r#r'rs @r0 test_macsz TransportLoopbackTests.test_macs sa --;;wiG .setKeyExchange) s/;n+ r/Tr )r%r1rr_rrr")r?r#r+r&s @r0test_keyexchangesz(TransportLoopbackTests.test_keyexchanges" s\ %66LL DL    T22>B C  D!!)dCCr/cg}tjjD]'fd}|j|j |)t j |dS)zF Like test_ciphers, but for the various compressions. cg|_|Srrn)r  compressions r0setCompressionz@TransportLoopbackTests.test_compressions..setCompression7 s/:m+ r/Tr )r%r1rr_rrr")r?r#r0r/s @r0test_compressionsz(TransportLoopbackTests.test_compressions0 s\ $55KK DK    T22>B C  D!!)dCCr/N) r+r,r-rorrErr$r(r,r1r.r/r0r r  s/5n D D D Dr/r )mror,rBrLrr hashlibrrrrrtypingrr r r r twistedr rHtwisted.conch.errorrtwisted.conch.sshrrrtwisted.internetrtwisted.protocolsrtwisted.pythonrtwisted.python.compatrtwisted.python.randbytesrtwisted.python.reflectr twisted.testrtwisted.trial.unittestrrstrr"rcryptography.exceptionsrcryptography.hazmat.backendsrcryptography.hazmat.primitivesr)cryptography.hazmat.primitives.asymmetricr r!r"r#r$r%twisted.conch.testr&x25519_supportedrDrHrOr1rQrqr SSHServicerr<rrrrrr$r)r-r0r2r4r=rMrQrTrVrYrrrrrrr#r%r'r5rrrrrrrrr r.r/r0rGsa  55442*44"&$+30&+^,  N<<<@BB*&(99; 9  #B% 22B%J>@>@B   0'$$ 0F(1'$$(1V {    (:9:9zJJr ;46Gr ;jT.FT&+-EGX++Y8I+-BDUb b J!D$yK8:KyKx m 0Jm `--1 %?1 h"I/@"$9;L6!D64z/8:Kz/z _I0J_ID--S %?S l"I/@"$9;Lh6(h6VjhjZvDXvDr/