#include <ne7ssh_kex.h>
Public Member Functions | |
ne7ssh_kex (ne7ssh_session *_session) | |
~ne7ssh_kex () | |
bool | sendInit () |
bool | handleInit () |
bool | sendKexDHInit () |
bool | handleKexDHReply () |
bool | sendKexNewKeys () |
Private Member Functions | |
void | constructLocalKex () |
void | makeH (Botan::SecureVector< Botan::byte > &hVector) |
Private Attributes | |
ne7ssh_session * | session |
ne7ssh_string | localKex |
ne7ssh_string | remotKex |
ne7ssh_string | hostKey |
ne7ssh_string | e |
ne7ssh_string | f |
ne7ssh_string | k |
Botan::SecureVector< Botan::byte > | Ciphers |
Botan::SecureVector< Botan::byte > | Hmacs |
ne7ssh_kex::ne7ssh_kex | ( | ne7ssh_session * | _session | ) |
ne7ssh_kex class constructor.
_session | Pointer to ne7ssh_session variable. |
ne7ssh_kex::~ne7ssh_kex | ( | ) |
ne7ssh_kex class destructor.
void ne7ssh_kex::constructLocalKex | ( | ) | [private] |
Constructs local 'KEX_INIT' payload
References ne7ssh_string::addBytes(), ne7ssh_string::addChar(), ne7ssh_string::addInt(), ne7ssh_string::addString(), ne7ssh_string::addVectorField(), ne7ssh_string::clear(), ne7ssh_string::nextPart(), ne7ssh_string::resetParts(), ne7ssh_string::split(), and ne7ssh_string::value().
Referenced by sendInit().
bool ne7ssh_kex::handleInit | ( | ) |
After sendInit() function returnes true, this functions is used to parse the received 'KEX_INIT' packet.
Used to agree on cipher, hmac, etc. algorithms used in communication between client and server.
References ne7ssh_string::addBytes(), ne7ssh_crypt::agree(), ne7ssh_string::clear(), ne7ssh::errors(), ne7ssh_transport::getPacket(), ne7ssh_session::getSshChannel(), ne7ssh_string::getString(), ne7ssh_crypt::negotiatedCmprsC2s(), ne7ssh_crypt::negotiatedCmprsS2c(), ne7ssh_crypt::negotiatedCryptoC2s(), ne7ssh_crypt::negotiatedCryptoS2c(), ne7ssh_crypt::negotiatedHostkey(), ne7ssh_crypt::negotiatedKex(), ne7ssh_crypt::negotiatedMacC2s(), ne7ssh_crypt::negotiatedMacS2c(), and Ne7sshError::push().
Referenced by ne7ssh_connection::connectWithKey(), and ne7ssh_connection::connectWithPassword().
bool ne7ssh_kex::handleKexDHReply | ( | ) |
After sendKexDHInit() returns true, this function is used to handle the received 'KEXDH_REPLY'.
This is the function to create the shared secret K. It also extracts the host key and signature fields from the payload, generates DSA/RSA keys, and verifies the signature.
References ne7ssh_string::addVector(), ne7ssh_string::bn2vector(), ne7ssh_string::clear(), ne7ssh_string::getBigInt(), ne7ssh_transport::getPacket(), ne7ssh_string::getString(), ne7ssh_crypt::isInited(), makeH(), ne7ssh_crypt::makeKexSecret(), ne7ssh_session::setSessionID(), ne7ssh_string::value(), and ne7ssh_crypt::verifySig().
Referenced by ne7ssh_connection::connectWithKey(), and ne7ssh_connection::connectWithPassword().
void ne7ssh_kex::makeH | ( | Botan::SecureVector< Botan::byte > & | hVector | ) | [private] |
Computes H hash, from concated values of the local SSH version string, remote SSH version string, local KEX_INIT payload, remote KEX_INIT payload, host key, e, f and k BigInt values.
hVector | Reference to a vecor where H value will be stored. |
References ne7ssh_string::addVectorField(), ne7ssh_crypt::computeH(), ne7ssh_session::getLocalVersion(), ne7ssh_session::getRemoteVersion(), and ne7ssh_string::value().
Referenced by handleKexDHReply().
bool ne7ssh_kex::sendInit | ( | ) |
Sends 'KEX_INIT' packet and waits for 'KEX_INIT' reply.
References constructLocalKex(), ne7ssh::errors(), ne7ssh_session::getSshChannel(), Ne7sshError::push(), ne7ssh_transport::sendPacket(), ne7ssh_string::value(), and ne7ssh_transport::waitForPacket().
Referenced by ne7ssh_connection::connectWithKey(), and ne7ssh_connection::connectWithPassword().
bool ne7ssh_kex::sendKexDHInit | ( | ) |
Sends 'KEXDH_INIT' packet and waits for 'KEXDH_REPLY'.
References ne7ssh_string::addBigInt(), ne7ssh_string::addChar(), ne7ssh_string::addVector(), ne7ssh_string::bn2vector(), ne7ssh_string::clear(), ne7ssh::errors(), ne7ssh_crypt::getKexPublic(), ne7ssh_session::getSshChannel(), Ne7sshError::push(), ne7ssh_transport::sendPacket(), ne7ssh_string::value(), and ne7ssh_transport::waitForPacket().
Referenced by ne7ssh_connection::connectWithKey(), and ne7ssh_connection::connectWithPassword().
bool ne7ssh_kex::sendKexNewKeys | ( | ) |
This function waits for 'NEWKEYS' packet from the remote host.
Once the packet is received, local 'NEWKEYS' packet is sent, all encryption and hmac keys are generated and encrypted communication is established.
References ne7ssh_string::addChar(), ne7ssh::errors(), ne7ssh_session::getSshChannel(), ne7ssh_crypt::makeNewKeys(), Ne7sshError::push(), ne7ssh_transport::sendPacket(), ne7ssh_string::value(), and ne7ssh_transport::waitForPacket().
Referenced by ne7ssh_connection::connectWithKey(), and ne7ssh_connection::connectWithPassword().