summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
Diffstat
-rw-r--r--paramiko/kex_ecdh_nist.py (renamed from paramiko/kex_nistp256.py)14
-rw-r--r--paramiko/kex_nistp384.py9
-rw-r--r--paramiko/kex_nistp521.py9
-rw-r--r--paramiko/transport.py4
-rw-r--r--tests/test_kex.py10
5 files changed, 19 insertions, 27 deletions
diff --git a/paramiko/kex_nistp256.py b/paramiko/kex_ecdh_nist.py
index 6ac7c141..8961dd14 100644
--- a/paramiko/kex_nistp256.py
+++ b/paramiko/kex_ecdh_nist.py
@@ -3,7 +3,7 @@ Ephemeral Elliptic Curve Diffie-Hellman (ECDH) key exchange
RFC 5656, Section 4
"""
-from hashlib import sha256
+from hashlib import sha256, sha384, sha512
from paramiko.message import Message
from paramiko.py3compat import byte_chr, long
from paramiko.ssh_exception import SSHException
@@ -100,3 +100,15 @@ class KexNistp256():
self.transport._set_K_H(K, self.hash_algo(hm.asbytes()).digest())
self.transport._verify_key(K_S, sig)
self.transport._activate_outbound()
+
+
+class KexNistp384(KexNistp256):
+ name = "ecdh-sha2-nistp384"
+ hash_algo = sha384
+ curve = ec.SECP384R1()
+
+
+class KexNistp521(KexNistp256):
+ name = "ecdh-sha2-nistp521"
+ hash_algo = sha512
+ curve = ec.SECP521R1()
diff --git a/paramiko/kex_nistp384.py b/paramiko/kex_nistp384.py
deleted file mode 100644
index cdd23a5e..00000000
--- a/paramiko/kex_nistp384.py
+++ /dev/null
@@ -1,9 +0,0 @@
-from hashlib import sha384
-from paramiko.kex_nistp256 import KexNistp256
-from cryptography.hazmat.primitives.asymmetric import ec
-
-
-class KexNistp384(KexNistp256):
- name = "ecdh-sha2-nistp384"
- hash_algo = sha384
- curve = ec.SECP384R1()
diff --git a/paramiko/kex_nistp521.py b/paramiko/kex_nistp521.py
deleted file mode 100644
index 352fe8c9..00000000
--- a/paramiko/kex_nistp521.py
+++ /dev/null
@@ -1,9 +0,0 @@
-from hashlib import sha512
-from paramiko.kex_nistp256 import KexNistp256
-from cryptography.hazmat.primitives.asymmetric import ec
-
-
-class KexNistp521(KexNistp256):
- name = "ecdh-sha2-nistp521"
- hash_algo = sha512
- curve = ec.SECP521R1()
diff --git a/paramiko/transport.py b/paramiko/transport.py
index 8775e434..6b11dbc7 100644
--- a/paramiko/transport.py
+++ b/paramiko/transport.py
@@ -55,9 +55,7 @@ from paramiko.dsskey import DSSKey
from paramiko.kex_gex import KexGex, KexGexSHA256
from paramiko.kex_group1 import KexGroup1
from paramiko.kex_group14 import KexGroup14
-from paramiko.kex_nistp256 import KexNistp256
-from paramiko.kex_nistp384 import KexNistp384
-from paramiko.kex_nistp521 import KexNistp521
+from paramiko.kex_ecdh_nist import KexNistp256, KexNistp384, KexNistp521
from paramiko.kex_gss import KexGSSGex, KexGSSGroup1, KexGSSGroup14, NullHostKey
from paramiko.message import Message
from paramiko.packet import Packetizer, NeedRekeyException
diff --git a/tests/test_kex.py b/tests/test_kex.py
index 619b2722..b7f588f7 100644
--- a/tests/test_kex.py
+++ b/tests/test_kex.py
@@ -29,7 +29,7 @@ from paramiko.kex_group1 import KexGroup1
from paramiko.kex_gex import KexGex, KexGexSHA256
from paramiko import Message
from paramiko.common import byte_chr
-from paramiko.kex_nistp256 import KexNistp256
+from paramiko.kex_ecdh_nist import KexNistp256
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives.asymmetric import ec
@@ -391,7 +391,7 @@ class KexTest (unittest.TestCase):
transport.server_mode = False
kex = KexNistp256(transport)
kex.start_kex()
- self.assertEqual((paramiko.kex_nistp256._MSG_KEXECDH_REPLY,), transport._expect)
+ self.assertEqual((paramiko.kex_ecdh_nist._MSG_KEXECDH_REPLY,), transport._expect)
#fake reply
msg = Message()
@@ -400,7 +400,7 @@ class KexTest (unittest.TestCase):
msg.add_string(Q_S)
msg.add_string('fake-sig')
msg.rewind()
- kex.parse_next(paramiko.kex_nistp256._MSG_KEXECDH_REPLY, msg)
+ kex.parse_next(paramiko.kex_ecdh_nist._MSG_KEXECDH_REPLY, msg)
H = b'BAF7CE243A836037EB5D2221420F35C02B9AB6C957FE3BDE3369307B9612570A'
self.assertEqual(K, kex.transport._K)
self.assertEqual(H, hexlify(transport._H).upper())
@@ -413,7 +413,7 @@ class KexTest (unittest.TestCase):
transport.server_mode = True
kex = KexNistp256(transport)
kex.start_kex()
- self.assertEqual((paramiko.kex_nistp256._MSG_KEXECDH_INIT,), transport._expect)
+ self.assertEqual((paramiko.kex_ecdh_nist._MSG_KEXECDH_INIT,), transport._expect)
#fake init
msg=Message()
@@ -421,7 +421,7 @@ class KexTest (unittest.TestCase):
H = b'2EF4957AFD530DD3F05DBEABF68D724FACC060974DA9704F2AEE4C3DE861E7CA'
msg.add_string(Q_C)
msg.rewind()
- kex.parse_next(paramiko.kex_nistp256._MSG_KEXECDH_INIT, msg)
+ kex.parse_next(paramiko.kex_ecdh_nist._MSG_KEXECDH_INIT, msg)
self.assertEqual(K, transport._K)
self.assertTrue(transport._activated)
self.assertEqual(H, hexlify(transport._H).upper())
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-15 12:49:31 +0000