class documentation

SSHCiphers represents all the encryption operations that need to occur to encrypt and authenticate the SSH connection.

Method __init__ Undocumented
Method decrypt Decrypt some data.
Method encrypt Encrypt some data.
Method makeMAC Create a message authentication code (MAC) for the given packet using the outgoing MAC values.
Method setKeys Set up the ciphers and hashes using the given keys,
Method verify Verify an incoming MAC using the incoming MAC values.
Class Variable cipherMap A dictionary mapping SSH encryption names to 3-tuples of (<cryptography.hazmat.primitives.interfaces.CipherAlgorithm>, <block size>, <cryptography.hazmat.primitives.interfaces.Mode>)
Class Variable macMap A dictionary mapping SSH MAC names to hash modules.
Instance Variable decBlockSize the block size of the incoming cipher.
Instance Variable decryptor Undocumented
Instance Variable encBlockSize the block size of the outgoing cipher.
Instance Variable encryptor Undocumented
Instance Variable inCipType the string type of the incoming cipher.
Instance Variable inMAc see outMAC, but for the incoming MAC.
Instance Variable inMAC Undocumented
Instance Variable inMACType the string type of the incoming MAC.
Instance Variable outCipType the string type of the outgoing cipher.
Instance Variable outMAC a tuple of (<hash module>, <inner key>, <outer key>, <digest size>) representing the outgoing MAC.
Instance Variable outMACType the string type of the incoming MAC.
Instance Variable verifyDigestSize the size of the incoming MAC.
Method _getCipher Creates an initialized cipher object.
Method _getMAC Gets a 4-tuple representing the message authentication code. (<hash module>, <inner hash value>, <outer hash value>, <digest size>)
def __init__(self, outCip, inCip, outMac, inMac): (source)

Undocumented

def decrypt(self, blocks): (source)

Decrypt some data.

Parameters
blocks:bytesThe data to decrypt.
Returns
bytesThe decrypted data.
def encrypt(self, blocks): (source)

Encrypt some data.

Parameters
blocks:bytesThe data to encrypt.
Returns
bytesThe encrypted data.
def makeMAC(self, seqid, data): (source)

Create a message authentication code (MAC) for the given packet using the outgoing MAC values.

Parameters
seqid:intThe sequence ID of the outgoing packet.
data:bytesThe data to create a MAC for.
Returns
strThe serialized MAC.
def setKeys(self, outIV, outKey, inIV, inKey, outInteg, inInteg): (source)

Set up the ciphers and hashes using the given keys,

Parameters
outIVthe outgoing initialization vector
outKeythe outgoing encryption key
inIVthe incoming initialization vector
inKeythe incoming encryption key
outIntegthe outgoing integrity key
inIntegthe incoming integrity key.
def verify(self, seqid, data, mac): (source)

Verify an incoming MAC using the incoming MAC values.

Parameters
seqid:intThe sequence ID of the incoming packet.
data:bytesThe packet data to verify.
mac:bytesThe MAC sent with the packet.
Returns
boolTrue if the MAC is valid.
cipherMap = (source)

A dictionary mapping SSH encryption names to 3-tuples of (<cryptography.hazmat.primitives.interfaces.CipherAlgorithm>, <block size>, <cryptography.hazmat.primitives.interfaces.Mode>)

A dictionary mapping SSH MAC names to hash modules.

decBlockSize = (source)

the block size of the incoming cipher.

decryptor = (source)

Undocumented

encBlockSize = (source)

the block size of the outgoing cipher.

encryptor = (source)

Undocumented

inCipType = (source)

the string type of the incoming cipher.

see outMAC, but for the incoming MAC.

Undocumented

inMACType = (source)

the string type of the incoming MAC.

outCipType = (source)

the string type of the outgoing cipher.

a tuple of (<hash module>, <inner key>, <outer key>, <digest size>) representing the outgoing MAC.

outMACType = (source)

the string type of the incoming MAC.

verifyDigestSize = (source)

the size of the incoming MAC.

def _getCipher(self, cip, iv, key): (source)

Creates an initialized cipher object.

Parameters
cipthe name of the cipher, maps into cipherMap
ivthe initialzation vector
keythe encryption key
Returns
the cipher object.
def _getMAC(self, mac: bytes, key: bytes) -> tuple[None, Literal[b''], Literal[b''], Literal[0]]|_MACParams: (source)

Gets a 4-tuple representing the message authentication code. (<hash module>, <inner hash value>, <outer hash value>, <digest size>)

Parameters
mac:bytesa key mapping into macMap
key:bytesthe MAC key.
Returns
bytesThe MAC components.