From 5b203b267f9869f2bd6e3ed17dcdaafa1fa227d3 Mon Sep 17 00:00:00 2001
From: Ryan Van Gilder <rvangild@ciena.com>
Date: Sat, 20 Jul 2019 10:32:32 -0700
Subject: [PATCH] Merge ryban:8258-ryban-hmac-sha2-512-fix: Fix SSH not
 generating correct keys when using hmac-sha2-512 with SHA1 based KEX
 algorithms

Author: ryban, jamohamm
Reviewer: hawkowl
Fixes: ticket:8258
---
 src/twisted/conch/ssh/transport.py       | 4 +++-
 src/twisted/conch/test/test_transport.py | 5 ++++-
 src/twisted/newsfragments/8258.bugfix    | 1 +
 3 files changed, 8 insertions(+), 2 deletions(-)
 create mode 100644 src/twisted/newsfragments/8258.bugfix

diff --git a/src/twisted/conch/ssh/transport.py b/src/twisted/conch/ssh/transport.py
index 0028707c9a8..bd76b0a8459 100644
--- a/src/twisted/conch/ssh/transport.py
+++ b/src/twisted/conch/ssh/transport.py
@@ -1063,7 +1063,9 @@ def _getKey(self, c, sharedSecret, exchangeHash):
         k1 = hashProcessor(sharedSecret + exchangeHash + c + self.sessionID)
         k1 = k1.digest()
         k2 = hashProcessor(sharedSecret + exchangeHash + k1).digest()
-        return k1 + k2
+        k3 = hashProcessor(sharedSecret + exchangeHash + k1 + k2).digest()
+        k4 = hashProcessor(sharedSecret + exchangeHash + k1 + k2 + k3).digest()
+        return k1 + k2 + k3 + k4
 
 
     def _keySetup(self, sharedSecret, exchangeHash):
diff --git a/src/twisted/conch/test/test_transport.py b/src/twisted/conch/test/test_transport.py
index dbc2ec9bc00..98a3515a759 100644
--- a/src/twisted/conch/test/test_transport.py
+++ b/src/twisted/conch/test/test_transport.py
@@ -1238,7 +1238,10 @@ def test_getKey(self):
         k1 = self.hashProcessor(
             b'AB' + b'CD' + b'K' + self.proto.sessionID).digest()
         k2 = self.hashProcessor(b'ABCD' + k1).digest()
-        self.assertEqual(self.proto._getKey(b'K', b'AB', b'CD'), k1 + k2)
+        k3 = self.hashProcessor(b'ABCD' + k1 + k2).digest()
+        k4 = self.hashProcessor(b'ABCD' + k1 + k2 + k3).digest()
+        self.assertEqual(
+            self.proto._getKey(b'K', b'AB', b'CD'), k1 + k2 + k3 + k4)
 
 
 
diff --git a/src/twisted/newsfragments/8258.bugfix b/src/twisted/newsfragments/8258.bugfix
new file mode 100644
index 00000000000..f0af8f4196c
--- /dev/null
+++ b/src/twisted/newsfragments/8258.bugfix
@@ -0,0 +1 @@
+twisted.conch.ssh now generates correct keys when using hmac-sha2-512 with SHA1 based KEX algorithms.