| version 1.68, 2015/01/19 20:07:45 |
version 1.69, 2015/01/19 20:16:15 |
|
|
| #include "buffer.h" /* XXX for typedef */ |
#include "buffer.h" /* XXX for typedef */ |
| #include "key.h" /* XXX for typedef */ |
#include "key.h" /* XXX for typedef */ |
| |
|
| |
#ifdef WITH_LEAKMALLOC |
| |
#include "leakmalloc.h" |
| |
#endif |
| |
|
| #define KEX_COOKIE_LEN 16 |
#define KEX_COOKIE_LEN 16 |
| |
|
| #define KEX_DH1 "diffie-hellman-group1-sha1" |
#define KEX_DH1 "diffie-hellman-group1-sha1" |
|
|
| #define COMP_ZLIB 1 |
#define COMP_ZLIB 1 |
| #define COMP_DELAYED 2 |
#define COMP_DELAYED 2 |
| |
|
| |
#define CURVE25519_SIZE 32 |
| |
|
| enum kex_init_proposals { |
enum kex_init_proposals { |
| PROPOSAL_KEX_ALGS, |
PROPOSAL_KEX_ALGS, |
| PROPOSAL_SERVER_HOST_KEY_ALGS, |
PROPOSAL_SERVER_HOST_KEY_ALGS, |
|
|
| |
|
| #define KEX_INIT_SENT 0x0001 |
#define KEX_INIT_SENT 0x0001 |
| |
|
| typedef struct kex Kex; |
|
| typedef struct sshcomp Comp; |
|
| typedef struct sshmac Mac; |
|
| typedef struct sshenc Enc; |
|
| typedef struct newkeys Newkeys; |
|
| |
|
| struct sshenc { |
struct sshenc { |
| char *name; |
char *name; |
| const struct sshcipher *cipher; |
const struct sshcipher *cipher; |
|
|
| struct newkeys { |
struct newkeys { |
| struct sshenc enc; |
struct sshenc enc; |
| struct sshmac mac; |
struct sshmac mac; |
| struct sshcomp comp; |
struct sshcomp comp; |
| }; |
}; |
| |
|
| |
struct ssh; |
| |
|
| struct kex { |
struct kex { |
| u_char *session_id; |
u_char *session_id; |
| size_t session_id_len; |
size_t session_id_len; |
|
|
| int server; |
int server; |
| char *name; |
char *name; |
| int hostkey_type; |
int hostkey_type; |
| int kex_type; |
u_int kex_type; |
| int roaming; |
int roaming; |
| struct sshbuf *my; |
struct sshbuf *my; |
| struct sshbuf *peer; |
struct sshbuf *peer; |
| sig_atomic_t done; |
sig_atomic_t done; |
| int flags; |
u_int flags; |
| int hash_alg; |
int hash_alg; |
| int ec_nid; |
int ec_nid; |
| char *client_version_string; |
char *client_version_string; |
| char *server_version_string; |
char *server_version_string; |
| int (*verify_host_key)(Key *); |
int (*verify_host_key)(struct sshkey *, struct ssh *); |
| Key *(*load_host_public_key)(int); |
struct sshkey *(*load_host_public_key)(int, struct ssh *); |
| Key *(*load_host_private_key)(int); |
struct sshkey *(*load_host_private_key)(int, struct ssh *); |
| int (*host_key_index)(Key *); |
int (*host_key_index)(struct sshkey *, struct ssh *); |
| void (*sign)(Key *, Key *, u_char **, u_int *, u_char *, u_int); |
int (*sign)(struct sshkey *, struct sshkey *, |
| void (*kex[KEX_MAX])(Kex *); |
u_char **, size_t *, u_char *, size_t, u_int); |
| |
int (*kex[KEX_MAX])(struct ssh *); |
| |
/* kex specific state */ |
| |
DH *dh; /* DH */ |
| |
u_int min, max, nbits; /* GEX */ |
| |
EC_KEY *ec_client_key; /* ECDH */ |
| |
const EC_GROUP *ec_group; /* ECDH */ |
| |
u_char c25519_client_key[CURVE25519_SIZE]; /* 25519 */ |
| |
u_char c25519_client_pubkey[CURVE25519_SIZE]; /* 25519 */ |
| }; |
}; |
| |
|
| int kex_names_valid(const char *); |
int kex_names_valid(const char *); |
| char *kex_alg_list(char); |
char *kex_alg_list(char); |
| |
|
| Kex *kex_setup(char *[PROPOSAL_MAX]); |
int kex_new(struct ssh *, char *[PROPOSAL_MAX], struct kex **); |
| void kex_finish(Kex *); |
int kex_setup(struct ssh *, char *[PROPOSAL_MAX]); |
| void kex_free_newkeys(struct newkeys *); |
void kex_free_newkeys(struct newkeys *); |
| |
void kex_free(struct kex *); |
| |
|
| void kex_send_kexinit(Kex *); |
int kex_buf2prop(struct sshbuf *, int *, char ***); |
| |
int kex_prop2buf(struct sshbuf *, char *proposal[PROPOSAL_MAX]); |
| |
void kex_prop_free(char **); |
| |
|
| |
int kex_send_kexinit(struct ssh *); |
| int kex_input_kexinit(int, u_int32_t, void *); |
int kex_input_kexinit(int, u_int32_t, void *); |
| void kex_derive_keys(Kex *, u_char *, u_int, const u_char *, u_int); |
int kex_derive_keys(struct ssh *, u_char *, u_int, const struct sshbuf *); |
| void kex_derive_keys_bn(Kex *, u_char *, u_int, const BIGNUM *); |
int kex_derive_keys_bn(struct ssh *, u_char *, u_int, const BIGNUM *); |
| |
int kex_send_newkeys(struct ssh *); |
| |
|
| void kexdh_client(Kex *); |
int kexdh_client(struct ssh *); |
| void kexdh_server(Kex *); |
int kexdh_server(struct ssh *); |
| void kexgex_client(Kex *); |
int kexgex_client(struct ssh *); |
| void kexgex_server(Kex *); |
int kexgex_server(struct ssh *); |
| void kexecdh_client(Kex *); |
int kexecdh_client(struct ssh *); |
| void kexecdh_server(Kex *); |
int kexecdh_server(struct ssh *); |
| void kexc25519_client(Kex *); |
int kexc25519_client(struct ssh *); |
| void kexc25519_server(Kex *); |
int kexc25519_server(struct ssh *); |
| |
|
| void |
int kex_dh_hash(const char *, const char *, |
| kex_dh_hash(char *, char *, char *, int, char *, int, u_char *, int, |
const u_char *, size_t, const u_char *, size_t, const u_char *, size_t, |
| BIGNUM *, BIGNUM *, BIGNUM *, u_char **, u_int *); |
const BIGNUM *, const BIGNUM *, const BIGNUM *, u_char *, size_t *); |
| void |
|
| kexgex_hash(int, char *, char *, char *, int, char *, |
|
| int, u_char *, int, int, int, int, BIGNUM *, BIGNUM *, BIGNUM *, |
|
| BIGNUM *, BIGNUM *, u_char **, u_int *); |
|
| void |
|
| kex_ecdh_hash(int, const EC_GROUP *, char *, char *, char *, int, |
|
| char *, int, u_char *, int, const EC_POINT *, const EC_POINT *, |
|
| const BIGNUM *, u_char **, u_int *); |
|
| void |
|
| kex_c25519_hash(int, char *, char *, char *, int, |
|
| char *, int, u_char *, int, const u_char *, const u_char *, |
|
| const u_char *, u_int, u_char **, u_int *); |
|
| |
|
| #define CURVE25519_SIZE 32 |
int kexgex_hash(int, const char *, const char *, |
| void kexc25519_keygen(u_char[CURVE25519_SIZE], u_char[CURVE25519_SIZE]) |
const u_char *, size_t, const u_char *, size_t, const u_char *, size_t, |
| |
int, int, int, |
| |
const BIGNUM *, const BIGNUM *, const BIGNUM *, |
| |
const BIGNUM *, const BIGNUM *, |
| |
u_char *, size_t *); |
| |
|
| |
int kex_ecdh_hash(int, const EC_GROUP *, const char *, const char *, |
| |
const u_char *, size_t, const u_char *, size_t, const u_char *, size_t, |
| |
const EC_POINT *, const EC_POINT *, const BIGNUM *, u_char *, size_t *); |
| |
|
| |
int kex_c25519_hash(int, const char *, const char *, const char *, size_t, |
| |
const char *, size_t, const u_char *, size_t, const u_char *, const u_char *, |
| |
const u_char *, size_t, u_char *, size_t *); |
| |
|
| |
void kexc25519_keygen(u_char key[CURVE25519_SIZE], u_char pub[CURVE25519_SIZE]) |
| __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) |
__attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) |
| __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); |
__attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); |
| void kexc25519_shared_key(const u_char key[CURVE25519_SIZE], |
int kexc25519_shared_key(const u_char key[CURVE25519_SIZE], |
| const u_char pub[CURVE25519_SIZE], Buffer *out) |
const u_char pub[CURVE25519_SIZE], struct sshbuf *out) |
| __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) |
__attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) |
| __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); |
__attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); |
| |
|
| void |
int |
| derive_ssh1_session_id(BIGNUM *, BIGNUM *, u_int8_t[8], u_int8_t[16]); |
derive_ssh1_session_id(BIGNUM *, BIGNUM *, u_int8_t[8], u_int8_t[16]); |
| |
|
| #if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) || defined(DEBUG_KEXECDH) |
#if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) || defined(DEBUG_KEXECDH) |
![[BACK]](/icons/back.gif){kind=icon}
Return to kex.h CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh