=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/kex.h,v retrieving revision 1.56 retrieving revision 1.57 diff -u -r1.56 -r1.57 --- src/usr.bin/ssh/kex.h 2013/07/19 07:37:48 1.56 +++ src/usr.bin/ssh/kex.h 2013/11/02 21:59:15 1.57 @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.h,v 1.56 2013/07/19 07:37:48 markus Exp $ */ +/* $OpenBSD: kex.h,v 1.57 2013/11/02 21:59:15 markus Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -40,6 +40,7 @@ #define KEX_ECDH_SHA2_NISTP256 "ecdh-sha2-nistp256" #define KEX_ECDH_SHA2_NISTP384 "ecdh-sha2-nistp384" #define KEX_ECDH_SHA2_NISTP521 "ecdh-sha2-nistp521" +#define KEX_CURVE25519_SHA256 "curve25519-sha256@libssh.org" #define COMP_NONE 0 #define COMP_ZLIB 1 @@ -71,6 +72,7 @@ KEX_DH_GEX_SHA1, KEX_DH_GEX_SHA256, KEX_ECDH_SHA2, + KEX_C25519_SHA256, KEX_MAX }; @@ -158,6 +160,8 @@ void kexgex_server(Kex *); void kexecdh_client(Kex *); void kexecdh_server(Kex *); +void kexc25519_client(Kex *); +void kexc25519_server(Kex *); void kex_dh_hash(char *, char *, char *, int, char *, int, u_char *, int, @@ -170,6 +174,19 @@ kex_ecdh_hash(const EVP_MD *, const EC_GROUP *, char *, char *, char *, int, char *, int, u_char *, int, const EC_POINT *, const EC_POINT *, const BIGNUM *, u_char **, u_int *); +void +kex_c25519_hash(const EVP_MD *, char *, char *, char *, int, + char *, int, u_char *, int, const u_char *, const u_char *, + const BIGNUM *, u_char **, u_int *); + +#define CURVE25519_SIZE 32 +void kexc25519_keygen(u_char[CURVE25519_SIZE], u_char[CURVE25519_SIZE]) + __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) + __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); +BIGNUM *kexc25519_shared_key(const u_char[CURVE25519_SIZE], + const u_char[CURVE25519_SIZE]) + __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) + __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); void derive_ssh1_session_id(BIGNUM *, BIGNUM *, u_int8_t[8], u_int8_t[16]);