33 #include "libssh/wrapper.h" 42 #ifdef HAVE_OPENSSL_ECDH_H 43 #include <openssl/ecdh.h> 45 #include "libssh/ecdh.h" 46 #include "libssh/kex.h" 47 #include "libssh/curve25519.h" 49 #define DIGEST_MAX_LEN 64 51 enum ssh_key_exchange_e {
53 SSH_KEX_DH_GROUP1_SHA1=1,
55 SSH_KEX_DH_GROUP14_SHA1,
57 SSH_KEX_ECDH_SHA2_NISTP256,
59 SSH_KEX_ECDH_SHA2_NISTP384,
61 SSH_KEX_ECDH_SHA2_NISTP521,
63 SSH_KEX_CURVE25519_SHA256_LIBSSH_ORG,
65 SSH_KEX_CURVE25519_SHA256
80 struct ssh_crypto_struct {
83 #ifdef HAVE_OPENSSL_ECC 85 #elif defined HAVE_GCRYPT_ECC 86 gcry_sexp_t ecdh_privkey;
87 #elif defined HAVE_LIBMBEDCRYPTO 88 mbedtls_ecp_keypair *ecdh_privkey;
90 ssh_string ecdh_client_pubkey;
91 ssh_string ecdh_server_pubkey;
93 #ifdef HAVE_CURVE25519 94 ssh_curve25519_privkey curve25519_privkey;
95 ssh_curve25519_pubkey curve25519_client_pubkey;
96 ssh_curve25519_pubkey curve25519_server_pubkey;
98 ssh_string dh_server_signature;
100 unsigned char *session_id;
101 unsigned char *secret_hash;
102 unsigned char *encryptIV;
103 unsigned char *decryptIV;
104 unsigned char *decryptkey;
105 unsigned char *encryptkey;
106 unsigned char *encryptMAC;
107 unsigned char *decryptMAC;
108 unsigned char hmacbuf[DIGEST_MAX_LEN];
109 struct ssh_cipher_struct *in_cipher, *out_cipher;
110 enum ssh_hmac_e in_hmac, out_hmac;
112 ssh_key server_pubkey;
115 int delayed_compress_in;
116 int delayed_compress_out;
117 void *compress_out_ctx;
118 void *compress_in_ctx;
120 struct ssh_kex_struct server_kex;
121 struct ssh_kex_struct client_kex;
122 char *kex_methods[SSH_KEX_METHODS];
123 enum ssh_key_exchange_e kex_type;
124 enum ssh_mac_e mac_type;
127 struct ssh_cipher_struct {
129 unsigned int blocksize;
130 enum ssh_cipher_e ciphertype;
131 uint32_t lenfield_blocksize;
133 #ifdef HAVE_LIBGCRYPT 134 gcry_cipher_hd_t *key;
135 #elif defined HAVE_LIBCRYPTO 136 struct ssh_3des_key_schedule *des3_key;
137 struct ssh_aes_key_schedule *aes_key;
138 const EVP_CIPHER *cipher;
140 #elif defined HAVE_LIBMBEDCRYPTO 141 mbedtls_cipher_context_t encrypt_ctx;
142 mbedtls_cipher_context_t decrypt_ctx;
143 mbedtls_cipher_type_t type;
145 struct chacha20_poly1305_keysched *chacha20_schedule;
146 unsigned int keysize;
149 int (*set_encrypt_key)(
struct ssh_cipher_struct *cipher,
void *key,
void *IV);
150 int (*set_decrypt_key)(
struct ssh_cipher_struct *cipher,
void *key,
void *IV);
151 void (*encrypt)(
struct ssh_cipher_struct *cipher,
void *in,
void *out,
153 void (*decrypt)(
struct ssh_cipher_struct *cipher,
void *in,
void *out,
155 void (*aead_encrypt)(
struct ssh_cipher_struct *cipher,
void *in,
void *out,
156 size_t len, uint8_t *mac, uint64_t seq);
157 int (*aead_decrypt_length)(
struct ssh_cipher_struct *cipher,
void *in,
158 uint8_t *out,
size_t len, uint64_t seq);
159 int (*aead_decrypt)(
struct ssh_cipher_struct *cipher,
void *complete_packet, uint8_t *out,
160 size_t encrypted_size, uint64_t seq);
161 void (*cleanup)(
struct ssh_cipher_struct *cipher);
164 const struct ssh_cipher_struct *ssh_get_chacha20poly1305_cipher(
void);