diff options
author | Colin Watson <cjwatson@debian.org> | 2014-02-10 00:18:28 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2014-02-10 00:18:28 +0000 |
commit | 9a975a9faed7c4f334e8c8490db3e77e102f2b21 (patch) | |
tree | 764a885ec9a963f6a8b15de6e1765f16b9ac4738 /kex.h | |
parent | ee196dab7c5f97f0b80c8099343a375bead92010 (diff) | |
parent | cdb6c90811caa5df2df856be9b0b16db020fe31d (diff) |
Import openssh_6.5p1.orig.tar.gz
Diffstat (limited to 'kex.h')
-rw-r--r-- | kex.h | 31 |
1 files changed, 25 insertions, 6 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kex.h,v 1.56 2013/07/19 07:37:48 markus Exp $ */ | 1 | /* $OpenBSD: kex.h,v 1.61 2014/01/25 10:12:50 dtucker Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
@@ -43,6 +43,7 @@ | |||
43 | #define KEX_ECDH_SHA2_NISTP256 "ecdh-sha2-nistp256" | 43 | #define KEX_ECDH_SHA2_NISTP256 "ecdh-sha2-nistp256" |
44 | #define KEX_ECDH_SHA2_NISTP384 "ecdh-sha2-nistp384" | 44 | #define KEX_ECDH_SHA2_NISTP384 "ecdh-sha2-nistp384" |
45 | #define KEX_ECDH_SHA2_NISTP521 "ecdh-sha2-nistp521" | 45 | #define KEX_ECDH_SHA2_NISTP521 "ecdh-sha2-nistp521" |
46 | #define KEX_CURVE25519_SHA256 "curve25519-sha256@libssh.org" | ||
46 | 47 | ||
47 | #define COMP_NONE 0 | 48 | #define COMP_NONE 0 |
48 | #define COMP_ZLIB 1 | 49 | #define COMP_ZLIB 1 |
@@ -74,6 +75,7 @@ enum kex_exchange { | |||
74 | KEX_DH_GEX_SHA1, | 75 | KEX_DH_GEX_SHA1, |
75 | KEX_DH_GEX_SHA256, | 76 | KEX_DH_GEX_SHA256, |
76 | KEX_ECDH_SHA2, | 77 | KEX_ECDH_SHA2, |
78 | KEX_C25519_SHA256, | ||
77 | KEX_MAX | 79 | KEX_MAX |
78 | }; | 80 | }; |
79 | 81 | ||
@@ -122,6 +124,7 @@ struct Kex { | |||
122 | u_int session_id_len; | 124 | u_int session_id_len; |
123 | Newkeys *newkeys[MODE_MAX]; | 125 | Newkeys *newkeys[MODE_MAX]; |
124 | u_int we_need; | 126 | u_int we_need; |
127 | u_int dh_need; | ||
125 | int server; | 128 | int server; |
126 | char *name; | 129 | char *name; |
127 | int hostkey_type; | 130 | int hostkey_type; |
@@ -131,7 +134,7 @@ struct Kex { | |||
131 | Buffer peer; | 134 | Buffer peer; |
132 | sig_atomic_t done; | 135 | sig_atomic_t done; |
133 | int flags; | 136 | int flags; |
134 | const EVP_MD *evp_md; | 137 | int hash_alg; |
135 | int ec_nid; | 138 | int ec_nid; |
136 | char *client_version_string; | 139 | char *client_version_string; |
137 | char *server_version_string; | 140 | char *server_version_string; |
@@ -144,14 +147,15 @@ struct Kex { | |||
144 | }; | 147 | }; |
145 | 148 | ||
146 | int kex_names_valid(const char *); | 149 | int kex_names_valid(const char *); |
147 | char *kex_alg_list(void); | 150 | char *kex_alg_list(char); |
148 | 151 | ||
149 | Kex *kex_setup(char *[PROPOSAL_MAX]); | 152 | Kex *kex_setup(char *[PROPOSAL_MAX]); |
150 | void kex_finish(Kex *); | 153 | void kex_finish(Kex *); |
151 | 154 | ||
152 | void kex_send_kexinit(Kex *); | 155 | void kex_send_kexinit(Kex *); |
153 | void kex_input_kexinit(int, u_int32_t, void *); | 156 | void kex_input_kexinit(int, u_int32_t, void *); |
154 | void kex_derive_keys(Kex *, u_char *, u_int, BIGNUM *); | 157 | void kex_derive_keys(Kex *, u_char *, u_int, const u_char *, u_int); |
158 | void kex_derive_keys_bn(Kex *, u_char *, u_int, const BIGNUM *); | ||
155 | 159 | ||
156 | Newkeys *kex_get_newkeys(int); | 160 | Newkeys *kex_get_newkeys(int); |
157 | 161 | ||
@@ -161,20 +165,35 @@ void kexgex_client(Kex *); | |||
161 | void kexgex_server(Kex *); | 165 | void kexgex_server(Kex *); |
162 | void kexecdh_client(Kex *); | 166 | void kexecdh_client(Kex *); |
163 | void kexecdh_server(Kex *); | 167 | void kexecdh_server(Kex *); |
168 | void kexc25519_client(Kex *); | ||
169 | void kexc25519_server(Kex *); | ||
164 | 170 | ||
165 | void | 171 | void |
166 | kex_dh_hash(char *, char *, char *, int, char *, int, u_char *, int, | 172 | kex_dh_hash(char *, char *, char *, int, char *, int, u_char *, int, |
167 | BIGNUM *, BIGNUM *, BIGNUM *, u_char **, u_int *); | 173 | BIGNUM *, BIGNUM *, BIGNUM *, u_char **, u_int *); |
168 | void | 174 | void |
169 | kexgex_hash(const EVP_MD *, char *, char *, char *, int, char *, | 175 | kexgex_hash(int, char *, char *, char *, int, char *, |
170 | int, u_char *, int, int, int, int, BIGNUM *, BIGNUM *, BIGNUM *, | 176 | int, u_char *, int, int, int, int, BIGNUM *, BIGNUM *, BIGNUM *, |
171 | BIGNUM *, BIGNUM *, u_char **, u_int *); | 177 | BIGNUM *, BIGNUM *, u_char **, u_int *); |
172 | #ifdef OPENSSL_HAS_ECC | 178 | #ifdef OPENSSL_HAS_ECC |
173 | void | 179 | void |
174 | kex_ecdh_hash(const EVP_MD *, const EC_GROUP *, char *, char *, char *, int, | 180 | kex_ecdh_hash(int, const EC_GROUP *, char *, char *, char *, int, |
175 | char *, int, u_char *, int, const EC_POINT *, const EC_POINT *, | 181 | char *, int, u_char *, int, const EC_POINT *, const EC_POINT *, |
176 | const BIGNUM *, u_char **, u_int *); | 182 | const BIGNUM *, u_char **, u_int *); |
177 | #endif | 183 | #endif |
184 | void | ||
185 | kex_c25519_hash(int, char *, char *, char *, int, | ||
186 | char *, int, u_char *, int, const u_char *, const u_char *, | ||
187 | const u_char *, u_int, u_char **, u_int *); | ||
188 | |||
189 | #define CURVE25519_SIZE 32 | ||
190 | void kexc25519_keygen(u_char[CURVE25519_SIZE], u_char[CURVE25519_SIZE]) | ||
191 | __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) | ||
192 | __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); | ||
193 | void kexc25519_shared_key(const u_char key[CURVE25519_SIZE], | ||
194 | const u_char pub[CURVE25519_SIZE], Buffer *out) | ||
195 | __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) | ||
196 | __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); | ||
178 | 197 | ||
179 | void | 198 | void |
180 | derive_ssh1_session_id(BIGNUM *, BIGNUM *, u_int8_t[8], u_int8_t[16]); | 199 | derive_ssh1_session_id(BIGNUM *, BIGNUM *, u_int8_t[8], u_int8_t[16]); |