diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2016-05-02 10:26:04 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2016-05-02 20:39:32 +1000 |
| commit | 0e8eeec8e75f6d0eaf33317376f773160018a9c7 (patch) | |
| tree | 1fe3e4d977c9df10597c2a5dec1b6b0a8ab8afbe /kex.h | |
| parent | 57464e3934ba53ad8590ee3ccd840f693407fc1e (diff) | |
upstream commit
add support for additional fixed DH groups from
draft-ietf-curdle-ssh-kex-sha2-03
diffie-hellman-group14-sha256 (2K group)
diffie-hellman-group16-sha512 (4K group)
diffie-hellman-group18-sha512 (8K group)
based on patch from Mark D. Baushke and Darren Tucker
ok markus@
Upstream-ID: ac00406ada4f0dfec41585ca0839f039545bc46f
Diffstat (limited to 'kex.h')
| -rw-r--r-- | kex.h | 12 |
1 files changed, 9 insertions, 3 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: kex.h,v 1.77 2016/05/02 08:49:03 djm Exp $ */ | 1 | /* $OpenBSD: kex.h,v 1.78 2016/05/02 10:26:04 djm Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
| @@ -51,7 +51,10 @@ | |||
| 51 | #define KEX_COOKIE_LEN 16 | 51 | #define KEX_COOKIE_LEN 16 |
| 52 | 52 | ||
| 53 | #define KEX_DH1 "diffie-hellman-group1-sha1" | 53 | #define KEX_DH1 "diffie-hellman-group1-sha1" |
| 54 | #define KEX_DH14 "diffie-hellman-group14-sha1" | 54 | #define KEX_DH14_SHA1 "diffie-hellman-group14-sha1" |
| 55 | #define KEX_DH14_SHA256 "diffie-hellman-group14-sha256" | ||
| 56 | #define KEX_DH16_SHA512 "diffie-hellman-group16-sha512" | ||
| 57 | #define KEX_DH18_SHA512 "diffie-hellman-group18-sha512" | ||
| 55 | #define KEX_DHGEX_SHA1 "diffie-hellman-group-exchange-sha1" | 58 | #define KEX_DHGEX_SHA1 "diffie-hellman-group-exchange-sha1" |
| 56 | #define KEX_DHGEX_SHA256 "diffie-hellman-group-exchange-sha256" | 59 | #define KEX_DHGEX_SHA256 "diffie-hellman-group-exchange-sha256" |
| 57 | #define KEX_ECDH_SHA2_NISTP256 "ecdh-sha2-nistp256" | 60 | #define KEX_ECDH_SHA2_NISTP256 "ecdh-sha2-nistp256" |
| @@ -88,6 +91,9 @@ enum kex_modes { | |||
| 88 | enum kex_exchange { | 91 | enum kex_exchange { |
| 89 | KEX_DH_GRP1_SHA1, | 92 | KEX_DH_GRP1_SHA1, |
| 90 | KEX_DH_GRP14_SHA1, | 93 | KEX_DH_GRP14_SHA1, |
| 94 | KEX_DH_GRP14_SHA256, | ||
| 95 | KEX_DH_GRP16_SHA512, | ||
| 96 | KEX_DH_GRP18_SHA512, | ||
| 91 | KEX_DH_GEX_SHA1, | 97 | KEX_DH_GEX_SHA1, |
| 92 | KEX_DH_GEX_SHA256, | 98 | KEX_DH_GEX_SHA256, |
| 93 | KEX_ECDH_SHA2, | 99 | KEX_ECDH_SHA2, |
| @@ -190,7 +196,7 @@ int kexecdh_server(struct ssh *); | |||
| 190 | int kexc25519_client(struct ssh *); | 196 | int kexc25519_client(struct ssh *); |
| 191 | int kexc25519_server(struct ssh *); | 197 | int kexc25519_server(struct ssh *); |
| 192 | 198 | ||
| 193 | int kex_dh_hash(const char *, const char *, | 199 | int kex_dh_hash(int, const char *, const char *, |
| 194 | const u_char *, size_t, const u_char *, size_t, const u_char *, size_t, | 200 | const u_char *, size_t, const u_char *, size_t, const u_char *, size_t, |
| 195 | const BIGNUM *, const BIGNUM *, const BIGNUM *, u_char *, size_t *); | 201 | const BIGNUM *, const BIGNUM *, const BIGNUM *, u_char *, size_t *); |
| 196 | 202 | ||