summaryrefslogtreecommitdiff
path: root/kex.h
diff options
context:
space:
mode:
Diffstat (limited to 'kex.h')
-rw-r--r--kex.h195
1 files changed, 109 insertions, 86 deletions
diff --git a/kex.h b/kex.h
index 4c40ec851..f70b81fc1 100644
--- a/kex.h
+++ b/kex.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: kex.h,v 1.64 2014/05/02 03:27:54 djm Exp $ */ 1/* $OpenBSD: kex.h,v 1.71 2015/02/16 22:13:32 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@@ -26,13 +26,28 @@
26#ifndef KEX_H 26#ifndef KEX_H
27#define KEX_H 27#define KEX_H
28 28
29#include <signal.h> 29#include "mac.h"
30#include <openssl/evp.h> 30#include "buffer.h" /* XXX for typedef */
31#include <openssl/hmac.h> 31#include "key.h" /* XXX for typedef */
32#ifdef OPENSSL_HAS_ECC 32
33#include <openssl/ec.h> 33#ifdef WITH_LEAKMALLOC
34#include "leakmalloc.h"
34#endif 35#endif
35 36
37#ifdef WITH_OPENSSL
38# ifdef OPENSSL_HAS_ECC
39# include <openssl/ec.h>
40# else /* OPENSSL_HAS_ECC */
41# define EC_KEY void
42# define EC_GROUP void
43# define EC_POINT void
44# endif /* OPENSSL_HAS_ECC */
45#else /* WITH_OPENSSL */
46# define EC_KEY void
47# define EC_GROUP void
48# define EC_POINT void
49#endif /* WITH_OPENSSL */
50
36#define KEX_COOKIE_LEN 16 51#define KEX_COOKIE_LEN 16
37 52
38#define KEX_DH1 "diffie-hellman-group1-sha1" 53#define KEX_DH1 "diffie-hellman-group1-sha1"
@@ -49,6 +64,8 @@
49#define COMP_ZLIB 1 64#define COMP_ZLIB 1
50#define COMP_DELAYED 2 65#define COMP_DELAYED 2
51 66
67#define CURVE25519_SIZE 32
68
52enum kex_init_proposals { 69enum kex_init_proposals {
53 PROPOSAL_KEX_ALGS, 70 PROPOSAL_KEX_ALGS,
54 PROPOSAL_SERVER_HOST_KEY_ALGS, 71 PROPOSAL_SERVER_HOST_KEY_ALGS,
@@ -81,15 +98,9 @@ enum kex_exchange {
81 98
82#define KEX_INIT_SENT 0x0001 99#define KEX_INIT_SENT 0x0001
83 100
84typedef struct Kex Kex; 101struct sshenc {
85typedef struct Mac Mac;
86typedef struct Comp Comp;
87typedef struct Enc Enc;
88typedef struct Newkeys Newkeys;
89
90struct Enc {
91 char *name; 102 char *name;
92 const Cipher *cipher; 103 const struct sshcipher *cipher;
93 int enabled; 104 int enabled;
94 u_int key_len; 105 u_int key_len;
95 u_int iv_len; 106 u_int iv_len;
@@ -97,108 +108,120 @@ struct Enc {
97 u_char *key; 108 u_char *key;
98 u_char *iv; 109 u_char *iv;
99}; 110};
100struct Mac { 111struct sshcomp {
101 char *name; 112 u_int type;
102 int enabled;
103 u_int mac_len;
104 u_char *key;
105 u_int key_len;
106 int type;
107 int etm; /* Encrypt-then-MAC */
108 struct ssh_hmac_ctx *hmac_ctx;
109 struct umac_ctx *umac_ctx;
110};
111struct Comp {
112 int type;
113 int enabled; 113 int enabled;
114 char *name; 114 char *name;
115}; 115};
116struct Newkeys { 116struct newkeys {
117 Enc enc; 117 struct sshenc enc;
118 Mac mac; 118 struct sshmac mac;
119 Comp comp; 119 struct sshcomp comp;
120}; 120};
121struct Kex { 121
122struct ssh;
123
124struct kex {
122 u_char *session_id; 125 u_char *session_id;
123 u_int session_id_len; 126 size_t session_id_len;
124 Newkeys *newkeys[MODE_MAX]; 127 struct newkeys *newkeys[MODE_MAX];
125 u_int we_need; 128 u_int we_need;
126 u_int dh_need; 129 u_int dh_need;
127 int server; 130 int server;
128 char *name; 131 char *name;
129 int hostkey_type; 132 int hostkey_type;
130 int kex_type; 133 int hostkey_nid;
134 u_int kex_type;
131 int roaming; 135 int roaming;
132 Buffer my; 136 struct sshbuf *my;
133 Buffer peer; 137 struct sshbuf *peer;
134 sig_atomic_t done; 138 sig_atomic_t done;
135 int flags; 139 u_int flags;
136 int hash_alg; 140 int hash_alg;
137 int ec_nid; 141 int ec_nid;
138 char *client_version_string; 142 char *client_version_string;
139 char *server_version_string; 143 char *server_version_string;
140 int (*verify_host_key)(Key *); 144 int (*verify_host_key)(struct sshkey *, struct ssh *);
141 Key *(*load_host_public_key)(int); 145 struct sshkey *(*load_host_public_key)(int, int, struct ssh *);
142 Key *(*load_host_private_key)(int); 146 struct sshkey *(*load_host_private_key)(int, int, struct ssh *);
143 int (*host_key_index)(Key *); 147 int (*host_key_index)(struct sshkey *, int, struct ssh *);
144 void (*sign)(Key *, Key *, u_char **, u_int *, u_char *, u_int); 148 int (*sign)(struct sshkey *, struct sshkey *,
145 void (*kex[KEX_MAX])(Kex *); 149 u_char **, size_t *, const u_char *, size_t, u_int);
150 int (*kex[KEX_MAX])(struct ssh *);
151 /* kex specific state */
152 DH *dh; /* DH */
153 u_int min, max, nbits; /* GEX */
154 EC_KEY *ec_client_key; /* ECDH */
155 const EC_GROUP *ec_group; /* ECDH */
156 u_char c25519_client_key[CURVE25519_SIZE]; /* 25519 */
157 u_char c25519_client_pubkey[CURVE25519_SIZE]; /* 25519 */
146}; 158};
147 159
148int kex_names_valid(const char *); 160int kex_names_valid(const char *);
149char *kex_alg_list(char); 161char *kex_alg_list(char);
150 162
151Kex *kex_setup(char *[PROPOSAL_MAX]); 163int kex_new(struct ssh *, char *[PROPOSAL_MAX], struct kex **);
152void kex_finish(Kex *); 164int kex_setup(struct ssh *, char *[PROPOSAL_MAX]);
153 165void kex_free_newkeys(struct newkeys *);
154void kex_send_kexinit(Kex *); 166void kex_free(struct kex *);
155void kex_input_kexinit(int, u_int32_t, void *); 167
156void kex_derive_keys(Kex *, u_char *, u_int, const u_char *, u_int); 168int kex_buf2prop(struct sshbuf *, int *, char ***);
157void kex_derive_keys_bn(Kex *, u_char *, u_int, const BIGNUM *); 169int kex_prop2buf(struct sshbuf *, char *proposal[PROPOSAL_MAX]);
158 170void kex_prop_free(char **);
159Newkeys *kex_get_newkeys(int); 171
160 172int kex_send_kexinit(struct ssh *);
161void kexdh_client(Kex *); 173int kex_input_kexinit(int, u_int32_t, void *);
162void kexdh_server(Kex *); 174int kex_derive_keys(struct ssh *, u_char *, u_int, const struct sshbuf *);
163void kexgex_client(Kex *); 175int kex_derive_keys_bn(struct ssh *, u_char *, u_int, const BIGNUM *);
164void kexgex_server(Kex *); 176int kex_send_newkeys(struct ssh *);
165void kexecdh_client(Kex *); 177
166void kexecdh_server(Kex *); 178int kexdh_client(struct ssh *);
167void kexc25519_client(Kex *); 179int kexdh_server(struct ssh *);
168void kexc25519_server(Kex *); 180int kexgex_client(struct ssh *);
169 181int kexgex_server(struct ssh *);
170void 182int kexecdh_client(struct ssh *);
171kex_dh_hash(char *, char *, char *, int, char *, int, u_char *, int, 183int kexecdh_server(struct ssh *);
172 BIGNUM *, BIGNUM *, BIGNUM *, u_char **, u_int *); 184int kexc25519_client(struct ssh *);
173void 185int kexc25519_server(struct ssh *);
174kexgex_hash(int, char *, char *, char *, int, char *, 186
175 int, u_char *, int, int, int, int, BIGNUM *, BIGNUM *, BIGNUM *, 187int kex_dh_hash(const char *, const char *,
176 BIGNUM *, BIGNUM *, u_char **, u_int *); 188 const u_char *, size_t, const u_char *, size_t, const u_char *, size_t,
177#ifdef OPENSSL_HAS_ECC 189 const BIGNUM *, const BIGNUM *, const BIGNUM *, u_char *, size_t *);
178void 190
179kex_ecdh_hash(int, const EC_GROUP *, char *, char *, char *, int, 191int kexgex_hash(int, const char *, const char *,
180 char *, int, u_char *, int, const EC_POINT *, const EC_POINT *, 192 const u_char *, size_t, const u_char *, size_t, const u_char *, size_t,
181 const BIGNUM *, u_char **, u_int *); 193 int, int, int,
182#endif 194 const BIGNUM *, const BIGNUM *, const BIGNUM *,
183void 195 const BIGNUM *, const BIGNUM *,
184kex_c25519_hash(int, char *, char *, char *, int, 196 u_char *, size_t *);
185 char *, int, u_char *, int, const u_char *, const u_char *, 197
186 const u_char *, u_int, u_char **, u_int *); 198int kex_ecdh_hash(int, const EC_GROUP *, const char *, const char *,
187 199 const u_char *, size_t, const u_char *, size_t, const u_char *, size_t,
188#define CURVE25519_SIZE 32 200 const EC_POINT *, const EC_POINT *, const BIGNUM *, u_char *, size_t *);
189void kexc25519_keygen(u_char[CURVE25519_SIZE], u_char[CURVE25519_SIZE]) 201
202int kex_c25519_hash(int, const char *, const char *, const char *, size_t,
203 const char *, size_t, const u_char *, size_t, const u_char *, const u_char *,
204 const u_char *, size_t, u_char *, size_t *);
205
206void kexc25519_keygen(u_char key[CURVE25519_SIZE], u_char pub[CURVE25519_SIZE])
190 __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) 207 __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE)))
191 __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); 208 __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE)));
192void kexc25519_shared_key(const u_char key[CURVE25519_SIZE], 209int kexc25519_shared_key(const u_char key[CURVE25519_SIZE],
193 const u_char pub[CURVE25519_SIZE], Buffer *out) 210 const u_char pub[CURVE25519_SIZE], struct sshbuf *out)
194 __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) 211 __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE)))
195 __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); 212 __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE)));
196 213
197void 214int
198derive_ssh1_session_id(BIGNUM *, BIGNUM *, u_int8_t[8], u_int8_t[16]); 215derive_ssh1_session_id(BIGNUM *, BIGNUM *, u_int8_t[8], u_int8_t[16]);
199 216
200#if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) || defined(DEBUG_KEXECDH) 217#if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) || defined(DEBUG_KEXECDH)
201void dump_digest(char *, u_char *, int); 218void dump_digest(char *, u_char *, int);
202#endif 219#endif
203 220
221#if !defined(WITH_OPENSSL) || !defined(OPENSSL_HAS_ECC)
222# undef EC_KEY
223# undef EC_GROUP
224# undef EC_POINT
225#endif
226
204#endif 227#endif