summaryrefslogtreecommitdiff
path: root/kex.h
diff options
context:
space:
mode:
Diffstat (limited to 'kex.h')
-rw-r--r--kex.h31
1 files changed, 25 insertions, 6 deletions
diff --git a/kex.h b/kex.h
index d5046c627..8fbcb2b79 100644
--- a/kex.h
+++ b/kex.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: kex.h,v 1.56 2013/07/19 07:37:48 markus Exp $ */ 1/* $OpenBSD: kex.h,v 1.61 2014/01/25 10:12:50 dtucker Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@@ -43,6 +43,7 @@
43#define KEX_ECDH_SHA2_NISTP256 "ecdh-sha2-nistp256" 43#define KEX_ECDH_SHA2_NISTP256 "ecdh-sha2-nistp256"
44#define KEX_ECDH_SHA2_NISTP384 "ecdh-sha2-nistp384" 44#define KEX_ECDH_SHA2_NISTP384 "ecdh-sha2-nistp384"
45#define KEX_ECDH_SHA2_NISTP521 "ecdh-sha2-nistp521" 45#define KEX_ECDH_SHA2_NISTP521 "ecdh-sha2-nistp521"
46#define KEX_CURVE25519_SHA256 "curve25519-sha256@libssh.org"
46 47
47#define COMP_NONE 0 48#define COMP_NONE 0
48#define COMP_ZLIB 1 49#define COMP_ZLIB 1
@@ -74,6 +75,7 @@ enum kex_exchange {
74 KEX_DH_GEX_SHA1, 75 KEX_DH_GEX_SHA1,
75 KEX_DH_GEX_SHA256, 76 KEX_DH_GEX_SHA256,
76 KEX_ECDH_SHA2, 77 KEX_ECDH_SHA2,
78 KEX_C25519_SHA256,
77 KEX_GSS_GRP1_SHA1, 79 KEX_GSS_GRP1_SHA1,
78 KEX_GSS_GRP14_SHA1, 80 KEX_GSS_GRP14_SHA1,
79 KEX_GSS_GEX_SHA1, 81 KEX_GSS_GEX_SHA1,
@@ -125,6 +127,7 @@ struct Kex {
125 u_int session_id_len; 127 u_int session_id_len;
126 Newkeys *newkeys[MODE_MAX]; 128 Newkeys *newkeys[MODE_MAX];
127 u_int we_need; 129 u_int we_need;
130 u_int dh_need;
128 int server; 131 int server;
129 char *name; 132 char *name;
130 int hostkey_type; 133 int hostkey_type;
@@ -134,7 +137,7 @@ struct Kex {
134 Buffer peer; 137 Buffer peer;
135 sig_atomic_t done; 138 sig_atomic_t done;
136 int flags; 139 int flags;
137 const EVP_MD *evp_md; 140 int hash_alg;
138 int ec_nid; 141 int ec_nid;
139#ifdef GSSAPI 142#ifdef GSSAPI
140 int gss_deleg_creds; 143 int gss_deleg_creds;
@@ -153,14 +156,15 @@ struct Kex {
153}; 156};
154 157
155int kex_names_valid(const char *); 158int kex_names_valid(const char *);
156char *kex_alg_list(void); 159char *kex_alg_list(char);
157 160
158Kex *kex_setup(char *[PROPOSAL_MAX]); 161Kex *kex_setup(char *[PROPOSAL_MAX]);
159void kex_finish(Kex *); 162void kex_finish(Kex *);
160 163
161void kex_send_kexinit(Kex *); 164void kex_send_kexinit(Kex *);
162void kex_input_kexinit(int, u_int32_t, void *); 165void kex_input_kexinit(int, u_int32_t, void *);
163void kex_derive_keys(Kex *, u_char *, u_int, BIGNUM *); 166void kex_derive_keys(Kex *, u_char *, u_int, const u_char *, u_int);
167void kex_derive_keys_bn(Kex *, u_char *, u_int, const BIGNUM *);
164 168
165Newkeys *kex_get_newkeys(int); 169Newkeys *kex_get_newkeys(int);
166 170
@@ -170,6 +174,8 @@ void kexgex_client(Kex *);
170void kexgex_server(Kex *); 174void kexgex_server(Kex *);
171void kexecdh_client(Kex *); 175void kexecdh_client(Kex *);
172void kexecdh_server(Kex *); 176void kexecdh_server(Kex *);
177void kexc25519_client(Kex *);
178void kexc25519_server(Kex *);
173 179
174#ifdef GSSAPI 180#ifdef GSSAPI
175void kexgss_client(Kex *); 181void kexgss_client(Kex *);
@@ -180,15 +186,28 @@ void
180kex_dh_hash(char *, char *, char *, int, char *, int, u_char *, int, 186kex_dh_hash(char *, char *, char *, int, char *, int, u_char *, int,
181 BIGNUM *, BIGNUM *, BIGNUM *, u_char **, u_int *); 187 BIGNUM *, BIGNUM *, BIGNUM *, u_char **, u_int *);
182void 188void
183kexgex_hash(const EVP_MD *, char *, char *, char *, int, char *, 189kexgex_hash(int, char *, char *, char *, int, char *,
184 int, u_char *, int, int, int, int, BIGNUM *, BIGNUM *, BIGNUM *, 190 int, u_char *, int, int, int, int, BIGNUM *, BIGNUM *, BIGNUM *,
185 BIGNUM *, BIGNUM *, u_char **, u_int *); 191 BIGNUM *, BIGNUM *, u_char **, u_int *);
186#ifdef OPENSSL_HAS_ECC 192#ifdef OPENSSL_HAS_ECC
187void 193void
188kex_ecdh_hash(const EVP_MD *, const EC_GROUP *, char *, char *, char *, int, 194kex_ecdh_hash(int, const EC_GROUP *, char *, char *, char *, int,
189 char *, int, u_char *, int, const EC_POINT *, const EC_POINT *, 195 char *, int, u_char *, int, const EC_POINT *, const EC_POINT *,
190 const BIGNUM *, u_char **, u_int *); 196 const BIGNUM *, u_char **, u_int *);
191#endif 197#endif
198void
199kex_c25519_hash(int, char *, char *, char *, int,
200 char *, int, u_char *, int, const u_char *, const u_char *,
201 const u_char *, u_int, u_char **, u_int *);
202
203#define CURVE25519_SIZE 32
204void kexc25519_keygen(u_char[CURVE25519_SIZE], u_char[CURVE25519_SIZE])
205 __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE)))
206 __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE)));
207void kexc25519_shared_key(const u_char key[CURVE25519_SIZE],
208 const u_char pub[CURVE25519_SIZE], Buffer *out)
209 __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE)))
210 __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE)));
192 211
193void 212void
194derive_ssh1_session_id(BIGNUM *, BIGNUM *, u_int8_t[8], u_int8_t[16]); 213derive_ssh1_session_id(BIGNUM *, BIGNUM *, u_int8_t[8], u_int8_t[16]);
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-05 05:26:32 +0000