mirror of
https://git.tartarus.org/simon/putty.git
synced 2025-01-10 01:48:00 +00:00
Remove a lot of pointless 'struct' keywords.
This is the commit that f3295e0fb
_should_ have been. Yesterday I just
added some typedefs so that I didn't have to wear out my fingers
typing 'struct' in new code, but what I ought to have done is to move
all the typedefs into defs.h with the rest, and then go through
cleaning up the legacy 'struct's all through the existing code.
But I was mostly trying to concentrate on getting the test suite
finished, so I just did the minimum. Now it's time to come back and do
it better.
This commit is contained in:
parent
abebfdf0dd
commit
35690040fd
16
cmdgen.c
16
cmdgen.c
@ -220,8 +220,8 @@ int main(int argc, char **argv)
|
|||||||
bool errs = false, nogo = false;
|
bool errs = false, nogo = false;
|
||||||
int intype = SSH_KEYTYPE_UNOPENABLE;
|
int intype = SSH_KEYTYPE_UNOPENABLE;
|
||||||
int sshver = 0;
|
int sshver = 0;
|
||||||
struct ssh2_userkey *ssh2key = NULL;
|
ssh2_userkey *ssh2key = NULL;
|
||||||
struct RSAKey *ssh1key = NULL;
|
RSAKey *ssh1key = NULL;
|
||||||
strbuf *ssh2blob = NULL;
|
strbuf *ssh2blob = NULL;
|
||||||
char *ssh2alg = NULL;
|
char *ssh2alg = NULL;
|
||||||
char *old_passphrase = NULL, *new_passphrase = NULL;
|
char *old_passphrase = NULL, *new_passphrase = NULL;
|
||||||
@ -696,29 +696,29 @@ int main(int argc, char **argv)
|
|||||||
if (keytype == DSA) {
|
if (keytype == DSA) {
|
||||||
struct dss_key *dsskey = snew(struct dss_key);
|
struct dss_key *dsskey = snew(struct dss_key);
|
||||||
dsa_generate(dsskey, bits, progressfn, &prog);
|
dsa_generate(dsskey, bits, progressfn, &prog);
|
||||||
ssh2key = snew(struct ssh2_userkey);
|
ssh2key = snew(ssh2_userkey);
|
||||||
ssh2key->key = &dsskey->sshk;
|
ssh2key->key = &dsskey->sshk;
|
||||||
ssh1key = NULL;
|
ssh1key = NULL;
|
||||||
} else if (keytype == ECDSA) {
|
} else if (keytype == ECDSA) {
|
||||||
struct ecdsa_key *ek = snew(struct ecdsa_key);
|
struct ecdsa_key *ek = snew(struct ecdsa_key);
|
||||||
ecdsa_generate(ek, bits, progressfn, &prog);
|
ecdsa_generate(ek, bits, progressfn, &prog);
|
||||||
ssh2key = snew(struct ssh2_userkey);
|
ssh2key = snew(ssh2_userkey);
|
||||||
ssh2key->key = &ek->sshk;
|
ssh2key->key = &ek->sshk;
|
||||||
ssh1key = NULL;
|
ssh1key = NULL;
|
||||||
} else if (keytype == ED25519) {
|
} else if (keytype == ED25519) {
|
||||||
struct eddsa_key *ek = snew(struct eddsa_key);
|
struct eddsa_key *ek = snew(struct eddsa_key);
|
||||||
eddsa_generate(ek, bits, progressfn, &prog);
|
eddsa_generate(ek, bits, progressfn, &prog);
|
||||||
ssh2key = snew(struct ssh2_userkey);
|
ssh2key = snew(ssh2_userkey);
|
||||||
ssh2key->key = &ek->sshk;
|
ssh2key->key = &ek->sshk;
|
||||||
ssh1key = NULL;
|
ssh1key = NULL;
|
||||||
} else {
|
} else {
|
||||||
struct RSAKey *rsakey = snew(struct RSAKey);
|
RSAKey *rsakey = snew(RSAKey);
|
||||||
rsa_generate(rsakey, bits, progressfn, &prog);
|
rsa_generate(rsakey, bits, progressfn, &prog);
|
||||||
rsakey->comment = NULL;
|
rsakey->comment = NULL;
|
||||||
if (keytype == RSA1) {
|
if (keytype == RSA1) {
|
||||||
ssh1key = rsakey;
|
ssh1key = rsakey;
|
||||||
} else {
|
} else {
|
||||||
ssh2key = snew(struct ssh2_userkey);
|
ssh2key = snew(ssh2_userkey);
|
||||||
ssh2key->key = &rsakey->sshk;
|
ssh2key->key = &rsakey->sshk;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -775,7 +775,7 @@ int main(int argc, char **argv)
|
|||||||
|
|
||||||
case SSH_KEYTYPE_SSH1:
|
case SSH_KEYTYPE_SSH1:
|
||||||
case SSH_KEYTYPE_SSH1_PUBLIC:
|
case SSH_KEYTYPE_SSH1_PUBLIC:
|
||||||
ssh1key = snew(struct RSAKey);
|
ssh1key = snew(RSAKey);
|
||||||
if (!load_encrypted) {
|
if (!load_encrypted) {
|
||||||
strbuf *blob;
|
strbuf *blob;
|
||||||
BinarySource src[1];
|
BinarySource src[1];
|
||||||
|
22
defs.h
22
defs.h
@ -36,7 +36,7 @@ typedef struct bufchain_tag bufchain;
|
|||||||
|
|
||||||
typedef struct strbuf strbuf;
|
typedef struct strbuf strbuf;
|
||||||
|
|
||||||
struct RSAKey;
|
typedef struct RSAKey RSAKey;
|
||||||
|
|
||||||
typedef struct BinarySink BinarySink;
|
typedef struct BinarySink BinarySink;
|
||||||
typedef struct BinarySource BinarySource;
|
typedef struct BinarySource BinarySource;
|
||||||
@ -90,6 +90,26 @@ typedef struct PortFwdManager PortFwdManager;
|
|||||||
typedef struct PortFwdRecord PortFwdRecord;
|
typedef struct PortFwdRecord PortFwdRecord;
|
||||||
typedef struct ConnectionLayer ConnectionLayer;
|
typedef struct ConnectionLayer ConnectionLayer;
|
||||||
|
|
||||||
|
typedef struct ssh_hashalg ssh_hashalg;
|
||||||
|
typedef struct ssh_hash ssh_hash;
|
||||||
|
typedef struct ssh_kex ssh_kex;
|
||||||
|
typedef struct ssh_kexes ssh_kexes;
|
||||||
|
typedef struct ssh_keyalg ssh_keyalg;
|
||||||
|
typedef struct ssh_key ssh_key;
|
||||||
|
typedef struct ssh_compressor ssh_compressor;
|
||||||
|
typedef struct ssh_decompressor ssh_decompressor;
|
||||||
|
typedef struct ssh_compression_alg ssh_compression_alg;
|
||||||
|
typedef struct ssh2_userkey ssh2_userkey;
|
||||||
|
typedef struct ssh2_macalg ssh2_macalg;
|
||||||
|
typedef struct ssh2_mac ssh2_mac;
|
||||||
|
typedef struct ssh2_cipheralg ssh2_cipheralg;
|
||||||
|
typedef struct ssh2_cipher ssh2_cipher;
|
||||||
|
typedef struct ssh2_ciphers ssh2_ciphers;
|
||||||
|
typedef struct ssh1_cipheralg ssh1_cipheralg;
|
||||||
|
typedef struct ssh1_cipher ssh1_cipher;
|
||||||
|
typedef struct dh_ctx dh_ctx;
|
||||||
|
typedef struct ecdh_key ecdh_key;
|
||||||
|
|
||||||
typedef struct dlgparam dlgparam;
|
typedef struct dlgparam dlgparam;
|
||||||
|
|
||||||
typedef struct settings_w settings_w;
|
typedef struct settings_w settings_w;
|
||||||
|
54
import.c
54
import.c
@ -15,22 +15,22 @@
|
|||||||
|
|
||||||
static bool openssh_pem_encrypted(const Filename *file);
|
static bool openssh_pem_encrypted(const Filename *file);
|
||||||
static bool openssh_new_encrypted(const Filename *file);
|
static bool openssh_new_encrypted(const Filename *file);
|
||||||
static struct ssh2_userkey *openssh_pem_read(
|
static ssh2_userkey *openssh_pem_read(
|
||||||
const Filename *file, const char *passphrase, const char **errmsg_p);
|
const Filename *file, const char *passphrase, const char **errmsg_p);
|
||||||
static struct ssh2_userkey *openssh_new_read(
|
static ssh2_userkey *openssh_new_read(
|
||||||
const Filename *file, const char *passphrase, const char **errmsg_p);
|
const Filename *file, const char *passphrase, const char **errmsg_p);
|
||||||
static bool openssh_auto_write(
|
static bool openssh_auto_write(
|
||||||
const Filename *file, struct ssh2_userkey *key, const char *passphrase);
|
const Filename *file, ssh2_userkey *key, const char *passphrase);
|
||||||
static bool openssh_pem_write(
|
static bool openssh_pem_write(
|
||||||
const Filename *file, struct ssh2_userkey *key, const char *passphrase);
|
const Filename *file, ssh2_userkey *key, const char *passphrase);
|
||||||
static bool openssh_new_write(
|
static bool openssh_new_write(
|
||||||
const Filename *file, struct ssh2_userkey *key, const char *passphrase);
|
const Filename *file, ssh2_userkey *key, const char *passphrase);
|
||||||
|
|
||||||
static bool sshcom_encrypted(const Filename *file, char **comment);
|
static bool sshcom_encrypted(const Filename *file, char **comment);
|
||||||
static struct ssh2_userkey *sshcom_read(
|
static ssh2_userkey *sshcom_read(
|
||||||
const Filename *file, const char *passphrase, const char **errmsg_p);
|
const Filename *file, const char *passphrase, const char **errmsg_p);
|
||||||
static bool sshcom_write(
|
static bool sshcom_write(
|
||||||
const Filename *file, struct ssh2_userkey *key, const char *passphrase);
|
const Filename *file, ssh2_userkey *key, const char *passphrase);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Given a key type, determine whether we know how to import it.
|
* Given a key type, determine whether we know how to import it.
|
||||||
@ -83,7 +83,7 @@ bool import_encrypted(const Filename *filename, int type, char **comment)
|
|||||||
* Import an SSH-1 key.
|
* Import an SSH-1 key.
|
||||||
*/
|
*/
|
||||||
int import_ssh1(const Filename *filename, int type,
|
int import_ssh1(const Filename *filename, int type,
|
||||||
struct RSAKey *key, char *passphrase, const char **errmsg_p)
|
RSAKey *key, char *passphrase, const char **errmsg_p)
|
||||||
{
|
{
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -91,7 +91,7 @@ int import_ssh1(const Filename *filename, int type,
|
|||||||
/*
|
/*
|
||||||
* Import an SSH-2 key.
|
* Import an SSH-2 key.
|
||||||
*/
|
*/
|
||||||
struct ssh2_userkey *import_ssh2(const Filename *filename, int type,
|
ssh2_userkey *import_ssh2(const Filename *filename, int type,
|
||||||
char *passphrase, const char **errmsg_p)
|
char *passphrase, const char **errmsg_p)
|
||||||
{
|
{
|
||||||
if (type == SSH_KEYTYPE_OPENSSH_PEM)
|
if (type == SSH_KEYTYPE_OPENSSH_PEM)
|
||||||
@ -106,7 +106,7 @@ struct ssh2_userkey *import_ssh2(const Filename *filename, int type,
|
|||||||
/*
|
/*
|
||||||
* Export an SSH-1 key.
|
* Export an SSH-1 key.
|
||||||
*/
|
*/
|
||||||
bool export_ssh1(const Filename *filename, int type, struct RSAKey *key,
|
bool export_ssh1(const Filename *filename, int type, RSAKey *key,
|
||||||
char *passphrase)
|
char *passphrase)
|
||||||
{
|
{
|
||||||
return false;
|
return false;
|
||||||
@ -116,7 +116,7 @@ bool export_ssh1(const Filename *filename, int type, struct RSAKey *key,
|
|||||||
* Export an SSH-2 key.
|
* Export an SSH-2 key.
|
||||||
*/
|
*/
|
||||||
bool export_ssh2(const Filename *filename, int type,
|
bool export_ssh2(const Filename *filename, int type,
|
||||||
struct ssh2_userkey *key, char *passphrase)
|
ssh2_userkey *key, char *passphrase)
|
||||||
{
|
{
|
||||||
if (type == SSH_KEYTYPE_OPENSSH_AUTO)
|
if (type == SSH_KEYTYPE_OPENSSH_AUTO)
|
||||||
return openssh_auto_write(filename, key, passphrase);
|
return openssh_auto_write(filename, key, passphrase);
|
||||||
@ -495,15 +495,15 @@ static bool openssh_pem_encrypted(const Filename *filename)
|
|||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
static struct ssh2_userkey *openssh_pem_read(
|
static ssh2_userkey *openssh_pem_read(
|
||||||
const Filename *filename, const char *passphrase, const char **errmsg_p)
|
const Filename *filename, const char *passphrase, const char **errmsg_p)
|
||||||
{
|
{
|
||||||
struct openssh_pem_key *key = load_openssh_pem_key(filename, errmsg_p);
|
struct openssh_pem_key *key = load_openssh_pem_key(filename, errmsg_p);
|
||||||
struct ssh2_userkey *retkey;
|
ssh2_userkey *retkey;
|
||||||
const ssh_keyalg *alg;
|
const ssh_keyalg *alg;
|
||||||
BinarySource src[1];
|
BinarySource src[1];
|
||||||
int i, num_integers;
|
int i, num_integers;
|
||||||
struct ssh2_userkey *retval = NULL;
|
ssh2_userkey *retval = NULL;
|
||||||
const char *errmsg;
|
const char *errmsg;
|
||||||
strbuf *blob = strbuf_new();
|
strbuf *blob = strbuf_new();
|
||||||
int privptr = 0, publen;
|
int privptr = 0, publen;
|
||||||
@ -659,7 +659,7 @@ static struct ssh2_userkey *openssh_pem_read(
|
|||||||
pubkey.data.len -= 1;
|
pubkey.data.len -= 1;
|
||||||
|
|
||||||
/* Construct the key */
|
/* Construct the key */
|
||||||
retkey = snew(struct ssh2_userkey);
|
retkey = snew(ssh2_userkey);
|
||||||
|
|
||||||
put_stringz(blob, alg->ssh_id);
|
put_stringz(blob, alg->ssh_id);
|
||||||
put_stringz(blob, curve->name);
|
put_stringz(blob, curve->name);
|
||||||
@ -737,7 +737,7 @@ static struct ssh2_userkey *openssh_pem_read(
|
|||||||
* the sanity checks for free.
|
* the sanity checks for free.
|
||||||
*/
|
*/
|
||||||
assert(privptr > 0); /* should have bombed by now if not */
|
assert(privptr > 0); /* should have bombed by now if not */
|
||||||
retkey = snew(struct ssh2_userkey);
|
retkey = snew(ssh2_userkey);
|
||||||
alg = (key->keytype == OP_RSA ? &ssh_rsa : &ssh_dss);
|
alg = (key->keytype == OP_RSA ? &ssh_rsa : &ssh_dss);
|
||||||
retkey->key = ssh_key_new_priv(
|
retkey->key = ssh_key_new_priv(
|
||||||
alg, make_ptrlen(blob->u, privptr),
|
alg, make_ptrlen(blob->u, privptr),
|
||||||
@ -774,7 +774,7 @@ static struct ssh2_userkey *openssh_pem_read(
|
|||||||
}
|
}
|
||||||
|
|
||||||
static bool openssh_pem_write(
|
static bool openssh_pem_write(
|
||||||
const Filename *filename, struct ssh2_userkey *key, const char *passphrase)
|
const Filename *filename, ssh2_userkey *key, const char *passphrase)
|
||||||
{
|
{
|
||||||
strbuf *pubblob, *privblob, *outblob;
|
strbuf *pubblob, *privblob, *outblob;
|
||||||
unsigned char *spareblob;
|
unsigned char *spareblob;
|
||||||
@ -1331,12 +1331,12 @@ static bool openssh_new_encrypted(const Filename *filename)
|
|||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
static struct ssh2_userkey *openssh_new_read(
|
static ssh2_userkey *openssh_new_read(
|
||||||
const Filename *filename, const char *passphrase, const char **errmsg_p)
|
const Filename *filename, const char *passphrase, const char **errmsg_p)
|
||||||
{
|
{
|
||||||
struct openssh_new_key *key = load_openssh_new_key(filename, errmsg_p);
|
struct openssh_new_key *key = load_openssh_new_key(filename, errmsg_p);
|
||||||
struct ssh2_userkey *retkey = NULL;
|
ssh2_userkey *retkey = NULL;
|
||||||
struct ssh2_userkey *retval = NULL;
|
ssh2_userkey *retval = NULL;
|
||||||
const char *errmsg;
|
const char *errmsg;
|
||||||
unsigned checkint;
|
unsigned checkint;
|
||||||
BinarySource src[1];
|
BinarySource src[1];
|
||||||
@ -1423,7 +1423,7 @@ static struct ssh2_userkey *openssh_new_read(
|
|||||||
goto error;
|
goto error;
|
||||||
}
|
}
|
||||||
|
|
||||||
retkey = snew(struct ssh2_userkey);
|
retkey = snew(ssh2_userkey);
|
||||||
retkey->key = NULL;
|
retkey->key = NULL;
|
||||||
retkey->comment = NULL;
|
retkey->comment = NULL;
|
||||||
|
|
||||||
@ -1512,7 +1512,7 @@ static struct ssh2_userkey *openssh_new_read(
|
|||||||
}
|
}
|
||||||
|
|
||||||
static bool openssh_new_write(
|
static bool openssh_new_write(
|
||||||
const Filename *filename, struct ssh2_userkey *key, const char *passphrase)
|
const Filename *filename, ssh2_userkey *key, const char *passphrase)
|
||||||
{
|
{
|
||||||
strbuf *pubblob, *privblob, *cblob;
|
strbuf *pubblob, *privblob, *cblob;
|
||||||
int padvalue, i;
|
int padvalue, i;
|
||||||
@ -1641,7 +1641,7 @@ static bool openssh_new_write(
|
|||||||
* concrete OpenSSH output formats based on the key type.
|
* concrete OpenSSH output formats based on the key type.
|
||||||
*/
|
*/
|
||||||
static bool openssh_auto_write(
|
static bool openssh_auto_write(
|
||||||
const Filename *filename, struct ssh2_userkey *key, const char *passphrase)
|
const Filename *filename, ssh2_userkey *key, const char *passphrase)
|
||||||
{
|
{
|
||||||
/*
|
/*
|
||||||
* The old OpenSSH format supports a fixed list of key types. We
|
* The old OpenSSH format supports a fixed list of key types. We
|
||||||
@ -1966,7 +1966,7 @@ static ptrlen BinarySource_get_mp_sshcom_as_string(BinarySource *src)
|
|||||||
#define get_mp_sshcom_as_string(bs) \
|
#define get_mp_sshcom_as_string(bs) \
|
||||||
BinarySource_get_mp_sshcom_as_string(BinarySource_UPCAST(bs))
|
BinarySource_get_mp_sshcom_as_string(BinarySource_UPCAST(bs))
|
||||||
|
|
||||||
static struct ssh2_userkey *sshcom_read(
|
static ssh2_userkey *sshcom_read(
|
||||||
const Filename *filename, const char *passphrase, const char **errmsg_p)
|
const Filename *filename, const char *passphrase, const char **errmsg_p)
|
||||||
{
|
{
|
||||||
struct sshcom_key *key = load_sshcom_key(filename, errmsg_p);
|
struct sshcom_key *key = load_sshcom_key(filename, errmsg_p);
|
||||||
@ -1978,7 +1978,7 @@ static struct ssh2_userkey *sshcom_read(
|
|||||||
const char prefix_dsa[] = "dl-modp{sign{dsa";
|
const char prefix_dsa[] = "dl-modp{sign{dsa";
|
||||||
enum { RSA, DSA } type;
|
enum { RSA, DSA } type;
|
||||||
bool encrypted;
|
bool encrypted;
|
||||||
struct ssh2_userkey *ret = NULL, *retkey;
|
ssh2_userkey *ret = NULL, *retkey;
|
||||||
const ssh_keyalg *alg;
|
const ssh_keyalg *alg;
|
||||||
strbuf *blob = NULL;
|
strbuf *blob = NULL;
|
||||||
|
|
||||||
@ -2151,7 +2151,7 @@ static struct ssh2_userkey *sshcom_read(
|
|||||||
put_mp_ssh2_from_string(blob, x.ptr, x.len);
|
put_mp_ssh2_from_string(blob, x.ptr, x.len);
|
||||||
}
|
}
|
||||||
|
|
||||||
retkey = snew(struct ssh2_userkey);
|
retkey = snew(ssh2_userkey);
|
||||||
retkey->key = ssh_key_new_priv(
|
retkey->key = ssh_key_new_priv(
|
||||||
alg, make_ptrlen(blob->u, publen),
|
alg, make_ptrlen(blob->u, publen),
|
||||||
make_ptrlen(blob->u + publen, blob->len - publen));
|
make_ptrlen(blob->u + publen, blob->len - publen));
|
||||||
@ -2178,7 +2178,7 @@ static struct ssh2_userkey *sshcom_read(
|
|||||||
}
|
}
|
||||||
|
|
||||||
static bool sshcom_write(
|
static bool sshcom_write(
|
||||||
const Filename *filename, struct ssh2_userkey *key, const char *passphrase)
|
const Filename *filename, ssh2_userkey *key, const char *passphrase)
|
||||||
{
|
{
|
||||||
strbuf *pubblob, *privblob, *outblob;
|
strbuf *pubblob, *privblob, *outblob;
|
||||||
ptrlen numbers[6];
|
ptrlen numbers[6];
|
||||||
|
62
pageant.c
62
pageant.c
@ -40,8 +40,8 @@ static tree234 *rsakeys, *ssh2keys;
|
|||||||
*/
|
*/
|
||||||
static int cmpkeys_rsa(void *av, void *bv)
|
static int cmpkeys_rsa(void *av, void *bv)
|
||||||
{
|
{
|
||||||
struct RSAKey *a = (struct RSAKey *) av;
|
RSAKey *a = (RSAKey *) av;
|
||||||
struct RSAKey *b = (struct RSAKey *) bv;
|
RSAKey *b = (RSAKey *) bv;
|
||||||
|
|
||||||
return ((int)mp_cmp_hs(a->modulus, b->modulus) -
|
return ((int)mp_cmp_hs(a->modulus, b->modulus) -
|
||||||
(int)mp_cmp_hs(b->modulus, a->modulus));
|
(int)mp_cmp_hs(b->modulus, a->modulus));
|
||||||
@ -54,7 +54,7 @@ static int cmpkeys_rsa(void *av, void *bv)
|
|||||||
static int cmpkeys_ssh2_asymm(void *av, void *bv)
|
static int cmpkeys_ssh2_asymm(void *av, void *bv)
|
||||||
{
|
{
|
||||||
ptrlen *ablob = (ptrlen *) av;
|
ptrlen *ablob = (ptrlen *) av;
|
||||||
struct ssh2_userkey *b = (struct ssh2_userkey *) bv;
|
ssh2_userkey *b = (ssh2_userkey *) bv;
|
||||||
strbuf *bblob;
|
strbuf *bblob;
|
||||||
int i, c;
|
int i, c;
|
||||||
|
|
||||||
@ -90,7 +90,7 @@ static int cmpkeys_ssh2_asymm(void *av, void *bv)
|
|||||||
*/
|
*/
|
||||||
static int cmpkeys_ssh2(void *av, void *bv)
|
static int cmpkeys_ssh2(void *av, void *bv)
|
||||||
{
|
{
|
||||||
struct ssh2_userkey *a = (struct ssh2_userkey *) av;
|
ssh2_userkey *a = (ssh2_userkey *) av;
|
||||||
strbuf *ablob;
|
strbuf *ablob;
|
||||||
ptrlen apl;
|
ptrlen apl;
|
||||||
int toret;
|
int toret;
|
||||||
@ -107,7 +107,7 @@ static int cmpkeys_ssh2(void *av, void *bv)
|
|||||||
void pageant_make_keylist1(BinarySink *bs)
|
void pageant_make_keylist1(BinarySink *bs)
|
||||||
{
|
{
|
||||||
int i;
|
int i;
|
||||||
struct RSAKey *key;
|
RSAKey *key;
|
||||||
|
|
||||||
put_uint32(bs, count234(rsakeys));
|
put_uint32(bs, count234(rsakeys));
|
||||||
for (i = 0; NULL != (key = index234(rsakeys, i)); i++) {
|
for (i = 0; NULL != (key = index234(rsakeys, i)); i++) {
|
||||||
@ -119,7 +119,7 @@ void pageant_make_keylist1(BinarySink *bs)
|
|||||||
void pageant_make_keylist2(BinarySink *bs)
|
void pageant_make_keylist2(BinarySink *bs)
|
||||||
{
|
{
|
||||||
int i;
|
int i;
|
||||||
struct ssh2_userkey *key;
|
ssh2_userkey *key;
|
||||||
|
|
||||||
put_uint32(bs, count234(ssh2keys));
|
put_uint32(bs, count234(ssh2keys));
|
||||||
for (i = 0; NULL != (key = index234(ssh2keys, i)); i++) {
|
for (i = 0; NULL != (key = index234(ssh2keys, i)); i++) {
|
||||||
@ -184,7 +184,7 @@ void pageant_handle_msg(BinarySink *bs,
|
|||||||
plog(logctx, logfn, "reply: SSH1_AGENT_RSA_IDENTITIES_ANSWER");
|
plog(logctx, logfn, "reply: SSH1_AGENT_RSA_IDENTITIES_ANSWER");
|
||||||
if (logfn) { /* skip this loop if not logging */
|
if (logfn) { /* skip this loop if not logging */
|
||||||
int i;
|
int i;
|
||||||
struct RSAKey *rkey;
|
RSAKey *rkey;
|
||||||
for (i = 0; NULL != (rkey = pageant_nth_ssh1_key(i)); i++) {
|
for (i = 0; NULL != (rkey = pageant_nth_ssh1_key(i)); i++) {
|
||||||
char *fingerprint = rsa_ssh1_fingerprint(rkey);
|
char *fingerprint = rsa_ssh1_fingerprint(rkey);
|
||||||
plog(logctx, logfn, "returned key: %s", fingerprint);
|
plog(logctx, logfn, "returned key: %s", fingerprint);
|
||||||
@ -206,7 +206,7 @@ void pageant_handle_msg(BinarySink *bs,
|
|||||||
plog(logctx, logfn, "reply: SSH2_AGENT_IDENTITIES_ANSWER");
|
plog(logctx, logfn, "reply: SSH2_AGENT_IDENTITIES_ANSWER");
|
||||||
if (logfn) { /* skip this loop if not logging */
|
if (logfn) { /* skip this loop if not logging */
|
||||||
int i;
|
int i;
|
||||||
struct ssh2_userkey *skey;
|
ssh2_userkey *skey;
|
||||||
for (i = 0; NULL != (skey = pageant_nth_ssh2_key(i)); i++) {
|
for (i = 0; NULL != (skey = pageant_nth_ssh2_key(i)); i++) {
|
||||||
char *fingerprint = ssh2_fingerprint(skey->key);
|
char *fingerprint = ssh2_fingerprint(skey->key);
|
||||||
plog(logctx, logfn, "returned key: %s %s",
|
plog(logctx, logfn, "returned key: %s %s",
|
||||||
@ -223,7 +223,7 @@ void pageant_handle_msg(BinarySink *bs,
|
|||||||
* or not.
|
* or not.
|
||||||
*/
|
*/
|
||||||
{
|
{
|
||||||
struct RSAKey reqkey, *key;
|
RSAKey reqkey, *key;
|
||||||
mp_int *challenge, *response;
|
mp_int *challenge, *response;
|
||||||
ptrlen session_id;
|
ptrlen session_id;
|
||||||
unsigned response_type;
|
unsigned response_type;
|
||||||
@ -291,7 +291,7 @@ void pageant_handle_msg(BinarySink *bs,
|
|||||||
* or not.
|
* or not.
|
||||||
*/
|
*/
|
||||||
{
|
{
|
||||||
struct ssh2_userkey *key;
|
ssh2_userkey *key;
|
||||||
ptrlen keyblob, sigdata;
|
ptrlen keyblob, sigdata;
|
||||||
strbuf *signature;
|
strbuf *signature;
|
||||||
uint32_t flags, supported_flags;
|
uint32_t flags, supported_flags;
|
||||||
@ -367,12 +367,12 @@ void pageant_handle_msg(BinarySink *bs,
|
|||||||
* SSH_AGENT_FAILURE if the key was malformed.
|
* SSH_AGENT_FAILURE if the key was malformed.
|
||||||
*/
|
*/
|
||||||
{
|
{
|
||||||
struct RSAKey *key;
|
RSAKey *key;
|
||||||
|
|
||||||
plog(logctx, logfn, "request: SSH1_AGENTC_ADD_RSA_IDENTITY");
|
plog(logctx, logfn, "request: SSH1_AGENTC_ADD_RSA_IDENTITY");
|
||||||
|
|
||||||
key = snew(struct RSAKey);
|
key = snew(RSAKey);
|
||||||
memset(key, 0, sizeof(struct RSAKey));
|
memset(key, 0, sizeof(RSAKey));
|
||||||
|
|
||||||
get_rsa_ssh1_pub(msg, key, RSA_SSH1_MODULUS_FIRST);
|
get_rsa_ssh1_pub(msg, key, RSA_SSH1_MODULUS_FIRST);
|
||||||
get_rsa_ssh1_priv(msg, key);
|
get_rsa_ssh1_priv(msg, key);
|
||||||
@ -426,7 +426,7 @@ void pageant_handle_msg(BinarySink *bs,
|
|||||||
* SSH_AGENT_FAILURE if the key was malformed.
|
* SSH_AGENT_FAILURE if the key was malformed.
|
||||||
*/
|
*/
|
||||||
{
|
{
|
||||||
struct ssh2_userkey *key = NULL;
|
ssh2_userkey *key = NULL;
|
||||||
ptrlen algpl;
|
ptrlen algpl;
|
||||||
const ssh_keyalg *alg;
|
const ssh_keyalg *alg;
|
||||||
|
|
||||||
@ -434,7 +434,7 @@ void pageant_handle_msg(BinarySink *bs,
|
|||||||
|
|
||||||
algpl = get_string(msg);
|
algpl = get_string(msg);
|
||||||
|
|
||||||
key = snew(struct ssh2_userkey);
|
key = snew(ssh2_userkey);
|
||||||
key->key = NULL;
|
key->key = NULL;
|
||||||
key->comment = NULL;
|
key->comment = NULL;
|
||||||
alg = find_pubkey_alg_len(algpl);
|
alg = find_pubkey_alg_len(algpl);
|
||||||
@ -494,7 +494,7 @@ void pageant_handle_msg(BinarySink *bs,
|
|||||||
* start with.
|
* start with.
|
||||||
*/
|
*/
|
||||||
{
|
{
|
||||||
struct RSAKey reqkey, *key;
|
RSAKey reqkey, *key;
|
||||||
|
|
||||||
plog(logctx, logfn, "request: SSH1_AGENTC_REMOVE_RSA_IDENTITY");
|
plog(logctx, logfn, "request: SSH1_AGENTC_REMOVE_RSA_IDENTITY");
|
||||||
|
|
||||||
@ -540,7 +540,7 @@ void pageant_handle_msg(BinarySink *bs,
|
|||||||
* start with.
|
* start with.
|
||||||
*/
|
*/
|
||||||
{
|
{
|
||||||
struct ssh2_userkey *key;
|
ssh2_userkey *key;
|
||||||
ptrlen blob;
|
ptrlen blob;
|
||||||
|
|
||||||
plog(logctx, logfn, "request: SSH2_AGENTC_REMOVE_IDENTITY");
|
plog(logctx, logfn, "request: SSH2_AGENTC_REMOVE_IDENTITY");
|
||||||
@ -582,7 +582,7 @@ void pageant_handle_msg(BinarySink *bs,
|
|||||||
* Remove all SSH-1 keys. Always returns success.
|
* Remove all SSH-1 keys. Always returns success.
|
||||||
*/
|
*/
|
||||||
{
|
{
|
||||||
struct RSAKey *rkey;
|
RSAKey *rkey;
|
||||||
|
|
||||||
plog(logctx, logfn, "request:"
|
plog(logctx, logfn, "request:"
|
||||||
" SSH1_AGENTC_REMOVE_ALL_RSA_IDENTITIES");
|
" SSH1_AGENTC_REMOVE_ALL_RSA_IDENTITIES");
|
||||||
@ -604,7 +604,7 @@ void pageant_handle_msg(BinarySink *bs,
|
|||||||
* Remove all SSH-2 keys. Always returns success.
|
* Remove all SSH-2 keys. Always returns success.
|
||||||
*/
|
*/
|
||||||
{
|
{
|
||||||
struct ssh2_userkey *skey;
|
ssh2_userkey *skey;
|
||||||
|
|
||||||
plog(logctx, logfn, "request: SSH2_AGENTC_REMOVE_ALL_IDENTITIES");
|
plog(logctx, logfn, "request: SSH2_AGENTC_REMOVE_ALL_IDENTITIES");
|
||||||
|
|
||||||
@ -643,12 +643,12 @@ void pageant_init(void)
|
|||||||
ssh2keys = newtree234(cmpkeys_ssh2);
|
ssh2keys = newtree234(cmpkeys_ssh2);
|
||||||
}
|
}
|
||||||
|
|
||||||
struct RSAKey *pageant_nth_ssh1_key(int i)
|
RSAKey *pageant_nth_ssh1_key(int i)
|
||||||
{
|
{
|
||||||
return index234(rsakeys, i);
|
return index234(rsakeys, i);
|
||||||
}
|
}
|
||||||
|
|
||||||
struct ssh2_userkey *pageant_nth_ssh2_key(int i)
|
ssh2_userkey *pageant_nth_ssh2_key(int i)
|
||||||
{
|
{
|
||||||
return index234(ssh2keys, i);
|
return index234(ssh2keys, i);
|
||||||
}
|
}
|
||||||
@ -663,28 +663,28 @@ int pageant_count_ssh2_keys(void)
|
|||||||
return count234(ssh2keys);
|
return count234(ssh2keys);
|
||||||
}
|
}
|
||||||
|
|
||||||
bool pageant_add_ssh1_key(struct RSAKey *rkey)
|
bool pageant_add_ssh1_key(RSAKey *rkey)
|
||||||
{
|
{
|
||||||
return add234(rsakeys, rkey) == rkey;
|
return add234(rsakeys, rkey) == rkey;
|
||||||
}
|
}
|
||||||
|
|
||||||
bool pageant_add_ssh2_key(struct ssh2_userkey *skey)
|
bool pageant_add_ssh2_key(ssh2_userkey *skey)
|
||||||
{
|
{
|
||||||
return add234(ssh2keys, skey) == skey;
|
return add234(ssh2keys, skey) == skey;
|
||||||
}
|
}
|
||||||
|
|
||||||
bool pageant_delete_ssh1_key(struct RSAKey *rkey)
|
bool pageant_delete_ssh1_key(RSAKey *rkey)
|
||||||
{
|
{
|
||||||
struct RSAKey *deleted = del234(rsakeys, rkey);
|
RSAKey *deleted = del234(rsakeys, rkey);
|
||||||
if (!deleted)
|
if (!deleted)
|
||||||
return false;
|
return false;
|
||||||
assert(deleted == rkey);
|
assert(deleted == rkey);
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
bool pageant_delete_ssh2_key(struct ssh2_userkey *skey)
|
bool pageant_delete_ssh2_key(ssh2_userkey *skey)
|
||||||
{
|
{
|
||||||
struct ssh2_userkey *deleted = del234(ssh2keys, skey);
|
ssh2_userkey *deleted = del234(ssh2keys, skey);
|
||||||
if (!deleted)
|
if (!deleted)
|
||||||
return false;
|
return false;
|
||||||
assert(deleted == skey);
|
assert(deleted == skey);
|
||||||
@ -1007,8 +1007,8 @@ void *pageant_get_keylist2(int *length)
|
|||||||
int pageant_add_keyfile(Filename *filename, const char *passphrase,
|
int pageant_add_keyfile(Filename *filename, const char *passphrase,
|
||||||
char **retstr)
|
char **retstr)
|
||||||
{
|
{
|
||||||
struct RSAKey *rkey = NULL;
|
RSAKey *rkey = NULL;
|
||||||
struct ssh2_userkey *skey = NULL;
|
ssh2_userkey *skey = NULL;
|
||||||
bool needs_pass;
|
bool needs_pass;
|
||||||
int ret;
|
int ret;
|
||||||
int attempts;
|
int attempts;
|
||||||
@ -1154,7 +1154,7 @@ int pageant_add_keyfile(Filename *filename, const char *passphrase,
|
|||||||
needs_pass = ssh2_userkey_encrypted(filename, &comment);
|
needs_pass = ssh2_userkey_encrypted(filename, &comment);
|
||||||
attempts = 0;
|
attempts = 0;
|
||||||
if (type == SSH_KEYTYPE_SSH1)
|
if (type == SSH_KEYTYPE_SSH1)
|
||||||
rkey = snew(struct RSAKey);
|
rkey = snew(RSAKey);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Loop round repeatedly trying to load the key, until we either
|
* Loop round repeatedly trying to load the key, until we either
|
||||||
@ -1330,7 +1330,7 @@ int pageant_enum_keys(pageant_key_enum_fn_t callback, void *callback_ctx,
|
|||||||
|
|
||||||
nkeys = toint(get_uint32(src));
|
nkeys = toint(get_uint32(src));
|
||||||
for (i = 0; i < nkeys; i++) {
|
for (i = 0; i < nkeys; i++) {
|
||||||
struct RSAKey rkey;
|
RSAKey rkey;
|
||||||
char *fingerprint;
|
char *fingerprint;
|
||||||
|
|
||||||
/* public blob and fingerprint */
|
/* public blob and fingerprint */
|
||||||
|
12
pageant.h
12
pageant.h
@ -56,14 +56,14 @@ void pageant_make_keylist2(BinarySink *);
|
|||||||
* on success, in which case the ownership of the key structure is
|
* on success, in which case the ownership of the key structure is
|
||||||
* passed back to the client).
|
* passed back to the client).
|
||||||
*/
|
*/
|
||||||
struct RSAKey *pageant_nth_ssh1_key(int i);
|
RSAKey *pageant_nth_ssh1_key(int i);
|
||||||
struct ssh2_userkey *pageant_nth_ssh2_key(int i);
|
ssh2_userkey *pageant_nth_ssh2_key(int i);
|
||||||
int pageant_count_ssh1_keys(void);
|
int pageant_count_ssh1_keys(void);
|
||||||
int pageant_count_ssh2_keys(void);
|
int pageant_count_ssh2_keys(void);
|
||||||
bool pageant_add_ssh1_key(struct RSAKey *rkey);
|
bool pageant_add_ssh1_key(RSAKey *rkey);
|
||||||
bool pageant_add_ssh2_key(struct ssh2_userkey *skey);
|
bool pageant_add_ssh2_key(ssh2_userkey *skey);
|
||||||
bool pageant_delete_ssh1_key(struct RSAKey *rkey);
|
bool pageant_delete_ssh1_key(RSAKey *rkey);
|
||||||
bool pageant_delete_ssh2_key(struct ssh2_userkey *skey);
|
bool pageant_delete_ssh2_key(ssh2_userkey *skey);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* This callback must be provided by the Pageant front end code.
|
* This callback must be provided by the Pageant front end code.
|
||||||
|
263
ssh.h
263
ssh.h
@ -390,12 +390,11 @@ void ssh_user_close(Ssh *ssh, const char *fmt, ...);
|
|||||||
#define SSH_CIPHER_3DES 3
|
#define SSH_CIPHER_3DES 3
|
||||||
#define SSH_CIPHER_BLOWFISH 6
|
#define SSH_CIPHER_BLOWFISH 6
|
||||||
|
|
||||||
typedef struct ssh_keyalg ssh_keyalg;
|
struct ssh_key {
|
||||||
typedef struct ssh_key {
|
const ssh_keyalg *vt;
|
||||||
const struct ssh_keyalg *vt;
|
};
|
||||||
} ssh_key;
|
|
||||||
|
|
||||||
typedef struct RSAKey {
|
struct RSAKey {
|
||||||
int bits;
|
int bits;
|
||||||
int bytes;
|
int bytes;
|
||||||
mp_int *modulus;
|
mp_int *modulus;
|
||||||
@ -406,7 +405,7 @@ typedef struct RSAKey {
|
|||||||
mp_int *iqmp;
|
mp_int *iqmp;
|
||||||
char *comment;
|
char *comment;
|
||||||
ssh_key sshk;
|
ssh_key sshk;
|
||||||
} RSAKey;
|
};
|
||||||
|
|
||||||
struct dss_key {
|
struct dss_key {
|
||||||
mp_int *p, *q, *g, *y, *x;
|
mp_int *p, *q, *g, *y, *x;
|
||||||
@ -499,21 +498,19 @@ EdwardsPoint *eddsa_public(mp_int *private_key, const ssh_keyalg *alg);
|
|||||||
typedef enum { RSA_SSH1_EXPONENT_FIRST, RSA_SSH1_MODULUS_FIRST } RsaSsh1Order;
|
typedef enum { RSA_SSH1_EXPONENT_FIRST, RSA_SSH1_MODULUS_FIRST } RsaSsh1Order;
|
||||||
|
|
||||||
void BinarySource_get_rsa_ssh1_pub(
|
void BinarySource_get_rsa_ssh1_pub(
|
||||||
BinarySource *src, struct RSAKey *result, RsaSsh1Order order);
|
BinarySource *src, RSAKey *result, RsaSsh1Order order);
|
||||||
void BinarySource_get_rsa_ssh1_priv(
|
void BinarySource_get_rsa_ssh1_priv(
|
||||||
BinarySource *src, struct RSAKey *rsa);
|
BinarySource *src, RSAKey *rsa);
|
||||||
bool rsa_ssh1_encrypt(unsigned char *data, int length, struct RSAKey *key);
|
bool rsa_ssh1_encrypt(unsigned char *data, int length, RSAKey *key);
|
||||||
mp_int *rsa_ssh1_decrypt(mp_int *input, struct RSAKey *key);
|
mp_int *rsa_ssh1_decrypt(mp_int *input, RSAKey *key);
|
||||||
bool rsa_ssh1_decrypt_pkcs1(mp_int *input, struct RSAKey *key,
|
bool rsa_ssh1_decrypt_pkcs1(mp_int *input, RSAKey *key, strbuf *outbuf);
|
||||||
strbuf *outbuf);
|
char *rsastr_fmt(RSAKey *key);
|
||||||
char *rsastr_fmt(struct RSAKey *key);
|
char *rsa_ssh1_fingerprint(RSAKey *key);
|
||||||
char *rsa_ssh1_fingerprint(struct RSAKey *key);
|
bool rsa_verify(RSAKey *key);
|
||||||
bool rsa_verify(struct RSAKey *key);
|
void rsa_ssh1_public_blob(BinarySink *bs, RSAKey *key, RsaSsh1Order order);
|
||||||
void rsa_ssh1_public_blob(BinarySink *bs, struct RSAKey *key,
|
|
||||||
RsaSsh1Order order);
|
|
||||||
int rsa_ssh1_public_blob_len(ptrlen data);
|
int rsa_ssh1_public_blob_len(ptrlen data);
|
||||||
void freersapriv(struct RSAKey *key);
|
void freersapriv(RSAKey *key);
|
||||||
void freersakey(struct RSAKey *key);
|
void freersakey(RSAKey *key);
|
||||||
|
|
||||||
unsigned long crc32_compute(const void *s, size_t len);
|
unsigned long crc32_compute(const void *s, size_t len);
|
||||||
unsigned long crc32_update(unsigned long crc_input, const void *s, size_t len);
|
unsigned long crc32_update(unsigned long crc_input, const void *s, size_t len);
|
||||||
@ -528,25 +525,22 @@ bool detect_attack(struct crcda_ctx *ctx, unsigned char *buf, uint32_t len,
|
|||||||
/*
|
/*
|
||||||
* SSH2 RSA key exchange functions
|
* SSH2 RSA key exchange functions
|
||||||
*/
|
*/
|
||||||
struct ssh_hashalg;
|
|
||||||
struct ssh_rsa_kex_extra {
|
struct ssh_rsa_kex_extra {
|
||||||
int minklen;
|
int minklen;
|
||||||
};
|
};
|
||||||
struct RSAKey *ssh_rsakex_newkey(ptrlen data);
|
RSAKey *ssh_rsakex_newkey(ptrlen data);
|
||||||
void ssh_rsakex_freekey(struct RSAKey *key);
|
void ssh_rsakex_freekey(RSAKey *key);
|
||||||
int ssh_rsakex_klen(struct RSAKey *key);
|
int ssh_rsakex_klen(RSAKey *key);
|
||||||
strbuf *ssh_rsakex_encrypt(
|
strbuf *ssh_rsakex_encrypt(
|
||||||
struct RSAKey *key, const struct ssh_hashalg *h, ptrlen plaintext);
|
RSAKey *key, const ssh_hashalg *h, ptrlen plaintext);
|
||||||
mp_int *ssh_rsakex_decrypt(
|
mp_int *ssh_rsakex_decrypt(
|
||||||
struct RSAKey *key, const struct ssh_hashalg *h, ptrlen ciphertext);
|
RSAKey *key, const ssh_hashalg *h, ptrlen ciphertext);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* SSH2 ECDH key exchange functions
|
* SSH2 ECDH key exchange functions
|
||||||
*/
|
*/
|
||||||
struct ssh_kex;
|
const char *ssh_ecdhkex_curve_textname(const ssh_kex *kex);
|
||||||
typedef struct ecdh_key ecdh_key;
|
ecdh_key *ssh_ecdhkex_newkey(const ssh_kex *kex);
|
||||||
const char *ssh_ecdhkex_curve_textname(const struct ssh_kex *kex);
|
|
||||||
ecdh_key *ssh_ecdhkex_newkey(const struct ssh_kex *kex);
|
|
||||||
void ssh_ecdhkex_freekey(ecdh_key *key);
|
void ssh_ecdhkex_freekey(ecdh_key *key);
|
||||||
void ssh_ecdhkex_getpublic(ecdh_key *key, BinarySink *bs);
|
void ssh_ecdhkex_getpublic(ecdh_key *key, BinarySink *bs);
|
||||||
mp_int *ssh_ecdhkex_getkey(ecdh_key *key, ptrlen remoteKey);
|
mp_int *ssh_ecdhkex_getkey(ecdh_key *key, ptrlen remoteKey);
|
||||||
@ -558,10 +552,9 @@ mp_int *dss_gen_k(const char *id_string,
|
|||||||
mp_int *modulus, mp_int *private_key,
|
mp_int *modulus, mp_int *private_key,
|
||||||
unsigned char *digest, int digest_len);
|
unsigned char *digest, int digest_len);
|
||||||
|
|
||||||
struct ssh2_cipheralg;
|
struct ssh2_cipher {
|
||||||
typedef struct ssh2_cipher {
|
const ssh2_cipheralg *vt;
|
||||||
const struct ssh2_cipheralg *vt;
|
};
|
||||||
} ssh2_cipher;
|
|
||||||
|
|
||||||
typedef struct {
|
typedef struct {
|
||||||
uint32_t h[4];
|
uint32_t h[4];
|
||||||
@ -630,12 +623,9 @@ void SHA384_Init(SHA384_State * s);
|
|||||||
void SHA384_Final(SHA384_State * s, unsigned char *output);
|
void SHA384_Final(SHA384_State * s, unsigned char *output);
|
||||||
void SHA384_Simple(const void *p, int len, unsigned char *output);
|
void SHA384_Simple(const void *p, int len, unsigned char *output);
|
||||||
|
|
||||||
typedef struct ssh2_macalg ssh2_macalg;
|
struct ssh1_cipher {
|
||||||
|
const ssh1_cipheralg *vt;
|
||||||
typedef struct ssh1_cipheralg ssh1_cipheralg;
|
};
|
||||||
typedef struct ssh1_cipher {
|
|
||||||
const struct ssh1_cipheralg *vt;
|
|
||||||
} ssh1_cipher;
|
|
||||||
|
|
||||||
struct ssh1_cipheralg {
|
struct ssh1_cipheralg {
|
||||||
ssh1_cipher *(*new)(void);
|
ssh1_cipher *(*new)(void);
|
||||||
@ -653,9 +643,8 @@ struct ssh1_cipheralg {
|
|||||||
#define ssh1_cipher_encrypt(ctx, blk, len) ((ctx)->vt->encrypt(ctx, blk, len))
|
#define ssh1_cipher_encrypt(ctx, blk, len) ((ctx)->vt->encrypt(ctx, blk, len))
|
||||||
#define ssh1_cipher_decrypt(ctx, blk, len) ((ctx)->vt->decrypt(ctx, blk, len))
|
#define ssh1_cipher_decrypt(ctx, blk, len) ((ctx)->vt->decrypt(ctx, blk, len))
|
||||||
|
|
||||||
typedef struct ssh2_cipheralg ssh2_cipheralg;
|
|
||||||
struct ssh2_cipheralg {
|
struct ssh2_cipheralg {
|
||||||
ssh2_cipher *(*new)(const struct ssh2_cipheralg *alg);
|
ssh2_cipher *(*new)(const ssh2_cipheralg *alg);
|
||||||
void (*free)(ssh2_cipher *);
|
void (*free)(ssh2_cipher *);
|
||||||
void (*setiv)(ssh2_cipher *, const void *iv);
|
void (*setiv)(ssh2_cipher *, const void *iv);
|
||||||
void (*setkey)(ssh2_cipher *, const void *key);
|
void (*setkey)(ssh2_cipher *, const void *key);
|
||||||
@ -686,7 +675,7 @@ struct ssh2_cipheralg {
|
|||||||
#define SSH_CIPHER_SEPARATE_LENGTH 2
|
#define SSH_CIPHER_SEPARATE_LENGTH 2
|
||||||
const char *text_name;
|
const char *text_name;
|
||||||
/* If set, this takes priority over other MAC. */
|
/* If set, this takes priority over other MAC. */
|
||||||
const struct ssh2_macalg *required_mac;
|
const ssh2_macalg *required_mac;
|
||||||
};
|
};
|
||||||
|
|
||||||
#define ssh2_cipher_new(alg) ((alg)->new(alg))
|
#define ssh2_cipher_new(alg) ((alg)->new(alg))
|
||||||
@ -703,18 +692,17 @@ struct ssh2_cipheralg {
|
|||||||
|
|
||||||
struct ssh2_ciphers {
|
struct ssh2_ciphers {
|
||||||
int nciphers;
|
int nciphers;
|
||||||
const struct ssh2_cipheralg *const *list;
|
const ssh2_cipheralg *const *list;
|
||||||
};
|
};
|
||||||
|
|
||||||
struct ssh2_macalg;
|
struct ssh2_mac {
|
||||||
typedef struct ssh2_mac {
|
const ssh2_macalg *vt;
|
||||||
const struct ssh2_macalg *vt;
|
|
||||||
BinarySink_DELEGATE_IMPLEMENTATION;
|
BinarySink_DELEGATE_IMPLEMENTATION;
|
||||||
} ssh2_mac;
|
};
|
||||||
|
|
||||||
struct ssh2_macalg {
|
struct ssh2_macalg {
|
||||||
/* Passes in the cipher context */
|
/* Passes in the cipher context */
|
||||||
ssh2_mac *(*new)(const struct ssh2_macalg *alg, ssh2_cipher *cipher);
|
ssh2_mac *(*new)(const ssh2_macalg *alg, ssh2_cipher *cipher);
|
||||||
void (*free)(ssh2_mac *);
|
void (*free)(ssh2_mac *);
|
||||||
void (*setkey)(ssh2_mac *, ptrlen key);
|
void (*setkey)(ssh2_mac *, ptrlen key);
|
||||||
void (*start)(ssh2_mac *);
|
void (*start)(ssh2_mac *);
|
||||||
@ -736,19 +724,19 @@ bool ssh2_mac_verresult(ssh2_mac *, const void *);
|
|||||||
void ssh2_mac_generate(ssh2_mac *, void *, int, unsigned long seq);
|
void ssh2_mac_generate(ssh2_mac *, void *, int, unsigned long seq);
|
||||||
bool ssh2_mac_verify(ssh2_mac *, const void *, int, unsigned long seq);
|
bool ssh2_mac_verify(ssh2_mac *, const void *, int, unsigned long seq);
|
||||||
|
|
||||||
typedef struct ssh_hash {
|
struct ssh_hash {
|
||||||
const struct ssh_hashalg *vt;
|
const ssh_hashalg *vt;
|
||||||
BinarySink_DELEGATE_IMPLEMENTATION;
|
BinarySink_DELEGATE_IMPLEMENTATION;
|
||||||
} ssh_hash;
|
};
|
||||||
|
|
||||||
typedef struct ssh_hashalg {
|
struct ssh_hashalg {
|
||||||
ssh_hash *(*new)(const struct ssh_hashalg *alg);
|
ssh_hash *(*new)(const ssh_hashalg *alg);
|
||||||
ssh_hash *(*copy)(ssh_hash *);
|
ssh_hash *(*copy)(ssh_hash *);
|
||||||
void (*final)(ssh_hash *, unsigned char *); /* ALSO FREES THE ssh_hash! */
|
void (*final)(ssh_hash *, unsigned char *); /* ALSO FREES THE ssh_hash! */
|
||||||
void (*free)(ssh_hash *);
|
void (*free)(ssh_hash *);
|
||||||
int hlen; /* output length in bytes */
|
int hlen; /* output length in bytes */
|
||||||
const char *text_name;
|
const char *text_name;
|
||||||
} ssh_hashalg;
|
};
|
||||||
|
|
||||||
#define ssh_hash_new(alg) ((alg)->new(alg))
|
#define ssh_hash_new(alg) ((alg)->new(alg))
|
||||||
#define ssh_hash_copy(ctx) ((ctx)->vt->copy(ctx))
|
#define ssh_hash_copy(ctx) ((ctx)->vt->copy(ctx))
|
||||||
@ -759,13 +747,13 @@ typedef struct ssh_hashalg {
|
|||||||
struct ssh_kex {
|
struct ssh_kex {
|
||||||
const char *name, *groupname;
|
const char *name, *groupname;
|
||||||
enum { KEXTYPE_DH, KEXTYPE_RSA, KEXTYPE_ECDH, KEXTYPE_GSS } main_type;
|
enum { KEXTYPE_DH, KEXTYPE_RSA, KEXTYPE_ECDH, KEXTYPE_GSS } main_type;
|
||||||
const struct ssh_hashalg *hash;
|
const ssh_hashalg *hash;
|
||||||
const void *extra; /* private to the kex methods */
|
const void *extra; /* private to the kex methods */
|
||||||
};
|
};
|
||||||
|
|
||||||
struct ssh_kexes {
|
struct ssh_kexes {
|
||||||
int nkexes;
|
int nkexes;
|
||||||
const struct ssh_kex *const *list;
|
const ssh_kex *const *list;
|
||||||
};
|
};
|
||||||
|
|
||||||
struct ssh_keyalg {
|
struct ssh_keyalg {
|
||||||
@ -818,12 +806,12 @@ struct ssh_keyalg {
|
|||||||
#define SSH_AGENT_RSA_SHA2_256 2
|
#define SSH_AGENT_RSA_SHA2_256 2
|
||||||
#define SSH_AGENT_RSA_SHA2_512 4
|
#define SSH_AGENT_RSA_SHA2_512 4
|
||||||
|
|
||||||
typedef struct ssh_compressor {
|
struct ssh_compressor {
|
||||||
const struct ssh_compression_alg *vt;
|
const ssh_compression_alg *vt;
|
||||||
} ssh_compressor;
|
};
|
||||||
typedef struct ssh_decompressor {
|
struct ssh_decompressor {
|
||||||
const struct ssh_compression_alg *vt;
|
const ssh_compression_alg *vt;
|
||||||
} ssh_decompressor;
|
};
|
||||||
|
|
||||||
struct ssh_compression_alg {
|
struct ssh_compression_alg {
|
||||||
const char *name;
|
const char *name;
|
||||||
@ -861,59 +849,59 @@ struct ssh2_userkey {
|
|||||||
/* The maximum length of any hash algorithm. (bytes) */
|
/* The maximum length of any hash algorithm. (bytes) */
|
||||||
#define MAX_HASH_LEN (64) /* longest is SHA-512 */
|
#define MAX_HASH_LEN (64) /* longest is SHA-512 */
|
||||||
|
|
||||||
extern const struct ssh1_cipheralg ssh1_3des;
|
extern const ssh1_cipheralg ssh1_3des;
|
||||||
extern const struct ssh1_cipheralg ssh1_des;
|
extern const ssh1_cipheralg ssh1_des;
|
||||||
extern const struct ssh1_cipheralg ssh1_blowfish;
|
extern const ssh1_cipheralg ssh1_blowfish;
|
||||||
extern const struct ssh2_cipheralg ssh_3des_ssh2_ctr;
|
extern const ssh2_cipheralg ssh_3des_ssh2_ctr;
|
||||||
extern const struct ssh2_cipheralg ssh_3des_ssh2;
|
extern const ssh2_cipheralg ssh_3des_ssh2;
|
||||||
extern const struct ssh2_cipheralg ssh_des_ssh2;
|
extern const ssh2_cipheralg ssh_des_ssh2;
|
||||||
extern const struct ssh2_cipheralg ssh_des_sshcom_ssh2;
|
extern const ssh2_cipheralg ssh_des_sshcom_ssh2;
|
||||||
extern const struct ssh2_cipheralg ssh_aes256_ctr;
|
extern const ssh2_cipheralg ssh_aes256_ctr;
|
||||||
extern const struct ssh2_cipheralg ssh_aes256;
|
extern const ssh2_cipheralg ssh_aes256;
|
||||||
extern const struct ssh2_cipheralg ssh_aes192_ctr;
|
extern const ssh2_cipheralg ssh_aes192_ctr;
|
||||||
extern const struct ssh2_cipheralg ssh_aes192;
|
extern const ssh2_cipheralg ssh_aes192;
|
||||||
extern const struct ssh2_cipheralg ssh_aes128_ctr;
|
extern const ssh2_cipheralg ssh_aes128_ctr;
|
||||||
extern const struct ssh2_cipheralg ssh_aes128;
|
extern const ssh2_cipheralg ssh_aes128;
|
||||||
extern const struct ssh2_cipheralg ssh_blowfish_ssh2_ctr;
|
extern const ssh2_cipheralg ssh_blowfish_ssh2_ctr;
|
||||||
extern const struct ssh2_cipheralg ssh_blowfish_ssh2;
|
extern const ssh2_cipheralg ssh_blowfish_ssh2;
|
||||||
extern const struct ssh2_cipheralg ssh_arcfour256_ssh2;
|
extern const ssh2_cipheralg ssh_arcfour256_ssh2;
|
||||||
extern const struct ssh2_cipheralg ssh_arcfour128_ssh2;
|
extern const ssh2_cipheralg ssh_arcfour128_ssh2;
|
||||||
extern const struct ssh2_cipheralg ssh2_chacha20_poly1305;
|
extern const ssh2_cipheralg ssh2_chacha20_poly1305;
|
||||||
extern const struct ssh2_ciphers ssh2_3des;
|
extern const ssh2_ciphers ssh2_3des;
|
||||||
extern const struct ssh2_ciphers ssh2_des;
|
extern const ssh2_ciphers ssh2_des;
|
||||||
extern const struct ssh2_ciphers ssh2_aes;
|
extern const ssh2_ciphers ssh2_aes;
|
||||||
extern const struct ssh2_ciphers ssh2_blowfish;
|
extern const ssh2_ciphers ssh2_blowfish;
|
||||||
extern const struct ssh2_ciphers ssh2_arcfour;
|
extern const ssh2_ciphers ssh2_arcfour;
|
||||||
extern const struct ssh2_ciphers ssh2_ccp;
|
extern const ssh2_ciphers ssh2_ccp;
|
||||||
extern const struct ssh_hashalg ssh_md5;
|
extern const ssh_hashalg ssh_md5;
|
||||||
extern const struct ssh_hashalg ssh_sha1;
|
extern const ssh_hashalg ssh_sha1;
|
||||||
extern const struct ssh_hashalg ssh_sha256;
|
extern const ssh_hashalg ssh_sha256;
|
||||||
extern const struct ssh_hashalg ssh_sha384;
|
extern const ssh_hashalg ssh_sha384;
|
||||||
extern const struct ssh_hashalg ssh_sha512;
|
extern const ssh_hashalg ssh_sha512;
|
||||||
extern const struct ssh_kexes ssh_diffiehellman_group1;
|
extern const ssh_kexes ssh_diffiehellman_group1;
|
||||||
extern const struct ssh_kexes ssh_diffiehellman_group14;
|
extern const ssh_kexes ssh_diffiehellman_group14;
|
||||||
extern const struct ssh_kexes ssh_diffiehellman_gex;
|
extern const ssh_kexes ssh_diffiehellman_gex;
|
||||||
extern const struct ssh_kexes ssh_gssk5_sha1_kex;
|
extern const ssh_kexes ssh_gssk5_sha1_kex;
|
||||||
extern const struct ssh_kexes ssh_rsa_kex;
|
extern const ssh_kexes ssh_rsa_kex;
|
||||||
extern const struct ssh_kex ssh_ec_kex_curve25519;
|
extern const ssh_kex ssh_ec_kex_curve25519;
|
||||||
extern const struct ssh_kex ssh_ec_kex_nistp256;
|
extern const ssh_kex ssh_ec_kex_nistp256;
|
||||||
extern const struct ssh_kex ssh_ec_kex_nistp384;
|
extern const ssh_kex ssh_ec_kex_nistp384;
|
||||||
extern const struct ssh_kex ssh_ec_kex_nistp521;
|
extern const ssh_kex ssh_ec_kex_nistp521;
|
||||||
extern const struct ssh_kexes ssh_ecdh_kex;
|
extern const ssh_kexes ssh_ecdh_kex;
|
||||||
extern const ssh_keyalg ssh_dss;
|
extern const ssh_keyalg ssh_dss;
|
||||||
extern const ssh_keyalg ssh_rsa;
|
extern const ssh_keyalg ssh_rsa;
|
||||||
extern const ssh_keyalg ssh_ecdsa_ed25519;
|
extern const ssh_keyalg ssh_ecdsa_ed25519;
|
||||||
extern const ssh_keyalg ssh_ecdsa_nistp256;
|
extern const ssh_keyalg ssh_ecdsa_nistp256;
|
||||||
extern const ssh_keyalg ssh_ecdsa_nistp384;
|
extern const ssh_keyalg ssh_ecdsa_nistp384;
|
||||||
extern const ssh_keyalg ssh_ecdsa_nistp521;
|
extern const ssh_keyalg ssh_ecdsa_nistp521;
|
||||||
extern const struct ssh2_macalg ssh_hmac_md5;
|
extern const ssh2_macalg ssh_hmac_md5;
|
||||||
extern const struct ssh2_macalg ssh_hmac_sha1;
|
extern const ssh2_macalg ssh_hmac_sha1;
|
||||||
extern const struct ssh2_macalg ssh_hmac_sha1_buggy;
|
extern const ssh2_macalg ssh_hmac_sha1_buggy;
|
||||||
extern const struct ssh2_macalg ssh_hmac_sha1_96;
|
extern const ssh2_macalg ssh_hmac_sha1_96;
|
||||||
extern const struct ssh2_macalg ssh_hmac_sha1_96_buggy;
|
extern const ssh2_macalg ssh_hmac_sha1_96_buggy;
|
||||||
extern const struct ssh2_macalg ssh_hmac_sha256;
|
extern const ssh2_macalg ssh_hmac_sha256;
|
||||||
extern const struct ssh2_macalg ssh2_poly1305;
|
extern const ssh2_macalg ssh2_poly1305;
|
||||||
extern const struct ssh_compression_alg ssh_zlib;
|
extern const ssh_compression_alg ssh_zlib;
|
||||||
|
|
||||||
typedef struct AESContext AESContext;
|
typedef struct AESContext AESContext;
|
||||||
AESContext *aes_make_context(void);
|
AESContext *aes_make_context(void);
|
||||||
@ -1074,23 +1062,21 @@ void *x11_dehexify(ptrlen hex, int *outlen);
|
|||||||
|
|
||||||
Channel *agentf_new(SshChannel *c);
|
Channel *agentf_new(SshChannel *c);
|
||||||
|
|
||||||
bool dh_is_gex(const struct ssh_kex *kex);
|
bool dh_is_gex(const ssh_kex *kex);
|
||||||
typedef struct dh_ctx dh_ctx;
|
dh_ctx *dh_setup_group(const ssh_kex *kex);
|
||||||
struct dh_ctx *dh_setup_group(const struct ssh_kex *kex);
|
dh_ctx *dh_setup_gex(mp_int *pval, mp_int *gval);
|
||||||
struct dh_ctx *dh_setup_gex(mp_int *pval, mp_int *gval);
|
int dh_modulus_bit_size(const dh_ctx *ctx);
|
||||||
int dh_modulus_bit_size(const struct dh_ctx *ctx);
|
void dh_cleanup(dh_ctx *);
|
||||||
void dh_cleanup(struct dh_ctx *);
|
mp_int *dh_create_e(dh_ctx *, int nbits);
|
||||||
mp_int *dh_create_e(struct dh_ctx *, int nbits);
|
const char *dh_validate_f(dh_ctx *, mp_int *f);
|
||||||
const char *dh_validate_f(struct dh_ctx *, mp_int *f);
|
mp_int *dh_find_K(dh_ctx *, mp_int *f);
|
||||||
mp_int *dh_find_K(struct dh_ctx *, mp_int *f);
|
|
||||||
|
|
||||||
bool rsa_ssh1_encrypted(const Filename *filename, char **comment);
|
bool rsa_ssh1_encrypted(const Filename *filename, char **comment);
|
||||||
int rsa_ssh1_loadpub(const Filename *filename, BinarySink *bs,
|
int rsa_ssh1_loadpub(const Filename *filename, BinarySink *bs,
|
||||||
char **commentptr, const char **errorstr);
|
char **commentptr, const char **errorstr);
|
||||||
int rsa_ssh1_loadkey(const Filename *filename, struct RSAKey *key,
|
int rsa_ssh1_loadkey(const Filename *filename, RSAKey *key,
|
||||||
const char *passphrase, const char **errorstr);
|
const char *passphrase, const char **errorstr);
|
||||||
bool rsa_ssh1_savekey(const Filename *filename, struct RSAKey *key,
|
bool rsa_ssh1_savekey(const Filename *filename, RSAKey *key, char *passphrase);
|
||||||
char *passphrase);
|
|
||||||
|
|
||||||
static inline bool is_base64_char(char c)
|
static inline bool is_base64_char(char c)
|
||||||
{
|
{
|
||||||
@ -1107,18 +1093,17 @@ extern void base64_encode(FILE *fp, const unsigned char *data, int datalen,
|
|||||||
int cpl);
|
int cpl);
|
||||||
|
|
||||||
/* ssh2_load_userkey can return this as an error */
|
/* ssh2_load_userkey can return this as an error */
|
||||||
extern struct ssh2_userkey ssh2_wrong_passphrase;
|
extern ssh2_userkey ssh2_wrong_passphrase;
|
||||||
#define SSH2_WRONG_PASSPHRASE (&ssh2_wrong_passphrase)
|
#define SSH2_WRONG_PASSPHRASE (&ssh2_wrong_passphrase)
|
||||||
|
|
||||||
bool ssh2_userkey_encrypted(const Filename *filename, char **comment);
|
bool ssh2_userkey_encrypted(const Filename *filename, char **comment);
|
||||||
struct ssh2_userkey *ssh2_load_userkey(const Filename *filename,
|
ssh2_userkey *ssh2_load_userkey(
|
||||||
const char *passphrase,
|
const Filename *filename, const char *passphrase, const char **errorstr);
|
||||||
const char **errorstr);
|
bool ssh2_userkey_loadpub(
|
||||||
bool ssh2_userkey_loadpub(const Filename *filename, char **algorithm,
|
const Filename *filename, char **algorithm, BinarySink *bs,
|
||||||
BinarySink *bs,
|
char **commentptr, const char **errorstr);
|
||||||
char **commentptr, const char **errorstr);
|
bool ssh2_save_userkey(
|
||||||
bool ssh2_save_userkey(const Filename *filename, struct ssh2_userkey *key,
|
const Filename *filename, ssh2_userkey *key, char *passphrase);
|
||||||
char *passphrase);
|
|
||||||
const ssh_keyalg *find_pubkey_alg(const char *name);
|
const ssh_keyalg *find_pubkey_alg(const char *name);
|
||||||
const ssh_keyalg *find_pubkey_alg_len(ptrlen name);
|
const ssh_keyalg *find_pubkey_alg_len(ptrlen name);
|
||||||
|
|
||||||
@ -1165,9 +1150,9 @@ enum {
|
|||||||
SSH_KEYTYPE_SSH2_PUBLIC_RFC4716,
|
SSH_KEYTYPE_SSH2_PUBLIC_RFC4716,
|
||||||
SSH_KEYTYPE_SSH2_PUBLIC_OPENSSH
|
SSH_KEYTYPE_SSH2_PUBLIC_OPENSSH
|
||||||
};
|
};
|
||||||
char *ssh1_pubkey_str(struct RSAKey *ssh1key);
|
char *ssh1_pubkey_str(RSAKey *ssh1key);
|
||||||
void ssh1_write_pubkey(FILE *fp, struct RSAKey *ssh1key);
|
void ssh1_write_pubkey(FILE *fp, RSAKey *ssh1key);
|
||||||
char *ssh2_pubkey_openssh_str(struct ssh2_userkey *key);
|
char *ssh2_pubkey_openssh_str(ssh2_userkey *key);
|
||||||
void ssh2_write_pubkey(FILE *fp, const char *comment,
|
void ssh2_write_pubkey(FILE *fp, const char *comment,
|
||||||
const void *v_pub_blob, int pub_len,
|
const void *v_pub_blob, int pub_len,
|
||||||
int keytype);
|
int keytype);
|
||||||
@ -1180,13 +1165,13 @@ bool import_possible(int type);
|
|||||||
int import_target_type(int type);
|
int import_target_type(int type);
|
||||||
bool import_encrypted(const Filename *filename, int type, char **comment);
|
bool import_encrypted(const Filename *filename, int type, char **comment);
|
||||||
int import_ssh1(const Filename *filename, int type,
|
int import_ssh1(const Filename *filename, int type,
|
||||||
struct RSAKey *key, char *passphrase, const char **errmsg_p);
|
RSAKey *key, char *passphrase, const char **errmsg_p);
|
||||||
struct ssh2_userkey *import_ssh2(const Filename *filename, int type,
|
ssh2_userkey *import_ssh2(const Filename *filename, int type,
|
||||||
char *passphrase, const char **errmsg_p);
|
char *passphrase, const char **errmsg_p);
|
||||||
bool export_ssh1(const Filename *filename, int type,
|
bool export_ssh1(const Filename *filename, int type,
|
||||||
struct RSAKey *key, char *passphrase);
|
RSAKey *key, char *passphrase);
|
||||||
bool export_ssh2(const Filename *filename, int type,
|
bool export_ssh2(const Filename *filename, int type,
|
||||||
struct ssh2_userkey *key, char *passphrase);
|
ssh2_userkey *key, char *passphrase);
|
||||||
|
|
||||||
void des3_decrypt_pubkey(const void *key, void *blk, int len);
|
void des3_decrypt_pubkey(const void *key, void *blk, int len);
|
||||||
void des3_encrypt_pubkey(const void *key, void *blk, int len);
|
void des3_encrypt_pubkey(const void *key, void *blk, int len);
|
||||||
@ -1215,7 +1200,7 @@ void openssh_bcrypt(const char *passphrase,
|
|||||||
#define PROGFN_PROGRESS 6
|
#define PROGFN_PROGRESS 6
|
||||||
typedef void (*progfn_t) (void *param, int action, int phase, int progress);
|
typedef void (*progfn_t) (void *param, int action, int phase, int progress);
|
||||||
|
|
||||||
int rsa_generate(struct RSAKey *key, int bits, progfn_t pfn,
|
int rsa_generate(RSAKey *key, int bits, progfn_t pfn,
|
||||||
void *pfnparam);
|
void *pfnparam);
|
||||||
int dsa_generate(struct dss_key *key, int bits, progfn_t pfn,
|
int dsa_generate(struct dss_key *key, int bits, progfn_t pfn,
|
||||||
void *pfnparam);
|
void *pfnparam);
|
||||||
|
@ -69,7 +69,7 @@ static void ssh1_bpp_free(BinaryPacketProtocol *bpp)
|
|||||||
}
|
}
|
||||||
|
|
||||||
void ssh1_bpp_new_cipher(BinaryPacketProtocol *bpp,
|
void ssh1_bpp_new_cipher(BinaryPacketProtocol *bpp,
|
||||||
const struct ssh1_cipheralg *cipher,
|
const ssh1_cipheralg *cipher,
|
||||||
const void *session_key)
|
const void *session_key)
|
||||||
{
|
{
|
||||||
struct ssh1_bpp_state *s;
|
struct ssh1_bpp_state *s;
|
||||||
|
@ -28,14 +28,14 @@ struct ssh1_login_server_state {
|
|||||||
char *username_str;
|
char *username_str;
|
||||||
ptrlen username;
|
ptrlen username;
|
||||||
|
|
||||||
struct RSAKey *servkey, *hostkey;
|
RSAKey *servkey, *hostkey;
|
||||||
bool servkey_generated_here;
|
bool servkey_generated_here;
|
||||||
mp_int *sesskey;
|
mp_int *sesskey;
|
||||||
|
|
||||||
AuthPolicy *authpolicy;
|
AuthPolicy *authpolicy;
|
||||||
unsigned ap_methods, current_method;
|
unsigned ap_methods, current_method;
|
||||||
unsigned char auth_rsa_expected_response[16];
|
unsigned char auth_rsa_expected_response[16];
|
||||||
struct RSAKey *authkey;
|
RSAKey *authkey;
|
||||||
bool auth_successful;
|
bool auth_successful;
|
||||||
|
|
||||||
PacketProtocolLayer ppl;
|
PacketProtocolLayer ppl;
|
||||||
@ -69,7 +69,7 @@ static const struct PacketProtocolLayerVtable ssh1_login_server_vtable = {
|
|||||||
static void no_progress(void *param, int action, int phase, int iprogress) {}
|
static void no_progress(void *param, int action, int phase, int iprogress) {}
|
||||||
|
|
||||||
PacketProtocolLayer *ssh1_login_server_new(
|
PacketProtocolLayer *ssh1_login_server_new(
|
||||||
PacketProtocolLayer *successor_layer, struct RSAKey *hostkey,
|
PacketProtocolLayer *successor_layer, RSAKey *hostkey,
|
||||||
AuthPolicy *authpolicy)
|
AuthPolicy *authpolicy)
|
||||||
{
|
{
|
||||||
struct ssh1_login_server_state *s = snew(struct ssh1_login_server_state);
|
struct ssh1_login_server_state *s = snew(struct ssh1_login_server_state);
|
||||||
@ -136,7 +136,7 @@ static void ssh1_login_server_process_queue(PacketProtocolLayer *ppl)
|
|||||||
int server_key_bits = s->hostkey->bytes - 256;
|
int server_key_bits = s->hostkey->bytes - 256;
|
||||||
if (server_key_bits < 512)
|
if (server_key_bits < 512)
|
||||||
server_key_bits = s->hostkey->bytes + 256;
|
server_key_bits = s->hostkey->bytes + 256;
|
||||||
s->servkey = snew(struct RSAKey);
|
s->servkey = snew(RSAKey);
|
||||||
rsa_generate(s->servkey, server_key_bits, no_progress, NULL);
|
rsa_generate(s->servkey, server_key_bits, no_progress, NULL);
|
||||||
s->servkey->comment = NULL;
|
s->servkey->comment = NULL;
|
||||||
s->servkey_generated_here = true;
|
s->servkey_generated_here = true;
|
||||||
@ -204,7 +204,7 @@ static void ssh1_login_server_process_queue(PacketProtocolLayer *ppl)
|
|||||||
}
|
}
|
||||||
|
|
||||||
{
|
{
|
||||||
struct RSAKey *smaller, *larger;
|
RSAKey *smaller, *larger;
|
||||||
strbuf *data = strbuf_new();
|
strbuf *data = strbuf_new();
|
||||||
|
|
||||||
if (mp_get_nbits(s->hostkey->modulus) >
|
if (mp_get_nbits(s->hostkey->modulus) >
|
||||||
@ -241,7 +241,7 @@ static void ssh1_login_server_process_queue(PacketProtocolLayer *ppl)
|
|||||||
s->session_key[i] ^= s->session_id[i];
|
s->session_key[i] ^= s->session_id[i];
|
||||||
|
|
||||||
{
|
{
|
||||||
const struct ssh1_cipheralg *cipher =
|
const ssh1_cipheralg *cipher =
|
||||||
(s->cipher_type == SSH_CIPHER_BLOWFISH ? &ssh1_blowfish :
|
(s->cipher_type == SSH_CIPHER_BLOWFISH ? &ssh1_blowfish :
|
||||||
s->cipher_type == SSH_CIPHER_DES ? &ssh1_des : &ssh1_3des);
|
s->cipher_type == SSH_CIPHER_DES ? &ssh1_des : &ssh1_3des);
|
||||||
ssh1_bpp_new_cipher(s->ppl.bpp, cipher, s->session_key);
|
ssh1_bpp_new_cipher(s->ppl.bpp, cipher, s->session_key);
|
||||||
|
14
ssh1login.c
14
ssh1login.c
@ -49,12 +49,12 @@ struct ssh1_login_state {
|
|||||||
BinarySource asrc[1]; /* response from SSH agent */
|
BinarySource asrc[1]; /* response from SSH agent */
|
||||||
int keyi, nkeys;
|
int keyi, nkeys;
|
||||||
bool authed;
|
bool authed;
|
||||||
struct RSAKey key;
|
RSAKey key;
|
||||||
mp_int *challenge;
|
mp_int *challenge;
|
||||||
ptrlen comment;
|
ptrlen comment;
|
||||||
int dlgret;
|
int dlgret;
|
||||||
Filename *keyfile;
|
Filename *keyfile;
|
||||||
struct RSAKey servkey, hostkey;
|
RSAKey servkey, hostkey;
|
||||||
bool want_user_input;
|
bool want_user_input;
|
||||||
|
|
||||||
PacketProtocolLayer ppl;
|
PacketProtocolLayer ppl;
|
||||||
@ -264,10 +264,10 @@ static void ssh1_login_process_queue(PacketProtocolLayer *ppl)
|
|||||||
}
|
}
|
||||||
|
|
||||||
{
|
{
|
||||||
struct RSAKey *smaller = (s->hostkey.bytes > s->servkey.bytes ?
|
RSAKey *smaller = (s->hostkey.bytes > s->servkey.bytes ?
|
||||||
&s->servkey : &s->hostkey);
|
&s->servkey : &s->hostkey);
|
||||||
struct RSAKey *larger = (s->hostkey.bytes > s->servkey.bytes ?
|
RSAKey *larger = (s->hostkey.bytes > s->servkey.bytes ?
|
||||||
&s->hostkey : &s->servkey);
|
&s->hostkey : &s->servkey);
|
||||||
|
|
||||||
if (!rsa_ssh1_encrypt(s->rsabuf, 32, smaller) ||
|
if (!rsa_ssh1_encrypt(s->rsabuf, 32, smaller) ||
|
||||||
!rsa_ssh1_encrypt(s->rsabuf, smaller->bytes, larger)) {
|
!rsa_ssh1_encrypt(s->rsabuf, smaller->bytes, larger)) {
|
||||||
@ -362,7 +362,7 @@ static void ssh1_login_process_queue(PacketProtocolLayer *ppl)
|
|||||||
ssh_bpp_handle_output(s->ppl.bpp);
|
ssh_bpp_handle_output(s->ppl.bpp);
|
||||||
|
|
||||||
{
|
{
|
||||||
const struct ssh1_cipheralg *cipher =
|
const ssh1_cipheralg *cipher =
|
||||||
(s->cipher_type == SSH_CIPHER_BLOWFISH ? &ssh1_blowfish :
|
(s->cipher_type == SSH_CIPHER_BLOWFISH ? &ssh1_blowfish :
|
||||||
s->cipher_type == SSH_CIPHER_DES ? &ssh1_des : &ssh1_3des);
|
s->cipher_type == SSH_CIPHER_DES ? &ssh1_des : &ssh1_3des);
|
||||||
ssh1_bpp_new_cipher(s->ppl.bpp, cipher, s->session_key);
|
ssh1_bpp_new_cipher(s->ppl.bpp, cipher, s->session_key);
|
||||||
|
14
ssh2bpp.c
14
ssh2bpp.c
@ -14,7 +14,7 @@ struct ssh2_bpp_direction {
|
|||||||
ssh2_cipher *cipher;
|
ssh2_cipher *cipher;
|
||||||
ssh2_mac *mac;
|
ssh2_mac *mac;
|
||||||
bool etm_mode;
|
bool etm_mode;
|
||||||
const struct ssh_compression_alg *pending_compression;
|
const ssh_compression_alg *pending_compression;
|
||||||
};
|
};
|
||||||
|
|
||||||
struct ssh2_bpp_state {
|
struct ssh2_bpp_state {
|
||||||
@ -109,9 +109,9 @@ static void ssh2_bpp_free(BinaryPacketProtocol *bpp)
|
|||||||
|
|
||||||
void ssh2_bpp_new_outgoing_crypto(
|
void ssh2_bpp_new_outgoing_crypto(
|
||||||
BinaryPacketProtocol *bpp,
|
BinaryPacketProtocol *bpp,
|
||||||
const struct ssh2_cipheralg *cipher, const void *ckey, const void *iv,
|
const ssh2_cipheralg *cipher, const void *ckey, const void *iv,
|
||||||
const struct ssh2_macalg *mac, bool etm_mode, const void *mac_key,
|
const ssh2_macalg *mac, bool etm_mode, const void *mac_key,
|
||||||
const struct ssh_compression_alg *compression, bool delayed_compression)
|
const ssh_compression_alg *compression, bool delayed_compression)
|
||||||
{
|
{
|
||||||
struct ssh2_bpp_state *s;
|
struct ssh2_bpp_state *s;
|
||||||
assert(bpp->vt == &ssh2_bpp_vtable);
|
assert(bpp->vt == &ssh2_bpp_vtable);
|
||||||
@ -171,9 +171,9 @@ void ssh2_bpp_new_outgoing_crypto(
|
|||||||
|
|
||||||
void ssh2_bpp_new_incoming_crypto(
|
void ssh2_bpp_new_incoming_crypto(
|
||||||
BinaryPacketProtocol *bpp,
|
BinaryPacketProtocol *bpp,
|
||||||
const struct ssh2_cipheralg *cipher, const void *ckey, const void *iv,
|
const ssh2_cipheralg *cipher, const void *ckey, const void *iv,
|
||||||
const struct ssh2_macalg *mac, bool etm_mode, const void *mac_key,
|
const ssh2_macalg *mac, bool etm_mode, const void *mac_key,
|
||||||
const struct ssh_compression_alg *compression, bool delayed_compression)
|
const ssh_compression_alg *compression, bool delayed_compression)
|
||||||
{
|
{
|
||||||
struct ssh2_bpp_state *s;
|
struct ssh2_bpp_state *s;
|
||||||
assert(bpp->vt == &ssh2_bpp_vtable);
|
assert(bpp->vt == &ssh2_bpp_vtable);
|
||||||
|
@ -247,7 +247,7 @@ void ssh2kex_coroutine(struct ssh2_transport_state *s, bool *aborted)
|
|||||||
const struct ssh_rsa_kex_extra *extra =
|
const struct ssh_rsa_kex_extra *extra =
|
||||||
(const struct ssh_rsa_kex_extra *)s->kex_alg->extra;
|
(const struct ssh_rsa_kex_extra *)s->kex_alg->extra;
|
||||||
|
|
||||||
s->rsa_kex_key = snew(struct RSAKey);
|
s->rsa_kex_key = snew(RSAKey);
|
||||||
rsa_generate(s->rsa_kex_key, extra->minklen, no_progress, NULL);
|
rsa_generate(s->rsa_kex_key, extra->minklen, no_progress, NULL);
|
||||||
s->rsa_kex_key->comment = NULL;
|
s->rsa_kex_key->comment = NULL;
|
||||||
}
|
}
|
||||||
|
@ -18,10 +18,10 @@ const struct ssh_signkey_with_user_pref_id ssh2_hostkey_algs[] = {
|
|||||||
HOSTKEY_ALGORITHMS(ARRAYENT_HOSTKEY_ALGORITHM)
|
HOSTKEY_ALGORITHMS(ARRAYENT_HOSTKEY_ALGORITHM)
|
||||||
};
|
};
|
||||||
|
|
||||||
const static struct ssh2_macalg *const macs[] = {
|
const static ssh2_macalg *const macs[] = {
|
||||||
&ssh_hmac_sha256, &ssh_hmac_sha1, &ssh_hmac_sha1_96, &ssh_hmac_md5
|
&ssh_hmac_sha256, &ssh_hmac_sha1, &ssh_hmac_sha1_96, &ssh_hmac_md5
|
||||||
};
|
};
|
||||||
const static struct ssh2_macalg *const buggymacs[] = {
|
const static ssh2_macalg *const buggymacs[] = {
|
||||||
&ssh_hmac_sha1_buggy, &ssh_hmac_sha1_96_buggy, &ssh_hmac_md5
|
&ssh_hmac_sha1_buggy, &ssh_hmac_sha1_96_buggy, &ssh_hmac_md5
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -51,13 +51,13 @@ static bool ssh_decomp_none_block(ssh_decompressor *handle,
|
|||||||
{
|
{
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
const static struct ssh_compression_alg ssh_comp_none = {
|
const static ssh_compression_alg ssh_comp_none = {
|
||||||
"none", NULL,
|
"none", NULL,
|
||||||
ssh_comp_none_init, ssh_comp_none_cleanup, ssh_comp_none_block,
|
ssh_comp_none_init, ssh_comp_none_cleanup, ssh_comp_none_block,
|
||||||
ssh_decomp_none_init, ssh_decomp_none_cleanup, ssh_decomp_none_block,
|
ssh_decomp_none_init, ssh_decomp_none_cleanup, ssh_decomp_none_block,
|
||||||
NULL
|
NULL
|
||||||
};
|
};
|
||||||
const static struct ssh_compression_alg *const compressions[] = {
|
const static ssh_compression_alg *const compressions[] = {
|
||||||
&ssh_zlib, &ssh_comp_none
|
&ssh_zlib, &ssh_comp_none
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -416,13 +416,13 @@ static void ssh2_write_kexinit_lists(
|
|||||||
bool warn;
|
bool warn;
|
||||||
|
|
||||||
int n_preferred_kex;
|
int n_preferred_kex;
|
||||||
const struct ssh_kexes *preferred_kex[KEX_MAX + 1]; /* +1 for GSSAPI */
|
const ssh_kexes *preferred_kex[KEX_MAX + 1]; /* +1 for GSSAPI */
|
||||||
int n_preferred_hk;
|
int n_preferred_hk;
|
||||||
int preferred_hk[HK_MAX];
|
int preferred_hk[HK_MAX];
|
||||||
int n_preferred_ciphers;
|
int n_preferred_ciphers;
|
||||||
const struct ssh2_ciphers *preferred_ciphers[CIPHER_MAX];
|
const ssh2_ciphers *preferred_ciphers[CIPHER_MAX];
|
||||||
const struct ssh_compression_alg *preferred_comp;
|
const ssh_compression_alg *preferred_comp;
|
||||||
const struct ssh2_macalg *const *maclist;
|
const ssh2_macalg *const *maclist;
|
||||||
int nmacs;
|
int nmacs;
|
||||||
|
|
||||||
struct kexinit_algorithm *alg;
|
struct kexinit_algorithm *alg;
|
||||||
@ -528,7 +528,7 @@ static void ssh2_write_kexinit_lists(
|
|||||||
/* List key exchange algorithms. */
|
/* List key exchange algorithms. */
|
||||||
warn = false;
|
warn = false;
|
||||||
for (i = 0; i < n_preferred_kex; i++) {
|
for (i = 0; i < n_preferred_kex; i++) {
|
||||||
const struct ssh_kexes *k = preferred_kex[i];
|
const ssh_kexes *k = preferred_kex[i];
|
||||||
if (!k) warn = true;
|
if (!k) warn = true;
|
||||||
else for (j = 0; j < k->nkexes; j++) {
|
else for (j = 0; j < k->nkexes; j++) {
|
||||||
alg = ssh2_kexinit_addalg(kexlists[KEXLIST_KEX],
|
alg = ssh2_kexinit_addalg(kexlists[KEXLIST_KEX],
|
||||||
@ -648,7 +648,7 @@ static void ssh2_write_kexinit_lists(
|
|||||||
alg->u.cipher.warn = warn;
|
alg->u.cipher.warn = warn;
|
||||||
#endif /* FUZZING */
|
#endif /* FUZZING */
|
||||||
for (i = 0; i < n_preferred_ciphers; i++) {
|
for (i = 0; i < n_preferred_ciphers; i++) {
|
||||||
const struct ssh2_ciphers *c = preferred_ciphers[i];
|
const ssh2_ciphers *c = preferred_ciphers[i];
|
||||||
if (!c) warn = true;
|
if (!c) warn = true;
|
||||||
else for (j = 0; j < c->nciphers; j++) {
|
else for (j = 0; j < c->nciphers; j++) {
|
||||||
alg = ssh2_kexinit_addalg(kexlists[k],
|
alg = ssh2_kexinit_addalg(kexlists[k],
|
||||||
@ -709,7 +709,7 @@ static void ssh2_write_kexinit_lists(
|
|||||||
alg->u.comp.delayed = true;
|
alg->u.comp.delayed = true;
|
||||||
}
|
}
|
||||||
for (i = 0; i < lenof(compressions); i++) {
|
for (i = 0; i < lenof(compressions); i++) {
|
||||||
const struct ssh_compression_alg *c = compressions[i];
|
const ssh_compression_alg *c = compressions[i];
|
||||||
alg = ssh2_kexinit_addalg(kexlists[j], c->name);
|
alg = ssh2_kexinit_addalg(kexlists[j], c->name);
|
||||||
alg->u.comp.comp = c;
|
alg->u.comp.comp = c;
|
||||||
alg->u.comp.delayed = false;
|
alg->u.comp.delayed = false;
|
||||||
@ -742,7 +742,7 @@ static void ssh2_write_kexinit_lists(
|
|||||||
static bool ssh2_scan_kexinits(
|
static bool ssh2_scan_kexinits(
|
||||||
ptrlen client_kexinit, ptrlen server_kexinit,
|
ptrlen client_kexinit, ptrlen server_kexinit,
|
||||||
struct kexinit_algorithm kexlists[NKEXLIST][MAXKEXLIST],
|
struct kexinit_algorithm kexlists[NKEXLIST][MAXKEXLIST],
|
||||||
const struct ssh_kex **kex_alg, const ssh_keyalg **hostkey_alg,
|
const ssh_kex **kex_alg, const ssh_keyalg **hostkey_alg,
|
||||||
transport_direction *cs, transport_direction *sc,
|
transport_direction *cs, transport_direction *sc,
|
||||||
bool *warn_kex, bool *warn_hk, bool *warn_cscipher, bool *warn_sccipher,
|
bool *warn_kex, bool *warn_hk, bool *warn_cscipher, bool *warn_sccipher,
|
||||||
Ssh *ssh, bool *ignore_guess_cs_packet, bool *ignore_guess_sc_packet,
|
Ssh *ssh, bool *ignore_guess_cs_packet, bool *ignore_guess_sc_packet,
|
||||||
|
@ -28,7 +28,7 @@ struct kexinit_algorithm {
|
|||||||
const char *name;
|
const char *name;
|
||||||
union {
|
union {
|
||||||
struct {
|
struct {
|
||||||
const struct ssh_kex *kex;
|
const ssh_kex *kex;
|
||||||
bool warn;
|
bool warn;
|
||||||
} kex;
|
} kex;
|
||||||
struct {
|
struct {
|
||||||
@ -36,15 +36,15 @@ struct kexinit_algorithm {
|
|||||||
bool warn;
|
bool warn;
|
||||||
} hk;
|
} hk;
|
||||||
struct {
|
struct {
|
||||||
const struct ssh2_cipheralg *cipher;
|
const ssh2_cipheralg *cipher;
|
||||||
bool warn;
|
bool warn;
|
||||||
} cipher;
|
} cipher;
|
||||||
struct {
|
struct {
|
||||||
const struct ssh2_macalg *mac;
|
const ssh2_macalg *mac;
|
||||||
bool etm;
|
bool etm;
|
||||||
} mac;
|
} mac;
|
||||||
struct {
|
struct {
|
||||||
const struct ssh_compression_alg *comp;
|
const ssh_compression_alg *comp;
|
||||||
bool delayed;
|
bool delayed;
|
||||||
} comp;
|
} comp;
|
||||||
} u;
|
} u;
|
||||||
@ -103,10 +103,10 @@ typedef enum RekeyClass {
|
|||||||
} RekeyClass;
|
} RekeyClass;
|
||||||
|
|
||||||
typedef struct transport_direction {
|
typedef struct transport_direction {
|
||||||
const struct ssh2_cipheralg *cipher;
|
const ssh2_cipheralg *cipher;
|
||||||
const struct ssh2_macalg *mac;
|
const ssh2_macalg *mac;
|
||||||
bool etm_mode;
|
bool etm_mode;
|
||||||
const struct ssh_compression_alg *comp;
|
const ssh_compression_alg *comp;
|
||||||
bool comp_delayed;
|
bool comp_delayed;
|
||||||
int mkkey_adjust;
|
int mkkey_adjust;
|
||||||
} transport_direction;
|
} transport_direction;
|
||||||
@ -127,14 +127,14 @@ struct ssh2_transport_state {
|
|||||||
|
|
||||||
unsigned long max_data_size;
|
unsigned long max_data_size;
|
||||||
|
|
||||||
const struct ssh_kex *kex_alg;
|
const ssh_kex *kex_alg;
|
||||||
const ssh_keyalg *hostkey_alg;
|
const ssh_keyalg *hostkey_alg;
|
||||||
char *hostkey_str; /* string representation, for easy checking in rekeys */
|
char *hostkey_str; /* string representation, for easy checking in rekeys */
|
||||||
unsigned char session_id[MAX_HASH_LEN];
|
unsigned char session_id[MAX_HASH_LEN];
|
||||||
int session_id_len;
|
int session_id_len;
|
||||||
int dh_min_size, dh_max_size;
|
int dh_min_size, dh_max_size;
|
||||||
bool dh_got_size_bounds;
|
bool dh_got_size_bounds;
|
||||||
struct dh_ctx *dh_ctx;
|
dh_ctx *dh_ctx;
|
||||||
ssh_hash *exhash;
|
ssh_hash *exhash;
|
||||||
|
|
||||||
struct DataTransferStats *stats;
|
struct DataTransferStats *stats;
|
||||||
@ -175,7 +175,7 @@ struct ssh2_transport_state {
|
|||||||
strbuf *hostkeyblob;
|
strbuf *hostkeyblob;
|
||||||
char *keystr, *fingerprint;
|
char *keystr, *fingerprint;
|
||||||
ssh_key *hkey; /* actual host key */
|
ssh_key *hkey; /* actual host key */
|
||||||
struct RSAKey *rsa_kex_key; /* for RSA kex */
|
RSAKey *rsa_kex_key; /* for RSA kex */
|
||||||
ecdh_key *ecdh_key; /* for ECDH kex */
|
ecdh_key *ecdh_key; /* for ECDH kex */
|
||||||
unsigned char exchange_hash[MAX_HASH_LEN];
|
unsigned char exchange_hash[MAX_HASH_LEN];
|
||||||
bool can_gssapi_keyex;
|
bool can_gssapi_keyex;
|
||||||
|
@ -744,7 +744,7 @@ static void ssh2_userauth_process_queue(PacketProtocolLayer *ppl)
|
|||||||
} else if (s->can_pubkey && s->publickey_blob &&
|
} else if (s->can_pubkey && s->publickey_blob &&
|
||||||
s->privatekey_available && !s->tried_pubkey_config) {
|
s->privatekey_available && !s->tried_pubkey_config) {
|
||||||
|
|
||||||
struct ssh2_userkey *key; /* not live over crReturn */
|
ssh2_userkey *key; /* not live over crReturn */
|
||||||
char *passphrase; /* not live over crReturn */
|
char *passphrase; /* not live over crReturn */
|
||||||
|
|
||||||
s->ppl.bpp->pls->actx = SSH2_PKTCTX_PUBLICKEY;
|
s->ppl.bpp->pls->actx = SSH2_PKTCTX_PUBLICKEY;
|
||||||
|
20
sshaes.c
20
sshaes.c
@ -1045,7 +1045,7 @@ struct aes_ssh2_ctx {
|
|||||||
ssh2_cipher ciph;
|
ssh2_cipher ciph;
|
||||||
};
|
};
|
||||||
|
|
||||||
ssh2_cipher *aes_ssh2_new(const struct ssh2_cipheralg *alg)
|
ssh2_cipher *aes_ssh2_new(const ssh2_cipheralg *alg)
|
||||||
{
|
{
|
||||||
struct aes_ssh2_ctx *ctx = snew(struct aes_ssh2_ctx);
|
struct aes_ssh2_ctx *ctx = snew(struct aes_ssh2_ctx);
|
||||||
ctx->ciph.vt = alg;
|
ctx->ciph.vt = alg;
|
||||||
@ -1089,7 +1089,7 @@ static void aes_ssh2_sdctr_method(ssh2_cipher *cipher, void *blk, int len)
|
|||||||
aes_sdctr(blk, len, &ctx->context);
|
aes_sdctr(blk, len, &ctx->context);
|
||||||
}
|
}
|
||||||
|
|
||||||
const struct ssh2_cipheralg ssh_aes128_ctr = {
|
const ssh2_cipheralg ssh_aes128_ctr = {
|
||||||
aes_ssh2_new, aes_ssh2_free, aes_ssh2_setiv, aes_ssh2_setkey,
|
aes_ssh2_new, aes_ssh2_free, aes_ssh2_setiv, aes_ssh2_setkey,
|
||||||
aes_ssh2_sdctr_method, aes_ssh2_sdctr_method, NULL, NULL,
|
aes_ssh2_sdctr_method, aes_ssh2_sdctr_method, NULL, NULL,
|
||||||
"aes128-ctr",
|
"aes128-ctr",
|
||||||
@ -1097,7 +1097,7 @@ const struct ssh2_cipheralg ssh_aes128_ctr = {
|
|||||||
NULL
|
NULL
|
||||||
};
|
};
|
||||||
|
|
||||||
const struct ssh2_cipheralg ssh_aes192_ctr = {
|
const ssh2_cipheralg ssh_aes192_ctr = {
|
||||||
aes_ssh2_new, aes_ssh2_free, aes_ssh2_setiv, aes_ssh2_setkey,
|
aes_ssh2_new, aes_ssh2_free, aes_ssh2_setiv, aes_ssh2_setkey,
|
||||||
aes_ssh2_sdctr_method, aes_ssh2_sdctr_method, NULL, NULL,
|
aes_ssh2_sdctr_method, aes_ssh2_sdctr_method, NULL, NULL,
|
||||||
"aes192-ctr",
|
"aes192-ctr",
|
||||||
@ -1105,7 +1105,7 @@ const struct ssh2_cipheralg ssh_aes192_ctr = {
|
|||||||
NULL
|
NULL
|
||||||
};
|
};
|
||||||
|
|
||||||
const struct ssh2_cipheralg ssh_aes256_ctr = {
|
const ssh2_cipheralg ssh_aes256_ctr = {
|
||||||
aes_ssh2_new, aes_ssh2_free, aes_ssh2_setiv, aes_ssh2_setkey,
|
aes_ssh2_new, aes_ssh2_free, aes_ssh2_setiv, aes_ssh2_setkey,
|
||||||
aes_ssh2_sdctr_method, aes_ssh2_sdctr_method, NULL, NULL,
|
aes_ssh2_sdctr_method, aes_ssh2_sdctr_method, NULL, NULL,
|
||||||
"aes256-ctr",
|
"aes256-ctr",
|
||||||
@ -1113,7 +1113,7 @@ const struct ssh2_cipheralg ssh_aes256_ctr = {
|
|||||||
NULL
|
NULL
|
||||||
};
|
};
|
||||||
|
|
||||||
const struct ssh2_cipheralg ssh_aes128 = {
|
const ssh2_cipheralg ssh_aes128 = {
|
||||||
aes_ssh2_new, aes_ssh2_free, aes_ssh2_setiv, aes_ssh2_setkey,
|
aes_ssh2_new, aes_ssh2_free, aes_ssh2_setiv, aes_ssh2_setkey,
|
||||||
aes_ssh2_encrypt, aes_ssh2_decrypt, NULL, NULL,
|
aes_ssh2_encrypt, aes_ssh2_decrypt, NULL, NULL,
|
||||||
"aes128-cbc",
|
"aes128-cbc",
|
||||||
@ -1121,7 +1121,7 @@ const struct ssh2_cipheralg ssh_aes128 = {
|
|||||||
NULL
|
NULL
|
||||||
};
|
};
|
||||||
|
|
||||||
const struct ssh2_cipheralg ssh_aes192 = {
|
const ssh2_cipheralg ssh_aes192 = {
|
||||||
aes_ssh2_new, aes_ssh2_free, aes_ssh2_setiv, aes_ssh2_setkey,
|
aes_ssh2_new, aes_ssh2_free, aes_ssh2_setiv, aes_ssh2_setkey,
|
||||||
aes_ssh2_encrypt, aes_ssh2_decrypt, NULL, NULL,
|
aes_ssh2_encrypt, aes_ssh2_decrypt, NULL, NULL,
|
||||||
"aes192-cbc",
|
"aes192-cbc",
|
||||||
@ -1129,7 +1129,7 @@ const struct ssh2_cipheralg ssh_aes192 = {
|
|||||||
NULL
|
NULL
|
||||||
};
|
};
|
||||||
|
|
||||||
const struct ssh2_cipheralg ssh_aes256 = {
|
const ssh2_cipheralg ssh_aes256 = {
|
||||||
aes_ssh2_new, aes_ssh2_free, aes_ssh2_setiv, aes_ssh2_setkey,
|
aes_ssh2_new, aes_ssh2_free, aes_ssh2_setiv, aes_ssh2_setkey,
|
||||||
aes_ssh2_encrypt, aes_ssh2_decrypt, NULL, NULL,
|
aes_ssh2_encrypt, aes_ssh2_decrypt, NULL, NULL,
|
||||||
"aes256-cbc",
|
"aes256-cbc",
|
||||||
@ -1139,7 +1139,7 @@ const struct ssh2_cipheralg ssh_aes256 = {
|
|||||||
|
|
||||||
/* This cipher is just ssh_aes256 under a different protocol
|
/* This cipher is just ssh_aes256 under a different protocol
|
||||||
* identifier; we leave it 'static' because testcrypt won't need it */
|
* identifier; we leave it 'static' because testcrypt won't need it */
|
||||||
static const struct ssh2_cipheralg ssh_rijndael_lysator = {
|
static const ssh2_cipheralg ssh_rijndael_lysator = {
|
||||||
aes_ssh2_new, aes_ssh2_free, aes_ssh2_setiv, aes_ssh2_setkey,
|
aes_ssh2_new, aes_ssh2_free, aes_ssh2_setiv, aes_ssh2_setkey,
|
||||||
aes_ssh2_encrypt, aes_ssh2_decrypt, NULL, NULL,
|
aes_ssh2_encrypt, aes_ssh2_decrypt, NULL, NULL,
|
||||||
"rijndael-cbc@lysator.liu.se",
|
"rijndael-cbc@lysator.liu.se",
|
||||||
@ -1147,7 +1147,7 @@ static const struct ssh2_cipheralg ssh_rijndael_lysator = {
|
|||||||
NULL
|
NULL
|
||||||
};
|
};
|
||||||
|
|
||||||
static const struct ssh2_cipheralg *const aes_list[] = {
|
static const ssh2_cipheralg *const aes_list[] = {
|
||||||
&ssh_aes256_ctr,
|
&ssh_aes256_ctr,
|
||||||
&ssh_aes256,
|
&ssh_aes256,
|
||||||
&ssh_rijndael_lysator,
|
&ssh_rijndael_lysator,
|
||||||
@ -1157,7 +1157,7 @@ static const struct ssh2_cipheralg *const aes_list[] = {
|
|||||||
&ssh_aes128,
|
&ssh_aes128,
|
||||||
};
|
};
|
||||||
|
|
||||||
const struct ssh2_ciphers ssh2_aes = {
|
const ssh2_ciphers ssh2_aes = {
|
||||||
sizeof(aes_list) / sizeof(*aes_list),
|
sizeof(aes_list) / sizeof(*aes_list),
|
||||||
aes_list
|
aes_list
|
||||||
};
|
};
|
||||||
|
10
ssharcf.c
10
ssharcf.c
@ -62,7 +62,7 @@ static void arcfour_setkey(ArcfourContext *ctx, unsigned char const *key,
|
|||||||
* to leak data about the key.
|
* to leak data about the key.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
static ssh2_cipher *arcfour_new(const struct ssh2_cipheralg *alg)
|
static ssh2_cipher *arcfour_new(const ssh2_cipheralg *alg)
|
||||||
{
|
{
|
||||||
ArcfourContext *ctx = snew(ArcfourContext);
|
ArcfourContext *ctx = snew(ArcfourContext);
|
||||||
ctx->ciph.vt = alg;
|
ctx->ciph.vt = alg;
|
||||||
@ -103,7 +103,7 @@ static void arcfour_ssh2_block(ssh2_cipher *cipher, void *blk, int len)
|
|||||||
arcfour_block(ctx, blk, len);
|
arcfour_block(ctx, blk, len);
|
||||||
}
|
}
|
||||||
|
|
||||||
const struct ssh2_cipheralg ssh_arcfour128_ssh2 = {
|
const ssh2_cipheralg ssh_arcfour128_ssh2 = {
|
||||||
arcfour_new, arcfour_free, arcfour_ssh2_setiv, arcfour_ssh2_setkey,
|
arcfour_new, arcfour_free, arcfour_ssh2_setiv, arcfour_ssh2_setkey,
|
||||||
arcfour_ssh2_block, arcfour_ssh2_block, NULL, NULL,
|
arcfour_ssh2_block, arcfour_ssh2_block, NULL, NULL,
|
||||||
"arcfour128",
|
"arcfour128",
|
||||||
@ -111,7 +111,7 @@ const struct ssh2_cipheralg ssh_arcfour128_ssh2 = {
|
|||||||
NULL
|
NULL
|
||||||
};
|
};
|
||||||
|
|
||||||
const struct ssh2_cipheralg ssh_arcfour256_ssh2 = {
|
const ssh2_cipheralg ssh_arcfour256_ssh2 = {
|
||||||
arcfour_new, arcfour_free, arcfour_ssh2_setiv, arcfour_ssh2_setkey,
|
arcfour_new, arcfour_free, arcfour_ssh2_setiv, arcfour_ssh2_setkey,
|
||||||
arcfour_ssh2_block, arcfour_ssh2_block, NULL, NULL,
|
arcfour_ssh2_block, arcfour_ssh2_block, NULL, NULL,
|
||||||
"arcfour256",
|
"arcfour256",
|
||||||
@ -119,12 +119,12 @@ const struct ssh2_cipheralg ssh_arcfour256_ssh2 = {
|
|||||||
NULL
|
NULL
|
||||||
};
|
};
|
||||||
|
|
||||||
static const struct ssh2_cipheralg *const arcfour_list[] = {
|
static const ssh2_cipheralg *const arcfour_list[] = {
|
||||||
&ssh_arcfour256_ssh2,
|
&ssh_arcfour256_ssh2,
|
||||||
&ssh_arcfour128_ssh2,
|
&ssh_arcfour128_ssh2,
|
||||||
};
|
};
|
||||||
|
|
||||||
const struct ssh2_ciphers ssh2_arcfour = {
|
const ssh2_ciphers ssh2_arcfour = {
|
||||||
sizeof(arcfour_list) / sizeof(*arcfour_list),
|
sizeof(arcfour_list) / sizeof(*arcfour_list),
|
||||||
arcfour_list
|
arcfour_list
|
||||||
};
|
};
|
||||||
|
12
sshblowf.c
12
sshblowf.c
@ -622,7 +622,7 @@ struct blowfish_ssh2_ctx {
|
|||||||
ssh2_cipher ciph;
|
ssh2_cipher ciph;
|
||||||
};
|
};
|
||||||
|
|
||||||
static ssh2_cipher *blowfish_ssh2_new(const struct ssh2_cipheralg *alg)
|
static ssh2_cipher *blowfish_ssh2_new(const ssh2_cipheralg *alg)
|
||||||
{
|
{
|
||||||
struct blowfish_ssh2_ctx *ctx = snew(struct blowfish_ssh2_ctx);
|
struct blowfish_ssh2_ctx *ctx = snew(struct blowfish_ssh2_ctx);
|
||||||
ctx->ciph.vt = alg;
|
ctx->ciph.vt = alg;
|
||||||
@ -672,14 +672,14 @@ static void blowfish_ssh2_sdctr(ssh2_cipher *cipher, void *blk, int len)
|
|||||||
blowfish_msb_sdctr(blk, len, &ctx->context);
|
blowfish_msb_sdctr(blk, len, &ctx->context);
|
||||||
}
|
}
|
||||||
|
|
||||||
const struct ssh1_cipheralg ssh1_blowfish = {
|
const ssh1_cipheralg ssh1_blowfish = {
|
||||||
blowfish_ssh1_new, blowfish_ssh1_free,
|
blowfish_ssh1_new, blowfish_ssh1_free,
|
||||||
blowfish_ssh1_sesskey,
|
blowfish_ssh1_sesskey,
|
||||||
blowfish_ssh1_encrypt_blk, blowfish_ssh1_decrypt_blk,
|
blowfish_ssh1_encrypt_blk, blowfish_ssh1_decrypt_blk,
|
||||||
8, "Blowfish-128 CBC"
|
8, "Blowfish-128 CBC"
|
||||||
};
|
};
|
||||||
|
|
||||||
const struct ssh2_cipheralg ssh_blowfish_ssh2 = {
|
const ssh2_cipheralg ssh_blowfish_ssh2 = {
|
||||||
blowfish_ssh2_new, blowfish_ssh2_free,
|
blowfish_ssh2_new, blowfish_ssh2_free,
|
||||||
blowfish_ssh2_setiv, blowfish_ssh2_setkey,
|
blowfish_ssh2_setiv, blowfish_ssh2_setkey,
|
||||||
blowfish_ssh2_encrypt_blk, blowfish_ssh2_decrypt_blk, NULL, NULL,
|
blowfish_ssh2_encrypt_blk, blowfish_ssh2_decrypt_blk, NULL, NULL,
|
||||||
@ -688,7 +688,7 @@ const struct ssh2_cipheralg ssh_blowfish_ssh2 = {
|
|||||||
NULL
|
NULL
|
||||||
};
|
};
|
||||||
|
|
||||||
const struct ssh2_cipheralg ssh_blowfish_ssh2_ctr = {
|
const ssh2_cipheralg ssh_blowfish_ssh2_ctr = {
|
||||||
blowfish_ssh2_new, blowfish_ssh2_free,
|
blowfish_ssh2_new, blowfish_ssh2_free,
|
||||||
blowfish_ssh2_setiv, blowfish_ssh2_setkey,
|
blowfish_ssh2_setiv, blowfish_ssh2_setkey,
|
||||||
blowfish_ssh2_sdctr, blowfish_ssh2_sdctr, NULL, NULL,
|
blowfish_ssh2_sdctr, blowfish_ssh2_sdctr, NULL, NULL,
|
||||||
@ -697,12 +697,12 @@ const struct ssh2_cipheralg ssh_blowfish_ssh2_ctr = {
|
|||||||
NULL
|
NULL
|
||||||
};
|
};
|
||||||
|
|
||||||
static const struct ssh2_cipheralg *const blowfish_list[] = {
|
static const ssh2_cipheralg *const blowfish_list[] = {
|
||||||
&ssh_blowfish_ssh2_ctr,
|
&ssh_blowfish_ssh2_ctr,
|
||||||
&ssh_blowfish_ssh2
|
&ssh_blowfish_ssh2
|
||||||
};
|
};
|
||||||
|
|
||||||
const struct ssh2_ciphers ssh2_blowfish = {
|
const ssh2_ciphers ssh2_blowfish = {
|
||||||
sizeof(blowfish_list) / sizeof(*blowfish_list),
|
sizeof(blowfish_list) / sizeof(*blowfish_list),
|
||||||
blowfish_list
|
blowfish_list
|
||||||
};
|
};
|
||||||
|
14
sshbpp.h
14
sshbpp.h
@ -54,7 +54,7 @@ void ssh_bpp_free(BinaryPacketProtocol *bpp);
|
|||||||
|
|
||||||
BinaryPacketProtocol *ssh1_bpp_new(LogContext *logctx);
|
BinaryPacketProtocol *ssh1_bpp_new(LogContext *logctx);
|
||||||
void ssh1_bpp_new_cipher(BinaryPacketProtocol *bpp,
|
void ssh1_bpp_new_cipher(BinaryPacketProtocol *bpp,
|
||||||
const struct ssh1_cipheralg *cipher,
|
const ssh1_cipheralg *cipher,
|
||||||
const void *session_key);
|
const void *session_key);
|
||||||
/* This is only called from outside the BPP in server mode; in client
|
/* This is only called from outside the BPP in server mode; in client
|
||||||
* mode the BPP detects compression start time automatically by
|
* mode the BPP detects compression start time automatically by
|
||||||
@ -104,14 +104,14 @@ BinaryPacketProtocol *ssh2_bpp_new(
|
|||||||
LogContext *logctx, struct DataTransferStats *stats, bool is_server);
|
LogContext *logctx, struct DataTransferStats *stats, bool is_server);
|
||||||
void ssh2_bpp_new_outgoing_crypto(
|
void ssh2_bpp_new_outgoing_crypto(
|
||||||
BinaryPacketProtocol *bpp,
|
BinaryPacketProtocol *bpp,
|
||||||
const struct ssh2_cipheralg *cipher, const void *ckey, const void *iv,
|
const ssh2_cipheralg *cipher, const void *ckey, const void *iv,
|
||||||
const struct ssh2_macalg *mac, bool etm_mode, const void *mac_key,
|
const ssh2_macalg *mac, bool etm_mode, const void *mac_key,
|
||||||
const struct ssh_compression_alg *compression, bool delayed_compression);
|
const ssh_compression_alg *compression, bool delayed_compression);
|
||||||
void ssh2_bpp_new_incoming_crypto(
|
void ssh2_bpp_new_incoming_crypto(
|
||||||
BinaryPacketProtocol *bpp,
|
BinaryPacketProtocol *bpp,
|
||||||
const struct ssh2_cipheralg *cipher, const void *ckey, const void *iv,
|
const ssh2_cipheralg *cipher, const void *ckey, const void *iv,
|
||||||
const struct ssh2_macalg *mac, bool etm_mode, const void *mac_key,
|
const ssh2_macalg *mac, bool etm_mode, const void *mac_key,
|
||||||
const struct ssh_compression_alg *compression, bool delayed_compression);
|
const ssh_compression_alg *compression, bool delayed_compression);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* A query method specific to the interface between ssh2transport and
|
* A query method specific to the interface between ssh2transport and
|
||||||
|
12
sshccp.c
12
sshccp.c
@ -872,7 +872,7 @@ struct ccp_context {
|
|||||||
};
|
};
|
||||||
|
|
||||||
static ssh2_mac *poly_ssh2_new(
|
static ssh2_mac *poly_ssh2_new(
|
||||||
const struct ssh2_macalg *alg, ssh2_cipher *cipher)
|
const ssh2_macalg *alg, ssh2_cipher *cipher)
|
||||||
{
|
{
|
||||||
struct ccp_context *ctx = container_of(cipher, struct ccp_context, ciph);
|
struct ccp_context *ctx = container_of(cipher, struct ccp_context, ciph);
|
||||||
ctx->mac_if.vt = alg;
|
ctx->mac_if.vt = alg;
|
||||||
@ -938,7 +938,7 @@ static void poly_genresult(ssh2_mac *mac, unsigned char *blk)
|
|||||||
poly1305_finalise(&ctx->mac, blk);
|
poly1305_finalise(&ctx->mac, blk);
|
||||||
}
|
}
|
||||||
|
|
||||||
const struct ssh2_macalg ssh2_poly1305 = {
|
const ssh2_macalg ssh2_poly1305 = {
|
||||||
poly_ssh2_new, poly_ssh2_free, poly_setkey,
|
poly_ssh2_new, poly_ssh2_free, poly_setkey,
|
||||||
poly_start, poly_genresult,
|
poly_start, poly_genresult,
|
||||||
|
|
||||||
@ -946,7 +946,7 @@ const struct ssh2_macalg ssh2_poly1305 = {
|
|||||||
16, 0, "Poly1305"
|
16, 0, "Poly1305"
|
||||||
};
|
};
|
||||||
|
|
||||||
static ssh2_cipher *ccp_new(const struct ssh2_cipheralg *alg)
|
static ssh2_cipher *ccp_new(const ssh2_cipheralg *alg)
|
||||||
{
|
{
|
||||||
struct ccp_context *ctx = snew(struct ccp_context);
|
struct ccp_context *ctx = snew(struct ccp_context);
|
||||||
BinarySink_INIT(ctx, poly_BinarySink_write);
|
BinarySink_INIT(ctx, poly_BinarySink_write);
|
||||||
@ -1026,7 +1026,7 @@ static void ccp_decrypt_length(ssh2_cipher *cipher, void *blk, int len,
|
|||||||
chacha20_decrypt(&ctx->a_cipher, blk, len);
|
chacha20_decrypt(&ctx->a_cipher, blk, len);
|
||||||
}
|
}
|
||||||
|
|
||||||
const struct ssh2_cipheralg ssh2_chacha20_poly1305 = {
|
const ssh2_cipheralg ssh2_chacha20_poly1305 = {
|
||||||
|
|
||||||
ccp_new,
|
ccp_new,
|
||||||
ccp_free,
|
ccp_free,
|
||||||
@ -1043,11 +1043,11 @@ const struct ssh2_cipheralg ssh2_chacha20_poly1305 = {
|
|||||||
&ssh2_poly1305
|
&ssh2_poly1305
|
||||||
};
|
};
|
||||||
|
|
||||||
static const struct ssh2_cipheralg *const ccp_list[] = {
|
static const ssh2_cipheralg *const ccp_list[] = {
|
||||||
&ssh2_chacha20_poly1305
|
&ssh2_chacha20_poly1305
|
||||||
};
|
};
|
||||||
|
|
||||||
const struct ssh2_ciphers ssh2_ccp = {
|
const ssh2_ciphers ssh2_ccp = {
|
||||||
sizeof(ccp_list) / sizeof(*ccp_list),
|
sizeof(ccp_list) / sizeof(*ccp_list),
|
||||||
ccp_list
|
ccp_list
|
||||||
};
|
};
|
||||||
|
@ -1006,7 +1006,7 @@ bool ssh1_common_filter_queue(PacketProtocolLayer *ppl)
|
|||||||
|
|
||||||
void ssh1_compute_session_id(
|
void ssh1_compute_session_id(
|
||||||
unsigned char *session_id, const unsigned char *cookie,
|
unsigned char *session_id, const unsigned char *cookie,
|
||||||
struct RSAKey *hostkey, struct RSAKey *servkey)
|
RSAKey *hostkey, RSAKey *servkey)
|
||||||
{
|
{
|
||||||
struct MD5Context md5c;
|
struct MD5Context md5c;
|
||||||
|
|
||||||
|
24
sshdes.c
24
sshdes.c
@ -869,14 +869,14 @@ struct des_ssh2_ctx {
|
|||||||
ssh2_cipher ciph;
|
ssh2_cipher ciph;
|
||||||
};
|
};
|
||||||
|
|
||||||
static ssh2_cipher *des3_ssh2_new(const struct ssh2_cipheralg *alg)
|
static ssh2_cipher *des3_ssh2_new(const ssh2_cipheralg *alg)
|
||||||
{
|
{
|
||||||
struct des3_ssh2_ctx *ctx = snew(struct des3_ssh2_ctx);
|
struct des3_ssh2_ctx *ctx = snew(struct des3_ssh2_ctx);
|
||||||
ctx->ciph.vt = alg;
|
ctx->ciph.vt = alg;
|
||||||
return &ctx->ciph;
|
return &ctx->ciph;
|
||||||
}
|
}
|
||||||
|
|
||||||
static ssh2_cipher *des_ssh2_new(const struct ssh2_cipheralg *alg)
|
static ssh2_cipher *des_ssh2_new(const ssh2_cipheralg *alg)
|
||||||
{
|
{
|
||||||
struct des_ssh2_ctx *ctx = snew(struct des_ssh2_ctx);
|
struct des_ssh2_ctx *ctx = snew(struct des_ssh2_ctx);
|
||||||
ctx->ciph.vt = alg;
|
ctx->ciph.vt = alg;
|
||||||
@ -1070,7 +1070,7 @@ void des_decrypt_xdmauth(const void *keydata, void *blk, int len)
|
|||||||
des_cbc_decrypt(blk, len, &dc);
|
des_cbc_decrypt(blk, len, &dc);
|
||||||
}
|
}
|
||||||
|
|
||||||
const struct ssh2_cipheralg ssh_3des_ssh2 = {
|
const ssh2_cipheralg ssh_3des_ssh2 = {
|
||||||
des3_ssh2_new, des3_ssh2_free, des3_ssh2_setiv, des3_ssh2_setkey,
|
des3_ssh2_new, des3_ssh2_free, des3_ssh2_setiv, des3_ssh2_setkey,
|
||||||
des3_ssh2_encrypt_blk, des3_ssh2_decrypt_blk, NULL, NULL,
|
des3_ssh2_encrypt_blk, des3_ssh2_decrypt_blk, NULL, NULL,
|
||||||
"3des-cbc",
|
"3des-cbc",
|
||||||
@ -1078,7 +1078,7 @@ const struct ssh2_cipheralg ssh_3des_ssh2 = {
|
|||||||
NULL
|
NULL
|
||||||
};
|
};
|
||||||
|
|
||||||
const struct ssh2_cipheralg ssh_3des_ssh2_ctr = {
|
const ssh2_cipheralg ssh_3des_ssh2_ctr = {
|
||||||
des3_ssh2_new, des3_ssh2_free, des3_ssh2_setiv, des3_ssh2_setkey,
|
des3_ssh2_new, des3_ssh2_free, des3_ssh2_setiv, des3_ssh2_setkey,
|
||||||
des3_ssh2_sdctr, des3_ssh2_sdctr, NULL, NULL,
|
des3_ssh2_sdctr, des3_ssh2_sdctr, NULL, NULL,
|
||||||
"3des-ctr",
|
"3des-ctr",
|
||||||
@ -1094,7 +1094,7 @@ const struct ssh2_cipheralg ssh_3des_ssh2_ctr = {
|
|||||||
* apparently aren't the only people to do so, so we sigh
|
* apparently aren't the only people to do so, so we sigh
|
||||||
* and implement it anyway.
|
* and implement it anyway.
|
||||||
*/
|
*/
|
||||||
const struct ssh2_cipheralg ssh_des_ssh2 = {
|
const ssh2_cipheralg ssh_des_ssh2 = {
|
||||||
des_ssh2_new, des_ssh2_free, des_ssh2_setiv, des_ssh2_setkey,
|
des_ssh2_new, des_ssh2_free, des_ssh2_setiv, des_ssh2_setkey,
|
||||||
des_ssh2_encrypt_blk, des_ssh2_decrypt_blk, NULL, NULL,
|
des_ssh2_encrypt_blk, des_ssh2_decrypt_blk, NULL, NULL,
|
||||||
"des-cbc",
|
"des-cbc",
|
||||||
@ -1102,7 +1102,7 @@ const struct ssh2_cipheralg ssh_des_ssh2 = {
|
|||||||
NULL
|
NULL
|
||||||
};
|
};
|
||||||
|
|
||||||
const struct ssh2_cipheralg ssh_des_sshcom_ssh2 = {
|
const ssh2_cipheralg ssh_des_sshcom_ssh2 = {
|
||||||
des_ssh2_new, des_ssh2_free, des_ssh2_setiv, des_ssh2_setkey,
|
des_ssh2_new, des_ssh2_free, des_ssh2_setiv, des_ssh2_setkey,
|
||||||
des_ssh2_encrypt_blk, des_ssh2_decrypt_blk, NULL, NULL,
|
des_ssh2_encrypt_blk, des_ssh2_decrypt_blk, NULL, NULL,
|
||||||
"des-cbc@ssh.com",
|
"des-cbc@ssh.com",
|
||||||
@ -1110,33 +1110,33 @@ const struct ssh2_cipheralg ssh_des_sshcom_ssh2 = {
|
|||||||
NULL
|
NULL
|
||||||
};
|
};
|
||||||
|
|
||||||
static const struct ssh2_cipheralg *const des3_list[] = {
|
static const ssh2_cipheralg *const des3_list[] = {
|
||||||
&ssh_3des_ssh2_ctr,
|
&ssh_3des_ssh2_ctr,
|
||||||
&ssh_3des_ssh2
|
&ssh_3des_ssh2
|
||||||
};
|
};
|
||||||
|
|
||||||
const struct ssh2_ciphers ssh2_3des = {
|
const ssh2_ciphers ssh2_3des = {
|
||||||
sizeof(des3_list) / sizeof(*des3_list),
|
sizeof(des3_list) / sizeof(*des3_list),
|
||||||
des3_list
|
des3_list
|
||||||
};
|
};
|
||||||
|
|
||||||
static const struct ssh2_cipheralg *const des_list[] = {
|
static const ssh2_cipheralg *const des_list[] = {
|
||||||
&ssh_des_ssh2,
|
&ssh_des_ssh2,
|
||||||
&ssh_des_sshcom_ssh2
|
&ssh_des_sshcom_ssh2
|
||||||
};
|
};
|
||||||
|
|
||||||
const struct ssh2_ciphers ssh2_des = {
|
const ssh2_ciphers ssh2_des = {
|
||||||
sizeof(des_list) / sizeof(*des_list),
|
sizeof(des_list) / sizeof(*des_list),
|
||||||
des_list
|
des_list
|
||||||
};
|
};
|
||||||
|
|
||||||
const struct ssh1_cipheralg ssh1_3des = {
|
const ssh1_cipheralg ssh1_3des = {
|
||||||
des3_ssh1_new, des3_ssh1_free, des3_ssh1_sesskey,
|
des3_ssh1_new, des3_ssh1_free, des3_ssh1_sesskey,
|
||||||
des3_ssh1_encrypt_blk, des3_ssh1_decrypt_blk,
|
des3_ssh1_encrypt_blk, des3_ssh1_decrypt_blk,
|
||||||
8, "triple-DES inner-CBC"
|
8, "triple-DES inner-CBC"
|
||||||
};
|
};
|
||||||
|
|
||||||
const struct ssh1_cipheralg ssh1_des = {
|
const ssh1_cipheralg ssh1_des = {
|
||||||
des_ssh1_new, des_ssh1_free, des_ssh1_sesskey,
|
des_ssh1_new, des_ssh1_free, des_ssh1_sesskey,
|
||||||
des_ssh1_encrypt_blk, des_ssh1_decrypt_blk,
|
des_ssh1_encrypt_blk, des_ssh1_decrypt_blk,
|
||||||
8, "single-DES CBC"
|
8, "single-DES CBC"
|
||||||
|
60
sshdh.c
60
sshdh.c
@ -14,16 +14,16 @@ struct dh_ctx {
|
|||||||
|
|
||||||
struct dh_extra {
|
struct dh_extra {
|
||||||
bool gex;
|
bool gex;
|
||||||
void (*construct)(struct dh_ctx *ctx);
|
void (*construct)(dh_ctx *ctx);
|
||||||
};
|
};
|
||||||
|
|
||||||
static void dh_group1_construct(struct dh_ctx *ctx)
|
static void dh_group1_construct(dh_ctx *ctx)
|
||||||
{
|
{
|
||||||
ctx->p = MP_LITERAL(0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF);
|
ctx->p = MP_LITERAL(0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF);
|
||||||
ctx->g = mp_from_integer(2);
|
ctx->g = mp_from_integer(2);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void dh_group14_construct(struct dh_ctx *ctx)
|
static void dh_group14_construct(dh_ctx *ctx)
|
||||||
{
|
{
|
||||||
ctx->p = MP_LITERAL(0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF);
|
ctx->p = MP_LITERAL(0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF);
|
||||||
ctx->g = mp_from_integer(2);
|
ctx->g = mp_from_integer(2);
|
||||||
@ -33,16 +33,16 @@ static const struct dh_extra extra_group1 = {
|
|||||||
false, dh_group1_construct,
|
false, dh_group1_construct,
|
||||||
};
|
};
|
||||||
|
|
||||||
static const struct ssh_kex ssh_diffiehellman_group1_sha1 = {
|
static const ssh_kex ssh_diffiehellman_group1_sha1 = {
|
||||||
"diffie-hellman-group1-sha1", "group1",
|
"diffie-hellman-group1-sha1", "group1",
|
||||||
KEXTYPE_DH, &ssh_sha1, &extra_group1,
|
KEXTYPE_DH, &ssh_sha1, &extra_group1,
|
||||||
};
|
};
|
||||||
|
|
||||||
static const struct ssh_kex *const group1_list[] = {
|
static const ssh_kex *const group1_list[] = {
|
||||||
&ssh_diffiehellman_group1_sha1
|
&ssh_diffiehellman_group1_sha1
|
||||||
};
|
};
|
||||||
|
|
||||||
const struct ssh_kexes ssh_diffiehellman_group1 = {
|
const ssh_kexes ssh_diffiehellman_group1 = {
|
||||||
sizeof(group1_list) / sizeof(*group1_list),
|
sizeof(group1_list) / sizeof(*group1_list),
|
||||||
group1_list
|
group1_list
|
||||||
};
|
};
|
||||||
@ -51,44 +51,44 @@ static const struct dh_extra extra_group14 = {
|
|||||||
false, dh_group14_construct,
|
false, dh_group14_construct,
|
||||||
};
|
};
|
||||||
|
|
||||||
static const struct ssh_kex ssh_diffiehellman_group14_sha256 = {
|
static const ssh_kex ssh_diffiehellman_group14_sha256 = {
|
||||||
"diffie-hellman-group14-sha256", "group14",
|
"diffie-hellman-group14-sha256", "group14",
|
||||||
KEXTYPE_DH, &ssh_sha256, &extra_group14,
|
KEXTYPE_DH, &ssh_sha256, &extra_group14,
|
||||||
};
|
};
|
||||||
|
|
||||||
static const struct ssh_kex ssh_diffiehellman_group14_sha1 = {
|
static const ssh_kex ssh_diffiehellman_group14_sha1 = {
|
||||||
"diffie-hellman-group14-sha1", "group14",
|
"diffie-hellman-group14-sha1", "group14",
|
||||||
KEXTYPE_DH, &ssh_sha1, &extra_group14,
|
KEXTYPE_DH, &ssh_sha1, &extra_group14,
|
||||||
};
|
};
|
||||||
|
|
||||||
static const struct ssh_kex *const group14_list[] = {
|
static const ssh_kex *const group14_list[] = {
|
||||||
&ssh_diffiehellman_group14_sha256,
|
&ssh_diffiehellman_group14_sha256,
|
||||||
&ssh_diffiehellman_group14_sha1
|
&ssh_diffiehellman_group14_sha1
|
||||||
};
|
};
|
||||||
|
|
||||||
const struct ssh_kexes ssh_diffiehellman_group14 = {
|
const ssh_kexes ssh_diffiehellman_group14 = {
|
||||||
sizeof(group14_list) / sizeof(*group14_list),
|
sizeof(group14_list) / sizeof(*group14_list),
|
||||||
group14_list
|
group14_list
|
||||||
};
|
};
|
||||||
|
|
||||||
static const struct dh_extra extra_gex = { true };
|
static const struct dh_extra extra_gex = { true };
|
||||||
|
|
||||||
static const struct ssh_kex ssh_diffiehellman_gex_sha256 = {
|
static const ssh_kex ssh_diffiehellman_gex_sha256 = {
|
||||||
"diffie-hellman-group-exchange-sha256", NULL,
|
"diffie-hellman-group-exchange-sha256", NULL,
|
||||||
KEXTYPE_DH, &ssh_sha256, &extra_gex,
|
KEXTYPE_DH, &ssh_sha256, &extra_gex,
|
||||||
};
|
};
|
||||||
|
|
||||||
static const struct ssh_kex ssh_diffiehellman_gex_sha1 = {
|
static const ssh_kex ssh_diffiehellman_gex_sha1 = {
|
||||||
"diffie-hellman-group-exchange-sha1", NULL,
|
"diffie-hellman-group-exchange-sha1", NULL,
|
||||||
KEXTYPE_DH, &ssh_sha1, &extra_gex,
|
KEXTYPE_DH, &ssh_sha1, &extra_gex,
|
||||||
};
|
};
|
||||||
|
|
||||||
static const struct ssh_kex *const gex_list[] = {
|
static const ssh_kex *const gex_list[] = {
|
||||||
&ssh_diffiehellman_gex_sha256,
|
&ssh_diffiehellman_gex_sha256,
|
||||||
&ssh_diffiehellman_gex_sha1
|
&ssh_diffiehellman_gex_sha1
|
||||||
};
|
};
|
||||||
|
|
||||||
const struct ssh_kexes ssh_diffiehellman_gex = {
|
const ssh_kexes ssh_diffiehellman_gex = {
|
||||||
sizeof(gex_list) / sizeof(*gex_list),
|
sizeof(gex_list) / sizeof(*gex_list),
|
||||||
gex_list
|
gex_list
|
||||||
};
|
};
|
||||||
@ -107,28 +107,28 @@ const struct ssh_kexes ssh_diffiehellman_gex = {
|
|||||||
*/
|
*/
|
||||||
#define GSS_KRB5_OID_HASH "toWM5Slw5Ew8Mqkay+al2g=="
|
#define GSS_KRB5_OID_HASH "toWM5Slw5Ew8Mqkay+al2g=="
|
||||||
|
|
||||||
static const struct ssh_kex ssh_gssk5_diffiehellman_gex_sha1 = {
|
static const ssh_kex ssh_gssk5_diffiehellman_gex_sha1 = {
|
||||||
"gss-gex-sha1-" GSS_KRB5_OID_HASH, NULL,
|
"gss-gex-sha1-" GSS_KRB5_OID_HASH, NULL,
|
||||||
KEXTYPE_GSS, &ssh_sha1, &extra_gex,
|
KEXTYPE_GSS, &ssh_sha1, &extra_gex,
|
||||||
};
|
};
|
||||||
|
|
||||||
static const struct ssh_kex ssh_gssk5_diffiehellman_group14_sha1 = {
|
static const ssh_kex ssh_gssk5_diffiehellman_group14_sha1 = {
|
||||||
"gss-group14-sha1-" GSS_KRB5_OID_HASH, "group14",
|
"gss-group14-sha1-" GSS_KRB5_OID_HASH, "group14",
|
||||||
KEXTYPE_GSS, &ssh_sha1, &extra_group14,
|
KEXTYPE_GSS, &ssh_sha1, &extra_group14,
|
||||||
};
|
};
|
||||||
|
|
||||||
static const struct ssh_kex ssh_gssk5_diffiehellman_group1_sha1 = {
|
static const ssh_kex ssh_gssk5_diffiehellman_group1_sha1 = {
|
||||||
"gss-group1-sha1-" GSS_KRB5_OID_HASH, "group1",
|
"gss-group1-sha1-" GSS_KRB5_OID_HASH, "group1",
|
||||||
KEXTYPE_GSS, &ssh_sha1, &extra_group1,
|
KEXTYPE_GSS, &ssh_sha1, &extra_group1,
|
||||||
};
|
};
|
||||||
|
|
||||||
static const struct ssh_kex *const gssk5_sha1_kex_list[] = {
|
static const ssh_kex *const gssk5_sha1_kex_list[] = {
|
||||||
&ssh_gssk5_diffiehellman_gex_sha1,
|
&ssh_gssk5_diffiehellman_gex_sha1,
|
||||||
&ssh_gssk5_diffiehellman_group14_sha1,
|
&ssh_gssk5_diffiehellman_group14_sha1,
|
||||||
&ssh_gssk5_diffiehellman_group1_sha1
|
&ssh_gssk5_diffiehellman_group1_sha1
|
||||||
};
|
};
|
||||||
|
|
||||||
const struct ssh_kexes ssh_gssk5_sha1_kex = {
|
const ssh_kexes ssh_gssk5_sha1_kex = {
|
||||||
sizeof(gssk5_sha1_kex_list) / sizeof(*gssk5_sha1_kex_list),
|
sizeof(gssk5_sha1_kex_list) / sizeof(*gssk5_sha1_kex_list),
|
||||||
gssk5_sha1_kex_list
|
gssk5_sha1_kex_list
|
||||||
};
|
};
|
||||||
@ -136,13 +136,13 @@ const struct ssh_kexes ssh_gssk5_sha1_kex = {
|
|||||||
/*
|
/*
|
||||||
* Common DH initialisation.
|
* Common DH initialisation.
|
||||||
*/
|
*/
|
||||||
static void dh_init(struct dh_ctx *ctx)
|
static void dh_init(dh_ctx *ctx)
|
||||||
{
|
{
|
||||||
ctx->q = mp_rshift_fixed(ctx->p, 1);
|
ctx->q = mp_rshift_fixed(ctx->p, 1);
|
||||||
ctx->x = ctx->e = NULL;
|
ctx->x = ctx->e = NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
bool dh_is_gex(const struct ssh_kex *kex)
|
bool dh_is_gex(const ssh_kex *kex)
|
||||||
{
|
{
|
||||||
const struct dh_extra *extra = (const struct dh_extra *)kex->extra;
|
const struct dh_extra *extra = (const struct dh_extra *)kex->extra;
|
||||||
return extra->gex;
|
return extra->gex;
|
||||||
@ -151,11 +151,11 @@ bool dh_is_gex(const struct ssh_kex *kex)
|
|||||||
/*
|
/*
|
||||||
* Initialise DH for a standard group.
|
* Initialise DH for a standard group.
|
||||||
*/
|
*/
|
||||||
struct dh_ctx *dh_setup_group(const struct ssh_kex *kex)
|
dh_ctx *dh_setup_group(const ssh_kex *kex)
|
||||||
{
|
{
|
||||||
const struct dh_extra *extra = (const struct dh_extra *)kex->extra;
|
const struct dh_extra *extra = (const struct dh_extra *)kex->extra;
|
||||||
assert(!extra->gex);
|
assert(!extra->gex);
|
||||||
struct dh_ctx *ctx = snew(struct dh_ctx);
|
dh_ctx *ctx = snew(dh_ctx);
|
||||||
extra->construct(ctx);
|
extra->construct(ctx);
|
||||||
dh_init(ctx);
|
dh_init(ctx);
|
||||||
return ctx;
|
return ctx;
|
||||||
@ -164,9 +164,9 @@ struct dh_ctx *dh_setup_group(const struct ssh_kex *kex)
|
|||||||
/*
|
/*
|
||||||
* Initialise DH for a server-supplied group.
|
* Initialise DH for a server-supplied group.
|
||||||
*/
|
*/
|
||||||
struct dh_ctx *dh_setup_gex(mp_int *pval, mp_int *gval)
|
dh_ctx *dh_setup_gex(mp_int *pval, mp_int *gval)
|
||||||
{
|
{
|
||||||
struct dh_ctx *ctx = snew(struct dh_ctx);
|
dh_ctx *ctx = snew(dh_ctx);
|
||||||
ctx->p = mp_copy(pval);
|
ctx->p = mp_copy(pval);
|
||||||
ctx->g = mp_copy(gval);
|
ctx->g = mp_copy(gval);
|
||||||
dh_init(ctx);
|
dh_init(ctx);
|
||||||
@ -176,7 +176,7 @@ struct dh_ctx *dh_setup_gex(mp_int *pval, mp_int *gval)
|
|||||||
/*
|
/*
|
||||||
* Return size of DH modulus p.
|
* Return size of DH modulus p.
|
||||||
*/
|
*/
|
||||||
int dh_modulus_bit_size(const struct dh_ctx *ctx)
|
int dh_modulus_bit_size(const dh_ctx *ctx)
|
||||||
{
|
{
|
||||||
return mp_get_nbits(ctx->p);
|
return mp_get_nbits(ctx->p);
|
||||||
}
|
}
|
||||||
@ -184,7 +184,7 @@ int dh_modulus_bit_size(const struct dh_ctx *ctx)
|
|||||||
/*
|
/*
|
||||||
* Clean up and free a context.
|
* Clean up and free a context.
|
||||||
*/
|
*/
|
||||||
void dh_cleanup(struct dh_ctx *ctx)
|
void dh_cleanup(dh_ctx *ctx)
|
||||||
{
|
{
|
||||||
if (ctx->x)
|
if (ctx->x)
|
||||||
mp_free(ctx->x);
|
mp_free(ctx->x);
|
||||||
@ -214,7 +214,7 @@ void dh_cleanup(struct dh_ctx *ctx)
|
|||||||
* Advances in Cryptology: Proceedings of Eurocrypt '96
|
* Advances in Cryptology: Proceedings of Eurocrypt '96
|
||||||
* Springer-Verlag, May 1996.
|
* Springer-Verlag, May 1996.
|
||||||
*/
|
*/
|
||||||
mp_int *dh_create_e(struct dh_ctx *ctx, int nbits)
|
mp_int *dh_create_e(dh_ctx *ctx, int nbits)
|
||||||
{
|
{
|
||||||
/*
|
/*
|
||||||
* Lower limit is just 2.
|
* Lower limit is just 2.
|
||||||
@ -256,7 +256,7 @@ mp_int *dh_create_e(struct dh_ctx *ctx, int nbits)
|
|||||||
* they lead to obviously weak keys that even a passive eavesdropper
|
* they lead to obviously weak keys that even a passive eavesdropper
|
||||||
* can figure out.)
|
* can figure out.)
|
||||||
*/
|
*/
|
||||||
const char *dh_validate_f(struct dh_ctx *ctx, mp_int *f)
|
const char *dh_validate_f(dh_ctx *ctx, mp_int *f)
|
||||||
{
|
{
|
||||||
if (!mp_hs_integer(f, 2)) {
|
if (!mp_hs_integer(f, 2)) {
|
||||||
return "f value received is too small";
|
return "f value received is too small";
|
||||||
@ -274,7 +274,7 @@ const char *dh_validate_f(struct dh_ctx *ctx, mp_int *f)
|
|||||||
/*
|
/*
|
||||||
* DH stage 2: given a number f, compute K = f^x mod p.
|
* DH stage 2: given a number f, compute K = f^x mod p.
|
||||||
*/
|
*/
|
||||||
mp_int *dh_find_K(struct dh_ctx *ctx, mp_int *f)
|
mp_int *dh_find_K(dh_ctx *ctx, mp_int *f)
|
||||||
{
|
{
|
||||||
return mp_modpow(f, ctx->x, ctx->p);
|
return mp_modpow(f, ctx->x, ctx->p);
|
||||||
}
|
}
|
||||||
|
18
sshecc.c
18
sshecc.c
@ -254,7 +254,7 @@ static struct ec_curve *ec_ed25519(void)
|
|||||||
|
|
||||||
struct ecsign_extra {
|
struct ecsign_extra {
|
||||||
struct ec_curve *(*curve)(void);
|
struct ec_curve *(*curve)(void);
|
||||||
const struct ssh_hashalg *hash;
|
const ssh_hashalg *hash;
|
||||||
|
|
||||||
/* These fields are used by the OpenSSH PEM format importer/exporter */
|
/* These fields are used by the OpenSSH PEM format importer/exporter */
|
||||||
const unsigned char *oid;
|
const unsigned char *oid;
|
||||||
@ -1250,7 +1250,7 @@ struct ecdh_key {
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
const char *ssh_ecdhkex_curve_textname(const struct ssh_kex *kex)
|
const char *ssh_ecdhkex_curve_textname(const ssh_kex *kex)
|
||||||
{
|
{
|
||||||
const struct eckex_extra *extra = (const struct eckex_extra *)kex->extra;
|
const struct eckex_extra *extra = (const struct eckex_extra *)kex->extra;
|
||||||
struct ec_curve *curve = extra->curve();
|
struct ec_curve *curve = extra->curve();
|
||||||
@ -1281,7 +1281,7 @@ static void ssh_ecdhkex_m_setup(ecdh_key *dh)
|
|||||||
dh->m_public = ecc_montgomery_multiply(dh->curve->m.G, dh->private);
|
dh->m_public = ecc_montgomery_multiply(dh->curve->m.G, dh->private);
|
||||||
}
|
}
|
||||||
|
|
||||||
ecdh_key *ssh_ecdhkex_newkey(const struct ssh_kex *kex)
|
ecdh_key *ssh_ecdhkex_newkey(const ssh_kex *kex)
|
||||||
{
|
{
|
||||||
const struct eckex_extra *extra = (const struct eckex_extra *)kex->extra;
|
const struct eckex_extra *extra = (const struct eckex_extra *)kex->extra;
|
||||||
const struct ec_curve *curve = extra->curve();
|
const struct ec_curve *curve = extra->curve();
|
||||||
@ -1396,7 +1396,7 @@ static const struct eckex_extra kex_extra_curve25519 = {
|
|||||||
ssh_ecdhkex_m_getpublic,
|
ssh_ecdhkex_m_getpublic,
|
||||||
ssh_ecdhkex_m_getkey,
|
ssh_ecdhkex_m_getkey,
|
||||||
};
|
};
|
||||||
const struct ssh_kex ssh_ec_kex_curve25519 = {
|
const ssh_kex ssh_ec_kex_curve25519 = {
|
||||||
"curve25519-sha256@libssh.org", NULL, KEXTYPE_ECDH,
|
"curve25519-sha256@libssh.org", NULL, KEXTYPE_ECDH,
|
||||||
&ssh_sha256, &kex_extra_curve25519,
|
&ssh_sha256, &kex_extra_curve25519,
|
||||||
};
|
};
|
||||||
@ -1408,7 +1408,7 @@ const struct eckex_extra kex_extra_nistp256 = {
|
|||||||
ssh_ecdhkex_w_getpublic,
|
ssh_ecdhkex_w_getpublic,
|
||||||
ssh_ecdhkex_w_getkey,
|
ssh_ecdhkex_w_getkey,
|
||||||
};
|
};
|
||||||
const struct ssh_kex ssh_ec_kex_nistp256 = {
|
const ssh_kex ssh_ec_kex_nistp256 = {
|
||||||
"ecdh-sha2-nistp256", NULL, KEXTYPE_ECDH,
|
"ecdh-sha2-nistp256", NULL, KEXTYPE_ECDH,
|
||||||
&ssh_sha256, &kex_extra_nistp256,
|
&ssh_sha256, &kex_extra_nistp256,
|
||||||
};
|
};
|
||||||
@ -1420,7 +1420,7 @@ const struct eckex_extra kex_extra_nistp384 = {
|
|||||||
ssh_ecdhkex_w_getpublic,
|
ssh_ecdhkex_w_getpublic,
|
||||||
ssh_ecdhkex_w_getkey,
|
ssh_ecdhkex_w_getkey,
|
||||||
};
|
};
|
||||||
const struct ssh_kex ssh_ec_kex_nistp384 = {
|
const ssh_kex ssh_ec_kex_nistp384 = {
|
||||||
"ecdh-sha2-nistp384", NULL, KEXTYPE_ECDH,
|
"ecdh-sha2-nistp384", NULL, KEXTYPE_ECDH,
|
||||||
&ssh_sha384, &kex_extra_nistp384,
|
&ssh_sha384, &kex_extra_nistp384,
|
||||||
};
|
};
|
||||||
@ -1432,19 +1432,19 @@ const struct eckex_extra kex_extra_nistp521 = {
|
|||||||
ssh_ecdhkex_w_getpublic,
|
ssh_ecdhkex_w_getpublic,
|
||||||
ssh_ecdhkex_w_getkey,
|
ssh_ecdhkex_w_getkey,
|
||||||
};
|
};
|
||||||
const struct ssh_kex ssh_ec_kex_nistp521 = {
|
const ssh_kex ssh_ec_kex_nistp521 = {
|
||||||
"ecdh-sha2-nistp521", NULL, KEXTYPE_ECDH,
|
"ecdh-sha2-nistp521", NULL, KEXTYPE_ECDH,
|
||||||
&ssh_sha512, &kex_extra_nistp521,
|
&ssh_sha512, &kex_extra_nistp521,
|
||||||
};
|
};
|
||||||
|
|
||||||
static const struct ssh_kex *const ec_kex_list[] = {
|
static const ssh_kex *const ec_kex_list[] = {
|
||||||
&ssh_ec_kex_curve25519,
|
&ssh_ec_kex_curve25519,
|
||||||
&ssh_ec_kex_nistp256,
|
&ssh_ec_kex_nistp256,
|
||||||
&ssh_ec_kex_nistp384,
|
&ssh_ec_kex_nistp384,
|
||||||
&ssh_ec_kex_nistp521,
|
&ssh_ec_kex_nistp521,
|
||||||
};
|
};
|
||||||
|
|
||||||
const struct ssh_kexes ssh_ecdh_kex = {
|
const ssh_kexes ssh_ecdh_kex = {
|
||||||
sizeof(ec_kex_list) / sizeof(*ec_kex_list),
|
sizeof(ec_kex_list) / sizeof(*ec_kex_list),
|
||||||
ec_kex_list
|
ec_kex_list
|
||||||
};
|
};
|
||||||
|
8
sshmd5.c
8
sshmd5.c
@ -220,7 +220,7 @@ struct md5_hash {
|
|||||||
ssh_hash hash;
|
ssh_hash hash;
|
||||||
};
|
};
|
||||||
|
|
||||||
static ssh_hash *md5_new(const struct ssh_hashalg *alg)
|
static ssh_hash *md5_new(const ssh_hashalg *alg)
|
||||||
{
|
{
|
||||||
struct md5_hash *h = snew(struct md5_hash);
|
struct md5_hash *h = snew(struct md5_hash);
|
||||||
MD5Init(&h->state);
|
MD5Init(&h->state);
|
||||||
@ -258,7 +258,7 @@ static void md5_final(ssh_hash *hash, unsigned char *output)
|
|||||||
md5_free(hash);
|
md5_free(hash);
|
||||||
}
|
}
|
||||||
|
|
||||||
const struct ssh_hashalg ssh_md5 = {
|
const ssh_hashalg ssh_md5 = {
|
||||||
md5_new, md5_copy, md5_final, md5_free, 16, "MD5"
|
md5_new, md5_copy, md5_final, md5_free, 16, "MD5"
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -282,7 +282,7 @@ struct hmacmd5_context *hmacmd5_make_context(void)
|
|||||||
return ctx;
|
return ctx;
|
||||||
}
|
}
|
||||||
|
|
||||||
static ssh2_mac *hmacmd5_ssh2_new(const struct ssh2_macalg *alg,
|
static ssh2_mac *hmacmd5_ssh2_new(const ssh2_macalg *alg,
|
||||||
ssh2_cipher *cipher)
|
ssh2_cipher *cipher)
|
||||||
{
|
{
|
||||||
struct hmacmd5_context *ctx = hmacmd5_make_context();
|
struct hmacmd5_context *ctx = hmacmd5_make_context();
|
||||||
@ -365,7 +365,7 @@ void hmacmd5_do_hmac(struct hmacmd5_context *ctx,
|
|||||||
ssh2_mac_genresult(&ctx->mac, hmac);
|
ssh2_mac_genresult(&ctx->mac, hmac);
|
||||||
}
|
}
|
||||||
|
|
||||||
const struct ssh2_macalg ssh_hmac_md5 = {
|
const ssh2_macalg ssh_hmac_md5 = {
|
||||||
hmacmd5_ssh2_new, hmacmd5_ssh2_free, hmacmd5_ssh2_setkey,
|
hmacmd5_ssh2_new, hmacmd5_ssh2_free, hmacmd5_ssh2_setkey,
|
||||||
hmacmd5_start, hmacmd5_genresult,
|
hmacmd5_start, hmacmd5_genresult,
|
||||||
"hmac-md5", "hmac-md5-etm@openssh.com",
|
"hmac-md5", "hmac-md5-etm@openssh.com",
|
||||||
|
2
sshppl.h
2
sshppl.h
@ -150,7 +150,7 @@ bool ssh1_common_get_specials(PacketProtocolLayer *, add_special_fn_t, void *);
|
|||||||
bool ssh1_common_filter_queue(PacketProtocolLayer *ppl);
|
bool ssh1_common_filter_queue(PacketProtocolLayer *ppl);
|
||||||
void ssh1_compute_session_id(
|
void ssh1_compute_session_id(
|
||||||
unsigned char *session_id, const unsigned char *cookie,
|
unsigned char *session_id, const unsigned char *cookie,
|
||||||
struct RSAKey *hostkey, struct RSAKey *servkey);
|
RSAKey *hostkey, RSAKey *servkey);
|
||||||
|
|
||||||
/* Method used by the SSH server */
|
/* Method used by the SSH server */
|
||||||
void ssh2_transport_provide_hostkeys(PacketProtocolLayer *ssh2_transport_ptr,
|
void ssh2_transport_provide_hostkeys(PacketProtocolLayer *ssh2_transport_ptr,
|
||||||
|
29
sshpubk.c
29
sshpubk.c
@ -24,7 +24,7 @@
|
|||||||
|
|
||||||
static int key_type_fp(FILE *fp);
|
static int key_type_fp(FILE *fp);
|
||||||
|
|
||||||
static int rsa_ssh1_load_main(FILE * fp, struct RSAKey *key, bool pub_only,
|
static int rsa_ssh1_load_main(FILE * fp, RSAKey *key, bool pub_only,
|
||||||
char **commentptr, const char *passphrase,
|
char **commentptr, const char *passphrase,
|
||||||
const char **error)
|
const char **error)
|
||||||
{
|
{
|
||||||
@ -141,7 +141,7 @@ static int rsa_ssh1_load_main(FILE * fp, struct RSAKey *key, bool pub_only,
|
|||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
int rsa_ssh1_loadkey(const Filename *filename, struct RSAKey *key,
|
int rsa_ssh1_loadkey(const Filename *filename, RSAKey *key,
|
||||||
const char *passphrase, const char **errorstr)
|
const char *passphrase, const char **errorstr)
|
||||||
{
|
{
|
||||||
FILE *fp;
|
FILE *fp;
|
||||||
@ -218,7 +218,7 @@ int rsa_ssh1_loadpub(const Filename *filename, BinarySink *bs,
|
|||||||
{
|
{
|
||||||
FILE *fp;
|
FILE *fp;
|
||||||
char buf[64];
|
char buf[64];
|
||||||
struct RSAKey key;
|
RSAKey key;
|
||||||
int ret;
|
int ret;
|
||||||
const char *error = NULL;
|
const char *error = NULL;
|
||||||
|
|
||||||
@ -310,7 +310,7 @@ int rsa_ssh1_loadpub(const Filename *filename, BinarySink *bs,
|
|||||||
/*
|
/*
|
||||||
* Save an RSA key file. Return true on success.
|
* Save an RSA key file. Return true on success.
|
||||||
*/
|
*/
|
||||||
bool rsa_ssh1_savekey(const Filename *filename, struct RSAKey *key,
|
bool rsa_ssh1_savekey(const Filename *filename, RSAKey *key,
|
||||||
char *passphrase)
|
char *passphrase)
|
||||||
{
|
{
|
||||||
strbuf *buf = strbuf_new();
|
strbuf *buf = strbuf_new();
|
||||||
@ -563,7 +563,7 @@ static bool read_blob(FILE *fp, int nlines, BinarySink *bs)
|
|||||||
/*
|
/*
|
||||||
* Magic error return value for when the passphrase is wrong.
|
* Magic error return value for when the passphrase is wrong.
|
||||||
*/
|
*/
|
||||||
struct ssh2_userkey ssh2_wrong_passphrase = { NULL, NULL };
|
ssh2_userkey ssh2_wrong_passphrase = { NULL, NULL };
|
||||||
|
|
||||||
const ssh_keyalg *find_pubkey_alg_len(ptrlen name)
|
const ssh_keyalg *find_pubkey_alg_len(ptrlen name)
|
||||||
{
|
{
|
||||||
@ -588,14 +588,13 @@ const ssh_keyalg *find_pubkey_alg(const char *name)
|
|||||||
return find_pubkey_alg_len(ptrlen_from_asciz(name));
|
return find_pubkey_alg_len(ptrlen_from_asciz(name));
|
||||||
}
|
}
|
||||||
|
|
||||||
struct ssh2_userkey *ssh2_load_userkey(const Filename *filename,
|
ssh2_userkey *ssh2_load_userkey(
|
||||||
const char *passphrase,
|
const Filename *filename, const char *passphrase, const char **errorstr)
|
||||||
const char **errorstr)
|
|
||||||
{
|
{
|
||||||
FILE *fp;
|
FILE *fp;
|
||||||
char header[40], *b, *encryption, *comment, *mac;
|
char header[40], *b, *encryption, *comment, *mac;
|
||||||
const ssh_keyalg *alg;
|
const ssh_keyalg *alg;
|
||||||
struct ssh2_userkey *ret;
|
ssh2_userkey *ret;
|
||||||
int cipher, cipherblk;
|
int cipher, cipherblk;
|
||||||
strbuf *public_blob, *private_blob;
|
strbuf *public_blob, *private_blob;
|
||||||
int i;
|
int i;
|
||||||
@ -797,7 +796,7 @@ struct ssh2_userkey *ssh2_load_userkey(const Filename *filename,
|
|||||||
/*
|
/*
|
||||||
* Create and return the key.
|
* Create and return the key.
|
||||||
*/
|
*/
|
||||||
ret = snew(struct ssh2_userkey);
|
ret = snew(ssh2_userkey);
|
||||||
ret->comment = comment;
|
ret->comment = comment;
|
||||||
ret->key = ssh_key_new_priv(
|
ret->key = ssh_key_new_priv(
|
||||||
alg, ptrlen_from_strbuf(public_blob),
|
alg, ptrlen_from_strbuf(public_blob),
|
||||||
@ -1235,8 +1234,8 @@ void base64_encode(FILE *fp, const unsigned char *data, int datalen, int cpl)
|
|||||||
fputc('\n', fp);
|
fputc('\n', fp);
|
||||||
}
|
}
|
||||||
|
|
||||||
bool ssh2_save_userkey(const Filename *filename, struct ssh2_userkey *key,
|
bool ssh2_save_userkey(
|
||||||
char *passphrase)
|
const Filename *filename, ssh2_userkey *key, char *passphrase)
|
||||||
{
|
{
|
||||||
FILE *fp;
|
FILE *fp;
|
||||||
strbuf *pub_blob, *priv_blob;
|
strbuf *pub_blob, *priv_blob;
|
||||||
@ -1356,7 +1355,7 @@ bool ssh2_save_userkey(const Filename *filename, struct ssh2_userkey *key,
|
|||||||
/* ----------------------------------------------------------------------
|
/* ----------------------------------------------------------------------
|
||||||
* Output public keys.
|
* Output public keys.
|
||||||
*/
|
*/
|
||||||
char *ssh1_pubkey_str(struct RSAKey *key)
|
char *ssh1_pubkey_str(RSAKey *key)
|
||||||
{
|
{
|
||||||
char *buffer;
|
char *buffer;
|
||||||
char *dec1, *dec2;
|
char *dec1, *dec2;
|
||||||
@ -1371,7 +1370,7 @@ char *ssh1_pubkey_str(struct RSAKey *key)
|
|||||||
return buffer;
|
return buffer;
|
||||||
}
|
}
|
||||||
|
|
||||||
void ssh1_write_pubkey(FILE *fp, struct RSAKey *key)
|
void ssh1_write_pubkey(FILE *fp, RSAKey *key)
|
||||||
{
|
{
|
||||||
char *buffer = ssh1_pubkey_str(key);
|
char *buffer = ssh1_pubkey_str(key);
|
||||||
fprintf(fp, "%s\n", buffer);
|
fprintf(fp, "%s\n", buffer);
|
||||||
@ -1418,7 +1417,7 @@ static char *ssh2_pubkey_openssh_str_internal(const char *comment,
|
|||||||
return buffer;
|
return buffer;
|
||||||
}
|
}
|
||||||
|
|
||||||
char *ssh2_pubkey_openssh_str(struct ssh2_userkey *key)
|
char *ssh2_pubkey_openssh_str(ssh2_userkey *key)
|
||||||
{
|
{
|
||||||
strbuf *blob;
|
strbuf *blob;
|
||||||
char *ret;
|
char *ret;
|
||||||
|
81
sshrsa.c
81
sshrsa.c
@ -12,7 +12,7 @@
|
|||||||
#include "misc.h"
|
#include "misc.h"
|
||||||
|
|
||||||
void BinarySource_get_rsa_ssh1_pub(
|
void BinarySource_get_rsa_ssh1_pub(
|
||||||
BinarySource *src, struct RSAKey *rsa, RsaSsh1Order order)
|
BinarySource *src, RSAKey *rsa, RsaSsh1Order order)
|
||||||
{
|
{
|
||||||
unsigned bits;
|
unsigned bits;
|
||||||
mp_int *e, *m;
|
mp_int *e, *m;
|
||||||
@ -38,12 +38,12 @@ void BinarySource_get_rsa_ssh1_pub(
|
|||||||
}
|
}
|
||||||
|
|
||||||
void BinarySource_get_rsa_ssh1_priv(
|
void BinarySource_get_rsa_ssh1_priv(
|
||||||
BinarySource *src, struct RSAKey *rsa)
|
BinarySource *src, RSAKey *rsa)
|
||||||
{
|
{
|
||||||
rsa->private_exponent = get_mp_ssh1(src);
|
rsa->private_exponent = get_mp_ssh1(src);
|
||||||
}
|
}
|
||||||
|
|
||||||
bool rsa_ssh1_encrypt(unsigned char *data, int length, struct RSAKey *key)
|
bool rsa_ssh1_encrypt(unsigned char *data, int length, RSAKey *key)
|
||||||
{
|
{
|
||||||
mp_int *b1, *b2;
|
mp_int *b1, *b2;
|
||||||
int i;
|
int i;
|
||||||
@ -157,18 +157,18 @@ mp_int *crt_modpow(mp_int *base, mp_int *exp, mp_int *mod,
|
|||||||
* Wrapper on crt_modpow that looks up all the right values from an
|
* Wrapper on crt_modpow that looks up all the right values from an
|
||||||
* RSAKey.
|
* RSAKey.
|
||||||
*/
|
*/
|
||||||
static mp_int *rsa_privkey_op(mp_int *input, struct RSAKey *key)
|
static mp_int *rsa_privkey_op(mp_int *input, RSAKey *key)
|
||||||
{
|
{
|
||||||
return crt_modpow(input, key->private_exponent,
|
return crt_modpow(input, key->private_exponent,
|
||||||
key->modulus, key->p, key->q, key->iqmp);
|
key->modulus, key->p, key->q, key->iqmp);
|
||||||
}
|
}
|
||||||
|
|
||||||
mp_int *rsa_ssh1_decrypt(mp_int *input, struct RSAKey *key)
|
mp_int *rsa_ssh1_decrypt(mp_int *input, RSAKey *key)
|
||||||
{
|
{
|
||||||
return rsa_privkey_op(input, key);
|
return rsa_privkey_op(input, key);
|
||||||
}
|
}
|
||||||
|
|
||||||
bool rsa_ssh1_decrypt_pkcs1(mp_int *input, struct RSAKey *key,
|
bool rsa_ssh1_decrypt_pkcs1(mp_int *input, RSAKey *key,
|
||||||
strbuf *outbuf)
|
strbuf *outbuf)
|
||||||
{
|
{
|
||||||
strbuf *data = strbuf_new();
|
strbuf *data = strbuf_new();
|
||||||
@ -216,7 +216,7 @@ static void append_hex_to_strbuf(strbuf *sb, mp_int *x)
|
|||||||
sfree(hex);
|
sfree(hex);
|
||||||
}
|
}
|
||||||
|
|
||||||
char *rsastr_fmt(struct RSAKey *key)
|
char *rsastr_fmt(RSAKey *key)
|
||||||
{
|
{
|
||||||
strbuf *sb = strbuf_new();
|
strbuf *sb = strbuf_new();
|
||||||
|
|
||||||
@ -230,7 +230,7 @@ char *rsastr_fmt(struct RSAKey *key)
|
|||||||
* Generate a fingerprint string for the key. Compatible with the
|
* Generate a fingerprint string for the key. Compatible with the
|
||||||
* OpenSSH fingerprint code.
|
* OpenSSH fingerprint code.
|
||||||
*/
|
*/
|
||||||
char *rsa_ssh1_fingerprint(struct RSAKey *key)
|
char *rsa_ssh1_fingerprint(RSAKey *key)
|
||||||
{
|
{
|
||||||
struct MD5Context md5c;
|
struct MD5Context md5c;
|
||||||
unsigned char digest[16];
|
unsigned char digest[16];
|
||||||
@ -256,7 +256,7 @@ char *rsa_ssh1_fingerprint(struct RSAKey *key)
|
|||||||
* data. We also check the private data itself: we ensure that p >
|
* data. We also check the private data itself: we ensure that p >
|
||||||
* q and that iqmp really is the inverse of q mod p.
|
* q and that iqmp really is the inverse of q mod p.
|
||||||
*/
|
*/
|
||||||
bool rsa_verify(struct RSAKey *key)
|
bool rsa_verify(RSAKey *key)
|
||||||
{
|
{
|
||||||
mp_int *n, *ed, *pm1, *qm1;
|
mp_int *n, *ed, *pm1, *qm1;
|
||||||
unsigned ok = 1;
|
unsigned ok = 1;
|
||||||
@ -301,7 +301,7 @@ bool rsa_verify(struct RSAKey *key)
|
|||||||
return ok;
|
return ok;
|
||||||
}
|
}
|
||||||
|
|
||||||
void rsa_ssh1_public_blob(BinarySink *bs, struct RSAKey *key,
|
void rsa_ssh1_public_blob(BinarySink *bs, RSAKey *key,
|
||||||
RsaSsh1Order order)
|
RsaSsh1Order order)
|
||||||
{
|
{
|
||||||
put_uint32(bs, mp_get_nbits(key->modulus));
|
put_uint32(bs, mp_get_nbits(key->modulus));
|
||||||
@ -334,7 +334,7 @@ int rsa_ssh1_public_blob_len(ptrlen data)
|
|||||||
return src->pos;
|
return src->pos;
|
||||||
}
|
}
|
||||||
|
|
||||||
void freersapriv(struct RSAKey *key)
|
void freersapriv(RSAKey *key)
|
||||||
{
|
{
|
||||||
if (key->private_exponent) {
|
if (key->private_exponent) {
|
||||||
mp_free(key->private_exponent);
|
mp_free(key->private_exponent);
|
||||||
@ -354,7 +354,7 @@ void freersapriv(struct RSAKey *key)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
void freersakey(struct RSAKey *key)
|
void freersakey(RSAKey *key)
|
||||||
{
|
{
|
||||||
freersapriv(key);
|
freersapriv(key);
|
||||||
if (key->modulus) {
|
if (key->modulus) {
|
||||||
@ -380,13 +380,13 @@ static void rsa2_freekey(ssh_key *key); /* forward reference */
|
|||||||
static ssh_key *rsa2_new_pub(const ssh_keyalg *self, ptrlen data)
|
static ssh_key *rsa2_new_pub(const ssh_keyalg *self, ptrlen data)
|
||||||
{
|
{
|
||||||
BinarySource src[1];
|
BinarySource src[1];
|
||||||
struct RSAKey *rsa;
|
RSAKey *rsa;
|
||||||
|
|
||||||
BinarySource_BARE_INIT(src, data.ptr, data.len);
|
BinarySource_BARE_INIT(src, data.ptr, data.len);
|
||||||
if (!ptrlen_eq_string(get_string(src), "ssh-rsa"))
|
if (!ptrlen_eq_string(get_string(src), "ssh-rsa"))
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
rsa = snew(struct RSAKey);
|
rsa = snew(RSAKey);
|
||||||
rsa->sshk.vt = &ssh_rsa;
|
rsa->sshk.vt = &ssh_rsa;
|
||||||
rsa->exponent = get_mp_ssh2(src);
|
rsa->exponent = get_mp_ssh2(src);
|
||||||
rsa->modulus = get_mp_ssh2(src);
|
rsa->modulus = get_mp_ssh2(src);
|
||||||
@ -404,20 +404,20 @@ static ssh_key *rsa2_new_pub(const ssh_keyalg *self, ptrlen data)
|
|||||||
|
|
||||||
static void rsa2_freekey(ssh_key *key)
|
static void rsa2_freekey(ssh_key *key)
|
||||||
{
|
{
|
||||||
struct RSAKey *rsa = container_of(key, struct RSAKey, sshk);
|
RSAKey *rsa = container_of(key, RSAKey, sshk);
|
||||||
freersakey(rsa);
|
freersakey(rsa);
|
||||||
sfree(rsa);
|
sfree(rsa);
|
||||||
}
|
}
|
||||||
|
|
||||||
static char *rsa2_cache_str(ssh_key *key)
|
static char *rsa2_cache_str(ssh_key *key)
|
||||||
{
|
{
|
||||||
struct RSAKey *rsa = container_of(key, struct RSAKey, sshk);
|
RSAKey *rsa = container_of(key, RSAKey, sshk);
|
||||||
return rsastr_fmt(rsa);
|
return rsastr_fmt(rsa);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void rsa2_public_blob(ssh_key *key, BinarySink *bs)
|
static void rsa2_public_blob(ssh_key *key, BinarySink *bs)
|
||||||
{
|
{
|
||||||
struct RSAKey *rsa = container_of(key, struct RSAKey, sshk);
|
RSAKey *rsa = container_of(key, RSAKey, sshk);
|
||||||
|
|
||||||
put_stringz(bs, "ssh-rsa");
|
put_stringz(bs, "ssh-rsa");
|
||||||
put_mp_ssh2(bs, rsa->exponent);
|
put_mp_ssh2(bs, rsa->exponent);
|
||||||
@ -426,7 +426,7 @@ static void rsa2_public_blob(ssh_key *key, BinarySink *bs)
|
|||||||
|
|
||||||
static void rsa2_private_blob(ssh_key *key, BinarySink *bs)
|
static void rsa2_private_blob(ssh_key *key, BinarySink *bs)
|
||||||
{
|
{
|
||||||
struct RSAKey *rsa = container_of(key, struct RSAKey, sshk);
|
RSAKey *rsa = container_of(key, RSAKey, sshk);
|
||||||
|
|
||||||
put_mp_ssh2(bs, rsa->private_exponent);
|
put_mp_ssh2(bs, rsa->private_exponent);
|
||||||
put_mp_ssh2(bs, rsa->p);
|
put_mp_ssh2(bs, rsa->p);
|
||||||
@ -439,13 +439,13 @@ static ssh_key *rsa2_new_priv(const ssh_keyalg *self,
|
|||||||
{
|
{
|
||||||
BinarySource src[1];
|
BinarySource src[1];
|
||||||
ssh_key *sshk;
|
ssh_key *sshk;
|
||||||
struct RSAKey *rsa;
|
RSAKey *rsa;
|
||||||
|
|
||||||
sshk = rsa2_new_pub(self, pub);
|
sshk = rsa2_new_pub(self, pub);
|
||||||
if (!sshk)
|
if (!sshk)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
rsa = container_of(sshk, struct RSAKey, sshk);
|
rsa = container_of(sshk, RSAKey, sshk);
|
||||||
BinarySource_BARE_INIT(src, priv.ptr, priv.len);
|
BinarySource_BARE_INIT(src, priv.ptr, priv.len);
|
||||||
rsa->private_exponent = get_mp_ssh2(src);
|
rsa->private_exponent = get_mp_ssh2(src);
|
||||||
rsa->p = get_mp_ssh2(src);
|
rsa->p = get_mp_ssh2(src);
|
||||||
@ -463,9 +463,9 @@ static ssh_key *rsa2_new_priv(const ssh_keyalg *self,
|
|||||||
static ssh_key *rsa2_new_priv_openssh(const ssh_keyalg *self,
|
static ssh_key *rsa2_new_priv_openssh(const ssh_keyalg *self,
|
||||||
BinarySource *src)
|
BinarySource *src)
|
||||||
{
|
{
|
||||||
struct RSAKey *rsa;
|
RSAKey *rsa;
|
||||||
|
|
||||||
rsa = snew(struct RSAKey);
|
rsa = snew(RSAKey);
|
||||||
rsa->sshk.vt = &ssh_rsa;
|
rsa->sshk.vt = &ssh_rsa;
|
||||||
rsa->comment = NULL;
|
rsa->comment = NULL;
|
||||||
|
|
||||||
@ -486,7 +486,7 @@ static ssh_key *rsa2_new_priv_openssh(const ssh_keyalg *self,
|
|||||||
|
|
||||||
static void rsa2_openssh_blob(ssh_key *key, BinarySink *bs)
|
static void rsa2_openssh_blob(ssh_key *key, BinarySink *bs)
|
||||||
{
|
{
|
||||||
struct RSAKey *rsa = container_of(key, struct RSAKey, sshk);
|
RSAKey *rsa = container_of(key, RSAKey, sshk);
|
||||||
|
|
||||||
put_mp_ssh2(bs, rsa->modulus);
|
put_mp_ssh2(bs, rsa->modulus);
|
||||||
put_mp_ssh2(bs, rsa->exponent);
|
put_mp_ssh2(bs, rsa->exponent);
|
||||||
@ -499,14 +499,14 @@ static void rsa2_openssh_blob(ssh_key *key, BinarySink *bs)
|
|||||||
static int rsa2_pubkey_bits(const ssh_keyalg *self, ptrlen pub)
|
static int rsa2_pubkey_bits(const ssh_keyalg *self, ptrlen pub)
|
||||||
{
|
{
|
||||||
ssh_key *sshk;
|
ssh_key *sshk;
|
||||||
struct RSAKey *rsa;
|
RSAKey *rsa;
|
||||||
int ret;
|
int ret;
|
||||||
|
|
||||||
sshk = rsa2_new_pub(self, pub);
|
sshk = rsa2_new_pub(self, pub);
|
||||||
if (!sshk)
|
if (!sshk)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
rsa = container_of(sshk, struct RSAKey, sshk);
|
rsa = container_of(sshk, RSAKey, sshk);
|
||||||
ret = mp_get_nbits(rsa->modulus);
|
ret = mp_get_nbits(rsa->modulus);
|
||||||
rsa2_freekey(&rsa->sshk);
|
rsa2_freekey(&rsa->sshk);
|
||||||
|
|
||||||
@ -561,7 +561,7 @@ static const unsigned char sha512_asn1_prefix[] = {
|
|||||||
#define SHA1_ASN1_PREFIX_LEN sizeof(sha1_asn1_prefix)
|
#define SHA1_ASN1_PREFIX_LEN sizeof(sha1_asn1_prefix)
|
||||||
|
|
||||||
static unsigned char *rsa_pkcs1_signature_string(
|
static unsigned char *rsa_pkcs1_signature_string(
|
||||||
size_t nbytes, const struct ssh_hashalg *halg, ptrlen data)
|
size_t nbytes, const ssh_hashalg *halg, ptrlen data)
|
||||||
{
|
{
|
||||||
const unsigned char *asn1_prefix;
|
const unsigned char *asn1_prefix;
|
||||||
unsigned asn1_prefix_size;
|
unsigned asn1_prefix_size;
|
||||||
@ -600,7 +600,7 @@ static unsigned char *rsa_pkcs1_signature_string(
|
|||||||
|
|
||||||
static bool rsa2_verify(ssh_key *key, ptrlen sig, ptrlen data)
|
static bool rsa2_verify(ssh_key *key, ptrlen sig, ptrlen data)
|
||||||
{
|
{
|
||||||
struct RSAKey *rsa = container_of(key, struct RSAKey, sshk);
|
RSAKey *rsa = container_of(key, RSAKey, sshk);
|
||||||
BinarySource src[1];
|
BinarySource src[1];
|
||||||
ptrlen type, in_pl;
|
ptrlen type, in_pl;
|
||||||
mp_int *in, *out;
|
mp_int *in, *out;
|
||||||
@ -641,11 +641,11 @@ static bool rsa2_verify(ssh_key *key, ptrlen sig, ptrlen data)
|
|||||||
static void rsa2_sign(ssh_key *key, ptrlen data,
|
static void rsa2_sign(ssh_key *key, ptrlen data,
|
||||||
unsigned flags, BinarySink *bs)
|
unsigned flags, BinarySink *bs)
|
||||||
{
|
{
|
||||||
struct RSAKey *rsa = container_of(key, struct RSAKey, sshk);
|
RSAKey *rsa = container_of(key, RSAKey, sshk);
|
||||||
unsigned char *bytes;
|
unsigned char *bytes;
|
||||||
size_t nbytes;
|
size_t nbytes;
|
||||||
mp_int *in, *out;
|
mp_int *in, *out;
|
||||||
const struct ssh_hashalg *halg;
|
const ssh_hashalg *halg;
|
||||||
const char *sign_alg_name;
|
const char *sign_alg_name;
|
||||||
|
|
||||||
if (flags & SSH_AGENT_RSA_SHA2_256) {
|
if (flags & SSH_AGENT_RSA_SHA2_256) {
|
||||||
@ -699,25 +699,25 @@ const ssh_keyalg ssh_rsa = {
|
|||||||
SSH_AGENT_RSA_SHA2_256 | SSH_AGENT_RSA_SHA2_512,
|
SSH_AGENT_RSA_SHA2_256 | SSH_AGENT_RSA_SHA2_512,
|
||||||
};
|
};
|
||||||
|
|
||||||
struct RSAKey *ssh_rsakex_newkey(ptrlen data)
|
RSAKey *ssh_rsakex_newkey(ptrlen data)
|
||||||
{
|
{
|
||||||
ssh_key *sshk = rsa2_new_pub(&ssh_rsa, data);
|
ssh_key *sshk = rsa2_new_pub(&ssh_rsa, data);
|
||||||
if (!sshk)
|
if (!sshk)
|
||||||
return NULL;
|
return NULL;
|
||||||
return container_of(sshk, struct RSAKey, sshk);
|
return container_of(sshk, RSAKey, sshk);
|
||||||
}
|
}
|
||||||
|
|
||||||
void ssh_rsakex_freekey(struct RSAKey *key)
|
void ssh_rsakex_freekey(RSAKey *key)
|
||||||
{
|
{
|
||||||
rsa2_freekey(&key->sshk);
|
rsa2_freekey(&key->sshk);
|
||||||
}
|
}
|
||||||
|
|
||||||
int ssh_rsakex_klen(struct RSAKey *rsa)
|
int ssh_rsakex_klen(RSAKey *rsa)
|
||||||
{
|
{
|
||||||
return mp_get_nbits(rsa->modulus);
|
return mp_get_nbits(rsa->modulus);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void oaep_mask(const struct ssh_hashalg *h, void *seed, int seedlen,
|
static void oaep_mask(const ssh_hashalg *h, void *seed, int seedlen,
|
||||||
void *vdata, int datalen)
|
void *vdata, int datalen)
|
||||||
{
|
{
|
||||||
unsigned char *data = (unsigned char *)vdata;
|
unsigned char *data = (unsigned char *)vdata;
|
||||||
@ -743,8 +743,7 @@ static void oaep_mask(const struct ssh_hashalg *h, void *seed, int seedlen,
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
strbuf *ssh_rsakex_encrypt(
|
strbuf *ssh_rsakex_encrypt(RSAKey *rsa, const ssh_hashalg *h, ptrlen in)
|
||||||
struct RSAKey *rsa, const struct ssh_hashalg *h, ptrlen in)
|
|
||||||
{
|
{
|
||||||
mp_int *b1, *b2;
|
mp_int *b1, *b2;
|
||||||
int k, i;
|
int k, i;
|
||||||
@ -840,7 +839,7 @@ strbuf *ssh_rsakex_encrypt(
|
|||||||
}
|
}
|
||||||
|
|
||||||
mp_int *ssh_rsakex_decrypt(
|
mp_int *ssh_rsakex_decrypt(
|
||||||
struct RSAKey *rsa, const struct ssh_hashalg *h, ptrlen ciphertext)
|
RSAKey *rsa, const ssh_hashalg *h, ptrlen ciphertext)
|
||||||
{
|
{
|
||||||
mp_int *b1, *b2;
|
mp_int *b1, *b2;
|
||||||
int outlen, i;
|
int outlen, i;
|
||||||
@ -913,22 +912,22 @@ mp_int *ssh_rsakex_decrypt(
|
|||||||
static const struct ssh_rsa_kex_extra ssh_rsa_kex_extra_sha1 = { 1024 };
|
static const struct ssh_rsa_kex_extra ssh_rsa_kex_extra_sha1 = { 1024 };
|
||||||
static const struct ssh_rsa_kex_extra ssh_rsa_kex_extra_sha256 = { 2048 };
|
static const struct ssh_rsa_kex_extra ssh_rsa_kex_extra_sha256 = { 2048 };
|
||||||
|
|
||||||
static const struct ssh_kex ssh_rsa_kex_sha1 = {
|
static const ssh_kex ssh_rsa_kex_sha1 = {
|
||||||
"rsa1024-sha1", NULL, KEXTYPE_RSA,
|
"rsa1024-sha1", NULL, KEXTYPE_RSA,
|
||||||
&ssh_sha1, &ssh_rsa_kex_extra_sha1,
|
&ssh_sha1, &ssh_rsa_kex_extra_sha1,
|
||||||
};
|
};
|
||||||
|
|
||||||
static const struct ssh_kex ssh_rsa_kex_sha256 = {
|
static const ssh_kex ssh_rsa_kex_sha256 = {
|
||||||
"rsa2048-sha256", NULL, KEXTYPE_RSA,
|
"rsa2048-sha256", NULL, KEXTYPE_RSA,
|
||||||
&ssh_sha256, &ssh_rsa_kex_extra_sha256,
|
&ssh_sha256, &ssh_rsa_kex_extra_sha256,
|
||||||
};
|
};
|
||||||
|
|
||||||
static const struct ssh_kex *const rsa_kex_list[] = {
|
static const ssh_kex *const rsa_kex_list[] = {
|
||||||
&ssh_rsa_kex_sha256,
|
&ssh_rsa_kex_sha256,
|
||||||
&ssh_rsa_kex_sha1
|
&ssh_rsa_kex_sha1
|
||||||
};
|
};
|
||||||
|
|
||||||
const struct ssh_kexes ssh_rsa_kex = {
|
const ssh_kexes ssh_rsa_kex = {
|
||||||
sizeof(rsa_kex_list) / sizeof(*rsa_kex_list),
|
sizeof(rsa_kex_list) / sizeof(*rsa_kex_list),
|
||||||
rsa_kex_list
|
rsa_kex_list
|
||||||
};
|
};
|
||||||
|
@ -9,7 +9,7 @@
|
|||||||
|
|
||||||
#define RSA_EXPONENT 37 /* we like this prime */
|
#define RSA_EXPONENT 37 /* we like this prime */
|
||||||
|
|
||||||
int rsa_generate(struct RSAKey *key, int bits, progfn_t pfn,
|
int rsa_generate(RSAKey *key, int bits, progfn_t pfn,
|
||||||
void *pfnparam)
|
void *pfnparam)
|
||||||
{
|
{
|
||||||
unsigned pfirst, qfirst;
|
unsigned pfirst, qfirst;
|
||||||
|
@ -38,7 +38,7 @@ struct server {
|
|||||||
Conf *conf;
|
Conf *conf;
|
||||||
ssh_key *const *hostkeys;
|
ssh_key *const *hostkeys;
|
||||||
int nhostkeys;
|
int nhostkeys;
|
||||||
struct RSAKey *hostkey1;
|
RSAKey *hostkey1;
|
||||||
AuthPolicy *authpolicy;
|
AuthPolicy *authpolicy;
|
||||||
const SftpServerVtable *sftpserver_vt;
|
const SftpServerVtable *sftpserver_vt;
|
||||||
|
|
||||||
@ -211,7 +211,7 @@ static const PlugVtable ssh_server_plugvt = {
|
|||||||
|
|
||||||
Plug *ssh_server_plug(
|
Plug *ssh_server_plug(
|
||||||
Conf *conf, ssh_key *const *hostkeys, int nhostkeys,
|
Conf *conf, ssh_key *const *hostkeys, int nhostkeys,
|
||||||
struct RSAKey *hostkey1, AuthPolicy *authpolicy, LogPolicy *logpolicy,
|
RSAKey *hostkey1, AuthPolicy *authpolicy, LogPolicy *logpolicy,
|
||||||
const SftpServerVtable *sftpserver_vt)
|
const SftpServerVtable *sftpserver_vt)
|
||||||
{
|
{
|
||||||
server *srv = snew(server);
|
server *srv = snew(server);
|
||||||
|
@ -2,7 +2,7 @@ typedef struct AuthPolicy AuthPolicy;
|
|||||||
|
|
||||||
Plug *ssh_server_plug(
|
Plug *ssh_server_plug(
|
||||||
Conf *conf, ssh_key *const *hostkeys, int nhostkeys,
|
Conf *conf, ssh_key *const *hostkeys, int nhostkeys,
|
||||||
struct RSAKey *hostkey1, AuthPolicy *authpolicy, LogPolicy *logpolicy,
|
RSAKey *hostkey1, AuthPolicy *authpolicy, LogPolicy *logpolicy,
|
||||||
const SftpServerVtable *sftpserver_vt);
|
const SftpServerVtable *sftpserver_vt);
|
||||||
void ssh_server_start(Plug *plug, Socket *socket);
|
void ssh_server_start(Plug *plug, Socket *socket);
|
||||||
|
|
||||||
@ -61,7 +61,7 @@ int auth_kbdint_responses(AuthPolicy *, const ptrlen *responses);
|
|||||||
char *auth_ssh1int_challenge(AuthPolicy *, unsigned method, ptrlen username);
|
char *auth_ssh1int_challenge(AuthPolicy *, unsigned method, ptrlen username);
|
||||||
bool auth_ssh1int_response(AuthPolicy *, ptrlen response);
|
bool auth_ssh1int_response(AuthPolicy *, ptrlen response);
|
||||||
|
|
||||||
struct RSAKey *auth_publickey_ssh1(
|
RSAKey *auth_publickey_ssh1(
|
||||||
AuthPolicy *ap, ptrlen username, mp_int *rsa_modulus);
|
AuthPolicy *ap, ptrlen username, mp_int *rsa_modulus);
|
||||||
/* auth_successful returns false if further authentication is needed */
|
/* auth_successful returns false if further authentication is needed */
|
||||||
bool auth_successful(AuthPolicy *, ptrlen username, unsigned method);
|
bool auth_successful(AuthPolicy *, ptrlen username, unsigned method);
|
||||||
@ -75,7 +75,7 @@ void ssh2connection_server_configure(
|
|||||||
PacketProtocolLayer *ppl, const SftpServerVtable *sftpserver_vt);
|
PacketProtocolLayer *ppl, const SftpServerVtable *sftpserver_vt);
|
||||||
|
|
||||||
PacketProtocolLayer *ssh1_login_server_new(
|
PacketProtocolLayer *ssh1_login_server_new(
|
||||||
PacketProtocolLayer *successor_layer, struct RSAKey *hostkey,
|
PacketProtocolLayer *successor_layer, RSAKey *hostkey,
|
||||||
AuthPolicy *authpolicy);
|
AuthPolicy *authpolicy);
|
||||||
|
|
||||||
Channel *sesschan_new(SshChannel *c, LogContext *logctx,
|
Channel *sesschan_new(SshChannel *c, LogContext *logctx,
|
||||||
|
@ -204,7 +204,7 @@ struct sha256_hash {
|
|||||||
ssh_hash hash;
|
ssh_hash hash;
|
||||||
};
|
};
|
||||||
|
|
||||||
static ssh_hash *sha256_new(const struct ssh_hashalg *alg)
|
static ssh_hash *sha256_new(const ssh_hashalg *alg)
|
||||||
{
|
{
|
||||||
struct sha256_hash *h = snew(struct sha256_hash);
|
struct sha256_hash *h = snew(struct sha256_hash);
|
||||||
SHA256_Init(&h->state);
|
SHA256_Init(&h->state);
|
||||||
@ -242,7 +242,7 @@ static void sha256_final(ssh_hash *hash, unsigned char *output)
|
|||||||
sha256_free(hash);
|
sha256_free(hash);
|
||||||
}
|
}
|
||||||
|
|
||||||
const struct ssh_hashalg ssh_sha256 = {
|
const ssh_hashalg ssh_sha256 = {
|
||||||
sha256_new, sha256_copy, sha256_final, sha256_free, 32, "SHA-256"
|
sha256_new, sha256_copy, sha256_final, sha256_free, 32, "SHA-256"
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -257,7 +257,7 @@ struct hmacsha256 {
|
|||||||
};
|
};
|
||||||
|
|
||||||
static ssh2_mac *hmacsha256_new(
|
static ssh2_mac *hmacsha256_new(
|
||||||
const struct ssh2_macalg *alg, ssh2_cipher *cipher)
|
const ssh2_macalg *alg, ssh2_cipher *cipher)
|
||||||
{
|
{
|
||||||
struct hmacsha256 *ctx = snew(struct hmacsha256);
|
struct hmacsha256 *ctx = snew(struct hmacsha256);
|
||||||
ctx->mac.vt = alg;
|
ctx->mac.vt = alg;
|
||||||
@ -322,7 +322,7 @@ static void hmacsha256_genresult(ssh2_mac *mac, unsigned char *hmac)
|
|||||||
SHA256_Final(&s, hmac);
|
SHA256_Final(&s, hmac);
|
||||||
}
|
}
|
||||||
|
|
||||||
const struct ssh2_macalg ssh_hmac_sha256 = {
|
const ssh2_macalg ssh_hmac_sha256 = {
|
||||||
hmacsha256_new, hmacsha256_free, hmacsha256_key,
|
hmacsha256_new, hmacsha256_free, hmacsha256_key,
|
||||||
hmacsha256_start, hmacsha256_genresult,
|
hmacsha256_start, hmacsha256_genresult,
|
||||||
"hmac-sha2-256", "hmac-sha2-256-etm@openssh.com",
|
"hmac-sha2-256", "hmac-sha2-256-etm@openssh.com",
|
||||||
|
@ -296,7 +296,7 @@ struct sha512_hash {
|
|||||||
ssh_hash hash;
|
ssh_hash hash;
|
||||||
};
|
};
|
||||||
|
|
||||||
static ssh_hash *sha512_new(const struct ssh_hashalg *alg)
|
static ssh_hash *sha512_new(const ssh_hashalg *alg)
|
||||||
{
|
{
|
||||||
struct sha512_hash *h = snew(struct sha512_hash);
|
struct sha512_hash *h = snew(struct sha512_hash);
|
||||||
SHA512_Init(&h->state);
|
SHA512_Init(&h->state);
|
||||||
@ -334,11 +334,11 @@ static void sha512_final(ssh_hash *hash, unsigned char *output)
|
|||||||
sha512_free(hash);
|
sha512_free(hash);
|
||||||
}
|
}
|
||||||
|
|
||||||
const struct ssh_hashalg ssh_sha512 = {
|
const ssh_hashalg ssh_sha512 = {
|
||||||
sha512_new, sha512_copy, sha512_final, sha512_free, 64, "SHA-512"
|
sha512_new, sha512_copy, sha512_final, sha512_free, 64, "SHA-512"
|
||||||
};
|
};
|
||||||
|
|
||||||
static ssh_hash *sha384_new(const struct ssh_hashalg *alg)
|
static ssh_hash *sha384_new(const ssh_hashalg *alg)
|
||||||
{
|
{
|
||||||
struct sha512_hash *h = snew(struct sha512_hash);
|
struct sha512_hash *h = snew(struct sha512_hash);
|
||||||
SHA384_Init(&h->state);
|
SHA384_Init(&h->state);
|
||||||
@ -354,7 +354,7 @@ static void sha384_final(ssh_hash *hash, unsigned char *output)
|
|||||||
sha512_free(hash);
|
sha512_free(hash);
|
||||||
}
|
}
|
||||||
|
|
||||||
const struct ssh_hashalg ssh_sha384 = {
|
const ssh_hashalg ssh_sha384 = {
|
||||||
sha384_new, sha512_copy, sha384_final, sha512_free, 48, "SHA-384"
|
sha384_new, sha512_copy, sha384_final, sha512_free, 48, "SHA-384"
|
||||||
};
|
};
|
||||||
|
|
||||||
|
14
sshsha.c
14
sshsha.c
@ -233,7 +233,7 @@ struct sha1_hash {
|
|||||||
ssh_hash hash;
|
ssh_hash hash;
|
||||||
};
|
};
|
||||||
|
|
||||||
static ssh_hash *sha1_new(const struct ssh_hashalg *alg)
|
static ssh_hash *sha1_new(const ssh_hashalg *alg)
|
||||||
{
|
{
|
||||||
struct sha1_hash *h = snew(struct sha1_hash);
|
struct sha1_hash *h = snew(struct sha1_hash);
|
||||||
SHA_Init(&h->state);
|
SHA_Init(&h->state);
|
||||||
@ -271,7 +271,7 @@ static void sha1_final(ssh_hash *hash, unsigned char *output)
|
|||||||
sha1_free(hash);
|
sha1_free(hash);
|
||||||
}
|
}
|
||||||
|
|
||||||
const struct ssh_hashalg ssh_sha1 = {
|
const ssh_hashalg ssh_sha1 = {
|
||||||
sha1_new, sha1_copy, sha1_final, sha1_free, 20, "SHA-1"
|
sha1_new, sha1_copy, sha1_final, sha1_free, 20, "SHA-1"
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -286,7 +286,7 @@ struct hmacsha1 {
|
|||||||
};
|
};
|
||||||
|
|
||||||
static ssh2_mac *hmacsha1_new(
|
static ssh2_mac *hmacsha1_new(
|
||||||
const struct ssh2_macalg *alg, ssh2_cipher *cipher)
|
const ssh2_macalg *alg, ssh2_cipher *cipher)
|
||||||
{
|
{
|
||||||
struct hmacsha1 *ctx = snew(struct hmacsha1);
|
struct hmacsha1 *ctx = snew(struct hmacsha1);
|
||||||
ctx->mac.vt = alg;
|
ctx->mac.vt = alg;
|
||||||
@ -367,7 +367,7 @@ void hmac_sha1_simple(const void *key, int keylen,
|
|||||||
SHA_Final(&states[1], output);
|
SHA_Final(&states[1], output);
|
||||||
}
|
}
|
||||||
|
|
||||||
const struct ssh2_macalg ssh_hmac_sha1 = {
|
const ssh2_macalg ssh_hmac_sha1 = {
|
||||||
hmacsha1_new, hmacsha1_free, hmacsha1_key,
|
hmacsha1_new, hmacsha1_free, hmacsha1_key,
|
||||||
hmacsha1_start, hmacsha1_genresult,
|
hmacsha1_start, hmacsha1_genresult,
|
||||||
"hmac-sha1", "hmac-sha1-etm@openssh.com",
|
"hmac-sha1", "hmac-sha1-etm@openssh.com",
|
||||||
@ -375,7 +375,7 @@ const struct ssh2_macalg ssh_hmac_sha1 = {
|
|||||||
"HMAC-SHA1"
|
"HMAC-SHA1"
|
||||||
};
|
};
|
||||||
|
|
||||||
const struct ssh2_macalg ssh_hmac_sha1_96 = {
|
const ssh2_macalg ssh_hmac_sha1_96 = {
|
||||||
hmacsha1_new, hmacsha1_free, hmacsha1_key,
|
hmacsha1_new, hmacsha1_free, hmacsha1_key,
|
||||||
hmacsha1_start, hmacsha1_genresult,
|
hmacsha1_start, hmacsha1_genresult,
|
||||||
"hmac-sha1-96", "hmac-sha1-96-etm@openssh.com",
|
"hmac-sha1-96", "hmac-sha1-96-etm@openssh.com",
|
||||||
@ -383,7 +383,7 @@ const struct ssh2_macalg ssh_hmac_sha1_96 = {
|
|||||||
"HMAC-SHA1-96"
|
"HMAC-SHA1-96"
|
||||||
};
|
};
|
||||||
|
|
||||||
const struct ssh2_macalg ssh_hmac_sha1_buggy = {
|
const ssh2_macalg ssh_hmac_sha1_buggy = {
|
||||||
hmacsha1_new, hmacsha1_free, hmacsha1_key,
|
hmacsha1_new, hmacsha1_free, hmacsha1_key,
|
||||||
hmacsha1_start, hmacsha1_genresult,
|
hmacsha1_start, hmacsha1_genresult,
|
||||||
"hmac-sha1", NULL,
|
"hmac-sha1", NULL,
|
||||||
@ -391,7 +391,7 @@ const struct ssh2_macalg ssh_hmac_sha1_buggy = {
|
|||||||
"bug-compatible HMAC-SHA1"
|
"bug-compatible HMAC-SHA1"
|
||||||
};
|
};
|
||||||
|
|
||||||
const struct ssh2_macalg ssh_hmac_sha1_96_buggy = {
|
const ssh2_macalg ssh_hmac_sha1_96_buggy = {
|
||||||
hmacsha1_new, hmacsha1_free, hmacsha1_key,
|
hmacsha1_new, hmacsha1_free, hmacsha1_key,
|
||||||
hmacsha1_start, hmacsha1_genresult,
|
hmacsha1_start, hmacsha1_genresult,
|
||||||
"hmac-sha1-96", NULL,
|
"hmac-sha1-96", NULL,
|
||||||
|
@ -1196,7 +1196,7 @@ bool zlib_decompress_block(ssh_decompressor *dc,
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
const struct ssh_compression_alg ssh_zlib = {
|
const ssh_compression_alg ssh_zlib = {
|
||||||
"zlib",
|
"zlib",
|
||||||
"zlib@openssh.com", /* delayed version */
|
"zlib@openssh.com", /* delayed version */
|
||||||
zlib_compress_init,
|
zlib_compress_init,
|
||||||
|
12
testcrypt.c
12
testcrypt.c
@ -289,11 +289,11 @@ static const ssh2_cipheralg *get_ssh2_cipheralg(BinarySource *in)
|
|||||||
fatal_error("ssh2_cipheralg '%.*s': not found", PTRLEN_PRINTF(name));
|
fatal_error("ssh2_cipheralg '%.*s': not found", PTRLEN_PRINTF(name));
|
||||||
}
|
}
|
||||||
|
|
||||||
static const struct ssh_kex *get_dh_group(BinarySource *in)
|
static const ssh_kex *get_dh_group(BinarySource *in)
|
||||||
{
|
{
|
||||||
static const struct {
|
static const struct {
|
||||||
const char *key;
|
const char *key;
|
||||||
const struct ssh_kexes *value;
|
const ssh_kexes *value;
|
||||||
} algs[] = {
|
} algs[] = {
|
||||||
{"group1", &ssh_diffiehellman_group1},
|
{"group1", &ssh_diffiehellman_group1},
|
||||||
{"group14", &ssh_diffiehellman_group14},
|
{"group14", &ssh_diffiehellman_group14},
|
||||||
@ -307,11 +307,11 @@ static const struct ssh_kex *get_dh_group(BinarySource *in)
|
|||||||
fatal_error("dh_group '%.*s': not found", PTRLEN_PRINTF(name));
|
fatal_error("dh_group '%.*s': not found", PTRLEN_PRINTF(name));
|
||||||
}
|
}
|
||||||
|
|
||||||
static const struct ssh_kex *get_ecdh_alg(BinarySource *in)
|
static const ssh_kex *get_ecdh_alg(BinarySource *in)
|
||||||
{
|
{
|
||||||
static const struct {
|
static const struct {
|
||||||
const char *key;
|
const char *key;
|
||||||
const struct ssh_kex *value;
|
const ssh_kex *value;
|
||||||
} algs[] = {
|
} algs[] = {
|
||||||
{"curve25519", &ssh_ec_kex_curve25519},
|
{"curve25519", &ssh_ec_kex_curve25519},
|
||||||
{"nistp256", &ssh_ec_kex_nistp256},
|
{"nistp256", &ssh_ec_kex_nistp256},
|
||||||
@ -801,8 +801,8 @@ typedef const ssh2_macalg *TD_macalg;
|
|||||||
typedef const ssh_keyalg *TD_keyalg;
|
typedef const ssh_keyalg *TD_keyalg;
|
||||||
typedef const ssh1_cipheralg *TD_ssh1_cipheralg;
|
typedef const ssh1_cipheralg *TD_ssh1_cipheralg;
|
||||||
typedef const ssh2_cipheralg *TD_ssh2_cipheralg;
|
typedef const ssh2_cipheralg *TD_ssh2_cipheralg;
|
||||||
typedef const struct ssh_kex *TD_dh_group;
|
typedef const ssh_kex *TD_dh_group;
|
||||||
typedef const struct ssh_kex *TD_ecdh_alg;
|
typedef const ssh_kex *TD_ecdh_alg;
|
||||||
typedef RsaSsh1Order TD_rsaorder;
|
typedef RsaSsh1Order TD_rsaorder;
|
||||||
|
|
||||||
#define WRAPPED_NAME_INNER(a, b, ...) b
|
#define WRAPPED_NAME_INNER(a, b, ...) b
|
||||||
|
@ -681,7 +681,7 @@ void run_client(void)
|
|||||||
|
|
||||||
if (key->ssh_version == 1) {
|
if (key->ssh_version == 1) {
|
||||||
BinarySource src[1];
|
BinarySource src[1];
|
||||||
struct RSAKey rkey;
|
RSAKey rkey;
|
||||||
|
|
||||||
BinarySource_BARE_INIT(src, key->blob->u, key->blob->len);
|
BinarySource_BARE_INIT(src, key->blob->u, key->blob->len);
|
||||||
memset(&rkey, 0, sizeof(rkey));
|
memset(&rkey, 0, sizeof(rkey));
|
||||||
|
@ -159,7 +159,7 @@ static const LogPolicyVtable server_logpolicy_vt = {
|
|||||||
LogPolicy server_logpolicy[1] = {{ &server_logpolicy_vt }};
|
LogPolicy server_logpolicy[1] = {{ &server_logpolicy_vt }};
|
||||||
|
|
||||||
struct AuthPolicy_ssh1_pubkey {
|
struct AuthPolicy_ssh1_pubkey {
|
||||||
struct RSAKey key;
|
RSAKey key;
|
||||||
struct AuthPolicy_ssh1_pubkey *next;
|
struct AuthPolicy_ssh1_pubkey *next;
|
||||||
};
|
};
|
||||||
struct AuthPolicy_ssh2_pubkey {
|
struct AuthPolicy_ssh2_pubkey {
|
||||||
@ -221,7 +221,7 @@ bool auth_publickey(AuthPolicy *ap, ptrlen username, ptrlen public_blob)
|
|||||||
}
|
}
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
struct RSAKey *auth_publickey_ssh1(
|
RSAKey *auth_publickey_ssh1(
|
||||||
AuthPolicy *ap, ptrlen username, mp_int *rsa_modulus)
|
AuthPolicy *ap, ptrlen username, mp_int *rsa_modulus)
|
||||||
{
|
{
|
||||||
struct AuthPolicy_ssh1_pubkey *iter;
|
struct AuthPolicy_ssh1_pubkey *iter;
|
||||||
@ -365,7 +365,7 @@ int main(int argc, char **argv)
|
|||||||
|
|
||||||
ssh_key **hostkeys = NULL;
|
ssh_key **hostkeys = NULL;
|
||||||
int nhostkeys = 0, hostkeysize = 0;
|
int nhostkeys = 0, hostkeysize = 0;
|
||||||
struct RSAKey *hostkey1 = NULL;
|
RSAKey *hostkey1 = NULL;
|
||||||
|
|
||||||
AuthPolicy ap;
|
AuthPolicy ap;
|
||||||
|
|
||||||
@ -407,7 +407,7 @@ int main(int argc, char **argv)
|
|||||||
keytype = key_type(keyfile);
|
keytype = key_type(keyfile);
|
||||||
|
|
||||||
if (keytype == SSH_KEYTYPE_SSH2) {
|
if (keytype == SSH_KEYTYPE_SSH2) {
|
||||||
struct ssh2_userkey *uk;
|
ssh2_userkey *uk;
|
||||||
ssh_key *key;
|
ssh_key *key;
|
||||||
uk = ssh2_load_userkey(keyfile, NULL, &error);
|
uk = ssh2_load_userkey(keyfile, NULL, &error);
|
||||||
filename_free(keyfile);
|
filename_free(keyfile);
|
||||||
@ -439,7 +439,7 @@ int main(int argc, char **argv)
|
|||||||
"SSH-1 host key\n", appname, val);
|
"SSH-1 host key\n", appname, val);
|
||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
hostkey1 = snew(struct RSAKey);
|
hostkey1 = snew(RSAKey);
|
||||||
if (!rsa_ssh1_loadkey(keyfile, hostkey1, NULL, &error)) {
|
if (!rsa_ssh1_loadkey(keyfile, hostkey1, NULL, &error)) {
|
||||||
fprintf(stderr, "%s: unable to load host key '%s': "
|
fprintf(stderr, "%s: unable to load host key '%s': "
|
||||||
"%s\n", appname, val, error);
|
"%s\n", appname, val, error);
|
||||||
|
@ -344,7 +344,7 @@ struct rsa_key_thread_params {
|
|||||||
int curve_bits; /* bits in elliptic curve (ECDSA) */
|
int curve_bits; /* bits in elliptic curve (ECDSA) */
|
||||||
keytype keytype;
|
keytype keytype;
|
||||||
union {
|
union {
|
||||||
struct RSAKey *key;
|
RSAKey *key;
|
||||||
struct dss_key *dsskey;
|
struct dss_key *dsskey;
|
||||||
struct ecdsa_key *eckey;
|
struct ecdsa_key *eckey;
|
||||||
struct eddsa_key *edkey;
|
struct eddsa_key *edkey;
|
||||||
@ -384,10 +384,10 @@ struct MainDlgState {
|
|||||||
bool ssh2;
|
bool ssh2;
|
||||||
keytype keytype;
|
keytype keytype;
|
||||||
char **commentptr; /* points to key.comment or ssh2key.comment */
|
char **commentptr; /* points to key.comment or ssh2key.comment */
|
||||||
struct ssh2_userkey ssh2key;
|
ssh2_userkey ssh2key;
|
||||||
unsigned *entropy;
|
unsigned *entropy;
|
||||||
union {
|
union {
|
||||||
struct RSAKey key;
|
RSAKey key;
|
||||||
struct dss_key dsskey;
|
struct dss_key dsskey;
|
||||||
struct ecdsa_key eckey;
|
struct ecdsa_key eckey;
|
||||||
struct eddsa_key edkey;
|
struct eddsa_key edkey;
|
||||||
@ -402,7 +402,7 @@ static void hidemany(HWND hwnd, const int *ids, bool hideit)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
static void setupbigedit1(HWND hwnd, int id, int idstatic, struct RSAKey *key)
|
static void setupbigedit1(HWND hwnd, int id, int idstatic, RSAKey *key)
|
||||||
{
|
{
|
||||||
char *buffer = ssh1_pubkey_str(key);
|
char *buffer = ssh1_pubkey_str(key);
|
||||||
SetDlgItemText(hwnd, id, buffer);
|
SetDlgItemText(hwnd, id, buffer);
|
||||||
@ -412,7 +412,7 @@ static void setupbigedit1(HWND hwnd, int id, int idstatic, struct RSAKey *key)
|
|||||||
}
|
}
|
||||||
|
|
||||||
static void setupbigedit2(HWND hwnd, int id, int idstatic,
|
static void setupbigedit2(HWND hwnd, int id, int idstatic,
|
||||||
struct ssh2_userkey *key)
|
ssh2_userkey *key)
|
||||||
{
|
{
|
||||||
char *buffer = ssh2_pubkey_openssh_str(key);
|
char *buffer = ssh2_pubkey_openssh_str(key);
|
||||||
SetDlgItemText(hwnd, id, buffer);
|
SetDlgItemText(hwnd, id, buffer);
|
||||||
@ -648,8 +648,8 @@ void load_key_file(HWND hwnd, struct MainDlgState *state,
|
|||||||
int ret;
|
int ret;
|
||||||
const char *errmsg = NULL;
|
const char *errmsg = NULL;
|
||||||
char *comment;
|
char *comment;
|
||||||
struct RSAKey newkey1;
|
RSAKey newkey1;
|
||||||
struct ssh2_userkey *newkey2 = NULL;
|
ssh2_userkey *newkey2 = NULL;
|
||||||
|
|
||||||
type = realtype = key_type(filename);
|
type = realtype = key_type(filename);
|
||||||
if (type != SSH_KEYTYPE_SSH1 &&
|
if (type != SSH_KEYTYPE_SSH1 &&
|
||||||
|
@ -256,8 +256,8 @@ void old_keyfile_warning(void)
|
|||||||
*/
|
*/
|
||||||
void keylist_update(void)
|
void keylist_update(void)
|
||||||
{
|
{
|
||||||
struct RSAKey *rkey;
|
RSAKey *rkey;
|
||||||
struct ssh2_userkey *skey;
|
ssh2_userkey *skey;
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
if (keylist) {
|
if (keylist) {
|
||||||
@ -472,8 +472,8 @@ static void prompt_add_keyfile(void)
|
|||||||
static INT_PTR CALLBACK KeyListProc(HWND hwnd, UINT msg,
|
static INT_PTR CALLBACK KeyListProc(HWND hwnd, UINT msg,
|
||||||
WPARAM wParam, LPARAM lParam)
|
WPARAM wParam, LPARAM lParam)
|
||||||
{
|
{
|
||||||
struct RSAKey *rkey;
|
RSAKey *rkey;
|
||||||
struct ssh2_userkey *skey;
|
ssh2_userkey *skey;
|
||||||
|
|
||||||
switch (msg) {
|
switch (msg) {
|
||||||
case WM_INITDIALOG:
|
case WM_INITDIALOG:
|
||||||
|
Loading…
Reference in New Issue
Block a user