kex.h (69587) | kex.h (76259) |
---|---|
1/* $OpenBSD: kex.h,v 1.22 2001/04/04 20:25:37 markus Exp $ */ 2 |
|
1/* 2 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. --- 10 unchanged lines hidden (view full) --- 19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 23 */ 24#ifndef KEX_H 25#define KEX_H 26 | 3/* 4 * Copyright (c) 2000 Markus Friedl. All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. --- 10 unchanged lines hidden (view full) --- 21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 */ 26#ifndef KEX_H 27#define KEX_H 28 |
29#include <openssl/evp.h> 30#include "buffer.h" 31#include "cipher.h" 32#include "key.h" 33 |
|
27#define KEX_DH1 "diffie-hellman-group1-sha1" 28#define KEX_DHGEX "diffie-hellman-group-exchange-sha1" | 34#define KEX_DH1 "diffie-hellman-group1-sha1" 35#define KEX_DHGEX "diffie-hellman-group-exchange-sha1" |
29#define KEX_DSS "ssh-dss" | |
30 31enum kex_init_proposals { 32 PROPOSAL_KEX_ALGS, 33 PROPOSAL_SERVER_HOST_KEY_ALGS, 34 PROPOSAL_ENC_ALGS_CTOS, 35 PROPOSAL_ENC_ALGS_STOC, 36 PROPOSAL_MAC_ALGS_CTOS, 37 PROPOSAL_MAC_ALGS_STOC, --- 9 unchanged lines hidden (view full) --- 47 MODE_OUT, 48 MODE_MAX 49}; 50 51enum kex_exchange { 52 DH_GRP1_SHA1, 53 DH_GEX_SHA1 54}; | 36 37enum kex_init_proposals { 38 PROPOSAL_KEX_ALGS, 39 PROPOSAL_SERVER_HOST_KEY_ALGS, 40 PROPOSAL_ENC_ALGS_CTOS, 41 PROPOSAL_ENC_ALGS_STOC, 42 PROPOSAL_MAC_ALGS_CTOS, 43 PROPOSAL_MAC_ALGS_STOC, --- 9 unchanged lines hidden (view full) --- 53 MODE_OUT, 54 MODE_MAX 55}; 56 57enum kex_exchange { 58 DH_GRP1_SHA1, 59 DH_GEX_SHA1 60}; |
55 | 61 62#define KEX_INIT_SENT 0x0001 63 |
56typedef struct Kex Kex; 57typedef struct Mac Mac; 58typedef struct Comp Comp; 59typedef struct Enc Enc; | 64typedef struct Kex Kex; 65typedef struct Mac Mac; 66typedef struct Comp Comp; 67typedef struct Enc Enc; |
68typedef struct Newkeys Newkeys; |
|
60 61struct Enc { | 69 70struct Enc { |
62 char *name; 63 Cipher *cipher; 64 int enabled; 65 unsigned char *key; 66 unsigned char *iv; | 71 char *name; 72 Cipher *cipher; 73 int enabled; 74 u_char *key; 75 u_char *iv; |
67}; 68struct Mac { | 76}; 77struct Mac { |
69 char *name; 70 int enabled; 71 EVP_MD *md; 72 int mac_len; 73 unsigned char *key; 74 int key_len; | 78 char *name; 79 int enabled; 80 EVP_MD *md; 81 int mac_len; 82 u_char *key; 83 int key_len; |
75}; 76struct Comp { | 84}; 85struct Comp { |
77 int type; 78 int enabled; 79 char *name; | 86 int type; 87 int enabled; 88 char *name; |
80}; | 89}; |
90struct Newkeys { 91 Enc enc; 92 Mac mac; 93 Comp comp; 94}; |
|
81struct Kex { | 95struct Kex { |
82 Enc enc [MODE_MAX]; 83 Mac mac [MODE_MAX]; 84 Comp comp[MODE_MAX]; 85 int we_need; 86 int server; 87 char *name; 88 char *hostkeyalg; 89 int kex_type; | 96 u_char *session_id; 97 int session_id_len; 98 Newkeys *newkeys[MODE_MAX]; 99 int we_need; 100 int server; 101 char *name; 102 int hostkey_type; 103 int kex_type; 104 Buffer my; 105 Buffer peer; 106 int done; 107 int flags; 108 char *client_version_string; 109 char *server_version_string; 110 int (*check_host_key)(Key *hostkey); 111 Key *(*load_host_key)(int type); |
90}; 91 | 112}; 113 |
92Buffer *kex_init(char *myproposal[PROPOSAL_MAX]); 93void 94kex_exchange_kexinit( 95 Buffer *my_kexinit, Buffer *peer_kexint, 96 char *peer_proposal[PROPOSAL_MAX]); 97Kex * 98kex_choose_conf(char *cprop[PROPOSAL_MAX], 99 char *sprop[PROPOSAL_MAX], int server); 100int kex_derive_keys(Kex *k, unsigned char *hash, BIGNUM *shared_secret); 101void packet_set_kex(Kex *k); 102int dh_pub_is_valid(DH *dh, BIGNUM *dh_pub); 103DH *dh_new_group_asc(const char *, const char *); 104DH *dh_new_group(BIGNUM *, BIGNUM *); 105DH *dh_new_group1(); | 114Kex *kex_setup(char *proposal[PROPOSAL_MAX]); 115void kex_finish(Kex *kex); |
106 | 116 |
107unsigned char * 108kex_hash( 109 char *client_version_string, 110 char *server_version_string, 111 char *ckexinit, int ckexinitlen, 112 char *skexinit, int skexinitlen, 113 char *serverhostkeyblob, int sbloblen, 114 BIGNUM *client_dh_pub, 115 BIGNUM *server_dh_pub, 116 BIGNUM *shared_secret); | 117void kex_send_kexinit(Kex *kex); 118void kex_input_kexinit(int type, int plen, void *ctxt); 119void kex_derive_keys(Kex *k, u_char *hash, BIGNUM *shared_secret); |
117 | 120 |
118unsigned char * 119kex_hash_gex( 120 char *client_version_string, 121 char *server_version_string, 122 char *ckexinit, int ckexinitlen, 123 char *skexinit, int skexinitlen, 124 char *serverhostkeyblob, int sbloblen, 125 int minbits, BIGNUM *prime, BIGNUM *gen, 126 BIGNUM *client_dh_pub, 127 BIGNUM *server_dh_pub, 128 BIGNUM *shared_secret); | 121void kexdh(Kex *); 122void kexgex(Kex *); 123 124Newkeys *kex_get_newkeys(int mode); 125 126#if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) 127void dump_digest(char *msg, u_char *digest, int len); |
129#endif | 128#endif |
129 130#endif |
|