kex.h revision 65668 
1/*
2 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 * 1. Redistributions of source code must retain the above copyright
8 *    notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 *    notice, this list of conditions and the following disclaimer in the
11 *    documentation and/or other materials provided with the distribution.
12 *
13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23 */
24#ifndef KEX_H
25#define KEX_H
26
27#define	KEX_DH1	"diffie-hellman-group1-sha1"
28#define KEX_DSS	"ssh-dss"
29
30enum kex_init_proposals {
31	PROPOSAL_KEX_ALGS,
32	PROPOSAL_SERVER_HOST_KEY_ALGS,
33	PROPOSAL_ENC_ALGS_CTOS,
34	PROPOSAL_ENC_ALGS_STOC,
35	PROPOSAL_MAC_ALGS_CTOS,
36	PROPOSAL_MAC_ALGS_STOC,
37	PROPOSAL_COMP_ALGS_CTOS,
38	PROPOSAL_COMP_ALGS_STOC,
39	PROPOSAL_LANG_CTOS,
40	PROPOSAL_LANG_STOC,
41	PROPOSAL_MAX
42};
43
44enum kex_modes {
45	MODE_IN,
46	MODE_OUT,
47	MODE_MAX
48};
49
50typedef struct Kex Kex;
51typedef struct Mac Mac;
52typedef struct Comp Comp;
53typedef struct Enc Enc;
54
55struct Enc {
56	int		type;
57	int		enabled;
58	int		block_size;
59	unsigned char	*key;
60	unsigned char	*iv;
61	int		key_len;
62	int		iv_len;
63	char		*name;
64};
65struct Mac {
66	EVP_MD		*md;
67	int		enabled;
68	int		mac_len;
69	unsigned char	*key;
70	int		key_len;
71	char		*name;
72};
73struct Comp {
74	int		type;
75	int		enabled;
76	char		*name;
77};
78struct Kex {
79	Enc		enc [MODE_MAX];
80	Mac		mac [MODE_MAX];
81	Comp		comp[MODE_MAX];
82	int		we_need;
83	int		server;
84	char		*name;
85	char		*hostkeyalg;
86};
87
88Buffer	*kex_init(char *myproposal[PROPOSAL_MAX]);
89void
90kex_exchange_kexinit(
91    Buffer *my_kexinit, Buffer *peer_kexint,
92    char *peer_proposal[PROPOSAL_MAX]);
93Kex *
94kex_choose_conf(char *cprop[PROPOSAL_MAX],
95    char *sprop[PROPOSAL_MAX], int server);
96int	kex_derive_keys(Kex *k, unsigned char *hash, BIGNUM *shared_secret);
97void	packet_set_kex(Kex *k);
98int	dh_pub_is_valid(DH *dh, BIGNUM *dh_pub);
99DH	*dh_new_group1();
100
101unsigned char *
102kex_hash(
103    char *client_version_string,
104    char *server_version_string,
105    char *ckexinit, int ckexinitlen,
106    char *skexinit, int skexinitlen,
107    char *serverhostkeyblob, int sbloblen,
108    BIGNUM *client_dh_pub,
109    BIGNUM *server_dh_pub,
110    BIGNUM *shared_secret);
111
112#endif
113