33 #elif defined(HAVE_LIBMBEDCRYPTO) 34 #include <mbedtls/gcm.h> 36 #include "libssh/wrapper.h" 45 #ifdef HAVE_OPENSSL_ECDH_H 46 #include <openssl/ecdh.h> 48 #include "libssh/dh.h" 49 #include "libssh/ecdh.h" 50 #include "libssh/kex.h" 51 #include "libssh/curve25519.h" 53 #define DIGEST_MAX_LEN 64 55 #define AES_GCM_TAGLEN 16 56 #define AES_GCM_IVLEN 12 58 enum ssh_key_exchange_e {
60 SSH_KEX_DH_GROUP1_SHA1=1,
62 SSH_KEX_DH_GROUP14_SHA1,
67 SSH_KEX_DH_GEX_SHA256,
70 SSH_KEX_ECDH_SHA2_NISTP256,
72 SSH_KEX_ECDH_SHA2_NISTP384,
74 SSH_KEX_ECDH_SHA2_NISTP521,
76 SSH_KEX_CURVE25519_SHA256_LIBSSH_ORG,
78 SSH_KEX_CURVE25519_SHA256,
80 SSH_KEX_DH_GROUP16_SHA512,
82 SSH_KEX_DH_GROUP18_SHA512,
84 SSH_KEX_DH_GROUP14_SHA256,
89 #ifdef WITH_BLOWFISH_CIPHER 101 SSH_AEAD_CHACHA20_POLY1305
107 bignum shared_secret;
110 size_t dh_pmin;
size_t dh_pn;
size_t dh_pmax;
113 #ifdef HAVE_OPENSSL_ECC 114 EC_KEY *ecdh_privkey;
115 #elif defined HAVE_GCRYPT_ECC 116 gcry_sexp_t ecdh_privkey;
117 #elif defined HAVE_LIBMBEDCRYPTO 118 mbedtls_ecp_keypair *ecdh_privkey;
123 #ifdef HAVE_CURVE25519 124 ssh_curve25519_privkey curve25519_privkey;
125 ssh_curve25519_pubkey curve25519_client_pubkey;
126 ssh_curve25519_pubkey curve25519_server_pubkey;
129 size_t session_id_len;
130 unsigned char *session_id;
132 unsigned char *secret_hash;
133 unsigned char *encryptIV;
134 unsigned char *decryptIV;
135 unsigned char *decryptkey;
136 unsigned char *encryptkey;
137 unsigned char *encryptMAC;
138 unsigned char *decryptMAC;
139 unsigned char hmacbuf[DIGEST_MAX_LEN];
141 enum ssh_hmac_e in_hmac, out_hmac;
142 bool in_hmac_etm, out_hmac_etm;
147 int delayed_compress_in;
148 int delayed_compress_out;
149 void *compress_out_ctx;
150 void *compress_in_ctx;
154 char *kex_methods[SSH_KEX_METHODS];
155 enum ssh_key_exchange_e kex_type;
156 enum ssh_kdf_digest digest_type;
157 enum ssh_crypto_direction_e used;
162 unsigned int blocksize;
163 enum ssh_cipher_e ciphertype;
164 uint32_t lenfield_blocksize;
166 #ifdef HAVE_LIBGCRYPT 167 gcry_cipher_hd_t *key;
168 unsigned char last_iv[AES_GCM_IVLEN];
169 #elif defined HAVE_LIBCRYPTO 170 struct ssh_3des_key_schedule *des3_key;
171 struct ssh_aes_key_schedule *aes_key;
172 const EVP_CIPHER *cipher;
174 #elif defined HAVE_LIBMBEDCRYPTO 175 mbedtls_cipher_context_t encrypt_ctx;
176 mbedtls_cipher_context_t decrypt_ctx;
177 mbedtls_cipher_type_t type;
179 mbedtls_gcm_context gcm_ctx;
180 unsigned char last_iv[AES_GCM_IVLEN];
184 unsigned int keysize;
203 size_t len, uint8_t *mac, uint64_t seq);
205 uint8_t *out,
size_t len, uint64_t seq);
206 int (*aead_decrypt)(
struct ssh_cipher_struct *cipher,
void *complete_packet, uint8_t *out,
207 size_t encrypted_size, uint64_t seq);
213 unsigned char *key,
size_t key_len,
214 int key_type,
unsigned char *output,
215 size_t requested_len);
Definition: chachapoly.c:32
Definition: dh_crypto.c:40