00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025 #ifndef _CRYPTO_H_
00026 #define _CRYPTO_H_
00027
00028 #include "config.h"
00029
00030 #ifdef HAVE_LIBGCRYPT
00031 #include <gcrypt.h>
00032 #endif
00033 #include "libssh/wrapper.h"
00034
00035 #ifdef cbc_encrypt
00036 #undef cbc_encrypt
00037 #endif
00038 #ifdef cbc_decrypt
00039 #undef cbc_decrypt
00040 #endif
00041
00042 #ifdef HAVE_OPENSSL_ECDH_H
00043 #include <openssl/ecdh.h>
00044 #endif
00045 #include "libssh/ecdh.h"
00046 #include "libssh/kex.h"
00047 #include "libssh/curve25519.h"
00048
00049 #define DIGEST_MAX_LEN 64
00050
00051 enum ssh_key_exchange_e {
00052
00053 SSH_KEX_DH_GROUP1_SHA1=1,
00054
00055 SSH_KEX_DH_GROUP14_SHA1,
00056
00057 SSH_KEX_ECDH_SHA2_NISTP256,
00058
00059 SSH_KEX_CURVE25519_SHA256_LIBSSH_ORG
00060 };
00061
00062 struct ssh_crypto_struct {
00063 bignum e,f,x,k,y;
00064 #ifdef HAVE_ECDH
00065 EC_KEY *ecdh_privkey;
00066 ssh_string ecdh_client_pubkey;
00067 ssh_string ecdh_server_pubkey;
00068 #endif
00069 #ifdef HAVE_CURVE25519
00070 ssh_curve25519_privkey curve25519_privkey;
00071 ssh_curve25519_pubkey curve25519_client_pubkey;
00072 ssh_curve25519_pubkey curve25519_server_pubkey;
00073 #endif
00074 ssh_string dh_server_signature;
00075 size_t digest_len;
00076 unsigned char *session_id;
00077 unsigned char *secret_hash;
00078 unsigned char *encryptIV;
00079 unsigned char *decryptIV;
00080 unsigned char *decryptkey;
00081 unsigned char *encryptkey;
00082 unsigned char *encryptMAC;
00083 unsigned char *decryptMAC;
00084 unsigned char hmacbuf[DIGEST_MAX_LEN];
00085 struct ssh_cipher_struct *in_cipher, *out_cipher;
00086 enum ssh_hmac_e in_hmac, out_hmac;
00087
00088 ssh_string server_pubkey;
00089 const char *server_pubkey_type;
00090 int do_compress_out;
00091 int do_compress_in;
00092 int delayed_compress_in;
00093 int delayed_compress_out;
00094 void *compress_out_ctx;
00095 void *compress_in_ctx;
00096
00097 struct ssh_kex_struct server_kex;
00098 struct ssh_kex_struct client_kex;
00099 char *kex_methods[SSH_KEX_METHODS];
00100 enum ssh_key_exchange_e kex_type;
00101 enum ssh_mac_e mac_type;
00102 };
00103
00104 struct ssh_cipher_struct {
00105 const char *name;
00106 unsigned int blocksize;
00107 unsigned int keylen;
00108 #ifdef HAVE_LIBGCRYPT
00109 gcry_cipher_hd_t *key;
00110 #elif defined HAVE_LIBCRYPTO
00111 void *key;
00112 void *IV;
00113 #endif
00114 unsigned int keysize;
00115
00116 int (*set_encrypt_key)(struct ssh_cipher_struct *cipher, void *key, void *IV);
00117 int (*set_decrypt_key)(struct ssh_cipher_struct *cipher, void *key, void *IV);
00118 void (*encrypt)(struct ssh_cipher_struct *cipher, void *in, void *out,
00119 unsigned long len);
00120 void (*decrypt)(struct ssh_cipher_struct *cipher, void *in, void *out,
00121 unsigned long len);
00122 };
00123
00124
00125 #endif