33 #elif defined(HAVE_LIBMBEDCRYPTO)
34 #include <mbedtls/gcm.h>
36 #include "libssh/wrapper.h"
45 #ifdef HAVE_OPENSSL_ECDH_H
46 #include <openssl/ecdh.h>
48 #include "libssh/dh.h"
49 #include "libssh/ecdh.h"
50 #include "libssh/kex.h"
51 #include "libssh/curve25519.h"
53 #define DIGEST_MAX_LEN 64
55 #define AES_GCM_TAGLEN 16
56 #define AES_GCM_IVLEN 12
58 enum ssh_key_exchange_e {
60 SSH_KEX_DH_GROUP1_SHA1=1,
62 SSH_KEX_DH_GROUP14_SHA1,
67 SSH_KEX_DH_GEX_SHA256,
70 SSH_KEX_ECDH_SHA2_NISTP256,
72 SSH_KEX_ECDH_SHA2_NISTP384,
74 SSH_KEX_ECDH_SHA2_NISTP521,
76 SSH_KEX_CURVE25519_SHA256_LIBSSH_ORG,
78 SSH_KEX_CURVE25519_SHA256,
80 SSH_KEX_DH_GROUP16_SHA512,
82 SSH_KEX_DH_GROUP18_SHA512,
87 #ifdef WITH_BLOWFISH_CIPHER
99 SSH_AEAD_CHACHA20_POLY1305
105 bignum shared_secret;
108 size_t dh_pmin;
size_t dh_pn;
size_t dh_pmax;
111 #ifdef HAVE_OPENSSL_ECC
112 EC_KEY *ecdh_privkey;
113 #elif defined HAVE_GCRYPT_ECC
114 gcry_sexp_t ecdh_privkey;
115 #elif defined HAVE_LIBMBEDCRYPTO
116 mbedtls_ecp_keypair *ecdh_privkey;
121 #ifdef HAVE_CURVE25519
122 ssh_curve25519_privkey curve25519_privkey;
123 ssh_curve25519_pubkey curve25519_client_pubkey;
124 ssh_curve25519_pubkey curve25519_server_pubkey;
128 unsigned char *session_id;
129 unsigned char *secret_hash;
130 unsigned char *encryptIV;
131 unsigned char *decryptIV;
132 unsigned char *decryptkey;
133 unsigned char *encryptkey;
134 unsigned char *encryptMAC;
135 unsigned char *decryptMAC;
136 unsigned char hmacbuf[DIGEST_MAX_LEN];
138 enum ssh_hmac_e in_hmac, out_hmac;
139 bool in_hmac_etm, out_hmac_etm;
144 int delayed_compress_in;
145 int delayed_compress_out;
146 void *compress_out_ctx;
147 void *compress_in_ctx;
151 char *kex_methods[SSH_KEX_METHODS];
152 enum ssh_key_exchange_e kex_type;
153 enum ssh_kdf_digest digest_type;
154 enum ssh_crypto_direction_e used;
159 unsigned int blocksize;
160 enum ssh_cipher_e ciphertype;
161 uint32_t lenfield_blocksize;
163 #ifdef HAVE_LIBGCRYPT
164 gcry_cipher_hd_t *key;
165 unsigned char last_iv[AES_GCM_IVLEN];
166 #elif defined HAVE_LIBCRYPTO
167 struct ssh_3des_key_schedule *des3_key;
168 struct ssh_aes_key_schedule *aes_key;
169 const EVP_CIPHER *cipher;
171 #elif defined HAVE_LIBMBEDCRYPTO
172 mbedtls_cipher_context_t encrypt_ctx;
173 mbedtls_cipher_context_t decrypt_ctx;
174 mbedtls_cipher_type_t type;
176 mbedtls_gcm_context gcm_ctx;
177 unsigned char last_iv[AES_GCM_IVLEN];
181 unsigned int keysize;
200 size_t len, uint8_t *mac, uint64_t seq);
202 uint8_t *out,
size_t len, uint64_t seq);
203 int (*aead_decrypt)(
struct ssh_cipher_struct *cipher,
void *complete_packet, uint8_t *out,
204 size_t encrypted_size, uint64_t seq);
210 unsigned char *key,
size_t key_len,
211 int key_type,
unsigned char *output,
212 size_t requested_len);