diff options
author | Andreas Schneider <asn@cryptomilk.org> | 2018-06-29 11:40:46 +0200 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2018-06-29 11:41:22 +0200 |
commit | bed60f9b846a850a756db66ece552cb7cc3e1f0d (patch) | |
tree | c38c27e1795c7964ab31fb8e8874b29fe8748077 /src | |
parent | 10728f85778d30485b7cbd8585b12f7bcc5bf8e1 (diff) | |
download | libssh-bed60f9b846a850a756db66ece552cb7cc3e1f0d.tar.gz libssh-bed60f9b846a850a756db66ece552cb7cc3e1f0d.tar.xz libssh-bed60f9b846a850a756db66ece552cb7cc3e1f0d.zip |
kex: Enable chacha20-poly1304 KEX with mbedtls
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'src')
-rw-r--r-- | src/CMakeLists.txt | 8 | ||||
-rw-r--r-- | src/kex.c | 4 | ||||
-rw-r--r-- | src/libmbedcrypto.c | 18 |
3 files changed, 19 insertions, 11 deletions
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 4edc59f4..8d4613ff 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -164,15 +164,9 @@ set(libssh_SRCS external/ge25519.c external/poly1305.c external/sc25519.c + chachapoly.c ) -if (NOT WITH_MBEDTLS) - set(libssh_SRCS - ${libssh_SRCS} - chachapoly.c - ) -endif (NOT WITH_MBEDTLS) - if (WITH_GCRYPT) set(libssh_SRCS ${libssh_SRCS} @@ -95,11 +95,7 @@ #define ECDH "" #endif -#ifdef HAVE_CHACHA #define CHACHA20 "chacha20-poly1305@openssh.com," -#else /* HAVE_CHACHA */ -#define CHACHA20 -#endif /* HAVE_CHACHA */ #define KEY_EXCHANGE CURVE25519 ECDH "diffie-hellman-group14-sha1,diffie-hellman-group1-sha1" #define KEX_METHODS_SIZE 10 diff --git a/src/libmbedcrypto.c b/src/libmbedcrypto.c index 6854bd98..216bcdc5 100644 --- a/src/libmbedcrypto.c +++ b/src/libmbedcrypto.c @@ -30,6 +30,8 @@ #ifdef HAVE_LIBMBEDCRYPTO #include <mbedtls/md.h> +extern const struct ssh_cipher_struct chacha20poly1305_cipher; + struct ssh_mac_ctx_struct { enum ssh_mac_e mac_type; mbedtls_md_context_t ctx; @@ -1067,6 +1069,9 @@ static struct ssh_cipher_struct ssh_ciphertab[] = { .decrypt = cipher_decrypt_cbc, }, { + .name = "chacha20-poly1305@openssh.com" + }, + { .name = NULL, .blocksize = 0, .keysize = 0, @@ -1085,6 +1090,7 @@ struct ssh_cipher_struct *ssh_get_ciphertab(void) void ssh_mbedtls_init(void) { + size_t i; int rc; mbedtls_entropy_init(&ssh_mbedtls_entropy); @@ -1095,6 +1101,18 @@ void ssh_mbedtls_init(void) if (rc != 0) { mbedtls_ctr_drbg_free(&ssh_mbedtls_ctr_drbg); } + + for (i = 0; ssh_ciphertab[i].name != NULL; i++) { + int cmp; + + cmp = strcmp(ssh_ciphertab[i].name, "chacha20-poly1305@openssh.com"); + if (cmp == 0) { + memcpy(&ssh_ciphertab[i], + &chacha20poly1305_cipher, + sizeof(struct ssh_cipher_struct)); + break; + } + } } int ssh_mbedtls_random(void *where, int len, int strong) |