diff options
Diffstat (limited to 'include')
-rw-r--r-- | include/libssh/crypto.h | 15 | ||||
-rw-r--r-- | include/libssh/libssh.h | 11 | ||||
-rw-r--r-- | include/libssh/priv.h | 105 |
3 files changed, 94 insertions, 37 deletions
diff --git a/include/libssh/crypto.h b/include/libssh/crypto.h index 3b8426cc..0714f3d4 100644 --- a/include/libssh/crypto.h +++ b/include/libssh/crypto.h @@ -33,15 +33,30 @@ MA 02111-1307, USA. */ #ifdef des_set_key #undef des_set_key #endif +#ifdef GCRYPT +#include <gcrypt.h> +#endif + struct crypto_struct { char *name; /* ssh name of the algorithm */ unsigned int blocksize; /* blocksize of the algo */ unsigned int keylen; /* length of the key structure */ +#ifdef HAVE_LIBGCRYPT + gcry_cipher_hd_t *key; +#elif defined HAVE_LIBCRYPTO void *key; /* a key buffer allocated for the algo */ +#endif unsigned int keysize; /* bytes of key used. != keylen */ +#ifdef HAVE_LIBGCRYPT + void (*set_encrypt_key)(struct crypto_struct *cipher, void *key, void *IV); /* sets the new key for immediate use */ + void (*set_decrypt_key)(struct crypto_struct *cipher, void *key, void *IV); + void (*cbc_encrypt)(struct crypto_struct *cipher, void *in, void *out,unsigned long len); + void (*cbc_decrypt)(struct crypto_struct *cipher, void *in, void *out,unsigned long len); +#elif defined HAVE_LIBCRYPTO void (*set_encrypt_key)(struct crypto_struct *cipher, void *key); /* sets the new key for immediate use */ void (*set_decrypt_key)(struct crypto_struct *cipher, void *key); void (*cbc_encrypt)(struct crypto_struct *cipher, void *in, void *out,unsigned long len,void *IV); void (*cbc_decrypt)(struct crypto_struct *cipher, void *in, void *out,unsigned long len,void *IV); +#endif }; diff --git a/include/libssh/libssh.h b/include/libssh/libssh.h index ac843e0d..f49b3f5c 100644 --- a/include/libssh/libssh.h +++ b/include/libssh/libssh.h @@ -20,13 +20,12 @@ MA 02111-1307, USA. */ #ifndef _LIBSSH_H #define _LIBSSH_H -#include <libssh/config.h> #include <unistd.h> #include <sys/select.h> /* for fd_set * */ #include <sys/types.h> -#ifdef HAVE_STDINT_H + #include <stdint.h> -#endif + #define LIBSSH_VERSION "libssh-0.2-dev" #ifdef __cplusplus @@ -126,7 +125,7 @@ const char *ssh_copyright(); STRING *string_from_char(char *what); /* it returns the string len in host byte orders. str->size is big endian warning ! */ int string_len(STRING *str); -STRING *string_new(u32 size); +STRING *string_new(unsigned int size); /* string_fill copies the data in the string. it does NOT check for boundary so allocate enough place with string_new */ void string_fill(STRING *str,void *data,int len); /* returns a newly allocated char array with the str string and a final nul caracter */ @@ -144,11 +143,11 @@ void ssh_print_hexa(char *descr,unsigned char *what, int len); int ssh_get_random(void *where,int len,int strong); /* this one can be called by the client to see the hash of the public key before accepting it */ -int ssh_get_pubkey_hash(SSH_SESSION *session,char hash[MD5_DIGEST_LEN]); +int ssh_get_pubkey_hash(SSH_SESSION *session,unsigned char hash[MD5_DIGEST_LEN]); STRING *ssh_get_pubkey(SSH_SESSION *session); /* in connect.c */ -int ssh_fd_poll(SSH_SESSION *session); +int ssh_fd_poll(SSH_SESSION *session,int *write, int *except); int ssh_select(CHANNEL **channels,CHANNEL **outchannels, int maxfd, fd_set *readfds, struct timeval *timeout); void publickey_free(PUBLIC_KEY *key); diff --git a/include/libssh/priv.h b/include/libssh/priv.h index c6a4b48d..aab8c300 100644 --- a/include/libssh/priv.h +++ b/include/libssh/priv.h @@ -25,6 +25,7 @@ MA 02111-1307, USA. */ #ifndef _LIBSSH_PRIV_H #define _LIBSSH_PRIV_H +#include "config.h" #include "libssh/libssh.h" /* Debugging constants */ @@ -45,25 +46,51 @@ MA 02111-1307, USA. */ #define TYPE_RSA1 3 /* profiling constants. Don't touch them unless you know what you do */ -#define OPENSSL_CRYPTO +#ifdef HAVE_LIBCRYPTO #define OPENSSL_BIGNUMS - +#endif #ifdef __cplusplus extern "C" { #endif /* wrapper things */ - -#ifdef OPENSSL_CRYPTO +#ifdef HAVE_LIBGCRYPT +#include <gcrypt.h> +typedef gcry_md_hd_t SHACTX; +typedef gcry_md_hd_t MD5CTX; +typedef gcry_md_hd_t HMACCTX; +#ifdef MD5_DIGEST_LEN + #undef MD5_DIGEST_LEN +#endif +#define SHA_DIGEST_LEN 20 +#define MD5_DIGEST_LEN 16 +#define EVP_MAX_MD_SIZE 36 + +typedef gcry_mpi_t bignum; + +#define bignum_new() gcry_mpi_new(0) +#define bignum_free(num) gcry_mpi_release(num) +#define bignum_set_word(bn,n) gcry_mpi_set_ui(bn,n) +#define bignum_bin2bn(bn,datalen,data) gcry_mpi_scan(data,GCRYMPI_FMT_USG,bn,datalen,NULL) +#define bignum_bn2hex(num,data) gcry_mpi_aprint(GCRYMPI_FMT_HEX,data,NULL,num) +#define bignum_hex2bn(num,datalen,data) gcry_mpi_scan(num,GCRYMPI_FMT_HEX,data,datalen,NULL) +#define bignum_rand(num,bits) gcry_mpi_randomize(num,bits,GCRY_STRONG_RANDOM),gcry_mpi_set_bit(num,bits-1),gcry_mpi_set_bit(num,0) +#define bignum_mod_exp(dest,generator,exp,modulo) gcry_mpi_powm(dest,generator,exp,modulo) +#define bignum_num_bits(num) gcry_mpi_get_nbits(num) +#define bignum_num_bytes(num) ((gcry_mpi_get_nbits(num)+7)/8) +#define bignum_is_bit_set(num,bit) gcry_mpi_test_bit(num,bit) +#define bignum_bn2bin(num,datalen,data) gcry_mpi_print(GCRYMPI_FMT_USG,data,datalen,NULL,num) + +#elif defined HAVE_LIBCRYPTO #include <openssl/dsa.h> #include <openssl/rsa.h> #include <openssl/sha.h> #include <openssl/md5.h> #include <openssl/hmac.h> -typedef SHA_CTX SHACTX; -typedef MD5_CTX MD5CTX; -typedef HMAC_CTX HMACCTX; +typedef SHA_CTX* SHACTX; +typedef MD5_CTX* MD5CTX; +typedef HMAC_CTX* HMACCTX; #ifdef MD5_DIGEST_LEN #undef MD5_DIGEST_LEN #endif @@ -91,29 +118,30 @@ typedef BN_CTX* bignum_CTX; #define bignum_bn2bin(num,ptr) BN_bn2bin(num,ptr) #endif /* OPENSSL_BIGNUMS */ + #ifdef HAVE_SYS_TIME_H #include <sys/time.h> #endif /* wrapper.c */ -MD5CTX *md5_init(void); -void md5_update(MD5CTX *c, const void *data, unsigned long len); -void md5_final(unsigned char *md,MD5CTX *c); -SHACTX *sha1_init(void); -void sha1_update(SHACTX *c, const void *data, unsigned long len); -void sha1_final(unsigned char *md,SHACTX *c); +MD5CTX md5_init(void); +void md5_update(MD5CTX c, const void *data, unsigned long len); +void md5_final(unsigned char *md,MD5CTX c); +SHACTX sha1_init(void); +void sha1_update(SHACTX c, const void *data, unsigned long len); +void sha1_final(unsigned char *md,SHACTX c); void sha1(unsigned char *digest,int len,unsigned char *hash); #define HMAC_SHA1 1 #define HMAC_MD5 2 -HMACCTX *hmac_init(const void *key,int len,int type); -void hmac_update(HMACCTX *c, const void *data, unsigned long len); -void hmac_final(HMACCTX *ctx,unsigned char *hashmacbuf,int *len); +HMACCTX hmac_init(const void *key,int len,int type); +void hmac_update(HMACCTX c, const void *data, unsigned long len); +void hmac_final(HMACCTX ctx,unsigned char *hashmacbuf,unsigned int *len); /* strings and buffers */ /* must be 32 bits number + immediatly our data */ struct string_struct { u32 size; - char string[MAX_PACKET_LEN]; + unsigned char string[MAX_PACKET_LEN]; } __attribute__ ((packed)); @@ -132,27 +160,42 @@ typedef struct packet_struct { } PACKET; typedef struct kex_struct { - char cookie[16]; + unsigned char cookie[16]; char **methods; } KEX; struct public_key_struct { int type; char *type_c; /* Don't free it ! it is static */ +#ifdef HAVE_LIBGCRYPT + gcry_sexp_t dsa_pub; + gcry_sexp_t rsa_pub; +#elif HAVE_LIBCRYPTO DSA *dsa_pub; RSA *rsa_pub; +#endif }; struct private_key_struct { int type; +#ifdef HAVE_LIBGCRYPT + gcry_sexp_t dsa_priv; + gcry_sexp_t rsa_priv; +#elif defined HAVE_LIBCRYPTO DSA *dsa_priv; RSA *rsa_priv; +#endif }; typedef struct signature_struct { int type; +#ifdef HAVE_LIBGCRYPT + gcry_sexp_t dsa_sign; + gcry_sexp_t rsa_sign; +#elif defined HAVE_LIBCRYPTO DSA_SIG *dsa_sign; STRING *rsa_sign; +#endif } SIGNATURE; struct ssh_options_struct { @@ -183,17 +226,17 @@ struct ssh_options_struct { typedef struct ssh_crypto_struct { bignum e,f,x,k,y; - char session_id[SHA_DIGEST_LEN]; + unsigned char session_id[SHA_DIGEST_LEN]; - char encryptIV[SHA_DIGEST_LEN*2]; - char decryptIV[SHA_DIGEST_LEN*2]; + unsigned char encryptIV[SHA_DIGEST_LEN*2]; + unsigned char decryptIV[SHA_DIGEST_LEN*2]; - char decryptkey[SHA_DIGEST_LEN*2]; - char encryptkey[SHA_DIGEST_LEN*2]; + unsigned char decryptkey[SHA_DIGEST_LEN*2]; + unsigned char encryptkey[SHA_DIGEST_LEN*2]; - char encryptMAC[SHA_DIGEST_LEN]; - char decryptMAC[SHA_DIGEST_LEN]; - char hmacbuf[EVP_MAX_MD_SIZE]; + unsigned char encryptMAC[SHA_DIGEST_LEN]; + unsigned char decryptMAC[SHA_DIGEST_LEN]; + unsigned char hmacbuf[EVP_MAX_MD_SIZE]; struct crypto_struct *in_cipher, *out_cipher; /* the cipher structures/objects */ STRING *server_pubkey; char *server_pubkey_type; @@ -302,7 +345,7 @@ struct ssh_kbdint { char *name; char *instruction; char **prompts; - char *echo; /* bool array */ + unsigned char *echo; /* bool array */ char **answers; }; /* session.c */ @@ -320,6 +363,7 @@ void ssh_set_error(void *error,int code,char *descr,...); /* in dh.c */ /* DH key generation */ void dh_generate_e(SSH_SESSION *session); +void ssh_print_bignum(char *which,bignum num); void dh_generate_x(SSH_SESSION *session); void dh_generate_y(SSH_SESSION *session); void dh_generate_f(SSH_SESSION *session); @@ -343,9 +387,9 @@ STRING *make_bignum_string(bignum num); /* in crypt.c */ u32 packet_decrypt_len(SSH_SESSION *session,char *crypted); int packet_decrypt(SSH_SESSION *session, void *packet,unsigned int len); -char *packet_encrypt(SSH_SESSION *session,void *packet,unsigned int len); +unsigned char *packet_encrypt(SSH_SESSION *session,void *packet,unsigned int len); /* it returns the hmac buffer if exists*/ -int packet_hmac_verify(SSH_SESSION *session,BUFFER *buffer,char *mac); +int packet_hmac_verify(SSH_SESSION *session,BUFFER *buffer,unsigned char *mac); /* in packet.c */ void packet_clear_out(SSH_SESSION *session); @@ -434,7 +478,7 @@ int buffer_pass_bytes(BUFFER *buffer, int len); /* in base64.c */ BUFFER *base64_to_bin(char *source); -char *bin_to_base64(unsigned char *source, int len); +unsigned char *bin_to_base64(unsigned char *source, int len); /* gzip.c */ int compress_buffer(SSH_SESSION *session,BUFFER *buf); @@ -445,7 +489,6 @@ int crypt_set_algorithms(SSH_SESSION *); int crypt_set_algorithms_server(SSH_SESSION *session); CRYPTO *crypto_new(); void crypto_free(CRYPTO *crypto); -bignum bignum_new(); /* crc32.c */ u32 ssh_crc32(char *buffer, int len); |