23
23
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
27
28
#include "session.h"
28
29
#include "dbutil.h"
30
34
/* This file (algo.c) organises the ciphers which can be used, and is used to
31
35
* decide which ciphers/hashes/compression/signing to use during key exchange*/
33
37
static int void_cipher(const unsigned char* in, unsigned char* out,
34
unsigned long len, void *cipher_state) {
38
unsigned long len, void* UNUSED(cipher_state)) {
36
40
memmove(out, in, len);
41
static int void_start(int cipher, const unsigned char *IV,
42
const unsigned char *key,
43
int keylen, int num_rounds, void *cipher_state) {
45
static int void_start(int UNUSED(cipher), const unsigned char* UNUSED(IV),
46
const unsigned char* UNUSED(key),
47
int UNUSED(keylen), int UNUSED(num_rounds), void* UNUSED(cipher_state)) {
206
210
algo_type sshhostkey[] = {
211
#ifdef DROPBEAR_ECDSA
212
#ifdef DROPBEAR_ECC_256
213
{"ecdsa-sha2-nistp256", DROPBEAR_SIGNKEY_ECDSA_NISTP256, NULL, 1, NULL},
215
#ifdef DROPBEAR_ECC_384
216
{"ecdsa-sha2-nistp384", DROPBEAR_SIGNKEY_ECDSA_NISTP384, NULL, 1, NULL},
218
#ifdef DROPBEAR_ECC_521
219
{"ecdsa-sha2-nistp521", DROPBEAR_SIGNKEY_ECDSA_NISTP521, NULL, 1, NULL},
207
222
#ifdef DROPBEAR_RSA
208
223
{"ssh-rsa", DROPBEAR_SIGNKEY_RSA, NULL, 1, NULL},
213
228
{NULL, 0, NULL, 0, NULL}
231
static const struct dropbear_kex kex_dh_group1 = {DROPBEAR_KEX_NORMAL_DH, dh_p_1, DH_P_1_LEN, NULL, &sha1_desc };
232
static const struct dropbear_kex kex_dh_group14 = {DROPBEAR_KEX_NORMAL_DH, dh_p_14, DH_P_14_LEN, NULL, &sha1_desc };
234
/* These can't be const since dropbear_ecc_fill_dp() fills out
235
ecc_curve at runtime */
237
#ifdef DROPBEAR_ECC_256
238
static struct dropbear_kex kex_ecdh_nistp256 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp256, &sha256_desc };
240
#ifdef DROPBEAR_ECC_384
241
static struct dropbear_kex kex_ecdh_nistp384 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp384, &sha384_desc };
243
#ifdef DROPBEAR_ECC_521
244
static struct dropbear_kex kex_ecdh_nistp521 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp521, &sha512_desc };
246
#endif /* DROPBEAR_ECDH */
248
#ifdef DROPBEAR_CURVE25519
249
/* Referred to directly */
250
static const struct dropbear_kex kex_curve25519 = {DROPBEAR_KEX_CURVE25519, NULL, 0, NULL, &sha256_desc };
216
253
algo_type sshkex[] = {
217
{"diffie-hellman-group1-sha1", DROPBEAR_KEX_DH_GROUP1, NULL, 1, NULL},
218
{"diffie-hellman-group14-sha1", DROPBEAR_KEX_DH_GROUP14, NULL, 1, NULL},
254
#ifdef DROPBEAR_CURVE25519
255
{"curve25519-sha256@libssh.org", 0, &kex_curve25519, 1, NULL},
258
#ifdef DROPBEAR_ECC_521
259
{"ecdh-sha2-nistp521", 0, &kex_ecdh_nistp521, 1, NULL},
261
#ifdef DROPBEAR_ECC_384
262
{"ecdh-sha2-nistp384", 0, &kex_ecdh_nistp384, 1, NULL},
264
#ifdef DROPBEAR_ECC_256
265
{"ecdh-sha2-nistp256", 0, &kex_ecdh_nistp256, 1, NULL},
268
{"diffie-hellman-group1-sha1", 0, &kex_dh_group1, 1, NULL},
269
{"diffie-hellman-group14-sha1", 0, &kex_dh_group14, 1, NULL},
219
270
#ifdef USE_KEXGUESS2
220
271
{KEXGUESS2_ALGO_NAME, KEXGUESS2_ALGO_ID, NULL, 1, NULL},
222
273
{NULL, 0, NULL, 0, NULL}
226
/* Register the compiled in ciphers.
227
* This should be run before using any of the ciphers/hashes */
230
const struct ltc_cipher_descriptor *regciphers[] = {
234
#ifdef DROPBEAR_BLOWFISH
237
#ifdef DROPBEAR_TWOFISH
246
const struct ltc_hash_descriptor *reghashes[] = {
247
/* we need sha1 for hostkey stuff regardless */
249
#ifdef DROPBEAR_MD5_HMAC
252
#ifdef DROPBEAR_SHA2_256_HMAC
255
#ifdef DROPBEAR_SHA2_512_HMAC
262
for (i = 0; regciphers[i] != NULL; i++) {
263
if (register_cipher(regciphers[i]) == -1) {
264
dropbear_exit("Error registering crypto");
268
for (i = 0; reghashes[i] != NULL; i++) {
269
if (register_hash(reghashes[i]) == -1) {
270
dropbear_exit("Error registering crypto");
275
276
/* algolen specifies the length of algo, algos is our local list to match
277
278
* Returns DROPBEAR_SUCCESS if we have a match for algo, DROPBEAR_FAILURE