Mercurial > dropbear

comparison common-algo.c @ 1295:750ec4ec4cbe

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Convert #ifdef to #if, other build changes
author Matt Johnston <matt@ucc.asn.au>
date Wed, 04 May 2016 15:33:40 +0200
parents 56aba7dedbea
children 2c9dac2d6707
comparison
equal deleted inserted replaced
1294:56aba7dedbea 1295:750ec4ec4cbe
51 /* Mappings for ciphers, parameters are 51 /* Mappings for ciphers, parameters are
52 {&cipher_desc, keysize, blocksize} */ 52 {&cipher_desc, keysize, blocksize} */
53 53
54 /* Remember to add new ciphers/hashes to regciphers/reghashes too */ 54 /* Remember to add new ciphers/hashes to regciphers/reghashes too */
55 55
56 #ifdef DROPBEAR_AES256 56 #if DROPBEAR_AES256
57 static const struct dropbear_cipher dropbear_aes256 = 57 static const struct dropbear_cipher dropbear_aes256 =
58 {&aes_desc, 32, 16}; 58 {&aes_desc, 32, 16};
59 #endif 59 #endif
60 #ifdef DROPBEAR_AES128 60 #if DROPBEAR_AES128
61 static const struct dropbear_cipher dropbear_aes128 = 61 static const struct dropbear_cipher dropbear_aes128 =
62 {&aes_desc, 16, 16}; 62 {&aes_desc, 16, 16};
63 #endif 63 #endif
64 #ifdef DROPBEAR_BLOWFISH 64 #if DROPBEAR_BLOWFISH
65 static const struct dropbear_cipher dropbear_blowfish = 65 static const struct dropbear_cipher dropbear_blowfish =
66 {&blowfish_desc, 16, 8}; 66 {&blowfish_desc, 16, 8};
67 #endif 67 #endif
68 #ifdef DROPBEAR_TWOFISH256 68 #if DROPBEAR_TWOFISH256
69 static const struct dropbear_cipher dropbear_twofish256 = 69 static const struct dropbear_cipher dropbear_twofish256 =
70 {&twofish_desc, 32, 16}; 70 {&twofish_desc, 32, 16};
71 #endif 71 #endif
72 #ifdef DROPBEAR_TWOFISH128 72 #if DROPBEAR_TWOFISH128
73 static const struct dropbear_cipher dropbear_twofish128 = 73 static const struct dropbear_cipher dropbear_twofish128 =
74 {&twofish_desc, 16, 16}; 74 {&twofish_desc, 16, 16};
75 #endif 75 #endif
76 #ifdef DROPBEAR_3DES 76 #if DROPBEAR_3DES
77 static const struct dropbear_cipher dropbear_3des = 77 static const struct dropbear_cipher dropbear_3des =
78 {&des3_desc, 24, 8}; 78 {&des3_desc, 24, 8};
79 #endif 79 #endif
80 80
81 /* used to indicate no encryption, as defined in rfc2410 */ 81 /* used to indicate no encryption, as defined in rfc2410 */
82 const struct dropbear_cipher dropbear_nocipher = 82 const struct dropbear_cipher dropbear_nocipher =
83 {NULL, 16, 8}; 83 {NULL, 16, 8};
84 84
85 /* A few void* s are required to silence warnings 85 /* A few void* s are required to silence warnings
86 * about the symmetric_CBC vs symmetric_CTR cipher_state pointer */ 86 * about the symmetric_CBC vs symmetric_CTR cipher_state pointer */
87 #ifdef DROPBEAR_ENABLE_CBC_MODE 87 #if DROPBEAR_ENABLE_CBC_MODE
88 const struct dropbear_cipher_mode dropbear_mode_cbc = 88 const struct dropbear_cipher_mode dropbear_mode_cbc =
89 {(void*)cbc_start, (void*)cbc_encrypt, (void*)cbc_decrypt}; 89 {(void*)cbc_start, (void*)cbc_encrypt, (void*)cbc_decrypt};
90 #endif /* DROPBEAR_ENABLE_CBC_MODE */ 90 #endif /* DROPBEAR_ENABLE_CBC_MODE */
91 91
92 const struct dropbear_cipher_mode dropbear_mode_none = 92 const struct dropbear_cipher_mode dropbear_mode_none =
93 {void_start, void_cipher, void_cipher}; 93 {void_start, void_cipher, void_cipher};
94 94
95 #ifdef DROPBEAR_ENABLE_CTR_MODE 95 #if DROPBEAR_ENABLE_CTR_MODE
96 /* a wrapper to make ctr_start and cbc_start look the same */ 96 /* a wrapper to make ctr_start and cbc_start look the same */
97 static int dropbear_big_endian_ctr_start(int cipher, 97 static int dropbear_big_endian_ctr_start(int cipher,
98 const unsigned char *IV, 98 const unsigned char *IV,
99 const unsigned char *key, int keylen, 99 const unsigned char *key, int keylen,
100 int num_rounds, symmetric_CTR *ctr) { 100 int num_rounds, symmetric_CTR *ctr) {
105 #endif /* DROPBEAR_ENABLE_CTR_MODE */ 105 #endif /* DROPBEAR_ENABLE_CTR_MODE */
106 106
107 /* Mapping of ssh hashes to libtomcrypt hashes, including keysize etc. 107 /* Mapping of ssh hashes to libtomcrypt hashes, including keysize etc.
108 {&hash_desc, keysize, hashsize} */ 108 {&hash_desc, keysize, hashsize} */
109 109
110 #ifdef DROPBEAR_SHA1_HMAC 110 #if DROPBEAR_SHA1_HMAC
111 static const struct dropbear_hash dropbear_sha1 = 111 static const struct dropbear_hash dropbear_sha1 =
112 {&sha1_desc, 20, 20}; 112 {&sha1_desc, 20, 20};
113 #endif 113 #endif
114 #ifdef DROPBEAR_SHA1_96_HMAC 114 #if DROPBEAR_SHA1_96_HMAC
115 static const struct dropbear_hash dropbear_sha1_96 = 115 static const struct dropbear_hash dropbear_sha1_96 =
116 {&sha1_desc, 20, 12}; 116 {&sha1_desc, 20, 12};
117 #endif 117 #endif
118 #ifdef DROPBEAR_SHA2_256_HMAC 118 #if DROPBEAR_SHA2_256_HMAC
119 static const struct dropbear_hash dropbear_sha2_256 = 119 static const struct dropbear_hash dropbear_sha2_256 =
120 {&sha256_desc, 32, 32}; 120 {&sha256_desc, 32, 32};
121 #endif 121 #endif
122 #ifdef DROPBEAR_SHA2_512_HMAC 122 #if DROPBEAR_SHA2_512_HMAC
123 static const struct dropbear_hash dropbear_sha2_512 = 123 static const struct dropbear_hash dropbear_sha2_512 =
124 {&sha512_desc, 64, 64}; 124 {&sha512_desc, 64, 64};
125 #endif 125 #endif
126 #ifdef DROPBEAR_MD5_HMAC 126 #if DROPBEAR_MD5_HMAC
127 static const struct dropbear_hash dropbear_md5 = 127 static const struct dropbear_hash dropbear_md5 =
128 {&md5_desc, 16, 16}; 128 {&md5_desc, 16, 16};
129 #endif 129 #endif
130 130
131 const struct dropbear_hash dropbear_nohash = 131 const struct dropbear_hash dropbear_nohash =
135 /* The following map ssh names to internal values. 135 /* The following map ssh names to internal values.
136 * The ordering here is important for the client - the first mode 136 * The ordering here is important for the client - the first mode
137 * that is also supported by the server will get used. */ 137 * that is also supported by the server will get used. */
138 138
139 algo_type sshciphers[] = { 139 algo_type sshciphers[] = {
140 #ifdef DROPBEAR_ENABLE_CTR_MODE 140 #if DROPBEAR_ENABLE_CTR_MODE
141 #ifdef DROPBEAR_AES128 141 #if DROPBEAR_AES128
142 {"aes128-ctr", 0, &dropbear_aes128, 1, &dropbear_mode_ctr}, 142 {"aes128-ctr", 0, &dropbear_aes128, 1, &dropbear_mode_ctr},
143 #endif 143 #endif
144 #ifdef DROPBEAR_AES256 144 #if DROPBEAR_AES256
145 {"aes256-ctr", 0, &dropbear_aes256, 1, &dropbear_mode_ctr}, 145 {"aes256-ctr", 0, &dropbear_aes256, 1, &dropbear_mode_ctr},
146 #endif 146 #endif
147 #ifdef DROPBEAR_TWOFISH_CTR 147 #if DROPBEAR_TWOFISH_CTR
148 /* twofish ctr is conditional as it hasn't been tested for interoperability, see options.h */ 148 /* twofish ctr is conditional as it hasn't been tested for interoperability, see options.h */
149 #ifdef DROPBEAR_TWOFISH256 149 #if DROPBEAR_TWOFISH256
150 {"twofish256-ctr", 0, &dropbear_twofish256, 1, &dropbear_mode_ctr}, 150 {"twofish256-ctr", 0, &dropbear_twofish256, 1, &dropbear_mode_ctr},
151 #endif 151 #endif
152 #ifdef DROPBEAR_TWOFISH128 152 #if DROPBEAR_TWOFISH128
153 {"twofish128-ctr", 0, &dropbear_twofish128, 1, &dropbear_mode_ctr}, 153 {"twofish128-ctr", 0, &dropbear_twofish128, 1, &dropbear_mode_ctr},
154 #endif 154 #endif
155 #endif /* DROPBEAR_TWOFISH_CTR */ 155 #endif /* DROPBEAR_TWOFISH_CTR */
156 #endif /* DROPBEAR_ENABLE_CTR_MODE */ 156 #endif /* DROPBEAR_ENABLE_CTR_MODE */
157 157
158 #ifdef DROPBEAR_ENABLE_CBC_MODE 158 #if DROPBEAR_ENABLE_CBC_MODE
159 #ifdef DROPBEAR_AES128 159 #if DROPBEAR_AES128
160 {"aes128-cbc", 0, &dropbear_aes128, 1, &dropbear_mode_cbc}, 160 {"aes128-cbc", 0, &dropbear_aes128, 1, &dropbear_mode_cbc},
161 #endif 161 #endif
162 #ifdef DROPBEAR_AES256 162 #if DROPBEAR_AES256
163 {"aes256-cbc", 0, &dropbear_aes256, 1, &dropbear_mode_cbc}, 163 {"aes256-cbc", 0, &dropbear_aes256, 1, &dropbear_mode_cbc},
164 #endif 164 #endif
165 #ifdef DROPBEAR_TWOFISH256 165 #if DROPBEAR_TWOFISH256
166 {"twofish256-cbc", 0, &dropbear_twofish256, 1, &dropbear_mode_cbc}, 166 {"twofish256-cbc", 0, &dropbear_twofish256, 1, &dropbear_mode_cbc},
167 {"twofish-cbc", 0, &dropbear_twofish256, 1, &dropbear_mode_cbc}, 167 {"twofish-cbc", 0, &dropbear_twofish256, 1, &dropbear_mode_cbc},
168 #endif 168 #endif
169 #ifdef DROPBEAR_TWOFISH128 169 #if DROPBEAR_TWOFISH128
170 {"twofish128-cbc", 0, &dropbear_twofish128, 1, &dropbear_mode_cbc}, 170 {"twofish128-cbc", 0, &dropbear_twofish128, 1, &dropbear_mode_cbc},
171 #endif 171 #endif
172 #ifdef DROPBEAR_3DES 172 #if DROPBEAR_3DES
173 {"3des-ctr", 0, &dropbear_3des, 1, &dropbear_mode_ctr}, 173 {"3des-ctr", 0, &dropbear_3des, 1, &dropbear_mode_ctr},
174 #endif 174 #endif
175 #ifdef DROPBEAR_3DES 175 #if DROPBEAR_3DES
176 {"3des-cbc", 0, &dropbear_3des, 1, &dropbear_mode_cbc}, 176 {"3des-cbc", 0, &dropbear_3des, 1, &dropbear_mode_cbc},
177 #endif 177 #endif
178 #ifdef DROPBEAR_BLOWFISH 178 #if DROPBEAR_BLOWFISH
179 {"blowfish-cbc", 0, &dropbear_blowfish, 1, &dropbear_mode_cbc}, 179 {"blowfish-cbc", 0, &dropbear_blowfish, 1, &dropbear_mode_cbc},
180 #endif 180 #endif
181 #endif /* DROPBEAR_ENABLE_CBC_MODE */ 181 #endif /* DROPBEAR_ENABLE_CBC_MODE */
182 #ifdef DROPBEAR_NONE_CIPHER 182 #if DROPBEAR_NONE_CIPHER
183 {"none", 0, (void*)&dropbear_nocipher, 1, &dropbear_mode_none}, 183 {"none", 0, (void*)&dropbear_nocipher, 1, &dropbear_mode_none},
184 #endif 184 #endif
185 {NULL, 0, NULL, 0, NULL} 185 {NULL, 0, NULL, 0, NULL}
186 }; 186 };
187 187
188 algo_type sshhashes[] = { 188 algo_type sshhashes[] = {
189 #ifdef DROPBEAR_SHA1_96_HMAC 189 #if DROPBEAR_SHA1_96_HMAC
190 {"hmac-sha1-96", 0, &dropbear_sha1_96, 1, NULL}, 190 {"hmac-sha1-96", 0, &dropbear_sha1_96, 1, NULL},
191 #endif 191 #endif
192 #ifdef DROPBEAR_SHA1_HMAC 192 #if DROPBEAR_SHA1_HMAC
193 {"hmac-sha1", 0, &dropbear_sha1, 1, NULL}, 193 {"hmac-sha1", 0, &dropbear_sha1, 1, NULL},
194 #endif 194 #endif
195 #ifdef DROPBEAR_SHA2_256_HMAC 195 #if DROPBEAR_SHA2_256_HMAC
196 {"hmac-sha2-256", 0, &dropbear_sha2_256, 1, NULL}, 196 {"hmac-sha2-256", 0, &dropbear_sha2_256, 1, NULL},
197 #endif 197 #endif
198 #ifdef DROPBEAR_SHA2_512_HMAC 198 #if DROPBEAR_SHA2_512_HMAC
199 {"hmac-sha2-512", 0, &dropbear_sha2_512, 1, NULL}, 199 {"hmac-sha2-512", 0, &dropbear_sha2_512, 1, NULL},
200 #endif 200 #endif
201 #ifdef DROPBEAR_MD5_HMAC 201 #if DROPBEAR_MD5_HMAC
202 {"hmac-md5", 0, (void*)&dropbear_md5, 1, NULL}, 202 {"hmac-md5", 0, (void*)&dropbear_md5, 1, NULL},
203 #endif
204 #ifdef DROPBEAR_NONE_INTEGRITY
205 {"none", 0, (void*)&dropbear_nohash, 1, NULL},
206 #endif 203 #endif
207 {NULL, 0, NULL, 0, NULL} 204 {NULL, 0, NULL, 0, NULL}
208 }; 205 };
209 206
210 #ifndef DISABLE_ZLIB 207 #ifndef DISABLE_ZLIB
226 {"none", DROPBEAR_COMP_NONE, NULL, 1, NULL}, 223 {"none", DROPBEAR_COMP_NONE, NULL, 1, NULL},
227 {NULL, 0, NULL, 0, NULL} 224 {NULL, 0, NULL, 0, NULL}
228 }; 225 };
229 226
230 algo_type sshhostkey[] = { 227 algo_type sshhostkey[] = {
231 #ifdef DROPBEAR_ECDSA 228 #if DROPBEAR_ECDSA
232 #ifdef DROPBEAR_ECC_256 229 #if DROPBEAR_ECC_256
233 {"ecdsa-sha2-nistp256", DROPBEAR_SIGNKEY_ECDSA_NISTP256, NULL, 1, NULL}, 230 {"ecdsa-sha2-nistp256", DROPBEAR_SIGNKEY_ECDSA_NISTP256, NULL, 1, NULL},
234 #endif 231 #endif
235 #ifdef DROPBEAR_ECC_384 232 #if DROPBEAR_ECC_384
236 {"ecdsa-sha2-nistp384", DROPBEAR_SIGNKEY_ECDSA_NISTP384, NULL, 1, NULL}, 233 {"ecdsa-sha2-nistp384", DROPBEAR_SIGNKEY_ECDSA_NISTP384, NULL, 1, NULL},
237 #endif 234 #endif
238 #ifdef DROPBEAR_ECC_521 235 #if DROPBEAR_ECC_521
239 {"ecdsa-sha2-nistp521", DROPBEAR_SIGNKEY_ECDSA_NISTP521, NULL, 1, NULL}, 236 {"ecdsa-sha2-nistp521", DROPBEAR_SIGNKEY_ECDSA_NISTP521, NULL, 1, NULL},
240 #endif 237 #endif
241 #endif 238 #endif
242 #ifdef DROPBEAR_RSA 239 #if DROPBEAR_RSA
243 {"ssh-rsa", DROPBEAR_SIGNKEY_RSA, NULL, 1, NULL}, 240 {"ssh-rsa", DROPBEAR_SIGNKEY_RSA, NULL, 1, NULL},
244 #endif 241 #endif
245 #ifdef DROPBEAR_DSS 242 #if DROPBEAR_DSS
246 {"ssh-dss", DROPBEAR_SIGNKEY_DSS, NULL, 1, NULL}, 243 {"ssh-dss", DROPBEAR_SIGNKEY_DSS, NULL, 1, NULL},
247 #endif 244 #endif
248 {NULL, 0, NULL, 0, NULL} 245 {NULL, 0, NULL, 0, NULL}
249 }; 246 };
250 247
261 static const struct dropbear_kex kex_dh_group16_sha512 = {DROPBEAR_KEX_NORMAL_DH, dh_p_16, DH_P_16_LEN, NULL, &sha512_desc }; 258 static const struct dropbear_kex kex_dh_group16_sha512 = {DROPBEAR_KEX_NORMAL_DH, dh_p_16, DH_P_16_LEN, NULL, &sha512_desc };
262 #endif 259 #endif
263 260
264 /* These can't be const since dropbear_ecc_fill_dp() fills out 261 /* These can't be const since dropbear_ecc_fill_dp() fills out
265 ecc_curve at runtime */ 262 ecc_curve at runtime */
266 #ifdef DROPBEAR_ECDH 263 #if DROPBEAR_ECDH
267 #ifdef DROPBEAR_ECC_256 264 #if DROPBEAR_ECC_256
268 static const struct dropbear_kex kex_ecdh_nistp256 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp256, &sha256_desc }; 265 static const struct dropbear_kex kex_ecdh_nistp256 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp256, &sha256_desc };
269 #endif 266 #endif
270 #ifdef DROPBEAR_ECC_384 267 #if DROPBEAR_ECC_384
271 static const struct dropbear_kex kex_ecdh_nistp384 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp384, &sha384_desc }; 268 static const struct dropbear_kex kex_ecdh_nistp384 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp384, &sha384_desc };
272 #endif 269 #endif
273 #ifdef DROPBEAR_ECC_521 270 #if DROPBEAR_ECC_521
274 static const struct dropbear_kex kex_ecdh_nistp521 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp521, &sha512_desc }; 271 static const struct dropbear_kex kex_ecdh_nistp521 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp521, &sha512_desc };
275 #endif 272 #endif
276 #endif /* DROPBEAR_ECDH */ 273 #endif /* DROPBEAR_ECDH */
277 274
278 #ifdef DROPBEAR_CURVE25519 275 #if DROPBEAR_CURVE25519
279 /* Referred to directly */ 276 /* Referred to directly */
280 static const struct dropbear_kex kex_curve25519 = {DROPBEAR_KEX_CURVE25519, NULL, 0, NULL, &sha256_desc }; 277 static const struct dropbear_kex kex_curve25519 = {DROPBEAR_KEX_CURVE25519, NULL, 0, NULL, &sha256_desc };
281 #endif 278 #endif
282 279
283 algo_type sshkex[] = { 280 algo_type sshkex[] = {
284 #ifdef DROPBEAR_CURVE25519 281 #if DROPBEAR_CURVE25519
285 {"[email protected]", 0, &kex_curve25519, 1, NULL}, 282 {"[email protected]", 0, &kex_curve25519, 1, NULL},
286 #endif 283 #endif
287 #ifdef DROPBEAR_ECDH 284 #if DROPBEAR_ECDH
288 #ifdef DROPBEAR_ECC_521 285 #if DROPBEAR_ECC_521
289 {"ecdh-sha2-nistp521", 0, &kex_ecdh_nistp521, 1, NULL}, 286 {"ecdh-sha2-nistp521", 0, &kex_ecdh_nistp521, 1, NULL},
290 #endif 287 #endif
291 #ifdef DROPBEAR_ECC_384 288 #if DROPBEAR_ECC_384
292 {"ecdh-sha2-nistp384", 0, &kex_ecdh_nistp384, 1, NULL}, 289 {"ecdh-sha2-nistp384", 0, &kex_ecdh_nistp384, 1, NULL},
293 #endif 290 #endif
294 #ifdef DROPBEAR_ECC_256 291 #if DROPBEAR_ECC_256
295 {"ecdh-sha2-nistp256", 0, &kex_ecdh_nistp256, 1, NULL}, 292 {"ecdh-sha2-nistp256", 0, &kex_ecdh_nistp256, 1, NULL},
296 #endif 293 #endif
297 #endif 294 #endif
298 #if DROPBEAR_DH_GROUP14_SHA1 295 #if DROPBEAR_DH_GROUP14_SHA1
299 {"diffie-hellman-group14-sha1", 0, &kex_dh_group14_sha1, 1, NULL}, 296 {"diffie-hellman-group14-sha1", 0, &kex_dh_group14_sha1, 1, NULL},
305 {"diffie-hellman-group1-sha1", 0, &kex_dh_group1, 1, NULL}, 302 {"diffie-hellman-group1-sha1", 0, &kex_dh_group1, 1, NULL},
306 #endif 303 #endif
307 #if DROPBEAR_DH_GROUP16 304 #if DROPBEAR_DH_GROUP16
308 {"diffie-hellman-group16-sha512", 0, &kex_dh_group16_sha512, 1, NULL}, 305 {"diffie-hellman-group16-sha512", 0, &kex_dh_group16_sha512, 1, NULL},
309 #endif 306 #endif
310 #ifdef USE_KEXGUESS2 307 #if DROPBEAR_KEXGUESS2
311 {KEXGUESS2_ALGO_NAME, KEXGUESS2_ALGO_ID, NULL, 1, NULL}, 308 {KEXGUESS2_ALGO_NAME, KEXGUESS2_ALGO_ID, NULL, 1, NULL},
312 #endif 309 #endif
313 {NULL, 0, NULL, 0, NULL} 310 {NULL, 0, NULL, 0, NULL}
314 }; 311 };
315 312
467 out: 464 out:
468 m_free(algolist); 465 m_free(algolist);
469 return ret; 466 return ret;
470 } 467 }
471 468
472 #ifdef DROPBEAR_NONE_CIPHER 469 #if DROPBEAR_NONE_CIPHER
473 470
474 void 471 void
475 set_algo_usable(algo_type algos[], const char * algo_name, int usable) 472 set_algo_usable(algo_type algos[], const char * algo_name, int usable)
476 { 473 {
477 algo_type *a; 474 algo_type *a;
499 return 0; 496 return 0;
500 } 497 }
501 498
502 #endif /* DROPBEAR_NONE_CIPHER */ 499 #endif /* DROPBEAR_NONE_CIPHER */
503 500
504 #ifdef ENABLE_USER_ALGO_LIST 501 #if DROPBEAR_USER_ALGO_LIST
505 502
506 char * 503 char *
507 algolist_string(algo_type algos[]) 504 algolist_string(algo_type algos[])
508 { 505 {
509 char *ret_list; 506 char *ret_list;
578 575
579 /* Copy one more as a blank delimiter */ 576 /* Copy one more as a blank delimiter */
580 memcpy(algos, new_algos, sizeof(*new_algos) * (num_ret+1)); 577 memcpy(algos, new_algos, sizeof(*new_algos) * (num_ret+1));
581 return num_ret; 578 return num_ret;
582 } 579 }
583 #endif /* ENABLE_USER_ALGO_LIST */ 580 #endif /* DROPBEAR_USER_ALGO_LIST */