Mercurial > dropbear
comparison common-algo.c @ 1342:8747c2b19152
merge 2017.75
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Thu, 18 May 2017 22:59:38 +0800 |
parents | 2c9dac2d6707 |
children | 06d52bcb8094 |
comparison
equal
deleted
inserted
replaced
1341:ab35a9ccc2eb | 1342:8747c2b19152 |
---|---|
51 /* Mappings for ciphers, parameters are | 51 /* Mappings for ciphers, parameters are |
52 {&cipher_desc, keysize, blocksize} */ | 52 {&cipher_desc, keysize, blocksize} */ |
53 | 53 |
54 /* Remember to add new ciphers/hashes to regciphers/reghashes too */ | 54 /* Remember to add new ciphers/hashes to regciphers/reghashes too */ |
55 | 55 |
56 #ifdef DROPBEAR_AES256 | 56 #if DROPBEAR_AES256 |
57 static const struct dropbear_cipher dropbear_aes256 = | 57 static const struct dropbear_cipher dropbear_aes256 = |
58 {&aes_desc, 32, 16}; | 58 {&aes_desc, 32, 16}; |
59 #endif | 59 #endif |
60 #ifdef DROPBEAR_AES128 | 60 #if DROPBEAR_AES128 |
61 static const struct dropbear_cipher dropbear_aes128 = | 61 static const struct dropbear_cipher dropbear_aes128 = |
62 {&aes_desc, 16, 16}; | 62 {&aes_desc, 16, 16}; |
63 #endif | 63 #endif |
64 #ifdef DROPBEAR_BLOWFISH | 64 #if DROPBEAR_BLOWFISH |
65 static const struct dropbear_cipher dropbear_blowfish = | 65 static const struct dropbear_cipher dropbear_blowfish = |
66 {&blowfish_desc, 16, 8}; | 66 {&blowfish_desc, 16, 8}; |
67 #endif | 67 #endif |
68 #ifdef DROPBEAR_TWOFISH256 | 68 #if DROPBEAR_TWOFISH256 |
69 static const struct dropbear_cipher dropbear_twofish256 = | 69 static const struct dropbear_cipher dropbear_twofish256 = |
70 {&twofish_desc, 32, 16}; | 70 {&twofish_desc, 32, 16}; |
71 #endif | 71 #endif |
72 #ifdef DROPBEAR_TWOFISH128 | 72 #if DROPBEAR_TWOFISH128 |
73 static const struct dropbear_cipher dropbear_twofish128 = | 73 static const struct dropbear_cipher dropbear_twofish128 = |
74 {&twofish_desc, 16, 16}; | 74 {&twofish_desc, 16, 16}; |
75 #endif | 75 #endif |
76 #ifdef DROPBEAR_3DES | 76 #if DROPBEAR_3DES |
77 static const struct dropbear_cipher dropbear_3des = | 77 static const struct dropbear_cipher dropbear_3des = |
78 {&des3_desc, 24, 8}; | 78 {&des3_desc, 24, 8}; |
79 #endif | 79 #endif |
80 | 80 |
81 /* used to indicate no encryption, as defined in rfc2410 */ | 81 /* used to indicate no encryption, as defined in rfc2410 */ |
82 const struct dropbear_cipher dropbear_nocipher = | 82 const struct dropbear_cipher dropbear_nocipher = |
83 {NULL, 16, 8}; | 83 {NULL, 16, 8}; |
84 | 84 |
85 /* A few void* s are required to silence warnings | 85 /* A few void* s are required to silence warnings |
86 * about the symmetric_CBC vs symmetric_CTR cipher_state pointer */ | 86 * about the symmetric_CBC vs symmetric_CTR cipher_state pointer */ |
87 #ifdef DROPBEAR_ENABLE_CBC_MODE | 87 #if DROPBEAR_ENABLE_CBC_MODE |
88 const struct dropbear_cipher_mode dropbear_mode_cbc = | 88 const struct dropbear_cipher_mode dropbear_mode_cbc = |
89 {(void*)cbc_start, (void*)cbc_encrypt, (void*)cbc_decrypt}; | 89 {(void*)cbc_start, (void*)cbc_encrypt, (void*)cbc_decrypt}; |
90 #endif /* DROPBEAR_ENABLE_CBC_MODE */ | 90 #endif /* DROPBEAR_ENABLE_CBC_MODE */ |
91 | 91 |
92 const struct dropbear_cipher_mode dropbear_mode_none = | 92 const struct dropbear_cipher_mode dropbear_mode_none = |
93 {void_start, void_cipher, void_cipher}; | 93 {void_start, void_cipher, void_cipher}; |
94 | 94 |
95 #ifdef DROPBEAR_ENABLE_CTR_MODE | 95 #if DROPBEAR_ENABLE_CTR_MODE |
96 /* a wrapper to make ctr_start and cbc_start look the same */ | 96 /* a wrapper to make ctr_start and cbc_start look the same */ |
97 static int dropbear_big_endian_ctr_start(int cipher, | 97 static int dropbear_big_endian_ctr_start(int cipher, |
98 const unsigned char *IV, | 98 const unsigned char *IV, |
99 const unsigned char *key, int keylen, | 99 const unsigned char *key, int keylen, |
100 int num_rounds, symmetric_CTR *ctr) { | 100 int num_rounds, symmetric_CTR *ctr) { |
105 #endif /* DROPBEAR_ENABLE_CTR_MODE */ | 105 #endif /* DROPBEAR_ENABLE_CTR_MODE */ |
106 | 106 |
107 /* Mapping of ssh hashes to libtomcrypt hashes, including keysize etc. | 107 /* Mapping of ssh hashes to libtomcrypt hashes, including keysize etc. |
108 {&hash_desc, keysize, hashsize} */ | 108 {&hash_desc, keysize, hashsize} */ |
109 | 109 |
110 #ifdef DROPBEAR_SHA1_HMAC | 110 #if DROPBEAR_SHA1_HMAC |
111 static const struct dropbear_hash dropbear_sha1 = | 111 static const struct dropbear_hash dropbear_sha1 = |
112 {&sha1_desc, 20, 20}; | 112 {&sha1_desc, 20, 20}; |
113 #endif | 113 #endif |
114 #ifdef DROPBEAR_SHA1_96_HMAC | 114 #if DROPBEAR_SHA1_96_HMAC |
115 static const struct dropbear_hash dropbear_sha1_96 = | 115 static const struct dropbear_hash dropbear_sha1_96 = |
116 {&sha1_desc, 20, 12}; | 116 {&sha1_desc, 20, 12}; |
117 #endif | 117 #endif |
118 #ifdef DROPBEAR_SHA2_256_HMAC | 118 #if DROPBEAR_SHA2_256_HMAC |
119 static const struct dropbear_hash dropbear_sha2_256 = | 119 static const struct dropbear_hash dropbear_sha2_256 = |
120 {&sha256_desc, 32, 32}; | 120 {&sha256_desc, 32, 32}; |
121 #endif | 121 #endif |
122 #ifdef DROPBEAR_SHA2_512_HMAC | 122 #if DROPBEAR_SHA2_512_HMAC |
123 static const struct dropbear_hash dropbear_sha2_512 = | 123 static const struct dropbear_hash dropbear_sha2_512 = |
124 {&sha512_desc, 64, 64}; | 124 {&sha512_desc, 64, 64}; |
125 #endif | 125 #endif |
126 #ifdef DROPBEAR_MD5_HMAC | 126 #if DROPBEAR_MD5_HMAC |
127 static const struct dropbear_hash dropbear_md5 = | 127 static const struct dropbear_hash dropbear_md5 = |
128 {&md5_desc, 16, 16}; | 128 {&md5_desc, 16, 16}; |
129 #endif | 129 #endif |
130 | 130 |
131 const struct dropbear_hash dropbear_nohash = | 131 const struct dropbear_hash dropbear_nohash = |
135 /* The following map ssh names to internal values. | 135 /* The following map ssh names to internal values. |
136 * The ordering here is important for the client - the first mode | 136 * The ordering here is important for the client - the first mode |
137 * that is also supported by the server will get used. */ | 137 * that is also supported by the server will get used. */ |
138 | 138 |
139 algo_type sshciphers[] = { | 139 algo_type sshciphers[] = { |
140 #ifdef DROPBEAR_ENABLE_CTR_MODE | 140 #if DROPBEAR_ENABLE_CTR_MODE |
141 #ifdef DROPBEAR_AES128 | 141 #if DROPBEAR_AES128 |
142 {"aes128-ctr", 0, &dropbear_aes128, 1, &dropbear_mode_ctr}, | 142 {"aes128-ctr", 0, &dropbear_aes128, 1, &dropbear_mode_ctr}, |
143 #endif | 143 #endif |
144 #ifdef DROPBEAR_AES256 | 144 #if DROPBEAR_AES256 |
145 {"aes256-ctr", 0, &dropbear_aes256, 1, &dropbear_mode_ctr}, | 145 {"aes256-ctr", 0, &dropbear_aes256, 1, &dropbear_mode_ctr}, |
146 #endif | 146 #endif |
147 #ifdef DROPBEAR_TWOFISH_CTR | 147 #if DROPBEAR_TWOFISH_CTR |
148 /* twofish ctr is conditional as it hasn't been tested for interoperability, see options.h */ | 148 /* twofish ctr is conditional as it hasn't been tested for interoperability, see options.h */ |
149 #ifdef DROPBEAR_TWOFISH256 | 149 #if DROPBEAR_TWOFISH256 |
150 {"twofish256-ctr", 0, &dropbear_twofish256, 1, &dropbear_mode_ctr}, | 150 {"twofish256-ctr", 0, &dropbear_twofish256, 1, &dropbear_mode_ctr}, |
151 #endif | 151 #endif |
152 #ifdef DROPBEAR_TWOFISH128 | 152 #if DROPBEAR_TWOFISH128 |
153 {"twofish128-ctr", 0, &dropbear_twofish128, 1, &dropbear_mode_ctr}, | 153 {"twofish128-ctr", 0, &dropbear_twofish128, 1, &dropbear_mode_ctr}, |
154 #endif | 154 #endif |
155 #endif /* DROPBEAR_TWOFISH_CTR */ | 155 #endif /* DROPBEAR_TWOFISH_CTR */ |
156 #endif /* DROPBEAR_ENABLE_CTR_MODE */ | 156 #endif /* DROPBEAR_ENABLE_CTR_MODE */ |
157 | 157 |
158 #ifdef DROPBEAR_ENABLE_CBC_MODE | 158 #if DROPBEAR_ENABLE_CBC_MODE |
159 #ifdef DROPBEAR_AES128 | 159 #if DROPBEAR_AES128 |
160 {"aes128-cbc", 0, &dropbear_aes128, 1, &dropbear_mode_cbc}, | 160 {"aes128-cbc", 0, &dropbear_aes128, 1, &dropbear_mode_cbc}, |
161 #endif | 161 #endif |
162 #ifdef DROPBEAR_AES256 | 162 #if DROPBEAR_AES256 |
163 {"aes256-cbc", 0, &dropbear_aes256, 1, &dropbear_mode_cbc}, | 163 {"aes256-cbc", 0, &dropbear_aes256, 1, &dropbear_mode_cbc}, |
164 #endif | 164 #endif |
165 #ifdef DROPBEAR_TWOFISH256 | 165 #if DROPBEAR_TWOFISH256 |
166 {"twofish256-cbc", 0, &dropbear_twofish256, 1, &dropbear_mode_cbc}, | 166 {"twofish256-cbc", 0, &dropbear_twofish256, 1, &dropbear_mode_cbc}, |
167 {"twofish-cbc", 0, &dropbear_twofish256, 1, &dropbear_mode_cbc}, | 167 {"twofish-cbc", 0, &dropbear_twofish256, 1, &dropbear_mode_cbc}, |
168 #endif | 168 #endif |
169 #ifdef DROPBEAR_TWOFISH128 | 169 #if DROPBEAR_TWOFISH128 |
170 {"twofish128-cbc", 0, &dropbear_twofish128, 1, &dropbear_mode_cbc}, | 170 {"twofish128-cbc", 0, &dropbear_twofish128, 1, &dropbear_mode_cbc}, |
171 #endif | 171 #endif |
172 #ifdef DROPBEAR_3DES | 172 #if DROPBEAR_3DES |
173 {"3des-ctr", 0, &dropbear_3des, 1, &dropbear_mode_ctr}, | 173 {"3des-ctr", 0, &dropbear_3des, 1, &dropbear_mode_ctr}, |
174 #endif | 174 #endif |
175 #ifdef DROPBEAR_3DES | 175 #if DROPBEAR_3DES |
176 {"3des-cbc", 0, &dropbear_3des, 1, &dropbear_mode_cbc}, | 176 {"3des-cbc", 0, &dropbear_3des, 1, &dropbear_mode_cbc}, |
177 #endif | 177 #endif |
178 #ifdef DROPBEAR_BLOWFISH | 178 #if DROPBEAR_BLOWFISH |
179 {"blowfish-cbc", 0, &dropbear_blowfish, 1, &dropbear_mode_cbc}, | 179 {"blowfish-cbc", 0, &dropbear_blowfish, 1, &dropbear_mode_cbc}, |
180 #endif | 180 #endif |
181 #endif /* DROPBEAR_ENABLE_CBC_MODE */ | 181 #endif /* DROPBEAR_ENABLE_CBC_MODE */ |
182 #ifdef DROPBEAR_NONE_CIPHER | 182 #if DROPBEAR_NONE_CIPHER |
183 {"none", 0, (void*)&dropbear_nocipher, 1, &dropbear_mode_none}, | 183 {"none", 0, (void*)&dropbear_nocipher, 1, &dropbear_mode_none}, |
184 #endif | 184 #endif |
185 {NULL, 0, NULL, 0, NULL} | 185 {NULL, 0, NULL, 0, NULL} |
186 }; | 186 }; |
187 | 187 |
188 algo_type sshhashes[] = { | 188 algo_type sshhashes[] = { |
189 #ifdef DROPBEAR_SHA1_96_HMAC | 189 #if DROPBEAR_SHA1_96_HMAC |
190 {"hmac-sha1-96", 0, &dropbear_sha1_96, 1, NULL}, | 190 {"hmac-sha1-96", 0, &dropbear_sha1_96, 1, NULL}, |
191 #endif | 191 #endif |
192 #ifdef DROPBEAR_SHA1_HMAC | 192 #if DROPBEAR_SHA1_HMAC |
193 {"hmac-sha1", 0, &dropbear_sha1, 1, NULL}, | 193 {"hmac-sha1", 0, &dropbear_sha1, 1, NULL}, |
194 #endif | 194 #endif |
195 #ifdef DROPBEAR_SHA2_256_HMAC | 195 #if DROPBEAR_SHA2_256_HMAC |
196 {"hmac-sha2-256", 0, &dropbear_sha2_256, 1, NULL}, | 196 {"hmac-sha2-256", 0, &dropbear_sha2_256, 1, NULL}, |
197 #endif | 197 #endif |
198 #ifdef DROPBEAR_SHA2_512_HMAC | 198 #if DROPBEAR_SHA2_512_HMAC |
199 {"hmac-sha2-512", 0, &dropbear_sha2_512, 1, NULL}, | 199 {"hmac-sha2-512", 0, &dropbear_sha2_512, 1, NULL}, |
200 #endif | 200 #endif |
201 #ifdef DROPBEAR_MD5_HMAC | 201 #if DROPBEAR_MD5_HMAC |
202 {"hmac-md5", 0, (void*)&dropbear_md5, 1, NULL}, | 202 {"hmac-md5", 0, (void*)&dropbear_md5, 1, NULL}, |
203 #endif | |
204 #ifdef DROPBEAR_NONE_INTEGRITY | |
205 {"none", 0, (void*)&dropbear_nohash, 1, NULL}, | |
206 #endif | 203 #endif |
207 {NULL, 0, NULL, 0, NULL} | 204 {NULL, 0, NULL, 0, NULL} |
208 }; | 205 }; |
209 | 206 |
210 #ifndef DISABLE_ZLIB | 207 #ifndef DISABLE_ZLIB |
226 {"none", DROPBEAR_COMP_NONE, NULL, 1, NULL}, | 223 {"none", DROPBEAR_COMP_NONE, NULL, 1, NULL}, |
227 {NULL, 0, NULL, 0, NULL} | 224 {NULL, 0, NULL, 0, NULL} |
228 }; | 225 }; |
229 | 226 |
230 algo_type sshhostkey[] = { | 227 algo_type sshhostkey[] = { |
231 #ifdef DROPBEAR_ECDSA | 228 #if DROPBEAR_ECDSA |
232 #ifdef DROPBEAR_ECC_256 | 229 #if DROPBEAR_ECC_256 |
233 {"ecdsa-sha2-nistp256", DROPBEAR_SIGNKEY_ECDSA_NISTP256, NULL, 1, NULL}, | 230 {"ecdsa-sha2-nistp256", DROPBEAR_SIGNKEY_ECDSA_NISTP256, NULL, 1, NULL}, |
234 #endif | 231 #endif |
235 #ifdef DROPBEAR_ECC_384 | 232 #if DROPBEAR_ECC_384 |
236 {"ecdsa-sha2-nistp384", DROPBEAR_SIGNKEY_ECDSA_NISTP384, NULL, 1, NULL}, | 233 {"ecdsa-sha2-nistp384", DROPBEAR_SIGNKEY_ECDSA_NISTP384, NULL, 1, NULL}, |
237 #endif | 234 #endif |
238 #ifdef DROPBEAR_ECC_521 | 235 #if DROPBEAR_ECC_521 |
239 {"ecdsa-sha2-nistp521", DROPBEAR_SIGNKEY_ECDSA_NISTP521, NULL, 1, NULL}, | 236 {"ecdsa-sha2-nistp521", DROPBEAR_SIGNKEY_ECDSA_NISTP521, NULL, 1, NULL}, |
240 #endif | 237 #endif |
241 #endif | 238 #endif |
242 #ifdef DROPBEAR_RSA | 239 #if DROPBEAR_RSA |
243 {"ssh-rsa", DROPBEAR_SIGNKEY_RSA, NULL, 1, NULL}, | 240 {"ssh-rsa", DROPBEAR_SIGNKEY_RSA, NULL, 1, NULL}, |
244 #endif | 241 #endif |
245 #ifdef DROPBEAR_DSS | 242 #if DROPBEAR_DSS |
246 {"ssh-dss", DROPBEAR_SIGNKEY_DSS, NULL, 1, NULL}, | 243 {"ssh-dss", DROPBEAR_SIGNKEY_DSS, NULL, 1, NULL}, |
247 #endif | 244 #endif |
248 {NULL, 0, NULL, 0, NULL} | 245 {NULL, 0, NULL, 0, NULL} |
249 }; | 246 }; |
250 | 247 |
251 #if DROPBEAR_DH_GROUP1 | 248 #if DROPBEAR_DH_GROUP1 |
252 static const struct dropbear_kex kex_dh_group1 = {DROPBEAR_KEX_NORMAL_DH, dh_p_1, DH_P_1_LEN, NULL, &sha1_desc }; | 249 static const struct dropbear_kex kex_dh_group1 = {DROPBEAR_KEX_NORMAL_DH, dh_p_1, DH_P_1_LEN, NULL, &sha1_desc }; |
253 #endif | 250 #endif |
254 #if DROPBEAR_DH_GROUP14 | 251 #if DROPBEAR_DH_GROUP14_SHA1 |
255 static const struct dropbear_kex kex_dh_group14_sha1 = {DROPBEAR_KEX_NORMAL_DH, dh_p_14, DH_P_14_LEN, NULL, &sha1_desc }; | 252 static const struct dropbear_kex kex_dh_group14_sha1 = {DROPBEAR_KEX_NORMAL_DH, dh_p_14, DH_P_14_LEN, NULL, &sha1_desc }; |
256 #if DROPBEAR_DH_GROUP14_256 | 253 #endif |
254 #if DROPBEAR_DH_GROUP14_SHA256 | |
257 static const struct dropbear_kex kex_dh_group14_sha256 = {DROPBEAR_KEX_NORMAL_DH, dh_p_14, DH_P_14_LEN, NULL, &sha256_desc }; | 255 static const struct dropbear_kex kex_dh_group14_sha256 = {DROPBEAR_KEX_NORMAL_DH, dh_p_14, DH_P_14_LEN, NULL, &sha256_desc }; |
258 #endif | |
259 #endif | 256 #endif |
260 #if DROPBEAR_DH_GROUP16 | 257 #if DROPBEAR_DH_GROUP16 |
261 static const struct dropbear_kex kex_dh_group16_sha512 = {DROPBEAR_KEX_NORMAL_DH, dh_p_16, DH_P_16_LEN, NULL, &sha512_desc }; | 258 static const struct dropbear_kex kex_dh_group16_sha512 = {DROPBEAR_KEX_NORMAL_DH, dh_p_16, DH_P_16_LEN, NULL, &sha512_desc }; |
262 #endif | 259 #endif |
263 | 260 |
264 /* These can't be const since dropbear_ecc_fill_dp() fills out | 261 /* These can't be const since dropbear_ecc_fill_dp() fills out |
265 ecc_curve at runtime */ | 262 ecc_curve at runtime */ |
266 #ifdef DROPBEAR_ECDH | 263 #if DROPBEAR_ECDH |
267 #ifdef DROPBEAR_ECC_256 | 264 #if DROPBEAR_ECC_256 |
268 static const struct dropbear_kex kex_ecdh_nistp256 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp256, &sha256_desc }; | 265 static const struct dropbear_kex kex_ecdh_nistp256 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp256, &sha256_desc }; |
269 #endif | 266 #endif |
270 #ifdef DROPBEAR_ECC_384 | 267 #if DROPBEAR_ECC_384 |
271 static const struct dropbear_kex kex_ecdh_nistp384 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp384, &sha384_desc }; | 268 static const struct dropbear_kex kex_ecdh_nistp384 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp384, &sha384_desc }; |
272 #endif | 269 #endif |
273 #ifdef DROPBEAR_ECC_521 | 270 #if DROPBEAR_ECC_521 |
274 static const struct dropbear_kex kex_ecdh_nistp521 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp521, &sha512_desc }; | 271 static const struct dropbear_kex kex_ecdh_nistp521 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp521, &sha512_desc }; |
275 #endif | 272 #endif |
276 #endif /* DROPBEAR_ECDH */ | 273 #endif /* DROPBEAR_ECDH */ |
277 | 274 |
278 #ifdef DROPBEAR_CURVE25519 | 275 #if DROPBEAR_CURVE25519 |
279 /* Referred to directly */ | 276 /* Referred to directly */ |
280 static const struct dropbear_kex kex_curve25519 = {DROPBEAR_KEX_CURVE25519, NULL, 0, NULL, &sha256_desc }; | 277 static const struct dropbear_kex kex_curve25519 = {DROPBEAR_KEX_CURVE25519, NULL, 0, NULL, &sha256_desc }; |
281 #endif | 278 #endif |
282 | 279 |
283 algo_type sshkex[] = { | 280 algo_type sshkex[] = { |
284 #ifdef DROPBEAR_CURVE25519 | 281 #if DROPBEAR_CURVE25519 |
285 {"[email protected]", 0, &kex_curve25519, 1, NULL}, | 282 {"[email protected]", 0, &kex_curve25519, 1, NULL}, |
286 #endif | 283 #endif |
287 #ifdef DROPBEAR_ECDH | 284 #if DROPBEAR_ECDH |
288 #ifdef DROPBEAR_ECC_521 | 285 #if DROPBEAR_ECC_521 |
289 {"ecdh-sha2-nistp521", 0, &kex_ecdh_nistp521, 1, NULL}, | 286 {"ecdh-sha2-nistp521", 0, &kex_ecdh_nistp521, 1, NULL}, |
290 #endif | 287 #endif |
291 #ifdef DROPBEAR_ECC_384 | 288 #if DROPBEAR_ECC_384 |
292 {"ecdh-sha2-nistp384", 0, &kex_ecdh_nistp384, 1, NULL}, | 289 {"ecdh-sha2-nistp384", 0, &kex_ecdh_nistp384, 1, NULL}, |
293 #endif | 290 #endif |
294 #ifdef DROPBEAR_ECC_256 | 291 #if DROPBEAR_ECC_256 |
295 {"ecdh-sha2-nistp256", 0, &kex_ecdh_nistp256, 1, NULL}, | 292 {"ecdh-sha2-nistp256", 0, &kex_ecdh_nistp256, 1, NULL}, |
296 #endif | 293 #endif |
297 #endif | 294 #endif |
298 #if DROPBEAR_DH_GROUP14 | 295 #if DROPBEAR_DH_GROUP14_SHA1 |
299 #if DROPBEAR_DH_GROUP14_256 | 296 {"diffie-hellman-group14-sha1", 0, &kex_dh_group14_sha1, 1, NULL}, |
297 #endif | |
298 #if DROPBEAR_DH_GROUP14_SHA256 | |
300 {"diffie-hellman-group14-sha256", 0, &kex_dh_group14_sha256, 1, NULL}, | 299 {"diffie-hellman-group14-sha256", 0, &kex_dh_group14_sha256, 1, NULL}, |
301 #endif | |
302 {"diffie-hellman-group14-sha1", 0, &kex_dh_group14_sha1, 1, NULL}, | |
303 #endif | 300 #endif |
304 #if DROPBEAR_DH_GROUP1 | 301 #if DROPBEAR_DH_GROUP1 |
305 {"diffie-hellman-group1-sha1", 0, &kex_dh_group1, 1, NULL}, | 302 {"diffie-hellman-group1-sha1", 0, &kex_dh_group1, 1, NULL}, |
306 #endif | 303 #endif |
307 #if DROPBEAR_DH_GROUP16 | 304 #if DROPBEAR_DH_GROUP16 |
308 {"diffie-hellman-group16-sha512", 0, &kex_dh_group16_sha512, 1, NULL}, | 305 {"diffie-hellman-group16-sha512", 0, &kex_dh_group16_sha512, 1, NULL}, |
309 #endif | 306 #endif |
310 #ifdef USE_KEXGUESS2 | 307 #if DROPBEAR_KEXGUESS2 |
311 {KEXGUESS2_ALGO_NAME, KEXGUESS2_ALGO_ID, NULL, 1, NULL}, | 308 {KEXGUESS2_ALGO_NAME, KEXGUESS2_ALGO_ID, NULL, 1, NULL}, |
312 #endif | 309 #endif |
313 {NULL, 0, NULL, 0, NULL} | 310 {NULL, 0, NULL, 0, NULL} |
314 }; | 311 }; |
315 | 312 |
347 len = strlen(localalgos[i].name); | 344 len = strlen(localalgos[i].name); |
348 buf_putbytes(algolist, (const unsigned char *) localalgos[i].name, len); | 345 buf_putbytes(algolist, (const unsigned char *) localalgos[i].name, len); |
349 } | 346 } |
350 } | 347 } |
351 buf_putstring(buf, (const char*)algolist->data, algolist->len); | 348 buf_putstring(buf, (const char*)algolist->data, algolist->len); |
349 TRACE(("algolist add '%*s'", algolist->len, algolist->data)) | |
352 buf_free(algolist); | 350 buf_free(algolist); |
353 } | 351 } |
354 | 352 |
355 /* match the first algorithm in the comma-separated list in buf which is | 353 /* match the first algorithm in the comma-separated list in buf which is |
356 * also in localalgos[], or return NULL on failure. | 354 * also in localalgos[], or return NULL on failure. |
466 out: | 464 out: |
467 m_free(algolist); | 465 m_free(algolist); |
468 return ret; | 466 return ret; |
469 } | 467 } |
470 | 468 |
471 #ifdef DROPBEAR_NONE_CIPHER | 469 #if DROPBEAR_NONE_CIPHER |
472 | 470 |
473 void | 471 void |
474 set_algo_usable(algo_type algos[], const char * algo_name, int usable) | 472 set_algo_usable(algo_type algos[], const char * algo_name, int usable) |
475 { | 473 { |
476 algo_type *a; | 474 algo_type *a; |
498 return 0; | 496 return 0; |
499 } | 497 } |
500 | 498 |
501 #endif /* DROPBEAR_NONE_CIPHER */ | 499 #endif /* DROPBEAR_NONE_CIPHER */ |
502 | 500 |
503 #ifdef ENABLE_USER_ALGO_LIST | 501 #if DROPBEAR_USER_ALGO_LIST |
504 | 502 |
505 char * | 503 char * |
506 algolist_string(algo_type algos[]) | 504 algolist_string(algo_type algos[]) |
507 { | 505 { |
508 char *ret_list; | 506 char *ret_list; |
575 m_free(work_list); | 573 m_free(work_list); |
576 /* n+1 to include a null terminator */ | 574 /* n+1 to include a null terminator */ |
577 memcpy(algos, new_algos, sizeof(*new_algos) * (n+1)); | 575 memcpy(algos, new_algos, sizeof(*new_algos) * (n+1)); |
578 return n; | 576 return n; |
579 } | 577 } |
580 #endif /* ENABLE_USER_ALGO_LIST */ | 578 #endif /* DROPBEAR_USER_ALGO_LIST */ |