Mercurial > dropbear
view algo.h @ 1672:3a97f14c0235
Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93)
* Add Chacha20-Poly1305 authenticated encryption
* Add general AEAD approach.
* Add [email protected] algo using LibTomCrypt chacha and
poly1305 routines.
Chacha20-Poly1305 is generally faster than AES256 on CPU w/o dedicated
AES instructions, having the same key size.
Compiling in will add ~5,5kB to binary size on x86-64.
function old new delta
chacha_crypt - 1397 +1397
_poly1305_block - 608 +608
poly1305_done - 595 +595
dropbear_chachapoly_crypt - 457 +457
.rodata 26976 27392 +416
poly1305_process - 290 +290
poly1305_init - 221 +221
chacha_setup - 218 +218
encrypt_packet 1068 1270 +202
dropbear_chachapoly_getlength - 147 +147
decrypt_packet 756 897 +141
chacha_ivctr64 - 137 +137
read_packet 543 637 +94
dropbear_chachapoly_start - 94 +94
read_kex_algos 792 880 +88
chacha_keystream - 69 +69
dropbear_mode_chachapoly - 48 +48
sshciphers 280 320 +40
dropbear_mode_none 24 48 +24
dropbear_mode_ctr 24 48 +24
dropbear_mode_cbc 24 48 +24
dropbear_chachapoly_mac - 24 +24
dropbear_chachapoly - 24 +24
gen_new_keys 848 854 +6
------------------------------------------------------------------------------
(add/remove: 14/0 grow/shrink: 10/0 up/down: 5388/0) Total: 5388 bytes
* Add AES128-GCM and AES256-GCM authenticated encryption
* Add general AES-GCM mode.
* Add [email protected] and [email protected] algo using
LibTomCrypt gcm routines.
AES-GCM is combination of AES CTR mode and GHASH, slower than AES-CTR on
CPU w/o dedicated AES/GHASH instructions therefore disabled by default.
Compiling in will add ~6kB to binary size on x86-64.
function old new delta
gcm_process - 1060 +1060
.rodata 26976 27808 +832
gcm_gf_mult - 820 +820
gcm_add_aad - 660 +660
gcm_shift_table - 512 +512
gcm_done - 471 +471
gcm_add_iv - 384 +384
gcm_init - 347 +347
dropbear_gcm_crypt - 309 +309
encrypt_packet 1068 1270 +202
decrypt_packet 756 897 +141
gcm_reset - 118 +118
read_packet 543 637 +94
read_kex_algos 792 880 +88
sshciphers 280 360 +80
gcm_mult_h - 80 +80
dropbear_gcm_start - 62 +62
dropbear_mode_gcm - 48 +48
dropbear_mode_none 24 48 +24
dropbear_mode_ctr 24 48 +24
dropbear_mode_cbc 24 48 +24
dropbear_ghash - 24 +24
dropbear_gcm_getlength - 24 +24
gen_new_keys 848 854 +6
------------------------------------------------------------------------------
(add/remove: 14/0 grow/shrink: 10/0 up/down: 6434/0) Total: 6434 bytes
author | Vladislav Grishenko <themiron@users.noreply.github.com> |
---|---|
date | Mon, 25 May 2020 20:50:25 +0500 |
parents | 06d52bcb8094 |
children | 41bf8f216644 |
line wrap: on
line source
/* * Dropbear - a SSH2 server * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE * SOFTWARE. */ #ifndef DROPBEAR_ALGO_H_ #define DROPBEAR_ALGO_H_ #include "includes.h" #include "buffer.h" #define DROPBEAR_MODE_UNUSED 0 #define DROPBEAR_MODE_CBC 1 #define DROPBEAR_MODE_CTR 2 struct Algo_Type { const char *name; /* identifying name */ char val; /* a value for this cipher, or -1 for invalid */ const void *data; /* algorithm specific data */ char usable; /* whether we can use this algorithm */ const void *mode; /* the mode, currently only used for ciphers, points to a 'struct dropbear_cipher_mode' */ }; typedef struct Algo_Type algo_type; /* lists mapping ssh types of algorithms to internal values */ extern algo_type sshkex[]; extern algo_type sshhostkey[]; extern algo_type sshciphers[]; extern algo_type sshhashes[]; extern algo_type ssh_compress[]; extern algo_type ssh_delaycompress[]; extern algo_type ssh_nocompress[]; extern const struct dropbear_cipher dropbear_nocipher; extern const struct dropbear_cipher_mode dropbear_mode_none; extern const struct dropbear_hash dropbear_nohash; struct dropbear_cipher { const struct ltc_cipher_descriptor *cipherdesc; const unsigned long keysize; const unsigned char blocksize; }; struct dropbear_cipher_mode { int (*start)(int cipher, const unsigned char *IV, const unsigned char *key, int keylen, int num_rounds, void *cipher_state); int (*encrypt)(const unsigned char *pt, unsigned char *ct, unsigned long len, void *cipher_state); int (*decrypt)(const unsigned char *ct, unsigned char *pt, unsigned long len, void *cipher_state); int (*aead_crypt)(unsigned int seq, const unsigned char *in, unsigned char *out, unsigned long len, unsigned long taglen, void *cipher_state, int direction); int (*aead_getlength)(unsigned int seq, const unsigned char *in, unsigned int *outlen, unsigned long len, void *cipher_state); const struct dropbear_hash *aead_mac; }; struct dropbear_hash { const struct ltc_hash_descriptor *hash_desc; const unsigned long keysize; /* hashsize may be truncated from the size returned by hash_desc, eg sha1-96 */ const unsigned char hashsize; }; enum dropbear_kex_mode { #if DROPBEAR_NORMAL_DH DROPBEAR_KEX_NORMAL_DH, #endif #if DROPBEAR_ECDH DROPBEAR_KEX_ECDH, #endif #if DROPBEAR_CURVE25519 DROPBEAR_KEX_CURVE25519, #endif }; struct dropbear_kex { enum dropbear_kex_mode mode; /* "normal" DH KEX */ const unsigned char *dh_p_bytes; const int dh_p_len; /* elliptic curve DH KEX */ #if DROPBEAR_ECDH const struct dropbear_ecc_curve *ecc_curve; #else const void* dummy; #endif /* both */ const struct ltc_hash_descriptor *hash_desc; }; int have_algo(const char* algo, size_t algolen, const algo_type algos[]); void buf_put_algolist(buffer * buf, const algo_type localalgos[]); enum kexguess2_used { KEXGUESS2_LOOK, KEXGUESS2_NO, KEXGUESS2_YES, }; #define KEXGUESS2_ALGO_NAME "[email protected]" #define KEXGUESS2_ALGO_ID 99 algo_type * buf_match_algo(buffer* buf, algo_type localalgos[], enum kexguess2_used *kexguess2, int *goodguess); #if DROPBEAR_USER_ALGO_LIST int check_user_algos(const char* user_algo_list, algo_type * algos, const char *algo_desc); char * algolist_string(const algo_type algos[]); #endif enum { DROPBEAR_COMP_NONE, DROPBEAR_COMP_ZLIB, DROPBEAR_COMP_ZLIB_DELAY, }; #endif /* DROPBEAR_ALGO_H_ */