keyexchange.h 4.45 KB
Newer Older
Niels Möller's avatar
Niels Möller committed
1
2
/* keyexchange.h
 *
Niels Möller's avatar
Niels Möller committed
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
 *
 *
 * $Id$ */

/* lsh, an implementation of the ssh protocol
 *
 * Copyright (C) 1998 Niels Möller
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License as
 * published by the Free Software Foundation; either version 2 of the
 * License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
J.H.M. Dassen's avatar
J.H.M. Dassen committed
23
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
Niels Möller's avatar
Niels Möller committed
24
25
26
27
28
 */

#ifndef LSH_KEYEXCHANGE_H_INCLUDED
#define LSH_KEYEXCHANGE_H_INCLUDED

Niels Möller's avatar
Niels Möller committed
29
#include "abstract_crypto.h"
30
#include "abstract_compress.h"
Niels Möller's avatar
Niels Möller committed
31
#include "alist.h"
Niels Möller's avatar
Niels Möller committed
32

33
/* NOTE: The only thing in this file that needs bignum.h is the
34
35
 * declaration of kex_build_secret(). Perhaps, that indicates that the
 * function doesn't really belong here? */
36

37
#include "bignum.h"
38
#include "list.h"
Niels Möller's avatar
Niels Möller committed
39
#include "connection.h"
Niels Möller's avatar
Niels Möller committed
40
41
42
43
44
45
46
47
48

#define KEX_ENCRYPTION_CLIENT_TO_SERVER 0
#define KEX_ENCRYPTION_SERVER_TO_CLIENT 1
#define KEX_MAC_CLIENT_TO_SERVER 2
#define KEX_MAC_SERVER_TO_CLIENT 3
#define KEX_COMPRESSION_CLIENT_TO_SERVER 4
#define KEX_COMPRESSION_SERVER_TO_CLIENT 5

#define KEX_PARAMETERS 6
Niels Möller's avatar
Niels Möller committed
49

50

51
#define GABA_DECLARE
52
#include "keyexchange.h.x"
53
#undef GABA_DECLARE
54

55
/* GABA:
56
57
58
   (class
     (name keyexchange_algorithm)
     (vars
Niels Möller's avatar
Niels Möller committed
59
60
       ;; FIXME: Add some method or attribute describing
       ;; the requirements on the hostkey algorithm.
61

62
       ; Algorithms is an array indexed by the KEX_* values above
Niels Möller's avatar
Niels Möller committed
63
       (init method void
64
65
	     "struct ssh_connection *connection"
	     "int hostkey_algorithm_atom"
66
	     "struct lsh_object *extra"
67
	     "struct object_list *algorithms")))
68
*/
Niels Möller's avatar
Niels Möller committed
69

70
71
#define KEYEXCHANGE_INIT(kex, connection, ha, e, a) \
((kex)->init((kex), (connection), (ha), (e), (a)))
Niels Möller's avatar
Niels Möller committed
72

73
/* GABA:
74
75
76
77
78
   (class
     (name kexinit)
     (vars
       (cookie array UINT8 16);
       ; Lists of atoms
79
80
81
82
83
       (kex_algorithms object int_list)
       (server_hostkey_algorithms object int_list)
       (parameters array (object int_list) KEX_PARAMETERS)
       (languages_client_to_server object int_list)
       (languages_server_to_client object int_list)
84
       (first_kex_packet_follows . int)
85
       ; May be NULL. Used only for sending.
86
       (first_kex_packet string)))
87
88
*/
     
Niels Möller's avatar
Niels Möller committed
89
90
/* This function generates a new kexinit message.
 *
91
 * If a speculative packet follows, it is stored in the last field. */
Niels Möller's avatar
Niels Möller committed
92

93
/* GABA:
94
95
96
   (class
     (name make_kexinit)
     (vars
97
       (make method (object kexinit)) ))
98
99
*/

100
#define MAKE_KEXINIT(s) ((s)->make((s)))
101
     
Niels Möller's avatar
Niels Möller committed
102
struct lsh_string *format_kex(struct kexinit *kex);
Niels Möller's avatar
Niels Möller committed
103
void disconnect_kex_failed(struct ssh_connection *connection, const char *msg);
Niels Möller's avatar
Niels Möller committed
104

105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
struct crypto_instance *
kex_make_encrypt(struct hash_instance *secret,
		 struct object_list *algorithms,
		 int type,
		 struct lsh_string *session_id);

struct crypto_instance *
kex_make_decrypt(struct hash_instance *secret,
		 struct object_list *algorithms,
		 int type,
		 struct lsh_string *session_id);

struct mac_instance *
kex_make_mac(struct hash_instance *secret,
	     struct object_list *algorithms,
	     int type,
	     struct lsh_string *session_id);
Niels Möller's avatar
Niels Möller committed
122

123
124
125
126
127
128
129
130
131
struct make_kexinit *
make_simple_kexinit(struct randomness *r,
		    struct int_list *kex_algorithms,
		    struct int_list *hostkey_algorithms,
		    struct int_list *crypto_algorithms,
		    struct int_list *mac_algorithms,
		    struct int_list *compression_algorithms,
		    struct int_list *languages);

132
extern struct command_2 kexinit_filter;
133
#define KEXINIT_FILTER (&kexinit_filter.super.super)
134

135
136
137
138
/* Sends the keyexchange message, which must already be stored in
 * connection->kexinits[connection->flags & CONNECTION_MODE]
 */
void send_kexinit(struct ssh_connection *connection);
Niels Möller's avatar
Niels Möller committed
139

140
struct packet_handler *
141
make_kexinit_handler(struct lsh_object *extra,
142
		     struct alist *algorithms);
143
144
145

struct packet_handler *
make_newkeys_handler(struct crypto_instance *crypto,
146
147
		     struct mac_instance *mac,
		     struct compress_instance *compression);
148

Niels Möller's avatar
Niels Möller committed
149
150
void
keyexchange_finish(struct ssh_connection *connection,
151
		   struct object_list *algorithms,
152
		   const struct hash_algorithm *H,
Niels Möller's avatar
Niels Möller committed
153
154
		   struct lsh_string *exchange_hash,
		   struct lsh_string *K);
155

Niels Möller's avatar
Niels Möller committed
156
#endif /* LSH_KEYEXCHANGE_H_INCLUDED */