2014-12-10 21:56:49 +00:00
|
|
|
/*
|
|
|
|
* Dropbear SSH
|
|
|
|
*
|
|
|
|
* Copyright (c) 2002,2003 Matt Johnston
|
|
|
|
* Copyright (c) 2004 by Mihnea Stoenescu
|
|
|
|
* All rights reserved.
|
|
|
|
*
|
|
|
|
* Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
|
|
* of this software and associated documentation files (the "Software"), to deal
|
|
|
|
* in the Software without restriction, including without limitation the rights
|
|
|
|
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
|
|
* copies of the Software, and to permit persons to whom the Software is
|
|
|
|
* furnished to do so, subject to the following conditions:
|
|
|
|
*
|
|
|
|
* The above copyright notice and this permission notice shall be included in
|
|
|
|
* all copies or substantial portions of the Software.
|
|
|
|
*
|
|
|
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
|
|
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
|
|
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
|
|
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
|
|
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
|
|
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
|
|
* SOFTWARE. */
|
|
|
|
|
|
|
|
#include "includes.h"
|
|
|
|
#include "algo.h"
|
|
|
|
#include "session.h"
|
|
|
|
#include "dbutil.h"
|
2019-06-09 20:44:26 +00:00
|
|
|
#include "dh_groups.h"
|
2014-12-10 21:56:49 +00:00
|
|
|
#include "ltc_prng.h"
|
|
|
|
#include "ecc.h"
|
|
|
|
|
|
|
|
/* This file (algo.c) organises the ciphers which can be used, and is used to
|
|
|
|
* decide which ciphers/hashes/compression/signing to use during key exchange*/
|
|
|
|
|
|
|
|
static int void_cipher(const unsigned char* in, unsigned char* out,
|
|
|
|
unsigned long len, void* UNUSED(cipher_state)) {
|
|
|
|
if (in != out) {
|
|
|
|
memmove(out, in, len);
|
|
|
|
}
|
|
|
|
return CRYPT_OK;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int void_start(int UNUSED(cipher), const unsigned char* UNUSED(IV),
|
|
|
|
const unsigned char* UNUSED(key),
|
|
|
|
int UNUSED(keylen), int UNUSED(num_rounds), void* UNUSED(cipher_state)) {
|
|
|
|
return CRYPT_OK;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Mappings for ciphers, parameters are
|
|
|
|
{&cipher_desc, keysize, blocksize} */
|
|
|
|
|
|
|
|
/* Remember to add new ciphers/hashes to regciphers/reghashes too */
|
|
|
|
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_AES256
|
2014-12-10 21:56:49 +00:00
|
|
|
static const struct dropbear_cipher dropbear_aes256 =
|
|
|
|
{&aes_desc, 32, 16};
|
|
|
|
#endif
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_AES128
|
2014-12-10 21:56:49 +00:00
|
|
|
static const struct dropbear_cipher dropbear_aes128 =
|
|
|
|
{&aes_desc, 16, 16};
|
|
|
|
#endif
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_BLOWFISH
|
2014-12-10 21:56:49 +00:00
|
|
|
static const struct dropbear_cipher dropbear_blowfish =
|
|
|
|
{&blowfish_desc, 16, 8};
|
|
|
|
#endif
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_TWOFISH256
|
2014-12-10 21:56:49 +00:00
|
|
|
static const struct dropbear_cipher dropbear_twofish256 =
|
|
|
|
{&twofish_desc, 32, 16};
|
|
|
|
#endif
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_TWOFISH128
|
2014-12-10 21:56:49 +00:00
|
|
|
static const struct dropbear_cipher dropbear_twofish128 =
|
|
|
|
{&twofish_desc, 16, 16};
|
|
|
|
#endif
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_3DES
|
2014-12-10 21:56:49 +00:00
|
|
|
static const struct dropbear_cipher dropbear_3des =
|
|
|
|
{&des3_desc, 24, 8};
|
|
|
|
#endif
|
|
|
|
|
|
|
|
/* used to indicate no encryption, as defined in rfc2410 */
|
|
|
|
const struct dropbear_cipher dropbear_nocipher =
|
|
|
|
{NULL, 16, 8};
|
|
|
|
|
|
|
|
/* A few void* s are required to silence warnings
|
|
|
|
* about the symmetric_CBC vs symmetric_CTR cipher_state pointer */
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_ENABLE_CBC_MODE
|
2014-12-10 21:56:49 +00:00
|
|
|
const struct dropbear_cipher_mode dropbear_mode_cbc =
|
|
|
|
{(void*)cbc_start, (void*)cbc_encrypt, (void*)cbc_decrypt};
|
2019-06-09 20:44:26 +00:00
|
|
|
#endif /* DROPBEAR_ENABLE_CBC_MODE */
|
|
|
|
|
2014-12-10 21:56:49 +00:00
|
|
|
const struct dropbear_cipher_mode dropbear_mode_none =
|
|
|
|
{void_start, void_cipher, void_cipher};
|
2019-06-09 20:44:26 +00:00
|
|
|
|
|
|
|
#if DROPBEAR_ENABLE_CTR_MODE
|
2014-12-10 21:56:49 +00:00
|
|
|
/* a wrapper to make ctr_start and cbc_start look the same */
|
|
|
|
static int dropbear_big_endian_ctr_start(int cipher,
|
|
|
|
const unsigned char *IV,
|
|
|
|
const unsigned char *key, int keylen,
|
|
|
|
int num_rounds, symmetric_CTR *ctr) {
|
|
|
|
return ctr_start(cipher, IV, key, keylen, num_rounds, CTR_COUNTER_BIG_ENDIAN, ctr);
|
|
|
|
}
|
|
|
|
const struct dropbear_cipher_mode dropbear_mode_ctr =
|
|
|
|
{(void*)dropbear_big_endian_ctr_start, (void*)ctr_encrypt, (void*)ctr_decrypt};
|
2019-06-09 20:44:26 +00:00
|
|
|
#endif /* DROPBEAR_ENABLE_CTR_MODE */
|
2014-12-10 21:56:49 +00:00
|
|
|
|
|
|
|
/* Mapping of ssh hashes to libtomcrypt hashes, including keysize etc.
|
|
|
|
{&hash_desc, keysize, hashsize} */
|
|
|
|
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_SHA1_HMAC
|
2014-12-10 21:56:49 +00:00
|
|
|
static const struct dropbear_hash dropbear_sha1 =
|
|
|
|
{&sha1_desc, 20, 20};
|
|
|
|
#endif
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_SHA1_96_HMAC
|
2014-12-10 21:56:49 +00:00
|
|
|
static const struct dropbear_hash dropbear_sha1_96 =
|
|
|
|
{&sha1_desc, 20, 12};
|
|
|
|
#endif
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_SHA2_256_HMAC
|
2014-12-10 21:56:49 +00:00
|
|
|
static const struct dropbear_hash dropbear_sha2_256 =
|
|
|
|
{&sha256_desc, 32, 32};
|
|
|
|
#endif
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_SHA2_512_HMAC
|
2014-12-10 21:56:49 +00:00
|
|
|
static const struct dropbear_hash dropbear_sha2_512 =
|
|
|
|
{&sha512_desc, 64, 64};
|
|
|
|
#endif
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_MD5_HMAC
|
2014-12-10 21:56:49 +00:00
|
|
|
static const struct dropbear_hash dropbear_md5 =
|
|
|
|
{&md5_desc, 16, 16};
|
|
|
|
#endif
|
|
|
|
|
|
|
|
const struct dropbear_hash dropbear_nohash =
|
|
|
|
{NULL, 16, 0}; /* used initially */
|
|
|
|
|
|
|
|
|
|
|
|
/* The following map ssh names to internal values.
|
|
|
|
* The ordering here is important for the client - the first mode
|
|
|
|
* that is also supported by the server will get used. */
|
|
|
|
|
|
|
|
algo_type sshciphers[] = {
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_ENABLE_CTR_MODE
|
|
|
|
#if DROPBEAR_AES128
|
2014-12-10 21:56:49 +00:00
|
|
|
{"aes128-ctr", 0, &dropbear_aes128, 1, &dropbear_mode_ctr},
|
|
|
|
#endif
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_AES256
|
2014-12-10 21:56:49 +00:00
|
|
|
{"aes256-ctr", 0, &dropbear_aes256, 1, &dropbear_mode_ctr},
|
|
|
|
#endif
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_TWOFISH_CTR
|
|
|
|
/* twofish ctr is conditional as it hasn't been tested for interoperability, see options.h */
|
|
|
|
#if DROPBEAR_TWOFISH256
|
|
|
|
{"twofish256-ctr", 0, &dropbear_twofish256, 1, &dropbear_mode_ctr},
|
|
|
|
#endif
|
|
|
|
#if DROPBEAR_TWOFISH128
|
|
|
|
{"twofish128-ctr", 0, &dropbear_twofish128, 1, &dropbear_mode_ctr},
|
|
|
|
#endif
|
|
|
|
#endif /* DROPBEAR_TWOFISH_CTR */
|
2014-12-10 21:56:49 +00:00
|
|
|
#endif /* DROPBEAR_ENABLE_CTR_MODE */
|
|
|
|
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_ENABLE_CBC_MODE
|
|
|
|
#if DROPBEAR_AES128
|
2014-12-10 21:56:49 +00:00
|
|
|
{"aes128-cbc", 0, &dropbear_aes128, 1, &dropbear_mode_cbc},
|
|
|
|
#endif
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_AES256
|
2014-12-10 21:56:49 +00:00
|
|
|
{"aes256-cbc", 0, &dropbear_aes256, 1, &dropbear_mode_cbc},
|
|
|
|
#endif
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_TWOFISH256
|
2014-12-10 21:56:49 +00:00
|
|
|
{"twofish256-cbc", 0, &dropbear_twofish256, 1, &dropbear_mode_cbc},
|
|
|
|
{"twofish-cbc", 0, &dropbear_twofish256, 1, &dropbear_mode_cbc},
|
|
|
|
#endif
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_TWOFISH128
|
2014-12-10 21:56:49 +00:00
|
|
|
{"twofish128-cbc", 0, &dropbear_twofish128, 1, &dropbear_mode_cbc},
|
|
|
|
#endif
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_3DES
|
|
|
|
{"3des-ctr", 0, &dropbear_3des, 1, &dropbear_mode_ctr},
|
2014-12-10 21:56:49 +00:00
|
|
|
#endif
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_3DES
|
|
|
|
{"3des-cbc", 0, &dropbear_3des, 1, &dropbear_mode_cbc},
|
|
|
|
#endif
|
|
|
|
#if DROPBEAR_BLOWFISH
|
|
|
|
{"blowfish-cbc", 0, &dropbear_blowfish, 1, &dropbear_mode_cbc},
|
2014-12-10 21:56:49 +00:00
|
|
|
#endif
|
2019-06-09 20:44:26 +00:00
|
|
|
#endif /* DROPBEAR_ENABLE_CBC_MODE */
|
2014-12-10 21:56:49 +00:00
|
|
|
{NULL, 0, NULL, 0, NULL}
|
|
|
|
};
|
|
|
|
|
|
|
|
algo_type sshhashes[] = {
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_SHA1_96_HMAC
|
2014-12-10 21:56:49 +00:00
|
|
|
{"hmac-sha1-96", 0, &dropbear_sha1_96, 1, NULL},
|
|
|
|
#endif
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_SHA1_HMAC
|
2014-12-10 21:56:49 +00:00
|
|
|
{"hmac-sha1", 0, &dropbear_sha1, 1, NULL},
|
|
|
|
#endif
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_SHA2_256_HMAC
|
|
|
|
{"hmac-sha2-256", 0, &dropbear_sha2_256, 1, NULL},
|
2014-12-10 21:56:49 +00:00
|
|
|
#endif
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_SHA2_512_HMAC
|
|
|
|
{"hmac-sha2-512", 0, &dropbear_sha2_512, 1, NULL},
|
|
|
|
#endif
|
|
|
|
#if DROPBEAR_MD5_HMAC
|
|
|
|
{"hmac-md5", 0, (void*)&dropbear_md5, 1, NULL},
|
2014-12-10 21:56:49 +00:00
|
|
|
#endif
|
|
|
|
{NULL, 0, NULL, 0, NULL}
|
|
|
|
};
|
|
|
|
|
|
|
|
#ifndef DISABLE_ZLIB
|
|
|
|
algo_type ssh_compress[] = {
|
2019-06-09 20:44:26 +00:00
|
|
|
{"zlib@openssh.com", DROPBEAR_COMP_ZLIB_DELAY, NULL, 1, NULL},
|
2014-12-10 21:56:49 +00:00
|
|
|
{"zlib", DROPBEAR_COMP_ZLIB, NULL, 1, NULL},
|
2019-06-09 20:44:26 +00:00
|
|
|
{"none", DROPBEAR_COMP_NONE, NULL, 1, NULL},
|
|
|
|
{NULL, 0, NULL, 0, NULL}
|
|
|
|
};
|
|
|
|
|
|
|
|
algo_type ssh_delaycompress[] = {
|
2014-12-10 21:56:49 +00:00
|
|
|
{"zlib@openssh.com", DROPBEAR_COMP_ZLIB_DELAY, NULL, 1, NULL},
|
|
|
|
{"none", DROPBEAR_COMP_NONE, NULL, 1, NULL},
|
|
|
|
{NULL, 0, NULL, 0, NULL}
|
|
|
|
};
|
|
|
|
#endif
|
|
|
|
|
|
|
|
algo_type ssh_nocompress[] = {
|
|
|
|
{"none", DROPBEAR_COMP_NONE, NULL, 1, NULL},
|
|
|
|
{NULL, 0, NULL, 0, NULL}
|
|
|
|
};
|
|
|
|
|
|
|
|
algo_type sshhostkey[] = {
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_ECDSA
|
|
|
|
#if DROPBEAR_ECC_256
|
2014-12-10 21:56:49 +00:00
|
|
|
{"ecdsa-sha2-nistp256", DROPBEAR_SIGNKEY_ECDSA_NISTP256, NULL, 1, NULL},
|
|
|
|
#endif
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_ECC_384
|
2014-12-10 21:56:49 +00:00
|
|
|
{"ecdsa-sha2-nistp384", DROPBEAR_SIGNKEY_ECDSA_NISTP384, NULL, 1, NULL},
|
|
|
|
#endif
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_ECC_521
|
2014-12-10 21:56:49 +00:00
|
|
|
{"ecdsa-sha2-nistp521", DROPBEAR_SIGNKEY_ECDSA_NISTP521, NULL, 1, NULL},
|
|
|
|
#endif
|
|
|
|
#endif
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_RSA
|
2014-12-10 21:56:49 +00:00
|
|
|
{"ssh-rsa", DROPBEAR_SIGNKEY_RSA, NULL, 1, NULL},
|
|
|
|
#endif
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_DSS
|
2014-12-10 21:56:49 +00:00
|
|
|
{"ssh-dss", DROPBEAR_SIGNKEY_DSS, NULL, 1, NULL},
|
|
|
|
#endif
|
|
|
|
{NULL, 0, NULL, 0, NULL}
|
|
|
|
};
|
|
|
|
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_DH_GROUP1
|
2014-12-10 21:56:49 +00:00
|
|
|
static const struct dropbear_kex kex_dh_group1 = {DROPBEAR_KEX_NORMAL_DH, dh_p_1, DH_P_1_LEN, NULL, &sha1_desc };
|
2019-06-09 20:44:26 +00:00
|
|
|
#endif
|
|
|
|
#if DROPBEAR_DH_GROUP14_SHA1
|
|
|
|
static const struct dropbear_kex kex_dh_group14_sha1 = {DROPBEAR_KEX_NORMAL_DH, dh_p_14, DH_P_14_LEN, NULL, &sha1_desc };
|
|
|
|
#endif
|
|
|
|
#if DROPBEAR_DH_GROUP14_SHA256
|
|
|
|
static const struct dropbear_kex kex_dh_group14_sha256 = {DROPBEAR_KEX_NORMAL_DH, dh_p_14, DH_P_14_LEN, NULL, &sha256_desc };
|
|
|
|
#endif
|
|
|
|
#if DROPBEAR_DH_GROUP16
|
|
|
|
static const struct dropbear_kex kex_dh_group16_sha512 = {DROPBEAR_KEX_NORMAL_DH, dh_p_16, DH_P_16_LEN, NULL, &sha512_desc };
|
|
|
|
#endif
|
2014-12-10 21:56:49 +00:00
|
|
|
|
|
|
|
/* These can't be const since dropbear_ecc_fill_dp() fills out
|
|
|
|
ecc_curve at runtime */
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_ECDH
|
|
|
|
#if DROPBEAR_ECC_256
|
|
|
|
static const struct dropbear_kex kex_ecdh_nistp256 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp256, &sha256_desc };
|
2014-12-10 21:56:49 +00:00
|
|
|
#endif
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_ECC_384
|
|
|
|
static const struct dropbear_kex kex_ecdh_nistp384 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp384, &sha384_desc };
|
2014-12-10 21:56:49 +00:00
|
|
|
#endif
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_ECC_521
|
|
|
|
static const struct dropbear_kex kex_ecdh_nistp521 = {DROPBEAR_KEX_ECDH, NULL, 0, &ecc_curve_nistp521, &sha512_desc };
|
2014-12-10 21:56:49 +00:00
|
|
|
#endif
|
|
|
|
#endif /* DROPBEAR_ECDH */
|
|
|
|
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_CURVE25519
|
2014-12-10 21:56:49 +00:00
|
|
|
/* Referred to directly */
|
|
|
|
static const struct dropbear_kex kex_curve25519 = {DROPBEAR_KEX_CURVE25519, NULL, 0, NULL, &sha256_desc };
|
|
|
|
#endif
|
|
|
|
|
|
|
|
algo_type sshkex[] = {
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_CURVE25519
|
|
|
|
{"curve25519-sha256", 0, &kex_curve25519, 1, NULL},
|
2014-12-10 21:56:49 +00:00
|
|
|
{"curve25519-sha256@libssh.org", 0, &kex_curve25519, 1, NULL},
|
|
|
|
#endif
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_ECDH
|
|
|
|
#if DROPBEAR_ECC_521
|
2014-12-10 21:56:49 +00:00
|
|
|
{"ecdh-sha2-nistp521", 0, &kex_ecdh_nistp521, 1, NULL},
|
|
|
|
#endif
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_ECC_384
|
2014-12-10 21:56:49 +00:00
|
|
|
{"ecdh-sha2-nistp384", 0, &kex_ecdh_nistp384, 1, NULL},
|
|
|
|
#endif
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_ECC_256
|
2014-12-10 21:56:49 +00:00
|
|
|
{"ecdh-sha2-nistp256", 0, &kex_ecdh_nistp256, 1, NULL},
|
|
|
|
#endif
|
|
|
|
#endif
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_DH_GROUP14_SHA256
|
|
|
|
{"diffie-hellman-group14-sha256", 0, &kex_dh_group14_sha256, 1, NULL},
|
|
|
|
#endif
|
|
|
|
#if DROPBEAR_DH_GROUP14_SHA1
|
|
|
|
{"diffie-hellman-group14-sha1", 0, &kex_dh_group14_sha1, 1, NULL},
|
|
|
|
#endif
|
|
|
|
#if DROPBEAR_DH_GROUP1
|
2014-12-10 21:56:49 +00:00
|
|
|
{"diffie-hellman-group1-sha1", 0, &kex_dh_group1, 1, NULL},
|
2019-06-09 20:44:26 +00:00
|
|
|
#endif
|
|
|
|
#if DROPBEAR_DH_GROUP16
|
|
|
|
{"diffie-hellman-group16-sha512", 0, &kex_dh_group16_sha512, 1, NULL},
|
|
|
|
#endif
|
|
|
|
#if DROPBEAR_KEXGUESS2
|
2014-12-10 21:56:49 +00:00
|
|
|
{KEXGUESS2_ALGO_NAME, KEXGUESS2_ALGO_ID, NULL, 1, NULL},
|
|
|
|
#endif
|
|
|
|
{NULL, 0, NULL, 0, NULL}
|
|
|
|
};
|
|
|
|
|
|
|
|
/* algolen specifies the length of algo, algos is our local list to match
|
|
|
|
* against.
|
|
|
|
* Returns DROPBEAR_SUCCESS if we have a match for algo, DROPBEAR_FAILURE
|
|
|
|
* otherwise */
|
2019-06-09 20:44:26 +00:00
|
|
|
int have_algo(const char* algo, size_t algolen, const algo_type algos[]) {
|
2014-12-10 21:56:49 +00:00
|
|
|
|
|
|
|
int i;
|
|
|
|
|
|
|
|
for (i = 0; algos[i].name != NULL; i++) {
|
|
|
|
if (strlen(algos[i].name) == algolen
|
|
|
|
&& (strncmp(algos[i].name, algo, algolen) == 0)) {
|
|
|
|
return DROPBEAR_SUCCESS;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return DROPBEAR_FAILURE;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Output a comma separated list of algorithms to a buffer */
|
2019-06-09 20:44:26 +00:00
|
|
|
void buf_put_algolist(buffer * buf, const algo_type localalgos[]) {
|
2014-12-10 21:56:49 +00:00
|
|
|
|
|
|
|
unsigned int i, len;
|
|
|
|
unsigned int donefirst = 0;
|
|
|
|
buffer *algolist = NULL;
|
|
|
|
|
2019-06-09 20:44:26 +00:00
|
|
|
algolist = buf_new(300);
|
2014-12-10 21:56:49 +00:00
|
|
|
for (i = 0; localalgos[i].name != NULL; i++) {
|
|
|
|
if (localalgos[i].usable) {
|
|
|
|
if (donefirst)
|
|
|
|
buf_putbyte(algolist, ',');
|
|
|
|
donefirst = 1;
|
|
|
|
len = strlen(localalgos[i].name);
|
2019-06-09 20:44:26 +00:00
|
|
|
buf_putbytes(algolist, (const unsigned char *) localalgos[i].name, len);
|
2014-12-10 21:56:49 +00:00
|
|
|
}
|
|
|
|
}
|
2019-06-09 20:44:26 +00:00
|
|
|
buf_putstring(buf, (const char*)algolist->data, algolist->len);
|
|
|
|
TRACE(("algolist add '%*s'", algolist->len, algolist->data))
|
2014-12-10 21:56:49 +00:00
|
|
|
buf_free(algolist);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* match the first algorithm in the comma-separated list in buf which is
|
|
|
|
* also in localalgos[], or return NULL on failure.
|
|
|
|
* (*goodguess) is set to 1 if the preferred client/server algos match,
|
|
|
|
* 0 otherwise. This is used for checking if the kexalgo/hostkeyalgos are
|
|
|
|
* guessed correctly */
|
|
|
|
algo_type * buf_match_algo(buffer* buf, algo_type localalgos[],
|
|
|
|
enum kexguess2_used *kexguess2, int *goodguess)
|
|
|
|
{
|
|
|
|
|
2019-06-09 20:44:26 +00:00
|
|
|
char * algolist = NULL;
|
|
|
|
const char *remotenames[MAX_PROPOSED_ALGO], *localnames[MAX_PROPOSED_ALGO];
|
2014-12-10 21:56:49 +00:00
|
|
|
unsigned int len;
|
|
|
|
unsigned int remotecount, localcount, clicount, servcount, i, j;
|
|
|
|
algo_type * ret = NULL;
|
2019-06-09 20:44:26 +00:00
|
|
|
const char **clinames, **servnames;
|
2014-12-10 21:56:49 +00:00
|
|
|
|
|
|
|
if (goodguess) {
|
|
|
|
*goodguess = 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* get the comma-separated list from the buffer ie "algo1,algo2,algo3" */
|
|
|
|
algolist = buf_getstring(buf, &len);
|
|
|
|
TRACE(("buf_match_algo: %s", algolist))
|
|
|
|
if (len > MAX_PROPOSED_ALGO*(MAX_NAME_LEN+1)) {
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* remotenames will contain a list of the strings parsed out */
|
|
|
|
/* We will have at least one string (even if it's just "") */
|
|
|
|
remotenames[0] = algolist;
|
|
|
|
remotecount = 1;
|
|
|
|
for (i = 0; i < len; i++) {
|
|
|
|
if (algolist[i] == '\0') {
|
|
|
|
/* someone is trying something strange */
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
if (algolist[i] == ',') {
|
|
|
|
algolist[i] = '\0';
|
|
|
|
remotenames[remotecount] = &algolist[i+1];
|
|
|
|
remotecount++;
|
|
|
|
}
|
|
|
|
if (remotecount >= MAX_PROPOSED_ALGO) {
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (kexguess2 && *kexguess2 == KEXGUESS2_LOOK) {
|
|
|
|
for (i = 0; i < remotecount; i++)
|
|
|
|
{
|
|
|
|
if (strcmp(remotenames[i], KEXGUESS2_ALGO_NAME) == 0) {
|
|
|
|
*kexguess2 = KEXGUESS2_YES;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (*kexguess2 == KEXGUESS2_LOOK) {
|
|
|
|
*kexguess2 = KEXGUESS2_NO;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
for (i = 0; localalgos[i].name != NULL; i++) {
|
|
|
|
if (localalgos[i].usable) {
|
|
|
|
localnames[i] = localalgos[i].name;
|
|
|
|
} else {
|
|
|
|
localnames[i] = NULL;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
localcount = i;
|
|
|
|
|
|
|
|
if (IS_DROPBEAR_SERVER) {
|
|
|
|
clinames = remotenames;
|
|
|
|
clicount = remotecount;
|
|
|
|
servnames = localnames;
|
|
|
|
servcount = localcount;
|
|
|
|
} else {
|
|
|
|
clinames = localnames;
|
|
|
|
clicount = localcount;
|
|
|
|
servnames = remotenames;
|
|
|
|
servcount = remotecount;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* iterate and find the first match */
|
|
|
|
for (i = 0; i < clicount; i++) {
|
|
|
|
for (j = 0; j < servcount; j++) {
|
|
|
|
if (!(servnames[j] && clinames[i])) {
|
|
|
|
/* unusable algos are NULL */
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
if (strcmp(servnames[j], clinames[i]) == 0) {
|
|
|
|
/* set if it was a good guess */
|
|
|
|
if (goodguess && kexguess2) {
|
|
|
|
if (*kexguess2 == KEXGUESS2_YES) {
|
|
|
|
if (i == 0) {
|
|
|
|
*goodguess = 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
} else {
|
|
|
|
if (i == 0 && j == 0) {
|
|
|
|
*goodguess = 1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
/* set the algo to return */
|
|
|
|
if (IS_DROPBEAR_SERVER) {
|
|
|
|
ret = &localalgos[j];
|
|
|
|
} else {
|
|
|
|
ret = &localalgos[i];
|
|
|
|
}
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
out:
|
|
|
|
m_free(algolist);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2019-06-09 20:44:26 +00:00
|
|
|
#if DROPBEAR_USER_ALGO_LIST
|
2014-12-10 21:56:49 +00:00
|
|
|
|
|
|
|
char *
|
2019-06-09 20:44:26 +00:00
|
|
|
algolist_string(const algo_type algos[])
|
2014-12-10 21:56:49 +00:00
|
|
|
{
|
|
|
|
char *ret_list;
|
|
|
|
buffer *b = buf_new(200);
|
|
|
|
buf_put_algolist(b, algos);
|
|
|
|
buf_setpos(b, b->len);
|
|
|
|
buf_putbyte(b, '\0');
|
|
|
|
buf_setpos(b, 4);
|
2019-06-09 20:44:26 +00:00
|
|
|
ret_list = m_strdup((const char *) buf_getptr(b, b->len - b->pos));
|
2014-12-10 21:56:49 +00:00
|
|
|
buf_free(b);
|
|
|
|
return ret_list;
|
|
|
|
}
|
|
|
|
|
|
|
|
static algo_type*
|
|
|
|
check_algo(const char* algo_name, algo_type *algos)
|
|
|
|
{
|
|
|
|
algo_type *a;
|
|
|
|
for (a = algos; a->name != NULL; a++)
|
|
|
|
{
|
|
|
|
if (strcmp(a->name, algo_name) == 0)
|
|
|
|
{
|
|
|
|
return a;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Checks a user provided comma-separated algorithm list for available
|
|
|
|
* options. Any that are not acceptable are removed in-place. Returns the
|
|
|
|
* number of valid algorithms. */
|
|
|
|
int
|
|
|
|
check_user_algos(const char* user_algo_list, algo_type * algos,
|
|
|
|
const char *algo_desc)
|
|
|
|
{
|
2019-06-09 20:44:26 +00:00
|
|
|
algo_type new_algos[MAX_PROPOSED_ALGO+1];
|
2014-12-10 21:56:49 +00:00
|
|
|
char *work_list = m_strdup(user_algo_list);
|
2019-06-09 20:44:26 +00:00
|
|
|
char *start = work_list;
|
2014-12-10 21:56:49 +00:00
|
|
|
char *c;
|
2019-06-09 20:44:26 +00:00
|
|
|
int n;
|
|
|
|
/* So we can iterate and look for null terminator */
|
|
|
|
memset(new_algos, 0x0, sizeof(new_algos));
|
|
|
|
for (c = work_list, n = 0; ; c++)
|
2014-12-10 21:56:49 +00:00
|
|
|
{
|
2019-06-09 20:44:26 +00:00
|
|
|
char oc = *c;
|
|
|
|
if (n >= MAX_PROPOSED_ALGO) {
|
|
|
|
dropbear_exit("Too many algorithms '%s'", user_algo_list);
|
|
|
|
}
|
|
|
|
if (*c == ',' || *c == '\0') {
|
|
|
|
algo_type *match_algo = NULL;
|
2014-12-10 21:56:49 +00:00
|
|
|
*c = '\0';
|
2019-06-09 20:44:26 +00:00
|
|
|
match_algo = check_algo(start, algos);
|
|
|
|
if (match_algo) {
|
|
|
|
if (check_algo(start, new_algos)) {
|
|
|
|
TRACE(("Skip repeated algorithm '%s'", start))
|
|
|
|
} else {
|
|
|
|
new_algos[n] = *match_algo;
|
|
|
|
n++;
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
dropbear_log(LOG_WARNING, "This Dropbear program does not support '%s' %s algorithm", start, algo_desc);
|
|
|
|
}
|
2014-12-10 21:56:49 +00:00
|
|
|
c++;
|
2019-06-09 20:44:26 +00:00
|
|
|
start = c;
|
|
|
|
}
|
|
|
|
if (oc == '\0') {
|
|
|
|
break;
|
2014-12-10 21:56:49 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
m_free(work_list);
|
2019-06-09 20:44:26 +00:00
|
|
|
/* n+1 to include a null terminator */
|
|
|
|
memcpy(algos, new_algos, sizeof(*new_algos) * (n+1));
|
|
|
|
return n;
|
2014-12-10 21:56:49 +00:00
|
|
|
}
|
2019-06-09 20:44:26 +00:00
|
|
|
#endif /* DROPBEAR_USER_ALGO_LIST */
|