search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
libsodium: Needed for Dnscrypto-proxy Release 1.3.0
[tomato.git] / release / src / router / dropbear / common-algo.c
blobacc39642fb8a08cf16f82c4816f9f687c6c13c5b
1 /*
2 * Dropbear SSH
3 *
4 * Copyright (c) 2002,2003 Matt Johnston
5 * Copyright (c) 2004 by Mihnea Stoenescu
6 * All rights reserved.
7 *
8 * Permission is hereby granted, free of charge, to any person obtaining a copy
9 * of this software and associated documentation files (the "Software"), to deal
10 * in the Software without restriction, including without limitation the rights
11 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
12 * copies of the Software, and to permit persons to whom the Software is
13 * furnished to do so, subject to the following conditions:
14 *
15 * The above copyright notice and this permission notice shall be included in
16 * all copies or substantial portions of the Software.
17 *
18 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
19 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
20 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
21 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
22 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
23 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
24 * SOFTWARE. */
25
26 #include "algo.h"
27 #include "dbutil.h"
28
29 /* This file (algo.c) organises the ciphers which can be used, and is used to
30 * decide which ciphers/hashes/compression/signing to use during key exchange*/
31
32 static int void_cipher(const unsigned char* in, unsigned char* out,
33 unsigned long len, void *cipher_state) {
34 if (in != out) {
35 memmove(out, in, len);
36 }
37 return CRYPT_OK;
38 }
39
40 static int void_start(int cipher, const unsigned char *IV,
41 const unsigned char *key,
42 int keylen, int num_rounds, void *cipher_state) {
43 return CRYPT_OK;
44 }
45
46 /* Mappings for ciphers, parameters are
47 {&cipher_desc, keysize, blocksize} */
48 /* NOTE: if keysize > 2*SHA1_HASH_SIZE, code such as hashkeys()
49 needs revisiting */
50
51 #ifdef DROPBEAR_AES256
52 static const struct dropbear_cipher dropbear_aes256 =
53 {&aes_desc, 32, 16};
54 #endif
55 #ifdef DROPBEAR_AES128
56 static const struct dropbear_cipher dropbear_aes128 =
57 {&aes_desc, 16, 16};
58 #endif
59 #ifdef DROPBEAR_BLOWFISH
60 static const struct dropbear_cipher dropbear_blowfish =
61 {&blowfish_desc, 16, 8};
62 #endif
63 #ifdef DROPBEAR_TWOFISH256
64 static const struct dropbear_cipher dropbear_twofish256 =
65 {&twofish_desc, 32, 16};
66 #endif
67 #ifdef DROPBEAR_TWOFISH128
68 static const struct dropbear_cipher dropbear_twofish128 =
69 {&twofish_desc, 16, 16};
70 #endif
71 #ifdef DROPBEAR_3DES
72 static const struct dropbear_cipher dropbear_3des =
73 {&des3_desc, 24, 8};
74 #endif
75
76 /* used to indicate no encryption, as defined in rfc2410 */
77 const struct dropbear_cipher dropbear_nocipher =
78 {NULL, 16, 8};
79
80 /* A few void* s are required to silence warnings
81 * about the symmetric_CBC vs symmetric_CTR cipher_state pointer */
82 const struct dropbear_cipher_mode dropbear_mode_cbc =
83 {(void*)cbc_start, (void*)cbc_encrypt, (void*)cbc_decrypt};
84 const struct dropbear_cipher_mode dropbear_mode_none =
85 {void_start, void_cipher, void_cipher};
86 #ifdef DROPBEAR_ENABLE_CTR_MODE
87 /* a wrapper to make ctr_start and cbc_start look the same */
88 static int dropbear_big_endian_ctr_start(int cipher,
89 const unsigned char *IV,
90 const unsigned char *key, int keylen,
91 int num_rounds, symmetric_CTR *ctr) {
92 return ctr_start(cipher, IV, key, keylen, num_rounds, CTR_COUNTER_BIG_ENDIAN, ctr);
93 }
94 const struct dropbear_cipher_mode dropbear_mode_ctr =
95 {(void*)dropbear_big_endian_ctr_start, (void*)ctr_encrypt, (void*)ctr_decrypt};
96 #endif
97
98 /* Mapping of ssh hashes to libtomcrypt hashes, including keysize etc.
99 {&hash_desc, keysize, hashsize} */
100
101 #ifdef DROPBEAR_SHA1_HMAC
102 static const struct dropbear_hash dropbear_sha1 =
103 {&sha1_desc, 20, 20};
104 #endif
105 #ifdef DROPBEAR_SHA1_96_HMAC
106 static const struct dropbear_hash dropbear_sha1_96 =
107 {&sha1_desc, 20, 12};
108 #endif
109 #ifdef DROPBEAR_MD5_HMAC
110 static const struct dropbear_hash dropbear_md5 =
111 {&md5_desc, 16, 16};
112 #endif
113
114 const struct dropbear_hash dropbear_nohash =
115 {NULL, 16, 0}; /* used initially */
116
117
118 /* The following map ssh names to internal values.
119 * The ordering here is important for the client - the first mode
120 * that is also supported by the server will get used. */
121
122 algo_type sshciphers[] = {
123 #ifdef DROPBEAR_ENABLE_CTR_MODE
124 #ifdef DROPBEAR_AES128
125 {"aes128-ctr", 0, &dropbear_aes128, 1, &dropbear_mode_ctr},
126 #endif
127 #ifdef DROPBEAR_3DES
128 {"3des-ctr", 0, &dropbear_3des, 1, &dropbear_mode_ctr},
129 #endif
130 #ifdef DROPBEAR_AES256
131 {"aes256-ctr", 0, &dropbear_aes256, 1, &dropbear_mode_ctr},
132 #endif
133 #endif /* DROPBEAR_ENABLE_CTR_MODE */
134
135 /* CBC modes are always enabled */
136 #ifdef DROPBEAR_AES128
137 {"aes128-cbc", 0, &dropbear_aes128, 1, &dropbear_mode_cbc},
138 #endif
139 #ifdef DROPBEAR_3DES
140 {"3des-cbc", 0, &dropbear_3des, 1, &dropbear_mode_cbc},
141 #endif
142 #ifdef DROPBEAR_AES256
143 {"aes256-cbc", 0, &dropbear_aes256, 1, &dropbear_mode_cbc},
144 #endif
145 #ifdef DROPBEAR_TWOFISH256
146 {"twofish256-cbc", 0, &dropbear_twofish256, 1, &dropbear_mode_cbc},
147 {"twofish-cbc", 0, &dropbear_twofish256, 1, &dropbear_mode_cbc},
148 #endif
149 #ifdef DROPBEAR_TWOFISH128
150 {"twofish128-cbc", 0, &dropbear_twofish128, 1, &dropbear_mode_cbc},
151 #endif
152 #ifdef DROPBEAR_BLOWFISH
153 {"blowfish-cbc", 0, &dropbear_blowfish, 1, &dropbear_mode_cbc},
154 #endif
155 {NULL, 0, NULL, 0, NULL}
156 };
157
158 algo_type sshhashes[] = {
159 #ifdef DROPBEAR_SHA1_96_HMAC
160 {"hmac-sha1-96", 0, &dropbear_sha1_96, 1, NULL},
161 #endif
162 #ifdef DROPBEAR_SHA1_HMAC
163 {"hmac-sha1", 0, &dropbear_sha1, 1, NULL},
164 #endif
165 #ifdef DROPBEAR_MD5_HMAC
166 {"hmac-md5", 0, &dropbear_md5, 1, NULL},
167 #endif
168 {NULL, 0, NULL, 0, NULL}
169 };
170
171 #ifndef DISABLE_ZLIB
172 algo_type ssh_compress[] = {
173 {"zlib", DROPBEAR_COMP_ZLIB, NULL, 1, NULL},
174 {"zlib@openssh.com", DROPBEAR_COMP_ZLIB_DELAY, NULL, 1, NULL},
175 {"none", DROPBEAR_COMP_NONE, NULL, 1, NULL},
176 {NULL, 0, NULL, 0, NULL}
177 };
178 #endif
179
180 algo_type ssh_nocompress[] = {
181 {"none", DROPBEAR_COMP_NONE, NULL, 1, NULL},
182 {NULL, 0, NULL, 0, NULL}
183 };
184
185 algo_type sshhostkey[] = {
186 #ifdef DROPBEAR_RSA
187 {"ssh-rsa", DROPBEAR_SIGNKEY_RSA, NULL, 1, NULL},
188 #endif
189 #ifdef DROPBEAR_DSS
190 {"ssh-dss", DROPBEAR_SIGNKEY_DSS, NULL, 1, NULL},
191 #endif
192 {NULL, 0, NULL, 0, NULL}
193 };
194
195 algo_type sshkex[] = {
196 {"diffie-hellman-group1-sha1", DROPBEAR_KEX_DH_GROUP1, NULL, 1, NULL},
197 {"diffie-hellman-group14-sha1", DROPBEAR_KEX_DH_GROUP14, NULL, 1, NULL},
198 {NULL, 0, NULL, 0, NULL}
199 };
200
201
202 /* Register the compiled in ciphers.
203 * This should be run before using any of the ciphers/hashes */
204 void crypto_init() {
205
206 const struct ltc_cipher_descriptor *regciphers[] = {
207 #ifdef DROPBEAR_AES
208 &aes_desc,
209 #endif
210 #ifdef DROPBEAR_BLOWFISH
211 &blowfish_desc,
212 #endif
213 #ifdef DROPBEAR_TWOFISH
214 &twofish_desc,
215 #endif
216 #ifdef DROPBEAR_3DES
217 &des3_desc,
218 #endif
219 NULL
220 };
221
222 const struct ltc_hash_descriptor *reghashes[] = {
223 /* we need sha1 for hostkey stuff regardless */
224 &sha1_desc,
225 #ifdef DROPBEAR_MD5_HMAC
226 &md5_desc,
227 #endif
228 NULL
229 };
230 int i;
231
232 for (i = 0; regciphers[i] != NULL; i++) {
233 if (register_cipher(regciphers[i]) == -1) {
234 dropbear_exit("Error registering crypto");
235 }
236 }
237
238 for (i = 0; reghashes[i] != NULL; i++) {
239 if (register_hash(reghashes[i]) == -1) {
240 dropbear_exit("Error registering crypto");
241 }
242 }
243 }
244
245 /* algolen specifies the length of algo, algos is our local list to match
246 * against.
247 * Returns DROPBEAR_SUCCESS if we have a match for algo, DROPBEAR_FAILURE
248 * otherwise */
249 int have_algo(char* algo, size_t algolen, algo_type algos[]) {
250
251 int i;
252
253 for (i = 0; algos[i].name != NULL; i++) {
254 if (strlen(algos[i].name) == algolen
255 && (strncmp(algos[i].name, algo, algolen) == 0)) {
256 return DROPBEAR_SUCCESS;
257 }
258 }
259
260 return DROPBEAR_FAILURE;
261 }
262
263
264
265 /* Output a comma separated list of algorithms to a buffer */
266 void buf_put_algolist(buffer * buf, algo_type localalgos[]) {
267
268 unsigned int i, len;
269 unsigned int donefirst = 0;
270 buffer *algolist = NULL;
271
272 algolist = buf_new(160);
273 for (i = 0; localalgos[i].name != NULL; i++) {
274 if (localalgos[i].usable) {
275 if (donefirst)
276 buf_putbyte(algolist, ',');
277 donefirst = 1;
278 len = strlen(localalgos[i].name);
279 buf_putbytes(algolist, localalgos[i].name, len);
280 }
281 }
282 buf_putstring(buf, algolist->data, algolist->len);
283 buf_free(algolist);
284 }
Tomato firmware and modifications.