1 /* 2 * libwebsockets - small server side websockets and web server implementation 3 * 4 * Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com> 5 * 6 * Permission is hereby granted, free of charge, to any person obtaining a copy 7 * of this software and associated documentation files (the "Software"), to 8 * deal in the Software without restriction, including without limitation the 9 * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or 10 * sell copies of the Software, and to permit persons to whom the Software is 11 * furnished to do so, subject to the following conditions: 12 * 13 * The above copyright notice and this permission notice shall be included in 14 * all copies or substantial portions of the Software. 15 * 16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 19 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 21 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS 22 * IN THE SOFTWARE. 23 */ 24 25 #if !defined(__LWS_SSH_H__) 26 #define __LWS_SSH_H__ 27 28 #if defined(LWS_WITH_MBEDTLS) 29 #include "mbedtls/sha1.h" 30 #include "mbedtls/sha256.h" 31 #include "mbedtls/sha512.h" 32 #include "mbedtls/rsa.h" 33 #endif 34 35 #include "lws-plugin-ssh.h" 36 37 #define LWS_SIZE_EC25519 32 38 #define LWS_SIZE_EC25519_PUBKEY 32 39 #define LWS_SIZE_EC25519_PRIKEY 64 40 41 #define LWS_SIZE_SHA256 32 42 #define LWS_SIZE_SHA512 64 43 44 #define LWS_SIZE_AES256_KEY 32 45 #define LWS_SIZE_AES256_IV 12 46 #define LWS_SIZE_AES256_MAC 16 47 #define LWS_SIZE_AES256_BLOCK 16 48 49 #define LWS_SIZE_CHACHA256_KEY (2 * 32) 50 #define POLY1305_TAGLEN 16 51 #define POLY1305_KEYLEN 32 52 53 #define crypto_hash_sha512_BYTES 64U 54 55 #define PEEK_U64(p) \ 56 (((uint64_t)(((const uint8_t *)(p))[0]) << 56) | \ 57 ((uint64_t)(((const uint8_t *)(p))[1]) << 48) | \ 58 ((uint64_t)(((const uint8_t *)(p))[2]) << 40) | \ 59 ((uint64_t)(((const uint8_t *)(p))[3]) << 32) | \ 60 ((uint64_t)(((const uint8_t *)(p))[4]) << 24) | \ 61 ((uint64_t)(((const uint8_t *)(p))[5]) << 16) | \ 62 ((uint64_t)(((const uint8_t *)(p))[6]) << 8) | \ 63 (uint64_t)(((const uint8_t *)(p))[7])) 64 #define PEEK_U32(p) \ 65 (((uint32_t)(((const uint8_t *)(p))[0]) << 24) | \ 66 ((uint32_t)(((const uint8_t *)(p))[1]) << 16) | \ 67 ((uint32_t)(((const uint8_t *)(p))[2]) << 8) | \ 68 (uint32_t)(((const uint8_t *)(p))[3])) 69 #define PEEK_U16(p) \ 70 (((uint16_t)(((const uint8_t *)(p))[0]) << 8) | \ 71 (uint16_t)(((const uint8_t *)(p))[1])) 72 73 #define POKE_U64(p, v) \ 74 do { \ 75 const uint64_t __v = (v); \ 76 ((uint8_t *)(p))[0] = (__v >> 56) & 0xff; \ 77 ((uint8_t *)(p))[1] = (__v >> 48) & 0xff; \ 78 ((uint8_t *)(p))[2] = (__v >> 40) & 0xff; \ 79 ((uint8_t *)(p))[3] = (__v >> 32) & 0xff; \ 80 ((uint8_t *)(p))[4] = (__v >> 24) & 0xff; \ 81 ((uint8_t *)(p))[5] = (__v >> 16) & 0xff; \ 82 ((uint8_t *)(p))[6] = (__v >> 8) & 0xff; \ 83 ((uint8_t *)(p))[7] = __v & 0xff; \ 84 } while (0) 85 #define POKE_U32(p, v) \ 86 do { \ 87 const uint32_t __v = (v); \ 88 ((uint8_t *)(p))[0] = (__v >> 24) & 0xff; \ 89 ((uint8_t *)(p))[1] = (__v >> 16) & 0xff; \ 90 ((uint8_t *)(p))[2] = (__v >> 8) & 0xff; \ 91 ((uint8_t *)(p))[3] = __v & 0xff; \ 92 } while (0) 93 #define POKE_U16(p, v) \ 94 do { \ 95 const uint16_t __v = (v); \ 96 ((uint8_t *)(p))[0] = (__v >> 8) & 0xff; \ 97 ((uint8_t *)(p))[1] = __v & 0xff; \ 98 } while (0) 99 100 101 enum { 102 SSH_MSG_DISCONNECT = 1, 103 SSH_MSG_IGNORE = 2, 104 SSH_MSG_UNIMPLEMENTED = 3, 105 SSH_MSG_DEBUG = 4, 106 SSH_MSG_SERVICE_REQUEST = 5, 107 SSH_MSG_SERVICE_ACCEPT = 6, 108 SSH_MSG_KEXINIT = 20, 109 SSH_MSG_NEWKEYS = 21, 110 111 /* 30 .. 49: KEX messages specific to KEX protocol */ 112 SSH_MSG_KEX_ECDH_INIT = 30, 113 SSH_MSG_KEX_ECDH_REPLY = 31, 114 115 /* 50... userauth */ 116 117 SSH_MSG_USERAUTH_REQUEST = 50, 118 SSH_MSG_USERAUTH_FAILURE = 51, 119 SSH_MSG_USERAUTH_SUCCESS = 52, 120 SSH_MSG_USERAUTH_BANNER = 53, 121 122 /* 60... publickey */ 123 124 SSH_MSG_USERAUTH_PK_OK = 60, 125 126 /* 80... connection */ 127 128 SSH_MSG_GLOBAL_REQUEST = 80, 129 SSH_MSG_REQUEST_SUCCESS = 81, 130 SSH_MSG_REQUEST_FAILURE = 82, 131 132 SSH_MSG_CHANNEL_OPEN = 90, 133 SSH_MSG_CHANNEL_OPEN_CONFIRMATION = 91, 134 SSH_MSG_CHANNEL_OPEN_FAILURE = 92, 135 SSH_MSG_CHANNEL_WINDOW_ADJUST = 93, 136 SSH_MSG_CHANNEL_DATA = 94, 137 SSH_MSG_CHANNEL_EXTENDED_DATA = 95, 138 SSH_MSG_CHANNEL_EOF = 96, 139 SSH_MSG_CHANNEL_CLOSE = 97, 140 SSH_MSG_CHANNEL_REQUEST = 98, 141 SSH_MSG_CHANNEL_SUCCESS = 99, 142 SSH_MSG_CHANNEL_FAILURE = 100, 143 144 SSH_EXTENDED_DATA_STDERR = 1, 145 146 SSH_CH_TYPE_SESSION = 1, 147 SSH_CH_TYPE_SCP = 2, 148 SSH_CH_TYPE_SFTP = 3, 149 150 SSH_DISCONNECT_HOST_NOT_ALLOWED_TO_CONNECT = 1, 151 SSH_DISCONNECT_PROTOCOL_ERROR = 2, 152 SSH_DISCONNECT_KEY_EXCHANGE_FAILED = 3, 153 SSH_DISCONNECT_RESERVED = 4, 154 SSH_DISCONNECT_MAC_ERROR = 5, 155 SSH_DISCONNECT_COMPRESSION_ERROR = 6, 156 SSH_DISCONNECT_SERVICE_NOT_AVAILABLE = 7, 157 SSH_DISCONNECT_PROTOCOL_VERSION_NOT_SUPPORTED = 8, 158 SSH_DISCONNECT_HOST_KEY_NOT_VERIFIABLE = 9, 159 SSH_DISCONNECT_CONNECTION_LOST = 10, 160 SSH_DISCONNECT_BY_APPLICATION = 11, 161 SSH_DISCONNECT_TOO_MANY_CONNECTIONS = 12, 162 SSH_DISCONNECT_AUTH_CANCELLED_BY_USER = 13, 163 SSH_DISCONNECT_NO_MORE_AUTH_METHODS_AVAILABLE = 14, 164 SSH_DISCONNECT_ILLEGAL_USER_NAME = 15, 165 166 SSH_OPEN_ADMINISTRATIVELY_PROHIBITED = 1, 167 SSH_OPEN_CONNECT_FAILED = 2, 168 SSH_OPEN_UNKNOWN_CHANNEL_TYPE = 3, 169 SSH_OPEN_RESOURCE_SHORTAGE = 4, 170 171 KEX_STATE_EXPECTING_CLIENT_OFFER = 0, 172 KEX_STATE_REPLIED_TO_OFFER, 173 KEX_STATE_CRYPTO_INITIALIZED, 174 175 SSH_KEYIDX_IV = 0, 176 SSH_KEYIDX_ENC, 177 SSH_KEYIDX_INTEG, 178 179 /* things we may write on the connection */ 180 181 SSH_WT_NONE = 0, 182 SSH_WT_VERSION, 183 SSH_WT_OFFER, 184 SSH_WT_OFFER_REPLY, 185 SSH_WT_SEND_NEWKEYS, 186 SSH_WT_UA_ACCEPT, 187 SSH_WT_UA_FAILURE, 188 SSH_WT_UA_BANNER, 189 SSH_WT_UA_PK_OK, 190 SSH_WT_UA_SUCCESS, 191 SSH_WT_CH_OPEN_CONF, 192 SSH_WT_CH_FAILURE, 193 SSH_WT_CHRQ_SUCC, 194 SSH_WT_CHRQ_FAILURE, 195 SSH_WT_SCP_ACK_OKAY, 196 SSH_WT_SCP_ACK_ERROR, 197 SSH_WT_CH_CLOSE, 198 SSH_WT_CH_EOF, 199 SSH_WT_WINDOW_ADJUST, 200 SSH_WT_EXIT_STATUS, 201 202 /* RX parser states */ 203 204 SSH_INITIALIZE_TRANSIENT = 0, 205 SSHS_IDSTRING, 206 SSHS_IDSTRING_CR, 207 SSHS_MSG_LEN, 208 SSHS_MSG_PADDING, 209 SSHS_MSG_ID, 210 SSH_KEX_STATE_COOKIE, 211 SSH_KEX_NL_KEX_ALGS_LEN, 212 SSH_KEX_NL_KEX_ALGS, 213 SSH_KEX_NL_SHK_ALGS_LEN, 214 SSH_KEX_NL_SHK_ALGS, 215 SSH_KEX_NL_EACTS_ALGS_LEN, 216 SSH_KEX_NL_EACTS_ALGS, 217 SSH_KEX_NL_EASTC_ALGS_LEN, 218 SSH_KEX_NL_EASTC_ALGS, 219 SSH_KEX_NL_MACTS_ALGS_LEN, 220 SSH_KEX_NL_MACTS_ALGS, 221 SSH_KEX_NL_MASTC_ALGS_LEN, 222 SSH_KEX_NL_MASTC_ALGS, 223 SSH_KEX_NL_CACTS_ALGS_LEN, 224 SSH_KEX_NL_CACTS_ALGS, 225 SSH_KEX_NL_CASTC_ALGS_LEN, 226 SSH_KEX_NL_CASTC_ALGS, 227 SSH_KEX_NL_LCTS_ALGS_LEN, 228 SSH_KEX_NL_LCTS_ALGS, 229 SSH_KEX_NL_LSTC_ALGS_LEN, 230 SSH_KEX_NL_LSTC_ALGS, 231 SSH_KEX_FIRST_PKT, 232 SSH_KEX_RESERVED, 233 234 SSH_KEX_STATE_ECDH_KEYLEN, 235 SSH_KEX_STATE_ECDH_Q_C, 236 237 SSHS_MSG_EAT_PADDING, 238 SSH_KEX_STATE_SKIP, 239 240 SSHS_GET_STRING_LEN, 241 SSHS_GET_STRING, 242 SSHS_GET_STRING_LEN_ALLOC, 243 SSHS_GET_STRING_ALLOC, 244 SSHS_DO_SERVICE_REQUEST, 245 246 SSHS_DO_UAR_SVC, 247 SSHS_DO_UAR_PUBLICKEY, 248 SSHS_NVC_DO_UAR_CHECK_PUBLICKEY, 249 SSHS_DO_UAR_SIG_PRESENT, 250 SSHS_NVC_DO_UAR_ALG, 251 SSHS_NVC_DO_UAR_PUBKEY_BLOB, 252 SSHS_NVC_DO_UAR_SIG, 253 254 SSHS_GET_U32, 255 256 SSHS_NVC_CHOPEN_TYPE, 257 SSHS_NVC_CHOPEN_SENDER_CH, 258 SSHS_NVC_CHOPEN_WINSIZE, 259 SSHS_NVC_CHOPEN_PKTSIZE, 260 261 SSHS_NVC_CHRQ_RECIP, 262 SSHS_NVC_CHRQ_TYPE, 263 SSHS_CHRQ_WANT_REPLY, 264 SSHS_NVC_CHRQ_TERM, 265 SSHS_NVC_CHRQ_TW, 266 SSHS_NVC_CHRQ_TH, 267 SSHS_NVC_CHRQ_TWP, 268 SSHS_NVC_CHRQ_THP, 269 SSHS_NVC_CHRQ_MODES, 270 271 SSHS_NVC_CHRQ_ENV_NAME, 272 SSHS_NVC_CHRQ_ENV_VALUE, 273 274 SSHS_NVC_CHRQ_EXEC_CMD, 275 276 SSHS_NVC_CHRQ_SUBSYSTEM, 277 278 SSHS_NVC_CH_EOF, 279 SSHS_NVC_CH_CLOSE, 280 281 SSHS_NVC_CD_RECIP, 282 SSHS_NVC_CD_DATA, 283 SSHS_NVC_CD_DATA_ALLOC, 284 285 SSHS_NVC_WA_RECIP, 286 SSHS_NVC_WA_ADD, 287 288 SSHS_NVC_DISCONNECT_REASON, 289 SSHS_NVC_DISCONNECT_DESC, 290 SSHS_NVC_DISCONNECT_LANG, 291 292 SSHS_SCP_COLLECTSTR = 0, 293 SSHS_SCP_PAYLOADIN = 1, 294 295 296 /* from https://tools.ietf.org/html/draft-ietf-secsh-filexfer-13 */ 297 298 SECSH_FILEXFER_VERSION = 6, 299 300 /* sftp packet types */ 301 302 SSH_FXP_INIT = 1, 303 SSH_FXP_VERSION = 2, 304 SSH_FXP_OPEN = 3, 305 SSH_FXP_CLOSE = 4, 306 SSH_FXP_READ = 5, 307 SSH_FXP_WRITE = 6, 308 SSH_FXP_LSTAT = 7, 309 SSH_FXP_FSTAT = 8, 310 SSH_FXP_SETSTAT = 9, 311 SSH_FXP_FSETSTAT = 10, 312 SSH_FXP_OPENDIR = 11, 313 SSH_FXP_READDIR = 12, 314 SSH_FXP_REMOVE = 13, 315 SSH_FXP_MKDIR = 14, 316 SSH_FXP_RMDIR = 15, 317 SSH_FXP_REALPATH = 16, 318 SSH_FXP_STAT = 17, 319 SSH_FXP_RENAME = 18, 320 SSH_FXP_READLINK = 19, 321 SSH_FXP_LINK = 21, 322 SSH_FXP_BLOCK = 22, 323 SSH_FXP_UNBLOCK = 23, 324 SSH_FXP_STATUS = 101, 325 SSH_FXP_HANDLE = 102, 326 SSH_FXP_DATA = 103, 327 SSH_FXP_NAME = 104, 328 SSH_FXP_ATTRS = 105, 329 SSH_FXP_EXTENDED = 200, 330 SSH_FXP_EXTENDED_REPLY = 201, 331 332 /* sftp return codes */ 333 334 SSH_FX_OK = 0, 335 SSH_FX_EOF = 1, 336 SSH_FX_NO_SUCH_FILE = 2, 337 SSH_FX_PERMISSION_DENIED = 3, 338 SSH_FX_FAILURE = 4, 339 SSH_FX_BAD_MESSAGE = 5, 340 SSH_FX_NO_CONNECTION = 6, 341 SSH_FX_CONNECTION_LOST = 7, 342 SSH_FX_OP_UNSUPPORTED = 8, 343 SSH_FX_INVALID_HANDLE = 9, 344 SSH_FX_NO_SUCH_PATH = 10, 345 SSH_FX_FILE_ALREADY_EXISTS = 11, 346 SSH_FX_WRITE_PROTECT = 12, 347 SSH_FX_NO_MEDIA = 13, 348 SSH_FX_NO_SPACE_ON_FILESYSTEM = 14, 349 SSH_FX_QUOTA_EXCEEDED = 15, 350 SSH_FX_UNKNOWN_PRINCIPAL = 16, 351 SSH_FX_LOCK_CONFLICT = 17, 352 SSH_FX_DIR_NOT_EMPTY = 18, 353 SSH_FX_NOT_A_DIRECTORY = 19, 354 SSH_FX_INVALID_FILENAME = 20, 355 SSH_FX_LINK_LOOP = 21, 356 SSH_FX_CANNOT_DELETE = 22, 357 SSH_FX_INVALID_PARAMETER = 23, 358 SSH_FX_FILE_IS_A_DIRECTORY = 24, 359 SSH_FX_BYTE_RANGE_LOCK_CONFLICT = 25, 360 SSH_FX_BYTE_RANGE_LOCK_REFUSED = 26, 361 SSH_FX_DELETE_PENDING = 27, 362 SSH_FX_FILE_CORRUPT = 28, 363 SSH_FX_OWNER_INVALID = 29, 364 SSH_FX_GROUP_INVALID = 30, 365 SSH_FX_NO_MATCHING_BYTE_RANGE_LOCK = 31, 366 367 368 SSH_PENDING_TIMEOUT_CONNECT_TO_SUCCESSFUL_AUTH = 369 PENDING_TIMEOUT_USER_REASON_BASE + 0, 370 371 SSH_AUTH_STATE_NO_AUTH = 0, 372 SSH_AUTH_STATE_GAVE_AUTH_IGNORE_REQS = 1, 373 }; 374 375 #define LWS_SSH_INITIAL_WINDOW 16384 376 377 struct lws_ssh_userauth { 378 struct lws_genhash_ctx hash_ctx; 379 char *username; 380 char *service; 381 char *alg; 382 uint8_t *pubkey; 383 uint32_t pubkey_len; 384 uint8_t *sig; 385 uint32_t sig_len; 386 char sig_present; 387 }; 388 389 struct lws_ssh_keys { 390 /* 3 == SSH_KEYIDX_IV (len=4), SSH_KEYIDX_ENC, SSH_KEYIDX_INTEG */ 391 uint8_t key[3][LWS_SIZE_CHACHA256_KEY]; 392 393 /* opaque allocation made when cipher activated */ 394 void *cipher; 395 396 uint8_t MAC_length; 397 uint8_t padding_alignment; /* block size */ 398 uint8_t valid:1; 399 uint8_t full_length:1; 400 }; 401 402 struct lws_kex { 403 uint8_t kex_r[256]; 404 uint8_t Q_C[LWS_SIZE_EC25519]; /* client eph public key aka 'e' */ 405 uint8_t eph_pri_key[LWS_SIZE_EC25519]; /* server eph private key */ 406 uint8_t Q_S[LWS_SIZE_EC25519]; /* server ephemeral public key */ 407 uint8_t kex_cookie[16]; 408 uint8_t *I_C; /* malloc'd copy of client KEXINIT payload */ 409 uint8_t *I_S; /* malloc'd copy of server KEXINIT payload */ 410 uint32_t I_C_payload_len; 411 uint32_t I_C_alloc_len; 412 uint32_t I_S_payload_len; 413 uint32_t kex_r_len; 414 uint8_t match_bitfield; 415 uint8_t newkeys; /* which sides newkeys have been applied */ 416 417 struct lws_ssh_keys keys_next_cts; 418 struct lws_ssh_keys keys_next_stc; 419 }; 420 421 struct lws_subprotocol_scp { 422 char fp[128]; 423 uint64_t len; 424 uint32_t attr; 425 char cmd; 426 char ips; 427 }; 428 429 typedef union { 430 struct lws_subprotocol_scp scp; 431 } lws_subprotocol; 432 433 struct per_session_data__sshd; 434 435 struct lws_ssh_channel { 436 struct lws_ssh_channel *next; 437 438 struct per_session_data__sshd *pss; 439 440 lws_subprotocol *sub; /* NULL, or allocated subprotocol state */ 441 void *priv; /* owned by user code */ 442 int type; 443 uint32_t server_ch; 444 uint32_t sender_ch; 445 int32_t window; 446 int32_t peer_window_est; 447 uint32_t max_pkt; 448 449 uint32_t spawn_pid; 450 int retcode; 451 452 uint8_t scheduled_close:1; 453 uint8_t sent_close:1; 454 uint8_t received_close:1; 455 }; 456 457 struct per_vhost_data__sshd; 458 459 struct per_session_data__sshd { 460 struct per_session_data__sshd *next; 461 struct per_vhost_data__sshd *vhd; 462 struct lws *wsi; 463 464 struct lws_kex *kex; 465 char *disconnect_desc; 466 467 uint8_t K[LWS_SIZE_EC25519]; /* shared secret */ 468 uint8_t session_id[LWS_SIZE_SHA256]; /* H from first working KEX */ 469 char name[64]; 470 char last_auth_req_username[32]; 471 char last_auth_req_service[32]; 472 473 struct lws_ssh_keys active_keys_cts; 474 struct lws_ssh_keys active_keys_stc; 475 struct lws_ssh_userauth *ua; 476 struct lws_ssh_channel *ch_list; 477 struct lws_ssh_channel *ch_temp; 478 479 uint8_t *last_alloc; 480 481 union { 482 struct lws_ssh_pty pty; 483 char aux[64]; 484 } args; 485 486 uint32_t ssh_sequence_ctr_cts; 487 uint32_t ssh_sequence_ctr_stc; 488 489 uint64_t payload_bytes_cts; 490 uint64_t payload_bytes_stc; 491 492 uint32_t disconnect_reason; 493 494 char V_C[64]; /* Client version String */ 495 uint8_t packet_assembly[2048]; 496 uint32_t pa_pos; 497 498 uint32_t msg_len; 499 uint32_t pos; 500 uint32_t len; 501 uint32_t ctr; 502 uint32_t npos; 503 uint32_t reason; 504 uint32_t channel_doing_spawn; 505 int next_ch_num; 506 507 uint8_t K_S[LWS_SIZE_EC25519]; /* server public key */ 508 509 uint32_t copy_to_I_C:1; 510 uint32_t okayed_userauth:1; 511 uint32_t sent_banner:1; 512 uint32_t seen_auth_req_before:1; 513 uint32_t serviced_stderr_last:1; 514 uint32_t kex_state; 515 uint32_t chrq_server_port; 516 uint32_t ch_recip; 517 uint32_t count_auth_attempts; 518 519 char parser_state; 520 char state_after_string; 521 char first_coming; 522 uint8_t rq_want_reply; 523 uint8_t ssh_auth_state; 524 525 uint8_t msg_id; 526 uint8_t msg_padding; 527 uint8_t write_task[8]; 528 struct lws_ssh_channel *write_channel[8]; 529 uint8_t wt_head, wt_tail; 530 }; 531 532 struct per_vhost_data__sshd { 533 struct lws_context *context; 534 struct lws_vhost *vhost; 535 const struct lws_protocols *protocol; 536 struct per_session_data__sshd *live_pss_list; 537 const struct lws_ssh_ops *ops; 538 }; 539 540 541 struct host_keys { 542 uint8_t *data; 543 uint32_t len; 544 }; 545 546 extern struct host_keys host_keys[]; 547 548 extern int 549 crypto_scalarmult_curve25519(unsigned char *q, const unsigned char *n, 550 const unsigned char *p); 551 552 extern int 553 ed25519_key_parse(uint8_t *p, size_t len, char *type, size_t type_len, 554 uint8_t *pub, uint8_t *pri); 555 556 extern int 557 kex_ecdh(struct per_session_data__sshd *pss, uint8_t *result, uint32_t *plen); 558 559 extern uint32_t 560 lws_g32(uint8_t **p); 561 562 extern uint32_t 563 lws_p32(uint8_t *p, uint32_t v); 564 565 extern int 566 lws_timingsafe_bcmp(const void *a, const void *b, uint32_t len); 567 568 extern const char *lws_V_S; 569 570 extern int 571 lws_chacha_activate(struct lws_ssh_keys *keys); 572 573 extern void 574 lws_chacha_destroy(struct lws_ssh_keys *keys); 575 576 extern uint32_t 577 lws_chachapoly_get_length(struct lws_ssh_keys *keys, uint32_t seq, 578 const uint8_t *in4); 579 580 extern void 581 poly1305_auth(u_char out[POLY1305_TAGLEN], const u_char *m, size_t inlen, 582 const u_char key[POLY1305_KEYLEN]); 583 584 extern int 585 lws_chacha_decrypt(struct lws_ssh_keys *keys, uint32_t seq, 586 const uint8_t *ct, uint32_t len, uint8_t *pt); 587 extern int 588 lws_chacha_encrypt(struct lws_ssh_keys *keys, uint32_t seq, 589 const uint8_t *ct, uint32_t len, uint8_t *pt); 590 591 extern void 592 lws_pad_set_length(struct per_session_data__sshd *pss, void *start, uint8_t **p, 593 struct lws_ssh_keys *keys); 594 595 extern size_t 596 get_gen_server_key_25519(struct per_session_data__sshd *pss, uint8_t *b, size_t len); 597 598 extern int 599 crypto_sign_ed25519(unsigned char *sm, unsigned long long *smlen, 600 const unsigned char *m, size_t mlen, 601 const unsigned char *sk); 602 603 extern int 604 crypto_sign_ed25519_keypair(struct lws_context *context, uint8_t *pk, 605 uint8_t *sk); 606 607 #endif 608