SSH algorithm negotiation. More...
#include "ssh/ssh.h"#include "ssh/ssh_algorithms.h"#include "ssh/ssh_kex_rsa.h"#include "ssh/ssh_kex_dh_gex.h"#include "ssh/ssh_misc.h"#include "debug.h"Go to the source code of this file.
Macros | |
| #define | TRACE_LEVEL SSH_TRACE_LEVEL |
Functions | |
| error_t | sshFormatKexAlgoList (SshConnection *connection, uint8_t *p, size_t *written) |
| Format the list of key exchange algorithms. More... | |
| error_t | sshFormatHostKeyAlgoList (SshContext *context, uint8_t *p, size_t *written) |
| Format the list of host key algorithms. More... | |
| error_t | sshFormatEncAlgoList (SshContext *context, uint8_t *p, size_t *written) |
| Format the list of encryption algorithms. More... | |
| error_t | sshFormatMacAlgoList (SshContext *context, uint8_t *p, size_t *written) |
| Format the list of integrity algorithms. More... | |
| error_t | sshFormatCompressionAlgoList (SshContext *context, uint8_t *p, size_t *written) |
| Format the list of compression algorithms. More... | |
| error_t | sshFormatPublicKeyAlgoList (SshContext *context, uint8_t *p, size_t *written) |
| Format the list of public key algorithms. More... | |
| const char_t * | sshSelectAlgo (SshContext *context, const SshNameList *peerAlgoList, const char_t *const *supportedAlgoList, uint_t supportedAlgoListLen) |
| Generic algorithm negotiation. More... | |
| const char_t * | sshSelectKexAlgo (SshConnection *connection, const SshNameList *peerAlgoList) |
| Key exchange algorithm negotiation. More... | |
| const char_t * | sshSelectHostKeyAlgo (SshContext *context, const SshNameList *peerAlgoList) |
| Host key algorithm negotiation. More... | |
| const char_t * | sshSelectEncAlgo (SshContext *context, const SshNameList *peerAlgoList) |
| Encryption algorithm negotiation. More... | |
| const char_t * | sshSelectMacAlgo (SshContext *context, const char_t *encAlgo, const SshNameList *peerAlgoList) |
| Integrity algorithm negotiation. More... | |
| const char_t * | sshSelectCompressionAlgo (SshContext *context, const SshNameList *peerAlgoList) |
| Compression algorithm negotiation. More... | |
| const char_t * | sshSelectPublicKeyAlgo (SshContext *context, const char_t *keyFormatId, const SshNameList *peerAlgoList) |
| Public key algorithm selection. More... | |
| const char_t * | sshGetKeyFormatId (const SshString *publicKeyAlgo) |
| Get the key format identifier used by a given public key algorithm. More... | |
| const char_t * | sshGetSignFormatId (const SshString *publicKeyAlgo) |
| Get the signature format identifier used by a given public key algorithm. More... | |
| bool_t | sshIsGuessCorrect (SshContext *context, const SshNameList *kexAlgoList, const SshNameList *hostKeyAlgoList) |
| Check whether the other party's guess is correct. More... | |
| bool_t | sshIsRsaKexAlgo (const char_t *kexAlgo) |
| Test if the specified algorithm is an RSA key exchange algorithm. More... | |
| bool_t | sshIsDhKexAlgo (const char_t *kexAlgo) |
| Test if the specified algorithm is a Diffie-Hellman key exchange algorithm. More... | |
| bool_t | sshIsDhGexKexAlgo (const char_t *kexAlgo) |
| Test if the specified algorithm is a DH GEX key exchange algorithm. More... | |
| bool_t | sshIsEcdhKexAlgo (const char_t *kexAlgo) |
| Test if the specified algorithm is an ECDH key exchange algorithm. More... | |
| bool_t | sshIsHybridKexAlgo (const char_t *kexAlgo) |
| Test if the specified algorithm is a PQ-hybrid key exchange algorithm. More... | |
| bool_t | sshIsCertPublicKeyAlgo (const SshString *publicKeyAlgo) |
| Test if the specified public key algorithm is using certificates. More... | |
| bool_t | sshIsX509CertPublicKeyAlgo (const SshString *publicKeyAlgo) |
| Test if the specified public key algorithm is using X.509 certificates. More... | |
Detailed Description
SSH algorithm negotiation.
License
SPDX-License-Identifier: GPL-2.0-or-later
Copyright (C) 2019-2024 Oryx Embedded SARL. All rights reserved.
This file is part of CycloneSSH Open.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- Version
- 2.4.0
Definition in file ssh_algorithms.c.
Macro Definition Documentation
◆ TRACE_LEVEL
| #define TRACE_LEVEL SSH_TRACE_LEVEL |
Definition at line 32 of file ssh_algorithms.c.
Function Documentation
◆ sshFormatCompressionAlgoList()
| error_t sshFormatCompressionAlgoList | ( | SshContext * | context, |
| uint8_t * | p, | ||
| size_t * | written | ||
| ) |
Format the list of compression algorithms.
- Parameters
-
[in] context Pointer to the SSH context [out] p Output stream where to write the name-list [out] written Total number of bytes that have been written
- Returns
- Error code
Definition at line 761 of file ssh_algorithms.c.
◆ sshFormatEncAlgoList()
| error_t sshFormatEncAlgoList | ( | SshContext * | context, |
| uint8_t * | p, | ||
| size_t * | written | ||
| ) |
Format the list of encryption algorithms.
- Parameters
-
[in] context Pointer to the SSH context [out] p Output stream where to write the name-list [out] written Total number of bytes that have been written
- Returns
- Error code
Definition at line 727 of file ssh_algorithms.c.
◆ sshFormatHostKeyAlgoList()
| error_t sshFormatHostKeyAlgoList | ( | SshContext * | context, |
| uint8_t * | p, | ||
| size_t * | written | ||
| ) |
Format the list of host key algorithms.
- Parameters
-
[in] context Pointer to the SSH context [out] p Output stream where to write the name-list [out] written Total number of bytes that have been written
- Returns
- Error code
Definition at line 671 of file ssh_algorithms.c.
◆ sshFormatKexAlgoList()
| error_t sshFormatKexAlgoList | ( | SshConnection * | connection, |
| uint8_t * | p, | ||
| size_t * | written | ||
| ) |
Format the list of key exchange algorithms.
- Parameters
-
[in] connection Pointer to the SSH connection [out] p Output stream where to write the name-list [out] written Total number of bytes that have been written
- Returns
- Error code
Definition at line 514 of file ssh_algorithms.c.
◆ sshFormatMacAlgoList()
| error_t sshFormatMacAlgoList | ( | SshContext * | context, |
| uint8_t * | p, | ||
| size_t * | written | ||
| ) |
Format the list of integrity algorithms.
- Parameters
-
[in] context Pointer to the SSH context [out] p Output stream where to write the name-list [out] written Total number of bytes that have been written
- Returns
- Error code
Definition at line 744 of file ssh_algorithms.c.
◆ sshFormatPublicKeyAlgoList()
| error_t sshFormatPublicKeyAlgoList | ( | SshContext * | context, |
| uint8_t * | p, | ||
| size_t * | written | ||
| ) |
Format the list of public key algorithms.
- Parameters
-
[in] context Pointer to the SSH context [out] p Output stream where to write the name-list [out] written Total number of bytes that have been written
- Returns
- Error code
Definition at line 779 of file ssh_algorithms.c.
◆ sshGetKeyFormatId()
Get the key format identifier used by a given public key algorithm.
- Parameters
-
[in] publicKeyAlgo Public key algorithm
- Returns
- Key format identifier
Definition at line 1326 of file ssh_algorithms.c.
◆ sshGetSignFormatId()
Get the signature format identifier used by a given public key algorithm.
- Parameters
-
[in] publicKeyAlgo Public key algorithm
- Returns
- Signature format identifier
Definition at line 1360 of file ssh_algorithms.c.
◆ sshIsCertPublicKeyAlgo()
Test if the specified public key algorithm is using certificates.
- Parameters
-
[in] publicKeyAlgo Public key algorithm name
- Returns
- TRUE if the public key algorithm is using certificates, else FALSE
Definition at line 1559 of file ssh_algorithms.c.
◆ sshIsDhGexKexAlgo()
Test if the specified algorithm is a DH GEX key exchange algorithm.
- Parameters
-
[in] kexAlgo Key exchange algorithm name
- Returns
- TRUE if DH GEX key exchange algorithm, else FALSE
Definition at line 1486 of file ssh_algorithms.c.
◆ sshIsDhKexAlgo()
Test if the specified algorithm is a Diffie-Hellman key exchange algorithm.
- Parameters
-
[in] kexAlgo Key exchange algorithm name
- Returns
- TRUE if Diffie-Hellman key exchange algorithm, else FALSE
Definition at line 1460 of file ssh_algorithms.c.
◆ sshIsEcdhKexAlgo()
Test if the specified algorithm is an ECDH key exchange algorithm.
- Parameters
-
[in] kexAlgo Key exchange algorithm name
- Returns
- TRUE if ECDH key exchange algorithm, else FALSE
Definition at line 1510 of file ssh_algorithms.c.
◆ sshIsGuessCorrect()
| bool_t sshIsGuessCorrect | ( | SshContext * | context, |
| const SshNameList * | kexAlgoList, | ||
| const SshNameList * | hostKeyAlgoList | ||
| ) |
Check whether the other party's guess is correct.
- Parameters
-
[in] context Pointer to the SSH context [in] kexAlgoList List of key exchange algorithms advertised by the other party [in] hostKeyAlgoList List of host key algorithms advertised by the other party
- Returns
- TRUE if the guess is correct else FALSE
Definition at line 1398 of file ssh_algorithms.c.
◆ sshIsHybridKexAlgo()
Test if the specified algorithm is a PQ-hybrid key exchange algorithm.
- Parameters
-
[in] kexAlgo Key exchange algorithm name
- Returns
- TRUE if PQ-hybrid key exchange algorithm, else FALSE
Definition at line 1535 of file ssh_algorithms.c.
◆ sshIsRsaKexAlgo()
Test if the specified algorithm is an RSA key exchange algorithm.
- Parameters
-
[in] kexAlgo Key exchange algorithm name
- Returns
- TRUE if RSA key exchange algorithm, else FALSE
Definition at line 1439 of file ssh_algorithms.c.
◆ sshIsX509CertPublicKeyAlgo()
Test if the specified public key algorithm is using X.509 certificates.
- Parameters
-
[in] publicKeyAlgo Public key algorithm name
- Returns
- TRUE if the public key algorithm is using X.509 certificates, else FALSE
Definition at line 1586 of file ssh_algorithms.c.
◆ sshSelectAlgo()
| const char_t* sshSelectAlgo | ( | SshContext * | context, |
| const SshNameList * | peerAlgoList, | ||
| const char_t *const * | supportedAlgoList, | ||
| uint_t | supportedAlgoListLen | ||
| ) |
Generic algorithm negotiation.
- Parameters
-
[in] context Pointer to the SSH context [in] peerAlgoList List of algorithms supported by the peer [in] supportedAlgoList List of algorithms supported by the entity [in] supportedAlgoListLen Number of items in the name list
- Returns
- Name of the selected algorithm, if any
Definition at line 829 of file ssh_algorithms.c.
◆ sshSelectCompressionAlgo()
| const char_t* sshSelectCompressionAlgo | ( | SshContext * | context, |
| const SshNameList * | peerAlgoList | ||
| ) |
Compression algorithm negotiation.
- Parameters
-
[in] context Pointer to the SSH context [in] peerAlgoList List of algorithms supported by the peer
- Returns
- Name of the selected algorithm, if any
Definition at line 1243 of file ssh_algorithms.c.
◆ sshSelectEncAlgo()
| const char_t* sshSelectEncAlgo | ( | SshContext * | context, |
| const SshNameList * | peerAlgoList | ||
| ) |
Encryption algorithm negotiation.
- Parameters
-
[in] context Pointer to the SSH context [in] peerAlgoList List of algorithms supported by the peer
- Returns
- Name of the selected algorithm, if any
Definition at line 1176 of file ssh_algorithms.c.
◆ sshSelectHostKeyAlgo()
| const char_t* sshSelectHostKeyAlgo | ( | SshContext * | context, |
| const SshNameList * | peerAlgoList | ||
| ) |
Host key algorithm negotiation.
- Parameters
-
[in] context Pointer to the SSH context [in] peerAlgoList List of algorithms supported by the peer
- Returns
- Name of the selected algorithm, if any
Definition at line 1084 of file ssh_algorithms.c.
◆ sshSelectKexAlgo()
| const char_t* sshSelectKexAlgo | ( | SshConnection * | connection, |
| const SshNameList * | peerAlgoList | ||
| ) |
Key exchange algorithm negotiation.
- Parameters
-
[in] connection Pointer to the SSH connection [in] peerAlgoList List of algorithms supported by the peer
- Returns
- Name of the selected algorithm, if any
Definition at line 908 of file ssh_algorithms.c.
◆ sshSelectMacAlgo()
| const char_t* sshSelectMacAlgo | ( | SshContext * | context, |
| const char_t * | encAlgo, | ||
| const SshNameList * | peerAlgoList | ||
| ) |
Integrity algorithm negotiation.
- Parameters
-
[in] context Pointer to the SSH context [in] encAlgo Selected encryption algorithm [in] peerAlgoList List of algorithms supported by the peer
- Returns
- Name of the selected algorithm, if any
Definition at line 1194 of file ssh_algorithms.c.
◆ sshSelectPublicKeyAlgo()
| const char_t* sshSelectPublicKeyAlgo | ( | SshContext * | context, |
| const char_t * | keyFormatId, | ||
| const SshNameList * | peerAlgoList | ||
| ) |
Public key algorithm selection.
- Parameters
-
[in] context Pointer to the SSH context [in] keyFormatId Key format identifier [in] peerAlgoList List of public key algorithms supported by the peer (optional parameter)
- Returns
- Name of the selected algorithm, if any
Definition at line 1262 of file ssh_algorithms.c.