ssh_server.h
Go to the documentation of this file.
1 /**
2  * @file ssh_server.h
3  * @brief SSH server
4  *
5  * @section License
6  *
7  * SPDX-License-Identifier: GPL-2.0-or-later
8  *
9  * Copyright (C) 2019-2024 Oryx Embedded SARL. All rights reserved.
10  *
11  * This file is part of CycloneSSH Open.
12  *
13  * This program is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU General Public License
15  * as published by the Free Software Foundation; either version 2
16  * of the License, or (at your option) any later version.
17  *
18  * This program is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21  * GNU General Public License for more details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with this program; if not, write to the Free Software Foundation,
25  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26  *
27  * @author Oryx Embedded SARL (www.oryx-embedded.com)
28  * @version 2.4.0
29  **/
30 
31 #ifndef _SSH_SERVER_H
32 #define _SSH_SERVER_H
33 
34 //Dependencies
35 #include "ssh/ssh.h"
36 
37 //Stack size required to run the SSH server
38 #ifndef SSH_SERVER_STACK_SIZE
39  #define SSH_SERVER_STACK_SIZE 750
40 #elif (SSH_SERVER_STACK_SIZE < 1)
41  #error SSH_SERVER_STACK_SIZE parameter is not valid
42 #endif
43 
44 //Priority at which the SSH server should run
45 #ifndef SSH_SERVER_PRIORITY
46  #define SSH_SERVER_PRIORITY OS_TASK_PRIORITY_NORMAL
47 #endif
48 
49 //Idle connection timeout
50 #ifndef SSH_SERVER_TIMEOUT
51  #define SSH_SERVER_TIMEOUT 60000
52 #elif (SSH_SERVER_TIMEOUT < 1000)
53  #error SSH_SERVER_TIMEOUT parameter is not valid
54 #endif
55 
56 //SSH server tick interval
57 #ifndef SSH_SERVER_TICK_INTERVAL
58  #define SSH_SERVER_TICK_INTERVAL 1000
59 #elif (SSH_SERVER_TICK_INTERVAL < 100)
60  #error SSH_SERVER_TICK_INTERVAL parameter is not valid
61 #endif
62 
63 //C++ guard
64 #ifdef __cplusplus
65 extern "C" {
66 #endif
67 
68 
69 /**
70  * @brief SSH server settings
71  **/
72 
73 typedef struct
74 {
75  OsTaskParameters task; ///<Task parameters
76  NetInterface *interface; ///<Underlying network interface
77  uint16_t port; ///<SSH port number
78  systime_t timeout; ///<Idle connection timeout
79  uint_t numConnections; ///<Maximum number of SSH connections
80  SshConnection *connections; ///<SSH connections
81  uint_t numChannels; ///<Maximum number of SSH channels
82  SshChannel *channels; ///<SSH channels
83  const PrngAlgo *prngAlgo; ///<Pseudo-random number generator to be used
84  void *prngContext; ///<Pseudo-random number generator context
85 #if (SSH_PUBLIC_KEY_AUTH_SUPPORT == ENABLED)
86  SshPublicKeyAuthCallback publicKeyAuthCallback; ///<Public key authentication callback
87 #endif
88 #if (SSH_PUBLIC_KEY_AUTH_SUPPORT == ENABLED && SSH_CERT_SUPPORT == ENABLED)
89  SshCertAuthCallback certAuthCallback; ///<Certificate authentication callback
90  SshCaPublicKeyVerifyCallback caPublicKeyVerifyCallback; ///<CA public key verification callback
91 #endif
92 #if (SSH_PASSWORD_AUTH_SUPPORT == ENABLED)
93  SshPasswordAuthCallback passwordAuthCallback; ///<Password authentication callback
94  SshPasswordChangeCallback passwordChangeCallback; ///<Password change callback
95 #endif
96 #if (SSH_SIGN_CALLBACK_SUPPORT == ENABLED)
97  SshSignGenCallback signGenCallback; ///<Signature generation callback
98  SshSignVerifyCallback signVerifyCallback; ///<Signature verification callback
99 #endif
100 #if (SSH_ECDH_CALLBACK_SUPPORT == ENABLED)
101  SshEcdhKeyPairGenCallback ecdhKeyPairGenCallback; ///<ECDH key pair generation callback
102  SshEcdhSharedSecretCalcCallback ecdhSharedSecretCalcCallback; ///<ECDH shared secret calculation callback
103 #endif
104 #if (SSH_KEY_LOG_SUPPORT == ENABLED)
105  SshKeyLogCallback keyLogCallback; ///<Key logging callback (for debugging purpose only)
106 #endif
107 } SshServerSettings;
108 
109 
110 /**
111  * @brief SSH server context
112  **/
113 
114 typedef struct
115 {
116  bool_t running; ///<Operational state of the SSH server
117  bool_t stop; ///<Stop request
118  OsTaskParameters taskParams; ///<Task parameters
119  OsTaskId taskId; ///<Task identifier
120  NetInterface *interface; ///<Underlying network interface
121  Socket *socket; ///<Listening socket
122  uint16_t port; ///<SSH port number
123  systime_t timeout; ///<Idle connection timeout
124  SshContext sshContext; ///<SSH context
125 } SshServerContext;
126 
127 
128 //SSH server related functions
129 void sshServerGetDefaultSettings(SshServerSettings *settings);
130 
131 error_t sshServerInit(SshServerContext *context,
132  const SshServerSettings *settings);
133 
134 error_t sshServerRegisterGlobalRequestCallback(SshServerContext *context,
135  SshGlobalReqCallback callback, void *param);
136 
137 error_t sshServerUnregisterGlobalRequestCallback(SshServerContext *context,
138  SshGlobalReqCallback callback);
139 
140 error_t sshServerRegisterChannelRequestCallback(SshServerContext *context,
141  SshChannelReqCallback callback, void *param);
142 
143 error_t sshServerUnregisterChannelRequestCallback(SshServerContext *context,
144  SshChannelReqCallback callback);
145 
146 error_t sshServerRegisterChannelOpenCallback(SshServerContext *context,
147  SshChannelOpenCallback callback, void *param);
148 
149 error_t sshServerUnregisterChannelOpenCallback(SshServerContext *context,
150  SshChannelOpenCallback callback);
151 
152 error_t sshServerRegisterConnectionOpenCallback(SshServerContext *context,
153  SshConnectionOpenCallback callback, void *param);
154 
155 error_t sshServerUnregisterConnectionOpenCallback(SshServerContext *context,
156  SshConnectionOpenCallback callback);
157 
158 error_t sshServerRegisterConnectionCloseCallback(SshServerContext *context,
159  SshConnectionCloseCallback callback, void *param);
160 
161 error_t sshServerUnregisterConnectionCloseCallback(SshServerContext *context,
162  SshConnectionCloseCallback callback);
163 
164 error_t sshServerLoadRsaKey(SshServerContext *context, uint_t index,
165  const char_t *publicKey, size_t publicKeyLen, const char_t *privateKey,
166  size_t privateKeyLen, const char_t *password);
167 
168 error_t sshServerUnloadRsaKey(SshServerContext *context, uint_t index);
169 
170 error_t sshServerLoadDhGexGroup(SshServerContext *context, uint_t index,
171  const char_t *dhParams, size_t dhParamsLen);
172 
173 error_t sshServerUnloadDhGexGroup(SshServerContext *context, uint_t index);
174 
175 error_t sshServerLoadHostKey(SshServerContext *context, uint_t index,
176  const char_t *publicKey, size_t publicKeyLen, const char_t *privateKey,
177  size_t privateKeyLen, const char_t *password);
178 
179 error_t sshServerUnloadHostKey(SshServerContext *context, uint_t index);
180 
181 error_t sshServerLoadCertificate(SshServerContext *context, uint_t index,
182  const char_t *cert, size_t certLen, const char_t *privateKey,
183  size_t privateKeyLen, const char_t *password);
184 
185 error_t sshServerUnloadCertificate(SshServerContext *context, uint_t index);
186 
187 error_t sshServerStart(SshServerContext *context);
188 error_t sshServerStop(SshServerContext *context);
189 
190 void sshServerTask(SshServerContext *context);
191 
192 void sshServerDeinit(SshServerContext *context);
193 
194 //C++ guard
195 #ifdef __cplusplus
196 }
197 #endif
198 
199 #endif
uint_t
unsigned int uint_t
Definition: compiler_port.h:50
char_t
char char_t
Definition: compiler_port.h:48
bool_t
int bool_t
Definition: compiler_port.h:53
PrngAlgo
#define PrngAlgo
Definition: crypto.h:917
error_t
error_t
Error codes.
Definition: error.h:43
NetInterface
#define NetInterface
Definition: net.h:36
systime_t
uint32_t systime_t
System time.
Definition: os_port_chibios.h:101
OsTaskId
thread_t * OsTaskId
Task identifier.
Definition: os_port_chibios.h:108
Socket
#define Socket
Definition: socket.h:36
ssh.h
Secure Shell (SSH)
SshPasswordAuthCallback
SshAuthStatus(* SshPasswordAuthCallback)(SshConnection *connection, const char_t *user, const char_t *password, size_t passwordLen)
Password authentication callback function.
Definition: ssh.h:1221
SshChannelOpenCallback
error_t(* SshChannelOpenCallback)(SshConnection *connection, const SshString *type, uint32_t senderChannel, uint32_t initialWindowSize, uint32_t maxPacketSize, const uint8_t *data, size_t length, void *param)
Channel open callback function.
Definition: ssh.h:1291
SshChannelReqCallback
error_t(* SshChannelReqCallback)(SshChannel *channel, const SshString *type, const uint8_t *data, size_t length, void *param)
Channel request callback function.
Definition: ssh.h:1283
SshConnectionOpenCallback
error_t(* SshConnectionOpenCallback)(SshConnection *connection, void *param)
Connection open callback function.
Definition: ssh.h:1300
SshConnectionCloseCallback
void(* SshConnectionCloseCallback)(SshConnection *connection, void *param)
Connection close callback function.
Definition: ssh.h:1308
SshSignVerifyCallback
error_t(* SshSignVerifyCallback)(SshConnection *connection, const SshString *publicKeyAlgo, const SshBinaryString *publicKeyBlob, const SshBinaryString *sessionId, const SshBinaryString *message, const SshBinaryString *signatureBlob)
Signature verification callback function.
Definition: ssh.h:1248
SshCaPublicKeyVerifyCallback
error_t(* SshCaPublicKeyVerifyCallback)(SshConnection *connection, const uint8_t *publicKey, size_t publicKeyLen)
CA public key verification callback function.
Definition: ssh.h:1197
SshGlobalReqCallback
error_t(* SshGlobalReqCallback)(SshConnection *connection, const SshString *name, const uint8_t *data, size_t length, void *param)
Global request callback function.
Definition: ssh.h:1275
SshKeyLogCallback
void(* SshKeyLogCallback)(SshConnection *connection, const char_t *key)
Key logging callback function (for debugging purpose only)
Definition: ssh.h:1316
SshChannel
#define SshChannel
Definition: ssh.h:887
SshEcdhKeyPairGenCallback
error_t(* SshEcdhKeyPairGenCallback)(SshConnection *connection, const char_t *kexAlgo, EcPublicKey *publicKey)
ECDH key pair generation callback.
Definition: ssh.h:1258
SshCertAuthCallback
error_t(* SshCertAuthCallback)(SshConnection *connection, const char_t *user, const SshCertificate *cert)
Certificate authentication callback function.
Definition: ssh.h:1213
SshSignGenCallback
error_t(* SshSignGenCallback)(SshConnection *connection, const char_t *publicKeyAlgo, const SshHostKey *hostKey, const SshBinaryString *sessionId, const SshBinaryString *message, uint8_t *p, size_t *written)
Signature generation callback function.
Definition: ssh.h:1238
SshPasswordChangeCallback
SshAuthStatus(* SshPasswordChangeCallback)(SshConnection *connection, const char_t *user, const char_t *oldPassword, size_t oldPasswordLen, const char_t *newPassword, size_t newPasswordLen)
Password change callback function.
Definition: ssh.h:1229
SshConnection
#define SshConnection
Definition: ssh.h:883
SshPublicKeyAuthCallback
error_t(* SshPublicKeyAuthCallback)(SshConnection *connection, const char_t *user, const uint8_t *publicKey, size_t publicKeyLen)
Public key authentication callback function.
Definition: ssh.h:1205
SshContext
#define SshContext
Definition: ssh.h:879
SshEcdhSharedSecretCalcCallback
error_t(* SshEcdhSharedSecretCalcCallback)(SshConnection *connection, const char_t *kexAlgo, const EcPublicKey *publicKey, uint8_t *output, size_t *outputLen)
ECDH shared secret calculation callback.
Definition: ssh.h:1266
sshServerRegisterChannelRequestCallback
error_t sshServerRegisterChannelRequestCallback(SshServerContext *context, SshChannelReqCallback callback, void *param)
Register channel request callback function.
Definition: ssh_server.c:360
sshServerStart
error_t sshServerStart(SshServerContext *context)
Start SSH server.
Definition: ssh_server.c:646
sshServerUnregisterGlobalRequestCallback
error_t sshServerUnregisterGlobalRequestCallback(SshServerContext *context, SshGlobalReqCallback callback)
Unregister global request callback function.
Definition: ssh_server.c:344
sshServerLoadRsaKey
error_t sshServerLoadRsaKey(SshServerContext *context, uint_t index, const char_t *publicKey, size_t publicKeyLen, const char_t *privateKey, size_t privateKeyLen, const char_t *password)
Load transient RSA key (for RSA key exchange)
Definition: ssh_server.c:495
sshServerUnloadRsaKey
error_t sshServerUnloadRsaKey(SshServerContext *context, uint_t index)
Unload transient RSA key (for RSA key exchange)
Definition: ssh_server.c:512
sshServerUnregisterChannelRequestCallback
error_t sshServerUnregisterChannelRequestCallback(SshServerContext *context, SshChannelReqCallback callback)
Unregister channel request callback function.
Definition: ssh_server.c:376
sshServerLoadHostKey
error_t sshServerLoadHostKey(SshServerContext *context, uint_t index, const char_t *publicKey, size_t publicKeyLen, const char_t *privateKey, size_t privateKeyLen, const char_t *password)
Load server's host key.
Definition: ssh_server.c:567
sshServerUnloadHostKey
error_t sshServerUnloadHostKey(SshServerContext *context, uint_t index)
Unload server's host key.
Definition: ssh_server.c:584
sshServerRegisterGlobalRequestCallback
error_t sshServerRegisterGlobalRequestCallback(SshServerContext *context, SshGlobalReqCallback callback, void *param)
Register global request callback function.
Definition: ssh_server.c:328
sshServerRegisterConnectionOpenCallback
error_t sshServerRegisterConnectionOpenCallback(SshServerContext *context, SshConnectionOpenCallback callback, void *param)
Register connection open callback function.
Definition: ssh_server.c:424
sshServerUnregisterConnectionOpenCallback
error_t sshServerUnregisterConnectionOpenCallback(SshServerContext *context, SshConnectionOpenCallback callback)
Unregister connection open callback function.
Definition: ssh_server.c:440
sshServerUnloadCertificate
error_t sshServerUnloadCertificate(SshServerContext *context, uint_t index)
Unload server's certificate.
Definition: ssh_server.c:628
sshServerRegisterChannelOpenCallback
error_t sshServerRegisterChannelOpenCallback(SshServerContext *context, SshChannelOpenCallback callback, void *param)
Register channel open callback function.
Definition: ssh_server.c:392
sshServerInit
error_t sshServerInit(SshServerContext *context, const SshServerSettings *settings)
Initialize SSH server context.
Definition: ssh_server.c:124
sshServerUnregisterChannelOpenCallback
error_t sshServerUnregisterChannelOpenCallback(SshServerContext *context, SshChannelOpenCallback callback)
Unregister channel open callback function.
Definition: ssh_server.c:408
sshServerStop
error_t sshServerStop(SshServerContext *context)
Stop SSH server.
Definition: ssh_server.c:741
sshServerDeinit
void sshServerDeinit(SshServerContext *context)
Release SSH server context.
Definition: ssh_server.c:898
sshServerTask
void sshServerTask(SshServerContext *context)
SSH server task.
Definition: ssh_server.c:792
sshServerLoadDhGexGroup
error_t sshServerLoadDhGexGroup(SshServerContext *context, uint_t index, const char_t *dhParams, size_t dhParamsLen)
Load Diffie-Hellman group.
Definition: ssh_server.c:529
sshServerUnloadDhGexGroup
error_t sshServerUnloadDhGexGroup(SshServerContext *context, uint_t index)
Unload Diffie-Hellman group.
Definition: ssh_server.c:545
sshServerGetDefaultSettings
void sshServerGetDefaultSettings(SshServerSettings *settings)
Initialize settings with default values.
Definition: ssh_server.c:50
sshServerLoadCertificate
error_t sshServerLoadCertificate(SshServerContext *context, uint_t index, const char_t *cert, size_t certLen, const char_t *privateKey, size_t privateKeyLen, const char_t *password)
Load server's certificate.
Definition: ssh_server.c:606
sshServerUnregisterConnectionCloseCallback
error_t sshServerUnregisterConnectionCloseCallback(SshServerContext *context, SshConnectionCloseCallback callback)
Unregister connection close callback function.
Definition: ssh_server.c:472
sshServerRegisterConnectionCloseCallback
error_t sshServerRegisterConnectionCloseCallback(SshServerContext *context, SshConnectionCloseCallback callback, void *param)
Register connection close callback function.
Definition: ssh_server.c:456
OsTaskParameters
Task parameters.
Definition: os_port_chibios.h:116
SshServerContext
SSH server context.
Definition: ssh_server.h:115
SshServerContext::stop
bool_t stop
Stop request.
Definition: ssh_server.h:117
SshServerContext::taskId
OsTaskId taskId
Task identifier.
Definition: ssh_server.h:119
SshServerContext::running
bool_t running
Operational state of the SSH server.
Definition: ssh_server.h:116
SshServerContext::port
uint16_t port
SSH port number.
Definition: ssh_server.h:122
SshServerContext::taskParams
OsTaskParameters taskParams
Task parameters.
Definition: ssh_server.h:118
SshServerContext::sshContext
SshContext sshContext
SSH context.
Definition: ssh_server.h:124
SshServerContext::timeout
systime_t timeout
Idle connection timeout.
Definition: ssh_server.h:123
SshServerContext::socket
Socket * socket
Listening socket.
Definition: ssh_server.h:121
SshServerContext::interface
NetInterface * interface
Underlying network interface.
Definition: ssh_server.h:120
SshServerSettings
SSH server settings.
Definition: ssh_server.h:74
SshServerSettings::ecdhSharedSecretCalcCallback
SshEcdhSharedSecretCalcCallback ecdhSharedSecretCalcCallback
ECDH shared secret calculation callback.
Definition: ssh_server.h:102
SshServerSettings::task
OsTaskParameters task
Task parameters.
Definition: ssh_server.h:75
SshServerSettings::passwordChangeCallback
SshPasswordChangeCallback passwordChangeCallback
Password change callback.
Definition: ssh_server.h:94
SshServerSettings::publicKeyAuthCallback
SshPublicKeyAuthCallback publicKeyAuthCallback
Public key authentication callback.
Definition: ssh_server.h:86
SshServerSettings::caPublicKeyVerifyCallback
SshCaPublicKeyVerifyCallback caPublicKeyVerifyCallback
CA public key verification callback.
Definition: ssh_server.h:90
SshServerSettings::connections
SshConnection * connections
SSH connections.
Definition: ssh_server.h:80
SshServerSettings::numConnections
uint_t numConnections
Maximum number of SSH connections.
Definition: ssh_server.h:79
SshServerSettings::prngAlgo
const PrngAlgo * prngAlgo
Pseudo-random number generator to be used.
Definition: ssh_server.h:83
SshServerSettings::certAuthCallback
SshCertAuthCallback certAuthCallback
Certificate authentication callback.
Definition: ssh_server.h:89
SshServerSettings::ecdhKeyPairGenCallback
SshEcdhKeyPairGenCallback ecdhKeyPairGenCallback
ECDH key pair generation callback.
Definition: ssh_server.h:101
SshServerSettings::port
uint16_t port
SSH port number.
Definition: ssh_server.h:77
SshServerSettings::passwordAuthCallback
SshPasswordAuthCallback passwordAuthCallback
Password authentication callback.
Definition: ssh_server.h:93
SshServerSettings::numChannels
uint_t numChannels
Maximum number of SSH channels.
Definition: ssh_server.h:81
SshServerSettings::timeout
systime_t timeout
Idle connection timeout.
Definition: ssh_server.h:78
SshServerSettings::channels
SshChannel * channels
SSH channels.
Definition: ssh_server.h:82
SshServerSettings::keyLogCallback
SshKeyLogCallback keyLogCallback
Key logging callback (for debugging purpose only)
Definition: ssh_server.h:105
SshServerSettings::signGenCallback
SshSignGenCallback signGenCallback
Signature generation callback.
Definition: ssh_server.h:97
SshServerSettings::interface
NetInterface * interface
Underlying network interface.
Definition: ssh_server.h:76
SshServerSettings::signVerifyCallback
SshSignVerifyCallback signVerifyCallback
Signature verification callback.
Definition: ssh_server.h:98
SshServerSettings::prngContext
void * prngContext
Pseudo-random number generator context.
Definition: ssh_server.h:84