Home
last modified time | relevance | path

Searched refs:kex (Results 1 – 25 of 50) sorted by relevance

12

/freebsd/crypto/openssh/
H A Dkexgexc.c62 struct kex *kex = ssh->kex; in kexgex_client() local
66 nbits = dh_estimate(kex->dh_need * 8); in kexgex_client()
68 kex->min = DH_GRP_MIN; in kexgex_client()
69 kex->max = DH_GRP_MAX; in kexgex_client()
70 kex->nbits = nbits; in kexgex_client()
72 kex->nbits = MINIMUM(kex->nbits, 4096); in kexgex_client()
75 (r = sshpkt_put_u32(ssh, kex->min)) != 0 || in kexgex_client()
76 (r = sshpkt_put_u32(ssh, kex->nbits)) != 0 || in kexgex_client()
77 (r = sshpkt_put_u32(ssh, kex->max)) != 0 || in kexgex_client()
81 kex->min, kex->nbits, kex->max); in kexgex_client()
[all …]
H A Dkex.c97 const char **defprop = ssh->kex->server ? defpropserver : defpropclient; in kex_proposal_populate_entries()
107 if ((cp = kex_names_cat(kexalgos, ssh->kex->server ? in kex_proposal_populate_entries()
241 if ((ssh->kex->flags & KEX_INITIAL) && ssh->kex->kex_strict) { in kex_protocol_error()
276 free(ssh->kex->server_sig_algs); in kex_set_server_sig_algs()
277 ssh->kex->server_sig_algs = NULL; in kex_set_server_sig_algs()
285 if (ssh->kex->server_sig_algs != NULL && in kex_set_server_sig_algs()
286 kex_has_any_alg(sigalg, ssh->kex->server_sig_algs)) in kex_set_server_sig_algs()
288 xextendf(&ssh->kex->server_sig_algs, ",", "%s", sigalg); in kex_set_server_sig_algs()
292 if (ssh->kex->server_sig_algs == NULL) in kex_set_server_sig_algs()
293 ssh->kex->server_sig_algs = xstrdup(""); in kex_set_server_sig_algs()
[all …]
H A Dkexgen.c101 struct kex *kex = ssh->kex; in kex_gen_client() local
104 switch (kex->kex_type) { in kex_gen_client()
111 r = kex_dh_keypair(kex); in kex_gen_client()
114 r = kex_ecdh_keypair(kex); in kex_gen_client()
118 r = kex_c25519_keypair(kex); in kex_gen_client()
121 r = kex_kem_sntrup761x25519_keypair(kex); in kex_gen_client()
124 r = kex_kem_mlkem768x25519_keypair(kex); in kex_gen_client()
133 (r = sshpkt_put_stringb(ssh, kex->client_pub)) != 0 || in kex_gen_client()
144 struct kex *kex = ssh->kex; in input_kex_gen_reply() local
178 switch (kex->kex_type) { in input_kex_gen_reply()
[all …]
H A Dkexgexs.c73 struct kex *kex = ssh->kex; in input_kex_dh_gex_request() local
86 kex->nbits = nbits; in input_kex_dh_gex_request()
87 kex->min = min; in input_kex_dh_gex_request()
88 kex->max = max; in input_kex_dh_gex_request()
94 if (kex->max < kex->min || kex->nbits < kex->min || in input_kex_dh_gex_request()
95 kex->max < kex->nbits || kex->max < DH_GRP_MIN) { in input_kex_dh_gex_request()
101 kex->dh = mm_choose_dh(min, nbits, max); in input_kex_dh_gex_request()
102 if (kex->dh == NULL) { in input_kex_dh_gex_request()
108 DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g); in input_kex_dh_gex_request()
116 if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0) in input_kex_dh_gex_request()
[all …]
H A Dkexdh.c48 kex_dh_keygen(struct kex *kex) in kex_dh_keygen() argument
50 switch (kex->kex_type) { in kex_dh_keygen()
52 kex->dh = dh_new_group1(); in kex_dh_keygen()
56 kex->dh = dh_new_group14(); in kex_dh_keygen()
59 kex->dh = dh_new_group16(); in kex_dh_keygen()
62 kex->dh = dh_new_group18(); in kex_dh_keygen()
67 if (kex->dh == NULL) in kex_dh_keygen()
69 return (dh_gen_key(kex->dh, kex->we_need * 8)); in kex_dh_keygen()
73 kex_dh_compute_key(struct kex *kex, BIGNUM *dh_pub, struct sshbuf *out) in kex_dh_compute_key() argument
85 DHparams_print_fp(stderr, kex->dh); in kex_dh_compute_key()
[all …]
H A Dssh_api.c121 ssh->kex->server = is_server; in ssh_init()
124 ssh->kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_server; in ssh_init()
125 ssh->kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_server; in ssh_init()
126 ssh->kex->kex[KEX_DH_GRP14_SHA256] = kex_gen_server; in ssh_init()
127 ssh->kex->kex[KEX_DH_GRP16_SHA512] = kex_gen_server; in ssh_init()
128 ssh->kex->kex[KEX_DH_GRP18_SHA512] = kex_gen_server; in ssh_init()
129 ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; in ssh_init()
130 ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; in ssh_init()
132 ssh->kex->kex[KEX_ECDH_SHA2] = kex_gen_server; in ssh_init()
135 ssh->kex->kex[KEX_C25519_SHA256] = kex_gen_server; in ssh_init()
[all …]
H A Dkexecdh.c46 kex_ecdh_dec_key_group(struct kex *, const struct sshbuf *, EC_KEY *key,
50 kex_ecdh_keypair(struct kex *kex) in kex_ecdh_keypair() argument
58 if ((client_key = EC_KEY_new_by_curve_name(kex->ec_nid)) == NULL) { in kex_ecdh_keypair()
80 kex->ec_client_key = client_key; in kex_ecdh_keypair()
81 kex->ec_group = group; in kex_ecdh_keypair()
83 kex->client_pub = buf; in kex_ecdh_keypair()
92 kex_ecdh_enc(struct kex *kex, const struct sshbuf *client_blob, in kex_ecdh_enc() argument
104 if ((server_key = EC_KEY_new_by_curve_name(kex->ec_nid)) == NULL) { in kex_ecdh_enc()
126 if ((r = kex_ecdh_dec_key_group(kex, client_blob, server_key, group, in kex_ecdh_enc()
138 kex_ecdh_dec_key_group(struct kex *kex, const struct sshbuf *ec_blob, in kex_ecdh_dec_key_group() argument
[all …]
H A Dkexsntrup761x25519.c47 kex_kem_sntrup761x25519_keypair(struct kex *kex) in kex_kem_sntrup761x25519_keypair() argument
59 crypto_kem_sntrup761_keypair(cp, kex->sntrup761_client_key); in kex_kem_sntrup761x25519_keypair()
65 kexc25519_keygen(kex->c25519_client_key, cp); in kex_kem_sntrup761x25519_keypair()
69 kex->client_pub = buf; in kex_kem_sntrup761x25519_keypair()
77 kex_kem_sntrup761x25519_enc(struct kex *kex, in kex_kem_sntrup761x25519_enc() argument
133 if ((r = ssh_digest_buffer(kex->hash_alg, buf, hash, sizeof(hash))) != 0) in kex_kem_sntrup761x25519_enc()
146 ssh_digest_bytes(kex->hash_alg))) != 0) in kex_kem_sntrup761x25519_enc()
164 kex_kem_sntrup761x25519_dec(struct kex *kex, in kex_kem_sntrup761x25519_dec() argument
197 kex->sntrup761_client_key); in kex_kem_sntrup761x25519_dec()
198 if ((r = kexc25519_shared_key_ext(kex->c25519_client_key, server_pub, in kex_kem_sntrup761x25519_dec()
[all …]
H A Dkex.h142 struct kex { struct
175 int (*kex[KEX_MAX])(struct ssh *); argument
203 struct kex *kex_new(void); argument
207 void kex_free(struct kex *);
230 int kex_dh_keypair(struct kex *);
231 int kex_dh_enc(struct kex *, const struct sshbuf *, struct sshbuf **,
233 int kex_dh_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
235 int kex_ecdh_keypair(struct kex *);
236 int kex_ecdh_enc(struct kex *, const struct sshbuf *, struct sshbuf **,
238 int kex_ecdh_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
[all …]
H A Dkexmlkem768x25519.c53 kex_kem_mlkem768x25519_keypair(struct kex *kex) in kex_kem_mlkem768x25519_keypair() argument
69 memcpy(kex->mlkem768_client_key, keypair.sk.value, in kex_kem_mlkem768x25519_keypair()
70 sizeof(kex->mlkem768_client_key)); in kex_kem_mlkem768x25519_keypair()
76 kexc25519_keygen(kex->c25519_client_key, cp); in kex_kem_mlkem768x25519_keypair()
82 kex->client_pub = buf; in kex_kem_mlkem768x25519_keypair()
92 kex_kem_mlkem768x25519_enc(struct kex *kex, in kex_kem_mlkem768x25519_enc() argument
156 if ((r = ssh_digest_buffer(kex->hash_alg, buf, hash, sizeof(hash))) != 0) in kex_kem_mlkem768x25519_enc()
169 ssh_digest_bytes(kex->hash_alg))) != 0) in kex_kem_mlkem768x25519_enc()
191 kex_kem_mlkem768x25519_dec(struct kex *kex, in kex_kem_mlkem768x25519_dec() argument
219 memcpy(mlkem_priv.value, kex->mlkem768_client_key, in kex_kem_mlkem768x25519_dec()
[all …]
H A Dssh-keyscan.c293 c->c_ssh->kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_client; in keygrab_ssh2()
294 c->c_ssh->kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_client; in keygrab_ssh2()
295 c->c_ssh->kex->kex[KEX_DH_GRP14_SHA256] = kex_gen_client; in keygrab_ssh2()
296 c->c_ssh->kex->kex[KEX_DH_GRP16_SHA512] = kex_gen_client; in keygrab_ssh2()
297 c->c_ssh->kex->kex[KEX_DH_GRP18_SHA512] = kex_gen_client; in keygrab_ssh2()
298 c->c_ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; in keygrab_ssh2()
299 c->c_ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; in keygrab_ssh2()
301 c->c_ssh->kex->kex[KEX_ECDH_SHA2] = kex_gen_client; in keygrab_ssh2()
304 c->c_ssh->kex->kex[KEX_C25519_SHA256] = kex_gen_client; in keygrab_ssh2()
305 c->c_ssh->kex->kex[KEX_KEM_SNTRUP761X25519_SHA512] = kex_gen_client; in keygrab_ssh2()
[all …]
H A Dkexc25519.c92 kex_c25519_keypair(struct kex *kex) in kex_c25519_keypair() argument
102 kexc25519_keygen(kex->c25519_client_key, cp); in kex_c25519_keypair()
106 kex->client_pub = buf; in kex_c25519_keypair()
114 kex_c25519_enc(struct kex *kex, const struct sshbuf *client_blob, in kex_c25519_enc() argument
166 kex_c25519_dec(struct kex *kex, const struct sshbuf *server_blob, in kex_c25519_dec() argument
188 if ((r = kexc25519_shared_key_ext(kex->c25519_client_key, server_pub, in kex_c25519_dec()
H A Dpacket.c238 (ssh->kex = kex_new()) == NULL || in ssh_alloc_session_state()
262 kex_free(ssh->kex); in ssh_alloc_session_state()
287 (ssh->kex != NULL && ssh->kex->done == 0); in ssh_packet_is_rekeying()
350 kex_free(ssh->kex); in ssh_packet_set_mux()
351 ssh->kex = NULL; in ssh_packet_set_mux()
738 kex_free(ssh->kex); in ssh_packet_close_internal()
739 ssh->kex = NULL; in ssh_packet_close_internal()
947 if (ssh->kex && ssh->kex->newkeys[mode]) { in ssh_clear_newkeys()
948 kex_free_newkeys(ssh->kex->newkeys[mode]); in ssh_clear_newkeys()
949 ssh->kex->newkeys[mode] = NULL; in ssh_clear_newkeys()
[all …]
H A Dsshd-session.c334 pmonitor->m_pkex = &ssh->kex; in privsep_preauth()
1440 struct kex *kex; in do_ssh2_kex() local
1460 kex = ssh->kex; in do_ssh2_kex()
1463 kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_server; in do_ssh2_kex()
1464 kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_server; in do_ssh2_kex()
1465 kex->kex[KEX_DH_GRP14_SHA256] = kex_gen_server; in do_ssh2_kex()
1466 kex->kex[KEX_DH_GRP16_SHA512] = kex_gen_server; in do_ssh2_kex()
1467 kex->kex[KEX_DH_GRP18_SHA512] = kex_gen_server; in do_ssh2_kex()
1468 kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; in do_ssh2_kex()
1469 kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; in do_ssh2_kex()
[all …]
H A Dmonitor.c1744 struct kex *kex; in monitor_apply_keystate() local
1752 if ((kex = ssh->kex) == NULL) in monitor_apply_keystate()
1754 if (session_id2_len != sshbuf_len(ssh->kex->session_id)) { in monitor_apply_keystate()
1756 sshbuf_len(ssh->kex->session_id), session_id2_len); in monitor_apply_keystate()
1758 if (memcmp(sshbuf_ptr(ssh->kex->session_id), session_id2, in monitor_apply_keystate()
1763 kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_server; in monitor_apply_keystate()
1764 kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_server; in monitor_apply_keystate()
1765 kex->kex[KEX_DH_GRP14_SHA256] = kex_gen_server; in monitor_apply_keystate()
1766 kex->kex[KEX_DH_GRP16_SHA512] = kex_gen_server; in monitor_apply_keystate()
1767 kex->kex[KEX_DH_GRP18_SHA512] = kex_gen_server; in monitor_apply_keystate()
[all …]
H A Dsshconnect2.c264 ssh->kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_client; in ssh_kex2()
265 ssh->kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_client; in ssh_kex2()
266 ssh->kex->kex[KEX_DH_GRP14_SHA256] = kex_gen_client; in ssh_kex2()
267 ssh->kex->kex[KEX_DH_GRP16_SHA512] = kex_gen_client; in ssh_kex2()
268 ssh->kex->kex[KEX_DH_GRP18_SHA512] = kex_gen_client; in ssh_kex2()
269 ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; in ssh_kex2()
270 ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; in ssh_kex2()
272 ssh->kex->kex[KEX_ECDH_SHA2] = kex_gen_client; in ssh_kex2()
275 ssh->kex->kex[KEX_C25519_SHA256] = kex_gen_client; in ssh_kex2()
276 ssh->kex->kex[KEX_KEM_SNTRUP761X25519_SHA512] = kex_gen_client; in ssh_kex2()
[all …]
/freebsd/crypto/openssh/regress/unittests/kex/
H A Dtest_kex.c61 while (!server->kex->done || !client->kex->done) { in run_kex()
74 ASSERT_INT_EQ(server->kex->done, 1); in run_kex()
75 ASSERT_INT_EQ(client->kex->done, 1); in run_kex()
79 do_kex_with_key(char *kex, int keytype, int bits) in do_kex_with_key() argument
98 if (kex != NULL) in do_kex_with_key()
99 kex_params.proposal[PROPOSAL_KEX_ALGS] = kex; in do_kex_with_key()
143 ASSERT_PTR_NE(server2->kex, NULL); in do_kex_with_key()
146 server2->kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_server; in do_kex_with_key()
147 server2->kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_server; in do_kex_with_key()
148 server2->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; in do_kex_with_key()
[all …]
H A Dtest_proposal.c95 struct kex kex; in kex_proposal_populate_tests() local
102 ssh.kex = &kex; in kex_proposal_populate_tests()
105 kex.server = i; in kex_proposal_populate_tests()
/freebsd/crypto/openssh/regress/
H A Dputty-kex.sh15 kex=""
16 for k in `$SSH -Q kex`; do
18 kex="${kex} ${k}"
24 for k in ${kex}; do
30 2>${OBJ}/log/putty-kex-$k.log
34 kexmsg=`grep -E '^Doing.* key exchange' ${OBJ}/log/putty-kex-$k.log`
H A Ddropbear-kex.sh12 kex="curve25519-sha256 curve25519-sha256@libssh.org"
13 if $SSH -Q kex | grep 'diffie-hellman-group14-sha1'; then
14 kex="$kex diffie-hellman-group14-sha256 diffie-hellman-group14-sha1"
17 for k in $kex; do
H A Ddhgex.sh10 kexs=`${SSH} -Q kex | grep diffie-hellman-group-exchange`
16 kex="$1"; shift
19 echo "KexAlgorithms=$kex" >> $OBJ/sshd_proxy
22 opts="-oKexAlgorithms=$kex -oCiphers=$cipher"
26 verbose "$tid bits $bits $kex $cipher"
H A Dkeygen-moduli.sh7 for kex in `${SSH} -Q kex`; do
8 case $kex in
/freebsd/crypto/openssl/crypto/evp/
H A Dpmeth_lib.c166 && ctx->op.kex.algctx != NULL) in evp_pkey_ctx_state()
387 if (ctx->op.kex.algctx != NULL && ctx->op.kex.exchange != NULL) in evp_pkey_ctx_free_old_ops()
388 ctx->op.kex.exchange->freectx(ctx->op.kex.algctx); in evp_pkey_ctx_free_old_ops()
389 EVP_KEYEXCH_free(ctx->op.kex.exchange); in evp_pkey_ctx_free_old_ops()
390 ctx->op.kex.algctx = NULL; in evp_pkey_ctx_free_old_ops()
391 ctx->op.kex.exchange = NULL; in evp_pkey_ctx_free_old_ops()
505 if (pctx->op.kex.exchange != NULL) { in EVP_PKEY_CTX_dup()
506 rctx->op.kex.exchange = pctx->op.kex.exchange; in EVP_PKEY_CTX_dup()
507 if (!EVP_KEYEXCH_up_ref(rctx->op.kex.exchange)) in EVP_PKEY_CTX_dup()
510 if (pctx->op.kex.algctx != NULL) { in EVP_PKEY_CTX_dup()
[all …]
H A Dexchange.c335 ctx->op.kex.exchange = exchange; in EVP_PKEY_derive_init_ex()
336 ctx->op.kex.algctx = exchange->newctx(ossl_provider_ctx(exchange->prov)); in EVP_PKEY_derive_init_ex()
337 if (ctx->op.kex.algctx == NULL) { in EVP_PKEY_derive_init_ex()
342 ret = exchange->init(ctx->op.kex.algctx, provkey, params); in EVP_PKEY_derive_init_ex()
390 if (!EVP_PKEY_CTX_IS_DERIVE_OP(ctx) || ctx->op.kex.algctx == NULL) in EVP_PKEY_derive_set_peer_ex()
393 if (ctx->op.kex.exchange->set_peer == NULL) { in EVP_PKEY_derive_set_peer_ex()
419 EVP_KEYEXCH_get0_provider(ctx->op.kex.exchange), in EVP_PKEY_derive_set_peer_ex()
433 return ctx->op.kex.exchange->set_peer(ctx->op.kex.algctx, provkey); in EVP_PKEY_derive_set_peer_ex()
519 if (ctx->op.kex.algctx == NULL) in EVP_PKEY_derive()
522 ret = ctx->op.kex.exchange->derive(ctx->op.kex.algctx, key, pkeylen, in EVP_PKEY_derive()
/freebsd/crypto/openssh/regress/misc/fuzz-harness/
H A Dkex_fuzz.cc98 while (!server->kex->done || !client->kex->done) { in run_kex()
175 const char *kex, int keytype) in do_kex_with_key() argument
197 debug_f("%s %s clobber client %zu", kex, keyname, in do_kex_with_key()
200 debug_f("%s %s clobber server %zu", kex, keyname, in do_kex_with_key()
203 debug_f("%s %s noclobber", kex, keyname); in do_kex_with_key()
213 else if (i == PROPOSAL_KEX_ALGS && kex != NULL) in do_kex_with_key()
214 ccp = kex; in do_kex_with_key()
394 do_kex(struct shared_state *st, struct test_state *ts, const char *kex) in do_kex() argument
396 do_kex_with_key(st, ts, kex, KEY_RSA); in do_kex()
397 do_kex_with_key(st, ts, kex, KEY_ECDSA); in do_kex()
[all …]

12