Home
last modified time | relevance | path

Searched refs:kex (Results 1 – 25 of 52) sorted by relevance

123

/freebsd/crypto/openssh/
H A Dkexgexc.c61 struct kex *kex = ssh->kex; in kexgex_client() local
65 nbits = dh_estimate(kex->dh_need * 8); in kexgex_client()
67 kex->min = DH_GRP_MIN; in kexgex_client()
68 kex->max = DH_GRP_MAX; in kexgex_client()
69 kex->nbits = nbits; in kexgex_client()
71 kex->nbits = MINIMUM(kex->nbits, 4096); in kexgex_client()
74 (r = sshpkt_put_u32(ssh, kex->min)) != 0 || in kexgex_client()
75 (r = sshpkt_put_u32(ssh, kex->nbits)) != 0 || in kexgex_client()
76 (r = sshpkt_put_u32(ssh, kex->max)) != 0 || in kexgex_client()
80 kex->min, kex->nbits, kex->max); in kexgex_client()
[all …]
H A Dkex.c93 const char **defprop = ssh->kex->server ? defpropserver : defpropclient; in kex_proposal_populate_entries()
103 if ((cp = kex_names_cat(kexalgos, ssh->kex->server ? in kex_proposal_populate_entries()
237 if ((ssh->kex->flags & KEX_INITIAL) && ssh->kex->kex_strict) { in kex_protocol_error()
272 free(ssh->kex->server_sig_algs); in kex_set_server_sig_algs()
273 ssh->kex->server_sig_algs = NULL; in kex_set_server_sig_algs()
281 if (ssh->kex->server_sig_algs != NULL && in kex_set_server_sig_algs()
282 kex_has_any_alg(sigalg, ssh->kex->server_sig_algs)) in kex_set_server_sig_algs()
284 xextendf(&ssh->kex->server_sig_algs, ",", "%s", sigalg); in kex_set_server_sig_algs()
288 if (ssh->kex->server_sig_algs == NULL) in kex_set_server_sig_algs()
289 ssh->kex->server_sig_algs = xstrdup(""); in kex_set_server_sig_algs()
[all …]
H A Dkexgen.c101 struct kex *kex = ssh->kex; in kex_gen_client() local
104 switch (kex->kex_type) { in kex_gen_client()
111 r = kex_dh_keypair(kex); in kex_gen_client()
114 r = kex_ecdh_keypair(kex); in kex_gen_client()
118 r = kex_c25519_keypair(kex); in kex_gen_client()
121 r = kex_kem_sntrup761x25519_keypair(kex); in kex_gen_client()
124 r = kex_kem_mlkem768x25519_keypair(kex); in kex_gen_client()
133 (r = sshpkt_put_stringb(ssh, kex->client_pub)) != 0 || in kex_gen_client()
144 struct kex *kex = ssh->kex; in input_kex_gen_reply() local
178 switch (kex->kex_type) { in input_kex_gen_reply()
[all …]
H A Dkexgexs.c72 struct kex *kex = ssh->kex; in input_kex_dh_gex_request() local
85 kex->nbits = nbits; in input_kex_dh_gex_request()
86 kex->min = min; in input_kex_dh_gex_request()
87 kex->max = max; in input_kex_dh_gex_request()
93 if (kex->max < kex->min || kex->nbits < kex->min || in input_kex_dh_gex_request()
94 kex->max < kex->nbits || kex->max < DH_GRP_MIN) { in input_kex_dh_gex_request()
100 kex->dh = mm_choose_dh(min, nbits, max); in input_kex_dh_gex_request()
101 if (kex->dh == NULL) { in input_kex_dh_gex_request()
107 DH_get0_pqg(kex->dh, &dh_p, NULL, &dh_g); in input_kex_dh_gex_request()
115 if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0) in input_kex_dh_gex_request()
[all …]
H A Dkexdh.c46 kex_dh_keygen(struct kex *kex) in kex_dh_keygen() argument
48 switch (kex->kex_type) { in kex_dh_keygen()
50 kex->dh = dh_new_group1(); in kex_dh_keygen()
54 kex->dh = dh_new_group14(); in kex_dh_keygen()
57 kex->dh = dh_new_group16(); in kex_dh_keygen()
60 kex->dh = dh_new_group18(); in kex_dh_keygen()
65 if (kex->dh == NULL) in kex_dh_keygen()
67 return (dh_gen_key(kex->dh, kex->we_need * 8)); in kex_dh_keygen()
71 kex_dh_compute_key(struct kex *kex, BIGNUM *dh_pub, struct sshbuf *out) in kex_dh_compute_key() argument
83 DHparams_print_fp(stderr, kex->dh); in kex_dh_compute_key()
[all …]
H A Dssh_api.c121 ssh->kex->server = is_server; in ssh_init()
124 ssh->kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_server; in ssh_init()
125 ssh->kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_server; in ssh_init()
126 ssh->kex->kex[KEX_DH_GRP14_SHA256] = kex_gen_server; in ssh_init()
127 ssh->kex->kex[KEX_DH_GRP16_SHA512] = kex_gen_server; in ssh_init()
128 ssh->kex->kex[KEX_DH_GRP18_SHA512] = kex_gen_server; in ssh_init()
129 ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; in ssh_init()
130 ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; in ssh_init()
132 ssh->kex->kex[KEX_ECDH_SHA2] = kex_gen_server; in ssh_init()
135 ssh->kex->kex[KEX_C25519_SHA256] = kex_gen_server; in ssh_init()
[all …]
H A Dkexecdh.c45 kex_ecdh_dec_key_group(struct kex *, const struct sshbuf *, EC_KEY *key,
49 kex_ecdh_keypair(struct kex *kex) in kex_ecdh_keypair() argument
57 if ((client_key = EC_KEY_new_by_curve_name(kex->ec_nid)) == NULL) { in kex_ecdh_keypair()
79 kex->ec_client_key = client_key; in kex_ecdh_keypair()
80 kex->ec_group = group; in kex_ecdh_keypair()
82 kex->client_pub = buf; in kex_ecdh_keypair()
91 kex_ecdh_enc(struct kex *kex, const struct sshbuf *client_blob, in kex_ecdh_enc() argument
103 if ((server_key = EC_KEY_new_by_curve_name(kex->ec_nid)) == NULL) { in kex_ecdh_enc()
125 if ((r = kex_ecdh_dec_key_group(kex, client_blob, server_key, group, in kex_ecdh_enc()
137 kex_ecdh_dec_key_group(struct kex *kex, const struct sshbuf *ec_blob, in kex_ecdh_dec_key_group() argument
[all …]
H A Dkexsntrup761x25519.c47 kex_kem_sntrup761x25519_keypair(struct kex *kex) in kex_kem_sntrup761x25519_keypair() argument
59 crypto_kem_sntrup761_keypair(cp, kex->sntrup761_client_key); in kex_kem_sntrup761x25519_keypair()
65 kexc25519_keygen(kex->c25519_client_key, cp); in kex_kem_sntrup761x25519_keypair()
69 kex->client_pub = buf; in kex_kem_sntrup761x25519_keypair()
77 kex_kem_sntrup761x25519_enc(struct kex *kex, in kex_kem_sntrup761x25519_enc() argument
133 if ((r = ssh_digest_buffer(kex->hash_alg, buf, hash, sizeof(hash))) != 0) in kex_kem_sntrup761x25519_enc()
146 ssh_digest_bytes(kex->hash_alg))) != 0) in kex_kem_sntrup761x25519_enc()
164 kex_kem_sntrup761x25519_dec(struct kex *kex, in kex_kem_sntrup761x25519_dec() argument
197 kex->sntrup761_client_key); in kex_kem_sntrup761x25519_dec()
198 if ((r = kexc25519_shared_key_ext(kex->c25519_client_key, server_pub, in kex_kem_sntrup761x25519_dec()
[all …]
H A Dkex.h147 struct kex { struct
180 int (*kex[KEX_MAX])(struct ssh *); argument
209 struct kex *kex_new(void); argument
213 void kex_free(struct kex *);
236 int kex_dh_keypair(struct kex *);
237 int kex_dh_enc(struct kex *, const struct sshbuf *, struct sshbuf **,
239 int kex_dh_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
241 int kex_ecdh_keypair(struct kex *);
242 int kex_ecdh_enc(struct kex *, const struct sshbuf *, struct sshbuf **,
244 int kex_ecdh_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
[all …]
H A Dkexmlkem768x25519.c49 kex_kem_mlkem768x25519_keypair(struct kex *kex) in kex_kem_mlkem768x25519_keypair() argument
65 memcpy(kex->mlkem768_client_key, keypair.sk.value, in kex_kem_mlkem768x25519_keypair()
66 sizeof(kex->mlkem768_client_key)); in kex_kem_mlkem768x25519_keypair()
72 kexc25519_keygen(kex->c25519_client_key, cp); in kex_kem_mlkem768x25519_keypair()
78 kex->client_pub = buf; in kex_kem_mlkem768x25519_keypair()
88 kex_kem_mlkem768x25519_enc(struct kex *kex, in kex_kem_mlkem768x25519_enc() argument
152 if ((r = ssh_digest_buffer(kex->hash_alg, buf, hash, sizeof(hash))) != 0) in kex_kem_mlkem768x25519_enc()
165 ssh_digest_bytes(kex->hash_alg))) != 0) in kex_kem_mlkem768x25519_enc()
187 kex_kem_mlkem768x25519_dec(struct kex *kex, in kex_kem_mlkem768x25519_dec() argument
215 memcpy(mlkem_priv.value, kex->mlkem768_client_key, in kex_kem_mlkem768x25519_dec()
[all …]
H A Dsshd-auth.c635 pmonitor->m_pkex = &ssh->kex; in main()
799 struct kex *kex; in do_ssh2_kex() local
829 kex = ssh->kex; in do_ssh2_kex()
832 kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_server; in do_ssh2_kex()
833 kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_server; in do_ssh2_kex()
834 kex->kex[KEX_DH_GRP14_SHA256] = kex_gen_server; in do_ssh2_kex()
835 kex->kex[KEX_DH_GRP16_SHA512] = kex_gen_server; in do_ssh2_kex()
836 kex->kex[KEX_DH_GRP18_SHA512] = kex_gen_server; in do_ssh2_kex()
837 kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; in do_ssh2_kex()
838 kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; in do_ssh2_kex()
[all …]
H A Dkexc25519.c92 kex_c25519_keypair(struct kex *kex) in kex_c25519_keypair() argument
102 kexc25519_keygen(kex->c25519_client_key, cp); in kex_c25519_keypair()
106 kex->client_pub = buf; in kex_c25519_keypair()
114 kex_c25519_enc(struct kex *kex, const struct sshbuf *client_blob, in kex_c25519_enc() argument
166 kex_c25519_dec(struct kex *kex, const struct sshbuf *server_blob, in kex_c25519_dec() argument
188 if ((r = kexc25519_shared_key_ext(kex->c25519_client_key, server_pub, in kex_c25519_dec()
H A Dssh-keyscan.c280 c->c_ssh->kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_client; in keygrab_ssh2()
281 c->c_ssh->kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_client; in keygrab_ssh2()
282 c->c_ssh->kex->kex[KEX_DH_GRP14_SHA256] = kex_gen_client; in keygrab_ssh2()
283 c->c_ssh->kex->kex[KEX_DH_GRP16_SHA512] = kex_gen_client; in keygrab_ssh2()
284 c->c_ssh->kex->kex[KEX_DH_GRP18_SHA512] = kex_gen_client; in keygrab_ssh2()
285 c->c_ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; in keygrab_ssh2()
286 c->c_ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; in keygrab_ssh2()
288 c->c_ssh->kex->kex[KEX_ECDH_SHA2] = kex_gen_client; in keygrab_ssh2()
291 c->c_ssh->kex->kex[KEX_C25519_SHA256] = kex_gen_client; in keygrab_ssh2()
292 c->c_ssh->kex->kex[KEX_KEM_SNTRUP761X25519_SHA512] = kex_gen_client; in keygrab_ssh2()
[all …]
H A Dpacket.c240 (ssh->kex = kex_new()) == NULL || in ssh_alloc_session_state()
266 kex_free(ssh->kex); in ssh_alloc_session_state()
291 (ssh->kex != NULL && ssh->kex->done == 0); in ssh_packet_is_rekeying()
354 kex_free(ssh->kex); in ssh_packet_set_mux()
355 ssh->kex = NULL; in ssh_packet_set_mux()
748 kex_free(ssh->kex); in ssh_packet_close_internal()
749 ssh->kex = NULL; in ssh_packet_close_internal()
964 if (ssh->kex && ssh->kex->newkeys[mode]) { in ssh_clear_newkeys()
965 kex_free_newkeys(ssh->kex->newkeys[mode]); in ssh_clear_newkeys()
966 ssh->kex->newkeys[mode] = NULL; in ssh_clear_newkeys()
[all …]
H A Dmonitor.c654 (r = sshbuf_put_stringb(m, ssh->kex->server_version)) != 0 || in mm_answer_state()
655 (r = sshbuf_put_stringb(m, ssh->kex->client_version)) != 0 || in mm_answer_state()
1875 struct kex *kex; in monitor_apply_keystate() local
1883 if ((kex = ssh->kex) == NULL) in monitor_apply_keystate()
1885 if (session_id2_len != sshbuf_len(ssh->kex->session_id)) { in monitor_apply_keystate()
1887 sshbuf_len(ssh->kex->session_id), session_id2_len); in monitor_apply_keystate()
1889 if (memcmp(sshbuf_ptr(ssh->kex->session_id), session_id2, in monitor_apply_keystate()
1894 kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_server; in monitor_apply_keystate()
1895 kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_server; in monitor_apply_keystate()
1896 kex->kex[KEX_DH_GRP14_SHA256] = kex_gen_server; in monitor_apply_keystate()
[all …]
H A Dsshconnect2.c265 ssh->kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_client; in ssh_kex2()
266 ssh->kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_client; in ssh_kex2()
267 ssh->kex->kex[KEX_DH_GRP14_SHA256] = kex_gen_client; in ssh_kex2()
268 ssh->kex->kex[KEX_DH_GRP16_SHA512] = kex_gen_client; in ssh_kex2()
269 ssh->kex->kex[KEX_DH_GRP18_SHA512] = kex_gen_client; in ssh_kex2()
270 ssh->kex->kex[KEX_DH_GEX_SHA1] = kexgex_client; in ssh_kex2()
271 ssh->kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; in ssh_kex2()
273 ssh->kex->kex[KEX_ECDH_SHA2] = kex_gen_client; in ssh_kex2()
276 ssh->kex->kex[KEX_C25519_SHA256] = kex_gen_client; in ssh_kex2()
277 ssh->kex->kex[KEX_KEM_SNTRUP761X25519_SHA512] = kex_gen_client; in ssh_kex2()
[all …]
/freebsd/crypto/openssh/regress/unittests/kex/
H A Dtest_kex.c60 while (!server->kex->done || !client->kex->done) { in run_kex()
73 ASSERT_INT_EQ(server->kex->done, 1); in run_kex()
74 ASSERT_INT_EQ(client->kex->done, 1); in run_kex()
78 do_kex_with_key(char *kex, char *cipher, char *mac, in do_kex_with_key() argument
103 if (kex != NULL) in do_kex_with_key()
104 kex_params.proposal[PROPOSAL_KEX_ALGS] = kex; in do_kex_with_key()
156 ASSERT_PTR_NE(server2->kex, NULL); in do_kex_with_key()
159 server2->kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_server; in do_kex_with_key()
160 server2->kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_server; in do_kex_with_key()
161 server2->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; in do_kex_with_key()
[all …]
H A Dtest_proposal.c93 struct kex kex; in kex_proposal_populate_tests() local
100 ssh.kex = &kex; in kex_proposal_populate_tests()
103 kex.server = i; in kex_proposal_populate_tests()
/freebsd/crypto/openssh/regress/
H A Ddropbear-kex.sh12 kex="curve25519-sha256 curve25519-sha256@libssh.org"
13 if $SSH -Q kex | grep 'diffie-hellman-group14-sha256' >/dev/null; then
14 kex="$kex diffie-hellman-group14-sha256"
18 if $SSH -Q kex | grep 'diffie-hellman-group14-sha1' >/dev/null && \
20 kex="$kex diffie-hellman-group14-sha1"
23 for k in $kex; do
H A Dputty-kex.sh15 kex=""
16 for k in `$SSH -Q kex`; do
18 kex="${kex} ${k}"
24 for k in ${kex}; do
30 2>${OBJ}/log/putty-kex-$k.log
34 kexmsg=`grep -E '^Doing.* key exchange' ${OBJ}/log/putty-kex-$k.log`
H A Ddhgex.sh10 kexs=`${SSH} -Q kex | grep diffie-hellman-group-exchange`
16 kex="$1"; shift
19 echo "KexAlgorithms=$kex" >> $OBJ/sshd_proxy
22 opts="-oKexAlgorithms=$kex -oCiphers=$cipher"
26 verbose "$tid bits $bits $kex $cipher"
H A Dkeygen-moduli.sh7 for kex in `${SSH} -Q kex`; do
8 case $kex in
/freebsd/crypto/openssl/crypto/evp/
H A Dpmeth_lib.c144 && ctx->op.kex.algctx != NULL) in evp_pkey_ctx_state()
367 if (ctx->op.kex.algctx != NULL && ctx->op.kex.exchange != NULL) in evp_pkey_ctx_free_old_ops()
368 ctx->op.kex.exchange->freectx(ctx->op.kex.algctx); in evp_pkey_ctx_free_old_ops()
369 EVP_KEYEXCH_free(ctx->op.kex.exchange); in evp_pkey_ctx_free_old_ops()
370 ctx->op.kex.algctx = NULL; in evp_pkey_ctx_free_old_ops()
371 ctx->op.kex.exchange = NULL; in evp_pkey_ctx_free_old_ops()
489 if (pctx->op.kex.exchange != NULL) { in EVP_PKEY_CTX_dup()
490 rctx->op.kex.exchange = pctx->op.kex.exchange; in EVP_PKEY_CTX_dup()
491 if (!EVP_KEYEXCH_up_ref(rctx->op.kex.exchange)) in EVP_PKEY_CTX_dup()
494 if (pctx->op.kex.algctx != NULL) { in EVP_PKEY_CTX_dup()
[all …]
H A Dexchange.c339 ctx->op.kex.exchange = exchange; in EVP_PKEY_derive_init_ex()
342 ctx->op.kex.algctx = exchange->newctx(ossl_provider_ctx(exchange->prov)); in EVP_PKEY_derive_init_ex()
343 if (ctx->op.kex.algctx == NULL) { in EVP_PKEY_derive_init_ex()
348 ret = exchange->init(ctx->op.kex.algctx, provkey, params); in EVP_PKEY_derive_init_ex()
396 if (!EVP_PKEY_CTX_IS_DERIVE_OP(ctx) || ctx->op.kex.algctx == NULL) in EVP_PKEY_derive_set_peer_ex()
399 if (ctx->op.kex.exchange->set_peer == NULL) { in EVP_PKEY_derive_set_peer_ex()
424 … EVP_KEYEXCH_get0_provider(ctx->op.kex.exchange), in EVP_PKEY_derive_set_peer_ex()
440 ret = ctx->op.kex.exchange->set_peer(ctx->op.kex.algctx, provkey); in EVP_PKEY_derive_set_peer_ex()
528 if (ctx->op.kex.algctx == NULL) in EVP_PKEY_derive()
531 ret = ctx->op.kex.exchange->derive(ctx->op.kex.algctx, key, pkeylen, in EVP_PKEY_derive()
/freebsd/crypto/openssh/regress/misc/fuzz-harness/
H A Dkex_fuzz.cc98 while (!server->kex->done || !client->kex->done) { in run_kex()
175 const char *kex, int keytype) in do_kex_with_key() argument
197 debug_f("%s %s clobber client %zu", kex, keyname, in do_kex_with_key()
200 debug_f("%s %s clobber server %zu", kex, keyname, in do_kex_with_key()
203 debug_f("%s %s noclobber", kex, keyname); in do_kex_with_key()
213 else if (i == PROPOSAL_KEX_ALGS && kex != NULL) in do_kex_with_key()
214 ccp = kex; in do_kex_with_key()
394 do_kex(struct shared_state *st, struct test_state *ts, const char *kex) in do_kex() argument
396 do_kex_with_key(st, ts, kex, KEY_RSA); in do_kex()
397 do_kex_with_key(st, ts, kex, KEY_ECDSA); in do_kex()
[all …]

123