kex: implement curve25519-sha256@libssh.org

2026-02-06 18:29:50 +09:00 · 2013-09-21 23:34:50 +02:00
parent 4eae4d592c
commit 4cb6afcbd4
9 changed files with 404 additions and 6 deletions
--- a/include/libssh/crypto.h
+++ b/include/libssh/crypto.h
@@ -44,6 +44,7 @@
 #endif
 #include "libssh/ecdh.h"
 #include "libssh/kex.h"
+#include "libssh/curve25519.h"

 enum ssh_key_exchange_e {
  /* diffie-hellman-group1-sha1 */
@@ -51,7 +52,9 @@ enum ssh_key_exchange_e {
  /* diffie-hellman-group14-sha1 */
  SSH_KEX_DH_GROUP14_SHA1,
  /* ecdh-sha2-nistp256 */
-  SSH_KEX_ECDH_SHA2_NISTP256
+  SSH_KEX_ECDH_SHA2_NISTP256,
+  /* curve25519-sha256@libssh.org */
+  SSH_KEX_CURVE25519_SHA256_LIBSSH_ORG
 };

 struct ssh_crypto_struct {
@@ -60,6 +63,11 @@ struct ssh_crypto_struct {
    EC_KEY *ecdh_privkey;
    ssh_string ecdh_client_pubkey;
    ssh_string ecdh_server_pubkey;
+#endif
+#ifdef HAVE_CURVE25519
+    ssh_curve25519_privkey curve25519_privkey;
+    ssh_curve25519_pubkey curve25519_client_pubkey;
+    ssh_curve25519_pubkey curve25519_server_pubkey;
 #endif
    ssh_string dh_server_signature; /* information used by dh_handshake. */
    size_t digest_len; /* len of all the fields below */
--- a/include/libssh/curve25519.h
+++ b/include/libssh/curve25519.h
@@ -0,0 +1,46 @@
+/*
+ * This file is part of the SSH Library
+ *
+ * Copyright (c) 2013 by Aris Adamantiadis <aris@badcode.be>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation,
+ * version 2.1 of the License.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
+#ifndef CURVE25519_H_
+#define CURVE25519_H_
+
+#include "config.h"
+#include "libssh.h"
+
+#ifdef WITH_NACL
+
+#define HAVE_CURVE25519
+#include <nacl/crypto_scalarmult_curve25519.h>
+#define CURVE25519_PUBKEY_SIZE crypto_scalarmult_curve25519_BYTES
+#define CURVE25519_PRIVKEY_SIZE crypto_scalarmult_curve25519_SCALARBYTES
+
+typedef unsigned char ssh_curve25519_pubkey[CURVE25519_PUBKEY_SIZE];
+typedef unsigned char ssh_curve25519_privkey[CURVE25519_PRIVKEY_SIZE];
+
+#endif /* WITH_NACL */
+
+int ssh_client_curve25519_init(ssh_session session);
+int ssh_client_curve25519_reply(ssh_session session, ssh_buffer packet);
+
+#ifdef WITH_SERVER
+int ssh_server_curve25519_init(ssh_session session, ssh_buffer packet);
+#endif /* WITH_SERVER */
+
+#endif /* CURVE25519_H_ */