jmg
/
ggate
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 2 Wiki Activity
geom_gate userland utility improvements
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
149 Commits
3 Branches
1.1 MiB
 
 
 
 
Tree: fb496005f8
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'fb496005f8'
${ noResults }
ggate/libssh2/docs/HACKING.CRYPTO

902 lines
36 KiB
Raw Blame History 

  1. 	Definitions needed to implement a specific crypto library

  2. 

  3. This document offers some hints about implementing a new crypto library

  4. interface.

  5. 

  6. A crypto library interface consists of at least a header file, defining

  7. entities referenced from the libssh2 core modules.

  8. Real code implementation (if needed), is left at the implementor's choice.

  9. 

  10. This document lists the entities that must/may be defined in the header file.

  11. 

  12. Procedures listed as "void" may indeed have a result type: the void indication

  13. indicates the libssh2 core modules never use the function result.

  14. 

  15. 

  16. 0) Build system.

  17. 

  18. Adding a crypto backend to the autotools build system (./configure) is easy:

  19. 

  20. 0.1) Add one new line in configure.ac

  21. 

  22. m4_set_add([crypto_backends], [newname])

  23. 

  24. This automatically creates a --with-crypto=newname option.

  25. 

  26. 0.2) Add an m4_case stanza to LIBSSH2_CRYPTO_CHECK in acinclude.m4

  27. 

  28. This must check for all required libraries, and if found set and AC_SUBST a

  29. variable with the library linking flags. The recommended method is to use

  30. LIBSSH2_LIB_HAVE_LINKFLAGS from LIBSSH2_CRYPTO_CHECK, which automatically

  31. creates and handles a --with-$newname-prefix option and sets an

  32. LTLIBNEWNAME variable on success.

  33. 

  34. 0.3) Create Makefile.newname.inc in the top-level directory

  35. 

  36. This must set CRYPTO_CSOURCES, CRYPTO_HHEADERS and CRYPTO_LTLIBS.

  37. Set CRYPTO_CSOURCES and CRYPTO_HHEADERS to the new backend source files

  38. and set CRYPTO_LTLIBS to the required library linking parameters, e.g.

  39. $(LTLIBNEWNAME) as generated by by LIBSSH2_LIB_HAVE_LINKFLAGS.

  40. 

  41. 0.4) Add a new block in src/Makefile.am

  42. 

  43. if NEWNAME

  44. include ../Makefile.newname.inc

  45. endif

  46. 

  47. 

  48. 1) Crypto library initialization/termination.

  49. 

  50. void libssh2_crypto_init(void);

  51. Initializes the crypto library. May be an empty macro if not needed.

  52. 

  53. void libssh2_crypto_exit(void);

  54. Terminates the crypto library use. May be an empty macro if not needed.

  55. 

  56. 

  57. 2) HMAC

  58. 

  59. libssh2_hmac_ctx

  60. Type of an HMAC computation context. Generally a struct.

  61. Used for all hash algorithms.

  62. 

  63. void libssh2_hmac_ctx_init(libssh2_hmac_ctx ctx);

  64. Initializes the HMAC computation context ctx.

  65. Called before setting-up the hash algorithm.

  66. Note: if the ctx parameter is modified by the underlying code,

  67. this procedure must be implemented as a macro to map ctx --> &ctx.

  68. 

  69. void libssh2_hmac_update(libssh2_hmac_ctx ctx,

  70. 	                 const unsigned char *data,

  71. 	                 int datalen);

  72. Continue computation of an HMAC on datalen bytes at data using context ctx.

  73. Note: if the ctx parameter is modified by the underlying code,

  74. this procedure must be implemented as a macro to map ctx --> &ctx.

  75. 

  76. void libssh2_hmac_final(libssh2_hmac_ctx ctx,

  77. 	                unsigned char output[]);

  78. Get the computed HMAC from context ctx into the output buffer. The

  79. minimum data buffer size depends on the HMAC hash algorithm.

  80. Note: if the ctx parameter is modified by the underlying code,

  81. this procedure must be implemented as a macro to map ctx --> &ctx.

  82. 

  83. void libssh2_hmac_cleanup(libssh2_hmac_ctx *ctx);

  84. Releases the HMAC computation context at ctx.

  85. 

  86. 

  87. 3) Hash algorithms.

  88. 

  89. 3.1) SHA-1

  90. Must always be implemented.

  91. 

  92. SHA_DIGEST_LENGTH

  93. #define to 20, the SHA-1 digest length.

  94. 

  95. libssh2_sha1_ctx

  96. Type of an SHA-1 computation context. Generally a struct.

  97. 

  98. int libssh2_sha1_init(libssh2_sha1_ctx *x);

  99. Initializes the SHA-1 computation context at x.

  100. Returns 1 for success and 0 for failure

  101. 

  102. void libssh2_sha1_update(libssh2_sha1_ctx ctx,

  103. 	                 const unsigned char *data,

  104. 	                 size_t len);

  105. Continue computation of SHA-1 on len bytes at data using context ctx.

  106. Note: if the ctx parameter is modified by the underlying code,

  107. this procedure must be implemented as a macro to map ctx --> &ctx.

  108. 

  109. void libssh2_sha1_final(libssh2_sha1_ctx ctx,

  110.                         unsigned char output[SHA_DIGEST_LEN]);

  111. Get the computed SHA-1 signature from context ctx and store it into the

  112. output buffer.

  113. Release the context.

  114. Note: if the ctx parameter is modified by the underlying code,

  115. this procedure must be implemented as a macro to map ctx --> &ctx.

  116. 

  117. void libssh2_hmac_sha1_init(libssh2_hmac_ctx *ctx,

  118. 	                    const void *key,

  119. 	                    int keylen);

  120. Setup the HMAC computation context ctx for an HMAC-SHA-1 computation using the

  121. keylen-byte key. Is invoked just after libssh2_hmac_ctx_init().

  122. 

  123. 3.2) SHA-256

  124. Must always be implemented.

  125. 

  126. SHA256_DIGEST_LENGTH

  127. #define to 32, the SHA-256 digest length.

  128. 

  129. libssh2_sha256_ctx

  130. Type of an SHA-256 computation context. Generally a struct.

  131. 

  132. int libssh2_sha256_init(libssh2_sha256_ctx *x);

  133. Initializes the SHA-256 computation context at x.

  134. Returns 1 for success and 0 for failure

  135. 

  136. void libssh2_sha256_update(libssh2_sha256_ctx ctx,

  137. 	                   const unsigned char *data,

  138. 	                   size_t len);

  139. Continue computation of SHA-256 on len bytes at data using context ctx.

  140. Note: if the ctx parameter is modified by the underlying code,

  141. this procedure must be implemented as a macro to map ctx --> &ctx.

  142. 

  143. void libssh2_sha256_final(libssh2_sha256_ctx ctx,

  144. 	                  unsigned char output[SHA256_DIGEST_LENGTH]);

  145. Gets the computed SHA-256 signature from context ctx into the output buffer.

  146. Release the context.

  147. Note: if the ctx parameter is modified by the underlying code,

  148. this procedure must be implemented as a macro to map ctx --> &ctx.

  149. 

  150. int libssh2_sha256(const unsigned char *message,

  151.                    unsigned long len,

  152.                    unsigned char output[SHA256_DIGEST_LENGTH]);

  153. Computes the SHA-256 signature over the given message of length len and

  154. store the result into the output buffer.

  155. Return 1 if error, else 0.

  156. Note: Seems unused in current code, but defined in each crypto library backend.

  157. 

  158. LIBSSH2_HMAC_SHA256

  159. #define as 1 if the crypto library supports HMAC-SHA-256, else 0.

  160. If defined as 0, the rest of this section can be omitted.

  161. 

  162. void libssh2_hmac_sha256_init(libssh2_hmac_ctx *ctx,

  163. 	                      const void *key,

  164. 	                      int keylen);

  165. Setup the HMAC computation context ctx for an HMAC-256 computation using the

  166. keylen-byte key. Is invoked just after libssh2_hmac_ctx_init().

  167. 

  168. 3.3) SHA-384

  169. Mandatory if ECDSA is implemented. Can be omitted otherwise.

  170. 

  171. SHA384_DIGEST_LENGTH

  172. #define to 48, the SHA-384 digest length.

  173. 

  174. libssh2_sha384_ctx

  175. Type of an SHA-384 computation context. Generally a struct.

  176. 

  177. int libssh2_sha384_init(libssh2_sha384_ctx *x);

  178. Initializes the SHA-384 computation context at x.

  179. Returns 1 for success and 0 for failure

  180. 

  181. void libssh2_sha384_update(libssh2_sha384_ctx ctx,

  182. 	                   const unsigned char *data,

  183. 	                   size_t len);

  184. Continue computation of SHA-384 on len bytes at data using context ctx.

  185. Note: if the ctx parameter is modified by the underlying code,

  186. this procedure must be implemented as a macro to map ctx --> &ctx.

  187. 

  188. void libssh2_sha384_final(libssh2_sha384_ctx ctx,

  189. 	                  unsigned char output[SHA384_DIGEST_LENGTH]);

  190. Gets the computed SHA-384 signature from context ctx into the output buffer.

  191. Release the context.

  192. Note: if the ctx parameter is modified by the underlying code,

  193. this procedure must be implemented as a macro to map ctx --> &ctx.

  194. 

  195. int libssh2_sha384(const unsigned char *message,

  196.                    unsigned long len,

  197.                    unsigned char output[SHA384_DIGEST_LENGTH]);

  198. Computes the SHA-384 signature over the given message of length len and

  199. store the result into the output buffer.

  200. Return 1 if error, else 0.

  201. 

  202. 3.4) SHA-512

  203. Must always be implemented.

  204. 

  205. SHA512_DIGEST_LENGTH

  206. #define to 64, the SHA-512 digest length.

  207. 

  208. libssh2_sha512_ctx

  209. Type of an SHA-512 computation context. Generally a struct.

  210. 

  211. int libssh2_sha512_init(libssh2_sha512_ctx *x);

  212. Initializes the SHA-512 computation context at x.

  213. Returns 1 for success and 0 for failure

  214. 

  215. void libssh2_sha512_update(libssh2_sha512_ctx ctx,

  216. 	                   const unsigned char *data,

  217. 	                   size_t len);

  218. Continue computation of SHA-512 on len bytes at data using context ctx.

  219. Note: if the ctx parameter is modified by the underlying code,

  220. this procedure must be implemented as a macro to map ctx --> &ctx.

  221. 

  222. void libssh2_sha512_final(libssh2_sha512_ctx ctx,

  223. 	                  unsigned char output[SHA512_DIGEST_LENGTH]);

  224. Gets the computed SHA-512 signature from context ctx into the output buffer.

  225. Release the context.

  226. Note: if the ctx parameter is modified by the underlying code,

  227. this procedure must be implemented as a macro to map ctx --> &ctx.

  228. 

  229. int libssh2_sha512(const unsigned char *message,

  230.                    unsigned long len,

  231.                    unsigned char output[SHA512_DIGEST_LENGTH]);

  232. Computes the SHA-512 signature over the given message of length len and

  233. store the result into the output buffer.

  234. Return 1 if error, else 0.

  235. Note: Seems unused in current code, but defined in each crypto library backend.

  236. 

  237. LIBSSH2_HMAC_SHA512

  238. #define as 1 if the crypto library supports HMAC-SHA-512, else 0.

  239. If defined as 0, the rest of this section can be omitted.

  240. 

  241. void libssh2_hmac_sha512_init(libssh2_hmac_ctx *ctx,

  242. 	                      const void *key,

  243. 	                      int keylen);

  244. Setup the HMAC computation context ctx for an HMAC-512 computation using the

  245. keylen-byte key. Is invoked just after libssh2_hmac_ctx_init().

  246. 

  247. 3.5) MD5

  248. LIBSSH2_MD5

  249. #define to 1 if the crypto library supports MD5, else 0.

  250. If defined as 0, the rest of this section can be omitted.

  251. 

  252. MD5_DIGEST_LENGTH

  253. #define to 16, the MD5 digest length.

  254. 

  255. libssh2_md5_ctx

  256. Type of an MD5 computation context. Generally a struct.

  257. 

  258. int libssh2_md5_init(libssh2_md5_ctx *x);

  259. Initializes the MD5 computation context at x.

  260. Returns 1 for success and 0 for failure

  261. 

  262. void libssh2_md5_update(libssh2_md5_ctx ctx,

  263. 	                const unsigned char *data,

  264. 	                size_t len);

  265. Continues computation of MD5 on len bytes at data using context ctx.

  266. Returns 1 for success and 0 for failure.

  267. Note: if the ctx parameter is modified by the underlying code,

  268. this procedure must be implemented as a macro to map ctx --> &ctx.

  269. 

  270. void libssh2_md5_final(libssh2_md5_ctx ctx,

  271. 	               unsigned char output[MD5_DIGEST_LENGTH]);

  272. Gets the computed MD5 signature from context ctx into the output buffer.

  273. Release the context.

  274. Note: if the ctx parameter is modified by the underlying code,

  275. this procedure must be implemented as a macro to map ctx --> &ctx.

  276. 

  277. void libssh2_hmac_md5_init(libssh2_hmac_ctx *ctx,

  278. 	                   const void *key,

  279. 	                   int keylen);

  280. Setup the HMAC computation context ctx for an HMAC-MD5 computation using the

  281. keylen-byte key. Is invoked just after libssh2_hmac_ctx_init().

  282. 

  283. 3.6) RIPEMD-160

  284. LIBSSH2_HMAC_RIPEMD

  285. #define as 1 if the crypto library supports HMAC-RIPEMD-160, else 0.

  286. If defined as 0, the rest of this section can be omitted.

  287. 

  288. void libssh2_hmac_ripemd160_init(libssh2_hmac_ctx *ctx,

  289. 	                         const void *key,

  290. 	                         int keylen);

  291. Setup the HMAC computation context ctx for an HMAC-RIPEMD-160 computation using

  292. the keylen-byte key. Is invoked just after libssh2_hmac_ctx_init().

  293. Returns 1 for success and 0 for failure.

  294. 

  295. 

  296. 4) Bidirectional key ciphers.

  297. 

  298. _libssh2_cipher_ctx

  299. Type of a cipher computation context.

  300. 

  301. _libssh2_cipher_type(name);

  302. Macro defining name as storage identifying a cipher algorithm for

  303. the crypto library interface. No trailing semicolon.

  304. 

  305. int _libssh2_cipher_init(_libssh2_cipher_ctx *h,

  306.                          _libssh2_cipher_type(algo),

  307.                          unsigned char *iv,

  308.                          unsigned char *secret,

  309.                          int encrypt);

  310. Creates a cipher context for the given algorithm with the initialization vector

  311. iv and the secret key secret. Prepare for encryption or decryption depending on

  312. encrypt.

  313. Return 0 if OK, else -1.

  314. This procedure is already prototyped in crypto.h.

  315. 

  316. int _libssh2_cipher_crypt(_libssh2_cipher_ctx *ctx,

  317.                           _libssh2_cipher_type(algo),

  318.                           int encrypt,

  319.                           unsigned char *block,

  320.                           size_t blocksize);

  321. Encrypt or decrypt in-place data at (block, blocksize) using the given

  322. context and/or algorithm.

  323. Return 0 if OK, else -1.

  324. This procedure is already prototyped in crypto.h.

  325. 

  326. void _libssh2_cipher_dtor(_libssh2_cipher_ctx *ctx);

  327. Release cipher context at ctx.

  328. 

  329. 4.1) AES

  330. 4.1.1) AES in CBC block mode.

  331. LIBSSH2_AES

  332. #define as 1 if the crypto library supports AES in CBC mode, else 0.

  333. If defined as 0, the rest of this section can be omitted.

  334. 

  335. _libssh2_cipher_aes128

  336. AES-128-CBC algorithm identifier initializer.

  337. #define with constant value of type _libssh2_cipher_type().

  338. 

  339. _libssh2_cipher_aes192

  340. AES-192-CBC algorithm identifier initializer.

  341. #define with constant value of type _libssh2_cipher_type().

  342. 

  343. _libssh2_cipher_aes256

  344. AES-256-CBC algorithm identifier initializer.

  345. #define with constant value of type _libssh2_cipher_type().

  346. 

  347. 4.1.2) AES in CTR block mode.

  348. LIBSSH2_AES_CTR

  349. #define as 1 if the crypto library supports AES in CTR mode, else 0.

  350. If defined as 0, the rest of this section can be omitted.

  351. 

  352. _libssh2_cipher_aes128ctr

  353. AES-128-CTR algorithm identifier initializer.

  354. #define with constant value of type _libssh2_cipher_type().

  355. 

  356. _libssh2_cipher_aes192ctr

  357. AES-192-CTR algorithm identifier initializer.

  358. #define with constant value of type _libssh2_cipher_type().

  359. 

  360. _libssh2_cipher_aes256ctr

  361. AES-256-CTR algorithm identifier initializer.

  362. #define with constant value of type _libssh2_cipher_type().

  363. 

  364. 4.2) Blowfish in CBC block mode.

  365. LIBSSH2_BLOWFISH

  366. #define as 1 if the crypto library supports blowfish in CBC mode, else 0.

  367. If defined as 0, the rest of this section can be omitted.

  368. 

  369. _libssh2_cipher_blowfish

  370. Blowfish-CBC algorithm identifier initializer.

  371. #define with constant value of type _libssh2_cipher_type().

  372. 

  373. 4.3) RC4.

  374. LIBSSH2_RC4

  375. #define as 1 if the crypto library supports RC4 (arcfour), else 0.

  376. If defined as 0, the rest of this section can be omitted.

  377. 

  378. _libssh2_cipher_arcfour

  379. RC4 algorithm identifier initializer.

  380. #define with constant value of type _libssh2_cipher_type().

  381. 

  382. 4.4) CAST5 in CBC block mode.

  383. LIBSSH2_CAST

  384. #define 1 if the crypto library supports cast, else 0.

  385. If defined as 0, the rest of this section can be omitted.

  386. 

  387. _libssh2_cipher_cast5

  388. CAST5-CBC algorithm identifier initializer.

  389. #define with constant value of type _libssh2_cipher_type().

  390. 

  391. 4.5) Tripple DES in CBC block mode.

  392. LIBSSH2_3DES

  393. #define as 1 if the crypto library supports TripleDES in CBC mode, else 0.

  394. If defined as 0, the rest of this section can be omitted.

  395. 

  396. _libssh2_cipher_3des

  397. TripleDES-CBC algorithm identifier initializer.

  398. #define with constant value of type _libssh2_cipher_type().

  399. 

  400. 

  401. 5) Diffie-Hellman support.

  402. 

  403. 5.1) Diffie-Hellman context.

  404. _libssh2_dh_ctx

  405. Type of a Diffie-Hellman computation context.

  406. Must always be defined.

  407. 

  408. 5.2) Diffie-Hellman computation procedures.

  409. void libssh2_dh_init(_libssh2_dh_ctx *dhctx);

  410. Initializes the Diffie-Hellman context at `dhctx'. No effective context

  411. creation needed here.

  412. 

  413. int libssh2_dh_key_pair(_libssh2_dh_ctx *dhctx, _libssh2_bn *public,

  414.                         _libssh2_bn *g, _libssh2_bn *p, int group_order,

  415.                         _libssh2_bn_ctx *bnctx);

  416. Generates a Diffie-Hellman key pair using base `g', prime `p' and the given

  417. `group_order'. Can use the given big number context `bnctx' if needed.

  418. The private key is stored as opaque in the Diffie-Hellman context `*dhctx' and

  419. the public key is returned in `public'.

  420. 0 is returned upon success, else -1.

  421. 

  422. int libssh2_dh_secret(_libssh2_dh_ctx *dhctx, _libssh2_bn *secret,

  423.                       _libssh2_bn *f, _libssh2_bn *p, _libssh2_bn_ctx * bnctx)

  424. Computes the Diffie-Hellman secret from the previously created context `*dhctx',

  425. the public key `f' from the other party and the same prime `p' used at

  426. context creation. The result is stored in `secret'.

  427. 0 is returned upon success, else -1.

  428. 

  429. void libssh2_dh_dtor(_libssh2_dh_ctx *dhctx)

  430. Destroys Diffie-Hellman context at `dhctx' and resets its storage.

  431. 

  432. 

  433. 6) Big numbers.

  434. Positive multi-byte integers support is sufficient.

  435. 

  436. 6.1) Computation contexts.

  437. This has a real meaning if the big numbers computations need some context

  438. storage. If not, use a dummy type and functions (macros).

  439. 

  440. _libssh2_bn_ctx

  441. Type of multiple precision computation context. May not be empty. if not used,

  442. #define as char, for example.

  443. 

  444. _libssh2_bn_ctx _libssh2_bn_ctx_new(void);

  445. Returns a new multiple precision computation context.

  446. 

  447. void _libssh2_bn_ctx_free(_libssh2_bn_ctx ctx);

  448. Releases a multiple precision computation context.

  449. 

  450. 6.2) Computation support.

  451. _libssh2_bn

  452. Type of multiple precision numbers (aka bignumbers or huge integers) for the

  453. crypto library.

  454. 

  455. _libssh2_bn * _libssh2_bn_init(void);

  456. Creates a multiple precision number (preset to zero).

  457. 

  458. _libssh2_bn * _libssh2_bn_init_from_bin(void);

  459. Create a multiple precision number intended to be set by the

  460. _libssh2_bn_from_bin() function (see below). Unlike _libssh2_bn_init(), this

  461. code may be a dummy initializer if the _libssh2_bn_from_bin() actually

  462. allocates the number. Returns a value of type _libssh2_bn *.

  463. 

  464. void _libssh2_bn_free(_libssh2_bn *bn);

  465. Destroys the multiple precision number at bn.

  466. 

  467. unsigned long _libssh2_bn_bytes(_libssh2_bn *bn);

  468. Get the number of bytes needed to store the bits of the multiple precision

  469. number at bn.

  470. 

  471. unsigned long _libssh2_bn_bits(_libssh2_bn *bn);

  472. Returns the number of bits of multiple precision number at bn.

  473. 

  474. int _libssh2_bn_set_word(_libssh2_bn *bn, unsigned long val);

  475. Sets the value of bn to val.

  476. Returns 1 on success, 0 otherwise.

  477. 

  478. _libssh2_bn * _libssh2_bn_from_bin(_libssh2_bn *bn, int len,

  479. 	                           const unsigned char *val);

  480. Converts the positive integer in big-endian form of length len at val

  481. into a _libssh2_bn and place it in bn. If bn is NULL, a new _libssh2_bn is

  482. created.

  483. Returns a pointer to target _libssh2_bn or NULL if error.

  484. 

  485. int _libssh2_bn_to_bin(_libssh2_bn *bn, unsigned char *val);

  486. Converts the absolute value of bn into big-endian form and store it at

  487. val. val must point to _libssh2_bn_bytes(bn) bytes of memory.

  488. Returns the length of the big-endian number.

  489. 

  490. 

  491. 7) Private key algorithms.

  492. Format of an RSA public key:

  493. a) "ssh-rsa".

  494. b) RSA exponent, MSB first, with high order bit = 0.

  495. c) RSA modulus, MSB first, with high order bit = 0.

  496. Each item is preceded by its 32-bit byte length, MSB first.

  497. 

  498. Format of a DSA public key:

  499. a) "ssh-dss".

  500. b) p, MSB first, with high order bit = 0.

  501. c) q, MSB first, with high order bit = 0.

  502. d) g, MSB first, with high order bit = 0.

  503. e) pub_key, MSB first, with high order bit = 0.

  504. Each item is preceded by its 32-bit byte length, MSB first.

  505. 

  506. Format of an ECDSA public key:

  507. a) "ecdsa-sha2-nistp256" or "ecdsa-sha2-nistp384" or "ecdsa-sha2-nistp521".

  508. b) domain: "nistp256", "nistp384" or "nistp521" matching a).

  509. c) raw public key ("octal").

  510. Each item is preceded by its 32-bit byte length, MSB first.

  511. 

  512. Format of an ED25519 public key:

  513. a) "ssh-ed25519".

  514. b) raw key (32 bytes).

  515. Each item is preceded by its 32-bit byte length, MSB first.

  516. 

  517. int _libssh2_pub_priv_keyfile(LIBSSH2_SESSION *session,

  518.                               unsigned char **method,

  519.                               size_t *method_len,

  520.                               unsigned char **pubkeydata,

  521.                               size_t *pubkeydata_len,

  522.                               const char *privatekey,

  523.                               const char *passphrase);

  524. Reads a private key from file privatekey and extract the public key -->

  525. (pubkeydata, pubkeydata_len). Store the associated method (ssh-rsa or ssh-dss)

  526. into (method, method_len).

  527. Both buffers have to be allocated using LIBSSH2_ALLOC().

  528. Returns 0 if OK, else -1.

  529. This procedure is already prototyped in crypto.h.

  530. 

  531. int _libssh2_pub_priv_keyfilememory(LIBSSH2_SESSION *session,

  532.                                     unsigned char **method,

  533.                                     size_t *method_len,

  534.                                     unsigned char **pubkeydata,

  535.                                     size_t *pubkeydata_len,

  536.                                     const char *privatekeydata,

  537.                                     size_t privatekeydata_len,

  538.                                     const char *passphrase);

  539. Gets a private key from bytes at (privatekeydata, privatekeydata_len) and

  540. extract the public key --> (pubkeydata, pubkeydata_len). Store the associated

  541. method (ssh-rsa or ssh-dss) into (method, method_len).

  542. Both buffers have to be allocated using LIBSSH2_ALLOC().

  543. Returns 0 if OK, else -1.

  544. This procedure is already prototyped in crypto.h.

  545. 

  546. 

  547. 7.1) RSA

  548. LIBSSH2_RSA

  549. #define as 1 if the crypto library supports RSA, else 0.

  550. If defined as 0, the rest of this section can be omitted.

  551. 

  552. libssh2_rsa_ctx

  553. Type of an RSA computation context. Generally a struct.

  554. 

  555. int _libssh2_rsa_new(libssh2_rsa_ctx **rsa,

  556.                      const unsigned char *edata,

  557.                      unsigned long elen,

  558.                      const unsigned char *ndata,

  559.                      unsigned long nlen,

  560.                      const unsigned char *ddata,

  561.                      unsigned long dlen,

  562.                      const unsigned char *pdata,

  563.                      unsigned long plen,

  564.                      const unsigned char *qdata,

  565.                      unsigned long qlen,

  566.                      const unsigned char *e1data,

  567.                      unsigned long e1len,

  568.                      const unsigned char *e2data,

  569.                      unsigned long e2len,

  570.                      const unsigned char *coeffdata, unsigned long coefflen);

  571. Creates a new context for RSA computations from key source values:

  572. 	pdata, plen	Prime number p. Only used if private key known (ddata).

  573. 	qdata, qlen	Prime number q. Only used if private key known (ddata).

  574. 	ndata, nlen	Modulus n.

  575. 	edata, elen	Exponent e.

  576. 	ddata, dlen	e^-1 % phi(n) = private key. May be NULL if unknown.

  577. 	e1data, e1len	dp = d % (p-1). Only used if private key known (dtata).

  578. 	e2data, e2len	dq = d % (q-1). Only used if private key known (dtata).

  579. 	coeffdata, coefflen	q^-1 % p. Only used if private key known.

  580. Returns 0 if OK.

  581. This procedure is already prototyped in crypto.h.

  582. Note: the current generic code only calls this function with e and n (public

  583. key parameters): unless used internally by the backend, it is not needed to

  584. support the private key and the other parameters here.

  585. 

  586. int _libssh2_rsa_new_private(libssh2_rsa_ctx **rsa,

  587.                              LIBSSH2_SESSION *session,

  588.                              const char *filename,

  589.                              unsigned const char *passphrase);

  590. Reads an RSA private key from file filename into a new RSA context.

  591. Must call _libssh2_init_if_needed().

  592. Return 0 if OK, else -1.

  593. This procedure is already prototyped in crypto.h.

  594. 

  595. int _libssh2_rsa_new_private_frommemory(libssh2_rsa_ctx **rsa,

  596.                                         LIBSSH2_SESSION *session,

  597.                                         const char *data,

  598. 					size_t data_len,

  599.                                         unsigned const char *passphrase);

  600. Gets an RSA private key from data into a new RSA context.

  601. Must call _libssh2_init_if_needed().

  602. Return 0 if OK, else -1.

  603. This procedure is already prototyped in crypto.h.

  604. 

  605. int _libssh2_rsa_sha1_verify(libssh2_rsa_ctx *rsa,

  606.                              const unsigned char *sig,

  607.                              unsigned long sig_len,

  608.                              const unsigned char *m, unsigned long m_len);

  609. Verify (sig, sig_len) signature of (m, m_len) using an SHA-1 hash and the

  610. RSA context.

  611. Return 0 if OK, else -1.

  612. This procedure is already prototyped in crypto.h.

  613. 

  614. int _libssh2_rsa_sha1_signv(LIBSSH2_SESSION *session,

  615. 	                    unsigned char **sig, size_t *siglen,

  616. 	                    int count, const struct iovec vector[],

  617. 	                    libssh2_rsa_ctx *ctx);

  618. RSA signs the SHA-1 hash computed over the count data chunks in vector.

  619. Signature is stored at (sig, siglen).

  620. Signature buffer must be allocated from the given session.

  621. Returns 0 if OK, else -1.

  622. Note: this procedure is optional: if provided, it MUST be defined as a macro.

  623. 

  624. int _libssh2_rsa_sha1_sign(LIBSSH2_SESSION *session,

  625.                            libssh2_rsa_ctx *rsactx,

  626.                            const unsigned char *hash,

  627.                            size_t hash_len,

  628.                            unsigned char **signature,

  629.                            size_t *signature_len);

  630. RSA signs the (hash, hashlen) SHA-1 hash bytes and stores the allocated

  631. signature at (signature, signature_len).

  632. Signature buffer must be allocated from the given session.

  633. Returns 0 if OK, else -1.

  634. This procedure is already prototyped in crypto.h.

  635. Note: this procedure is not used if macro _libssh2_rsa_sha1_signv() is defined.

  636. 

  637. void _libssh2_rsa_free(libssh2_rsa_ctx *rsactx);

  638. Releases the RSA computation context at rsactx.

  639. 

  640. 

  641. 7.2) DSA

  642. LIBSSH2_DSA

  643. #define as 1 if the crypto library supports DSA, else 0.

  644. If defined as 0, the rest of this section can be omitted.

  645. 

  646. 

  647. libssh2_dsa_ctx

  648. Type of a DSA computation context. Generally a struct.

  649. 

  650. int _libssh2_dsa_new(libssh2_dsa_ctx **dsa,

  651.                      const unsigned char *pdata,

  652.                      unsigned long plen,

  653.                      const unsigned char *qdata,

  654.                      unsigned long qlen,

  655.                      const unsigned char *gdata,

  656.                      unsigned long glen,

  657.                      const unsigned char *ydata,

  658.                      unsigned long ylen,

  659.                      const unsigned char *x, unsigned long x_len);

  660. Creates a new context for DSA computations from source key values:

  661. 	pdata, plen	Prime number p. Only used if private key known (ddata).

  662. 	qdata, qlen	Prime number q. Only used if private key known (ddata).

  663. 	gdata, glen	G number.

  664. 	ydata, ylen	Public key.

  665. 	xdata, xlen	Private key. Only taken if xlen non-zero.

  666. Returns 0 if OK.

  667. This procedure is already prototyped in crypto.h.

  668. 

  669. int _libssh2_dsa_new_private(libssh2_dsa_ctx **dsa,

  670.                              LIBSSH2_SESSION *session,

  671.                              const char *filename,

  672.                              unsigned const char *passphrase);

  673. Gets a DSA private key from file filename into a new DSA context.

  674. Must call _libssh2_init_if_needed().

  675. Return 0 if OK, else -1.

  676. This procedure is already prototyped in crypto.h.

  677. 

  678. int _libssh2_dsa_new_private_frommemory(libssh2_dsa_ctx **dsa,

  679.                                         LIBSSH2_SESSION *session,

  680.                                         const char *data,

  681. 					size_t data_len,

  682.                                         unsigned const char *passphrase);

  683. Gets a DSA private key from the data_len-bytes data into a new DSA context.

  684. Must call _libssh2_init_if_needed().

  685. Returns 0 if OK, else -1.

  686. This procedure is already prototyped in crypto.h.

  687. 

  688. int _libssh2_dsa_sha1_verify(libssh2_dsa_ctx *dsactx,

  689.                              const unsigned char *sig,

  690.                              const unsigned char *m, unsigned long m_len);

  691. Verify (sig, siglen) signature of (m, m_len) using an SHA-1 hash and the

  692. DSA context.

  693. Returns 0 if OK, else -1.

  694. This procedure is already prototyped in crypto.h.

  695. 

  696. int _libssh2_dsa_sha1_sign(libssh2_dsa_ctx *dsactx,

  697.                            const unsigned char *hash,

  698.                            unsigned long hash_len, unsigned char *sig);

  699. DSA signs the (hash, hash_len) data using SHA-1 and store the signature at sig.

  700. Returns 0 if OK, else -1.

  701. This procedure is already prototyped in crypto.h.

  702. 

  703. void _libssh2_dsa_free(libssh2_dsa_ctx *dsactx);

  704. Releases the DSA computation context at dsactx.

  705. 

  706. 

  707. 7.3) ECDSA

  708. LIBSSH2_ECDSA

  709. #define as 1 if the crypto library supports ECDSA, else 0.

  710. If defined as 0, _libssh2_ec_key should be defined as void and the rest of

  711. this section can be omitted.

  712. 

  713. EC_MAX_POINT_LEN

  714. Maximum point length. Usually defined as ((528 * 2 / 8) + 1) (= 133).

  715. 

  716. libssh2_ecdsa_ctx

  717. Type of an ECDSA computation context. Generally a struct.

  718. 

  719. _libssh2_ec_key

  720. Type of an elliptic curve key.

  721. 

  722. libssh2_curve_type

  723. An enum type defining curve types. Current supported identifiers are:

  724. 	LIBSSH2_EC_CURVE_NISTP256

  725. 	LIBSSH2_EC_CURVE_NISTP384

  726. 	LIBSSH2_EC_CURVE_NISTP521

  727. 

  728. int _libssh2_ecdsa_create_key(_libssh2_ec_key **out_private_key,

  729.                               unsigned char **out_public_key_octal,

  730.                               size_t *out_public_key_octal_len,

  731.                               libssh2_curve_type curve_type);

  732. Create a new ECDSA private key of type curve_type and return it at

  733. out_private_key. If out_public_key_octal is not NULL, store an allocated

  734. pointer to the associated public key in "octal" form in it and its length

  735. at out_public_key_octal_len.

  736. Return 0 if OK, else -1.

  737. This procedure is already prototyped in crypto.h.

  738. 

  739. int _libssh2_ecdsa_new_private(libssh2_ecdsa_ctx **ec_ctx,

  740.                                LIBSSH2_SESSION * session,

  741.                                const char *filename,

  742.                                unsigned const char *passphrase);

  743. Reads an ECDSA private key from PEM file filename into a new ECDSA context.

  744. Must call _libssh2_init_if_needed().

  745. Return 0 if OK, else -1.

  746. This procedure is already prototyped in crypto.h.

  747. 

  748. int _libssh2_ecdsa_new_private_frommemory(libssh2_ecdsa_ctx ** ec_ctx,

  749.                                         LIBSSH2_SESSION * session,

  750.                                         const char *filedata,

  751.                                         size_t filedata_len,

  752.                                         unsigned const char *passphrase);

  753. Builds an ECDSA private key from PEM data at filedata of length filedata_len

  754. into a new ECDSA context stored at ec_ctx.

  755. Must call _libssh2_init_if_needed().

  756. Return 0 if OK, else -1.

  757. This procedure is already prototyped in crypto.h.

  758. 

  759. int _libssh2_ecdsa_curve_name_with_octal_new(libssh2_ecdsa_ctx **ecdsactx,

  760.                                              const unsigned char *k,

  761.                                              size_t k_len,

  762.                                              libssh2_curve_type type);

  763. Stores at ecdsactx a new ECDSA context associated with the given curve type

  764. and with "octal" form public key (k, k_len).

  765. Return 0 if OK, else -1.

  766. This procedure is already prototyped in crypto.h.

  767. 

  768. int _libssh2_ecdsa_new_openssh_private(libssh2_ecdsa_ctx **ec_ctx,

  769.                                        LIBSSH2_SESSION * session,

  770.                                        const char *filename,

  771.                                        unsigned const char *passphrase);

  772. Reads a PEM-encoded ECDSA private key from file filename encrypted with

  773. passphrase and stores at ec_ctx a new ECDSA context for it.

  774. Return 0 if OK, else -1.

  775. Currently used only from openssl backend (ought to be private).

  776. This procedure is already prototyped in crypto.h.

  777. 

  778. int _libssh2_ecdsa_sign(LIBSSH2_SESSION *session, libssh2_ecdsa_ctx *ec_ctx,

  779.                         const unsigned char *hash, unsigned long hash_len,

  780.                         unsigned char **signature, size_t *signature_len);

  781. ECDSA signs the (hash, hashlen) hash bytes and stores the allocated

  782. signature at (signature, signature_len). Hash algorithm used should be

  783. SHA-256, SHA-384 or SHA-512 depending on type stored in ECDSA context at ec_ctx.

  784. Signature buffer must be allocated from the given session.

  785. Returns 0 if OK, else -1.

  786. This procedure is already prototyped in crypto.h.

  787. 

  788. int _libssh2_ecdsa_verify(libssh2_ecdsa_ctx *ctx,

  789.                           const unsigned char *r, size_t r_len,

  790.                           const unsigned char *s, size_t s_len,

  791.                           const unsigned char *m, size_t m_len);

  792. Verify the ECDSA signature made of (r, r_len) and (s, s_len) of (m, m_len)

  793. using the hash algorithm configured in the ECDSA context ctx.

  794. Return 0 if OK, else -1.

  795. This procedure is already prototyped in crypto.h.

  796. 

  797. libssh2_curve_type _libssh2_ecdsa_get_curve_type(libssh2_ecdsa_ctx *ecdsactx);

  798. Returns the curve type associated with given context.

  799. This procedure is already prototyped in crypto.h.

  800. 

  801. int _libssh2_ecdsa_curve_type_from_name(const char *name,

  802.                                         libssh2_curve_type *out_type);

  803. Stores in out_type the curve type matching string name of the form

  804. "ecdsa-sha2-nistpxxx".

  805. Return 0 if OK, else -1.

  806. Currently used only from openssl backend (ought to be private).

  807. This procedure is already prototyped in crypto.h.

  808. 

  809. void _libssh2_ecdsa_free(libssh2_ecdsa_ctx *ecdsactx);

  810. Releases the ECDSA computation context at ecdsactx.

  811. 

  812. 

  813. 7.4) ED25519

  814. LIBSSH2_ED25519

  815. #define as 1 if the crypto library supports ED25519, else 0.

  816. If defined as 0, the rest of this section can be omitted.

  817. 

  818. 

  819. libssh2_ed25519_ctx

  820. Type of an ED25519 computation context. Generally a struct.

  821. 

  822. int _libssh2_curve25519_new(LIBSSH2_SESSION *session, libssh2_ed25519_ctx **ctx,

  823.                             uint8_t **out_public_key,

  824.                             uint8_t **out_private_key);

  825. Generates an ED25519 key pair, stores a pointer to them at out_private_key

  826. and out_public_key respectively and stores at ctx a new ED25519 context for

  827. this key.

  828. Argument ctx, out_private_key and out_public key may be NULL to disable storing

  829. the corresponding value.

  830. Length of each key is LIBSSH2_ED25519_KEY_LEN (32 bytes).

  831. Key buffers are allocated and should be released by caller after use.

  832. Returns 0 if OK, else -1.

  833. This procedure is already prototyped in crypto.h.

  834. 

  835. int _libssh2_ed25519_new_private(libssh2_ed25519_ctx **ed_ctx,

  836.                                  LIBSSH2_SESSION *session,

  837.                                  const char *filename,

  838.                                  const uint8_t *passphrase);

  839. Reads an ED25519 private key from PEM file filename into a new ED25519 context.

  840. Must call _libssh2_init_if_needed().

  841. Return 0 if OK, else -1.

  842. This procedure is already prototyped in crypto.h.

  843. 

  844. int _libssh2_ed25519_new_public(libssh2_ed25519_ctx **ed_ctx,

  845.                                 LIBSSH2_SESSION *session,

  846.                                 const unsigned char *raw_pub_key,

  847.                                  const uint8_t key_len);

  848. Stores at ed_ctx a new ED25519 key context for raw public key (raw_pub_key,

  849. key_len).

  850. Return 0 if OK, else -1.

  851. This procedure is already prototyped in crypto.h.

  852. 

  853. int _libssh2_ed25519_new_private_frommemory(libssh2_ed25519_ctx **ed_ctx,

  854.                                             LIBSSH2_SESSION *session,

  855.                                             const char *filedata,

  856.                                             size_t filedata_len,

  857.                                             unsigned const char *passphrase);

  858. Builds an ED25519 private key from PEM data at filedata of length filedata_len

  859. into a new ED25519 context stored at ed_ctx.

  860. Must call _libssh2_init_if_needed().

  861. Return 0 if OK, else -1.

  862. This procedure is already prototyped in crypto.h.

  863. 

  864. int _libssh2_ed25519_sign(libssh2_ed25519_ctx *ctx, LIBSSH2_SESSION *session,

  865.                           uint8_t **out_sig, size_t *out_sig_len,

  866.                           const uint8_t *message, size_t message_len);

  867. ED25519 signs the (message, message_len) bytes and stores the allocated

  868. signature at (sig, sig_len).

  869. Signature buffer is allocated from the given session.

  870. Returns 0 if OK, else -1.

  871. This procedure is already prototyped in crypto.h.

  872. 

  873. int _libssh2_ed25519_verify(libssh2_ed25519_ctx *ctx, const uint8_t *s,

  874.                             size_t s_len, const uint8_t *m, size_t m_len);

  875. Verify (s, s_len) signature of (m, m_len) using the given ED25519 context.

  876. Return 0 if OK, else -1.

  877. This procedure is already prototyped in crypto.h.

  878. 

  879. int _libssh2_curve25519_gen_k(_libssh2_bn **k,

  880.                               uint8_t private_key[LIBSSH2_ED25519_KEY_LEN],

  881.                               uint8_t srvr_public_key[LIBSSH2_ED25519_KEY_LEN]);

  882. Computes a shared ED25519 secret key from the given raw server public key and 

  883. raw client public key and stores it as a big number in *k. Big number should

  884. have been initialized before calling this function.

  885. Returns 0 if OK, else -1.

  886. This procedure is already prototyped in crypto.h.

  887. 

  888. void _libssh2_ed25519_free(libssh2_ed25519_ctx *ed25519ctx);

  889. Releases the ED25519 computation context at ed25519ctx.

  890. 

  891. 

  892. 8) Miscellaneous

  893. 

  894. void libssh2_prepare_iovec(struct iovec *vector, unsigned int len);

  895. Prepare len consecutive iovec slots before using them.

  896. In example, this is needed to preset unused structure slacks on platforms

  897. requiring it.

  898. If this is not needed, it should be defined as an empty macro.

  899. 

  900. void _libssh2_random(unsigned char *buf, int len);

  901. Store len random bytes at buf.