35 #include "ssh_config.h"
72 #ifndef GPL_LICENSE_TERMS_ACCEPTED
73 #error Before compiling CycloneSSH Open, you must accept the terms of the GPL license
77 #define CYCLONE_SSH_VERSION_STRING "2.4.0"
79 #define CYCLONE_SSH_MAJOR_VERSION 2
81 #define CYCLONE_SSH_MINOR_VERSION 4
83 #define CYCLONE_SSH_REV_NUMBER 0
87 #define SSH_SUPPORT ENABLED
88 #elif (SSH_SUPPORT != ENABLED && SSH_SUPPORT != DISABLED)
89 #error SSH_SUPPORT parameter is not valid
93 #ifndef SSH_CLIENT_SUPPORT
94 #define SSH_CLIENT_SUPPORT ENABLED
95 #elif (SSH_CLIENT_SUPPORT != ENABLED && SSH_CLIENT_SUPPORT != DISABLED)
96 #error SSH_CLIENT_SUPPORT parameter is not valid
100 #ifndef SSH_SERVER_SUPPORT
101 #define SSH_SERVER_SUPPORT ENABLED
102 #elif (SSH_SERVER_SUPPORT != ENABLED && SSH_SERVER_SUPPORT != DISABLED)
103 #error SSH_SERVER_SUPPORT parameter is not valid
107 #ifndef SSH_PUBLIC_KEY_AUTH_SUPPORT
108 #define SSH_PUBLIC_KEY_AUTH_SUPPORT ENABLED
109 #elif (SSH_PUBLIC_KEY_AUTH_SUPPORT != ENABLED && SSH_PUBLIC_KEY_AUTH_SUPPORT != DISABLED)
110 #error SSH_PUBLIC_KEY_AUTH_SUPPORT parameter is not valid
114 #ifndef SSH_PASSWORD_AUTH_SUPPORT
115 #define SSH_PASSWORD_AUTH_SUPPORT ENABLED
116 #elif (SSH_PASSWORD_AUTH_SUPPORT != ENABLED && SSH_PASSWORD_AUTH_SUPPORT != DISABLED)
117 #error SSH_PASSWORD_AUTH_SUPPORT parameter is not valid
121 #ifndef SSH_ENCRYPTED_KEY_SUPPORT
122 #define SSH_ENCRYPTED_KEY_SUPPORT DISABLED
123 #elif (SSH_ENCRYPTED_KEY_SUPPORT != ENABLED && SSH_ENCRYPTED_KEY_SUPPORT != DISABLED)
124 #error SSH_ENCRYPTED_KEY_SUPPORT parameter is not valid
128 #ifndef SSH_CERT_SUPPORT
129 #define SSH_CERT_SUPPORT DISABLED
130 #elif (SSH_CERT_SUPPORT != ENABLED && SSH_CERT_SUPPORT != DISABLED)
131 #error SSH_CERT_SUPPORT parameter is not valid
135 #ifndef SSH_EXT_INFO_SUPPORT
136 #define SSH_EXT_INFO_SUPPORT DISABLED
137 #elif (SSH_EXT_INFO_SUPPORT != ENABLED && SSH_EXT_INFO_SUPPORT != DISABLED)
138 #error SSH_EXT_INFO_SUPPORT parameter is not valid
142 #ifndef SSH_SERVER_SIG_ALGS_EXT_SUPPORT
143 #define SSH_SERVER_SIG_ALGS_EXT_SUPPORT ENABLED
144 #elif (SSH_SERVER_SIG_ALGS_EXT_SUPPORT != ENABLED && SSH_SERVER_SIG_ALGS_EXT_SUPPORT != DISABLED)
145 #error SSH_SERVER_SIG_ALGS_EXT_SUPPORT parameter is not valid
149 #ifndef SSH_GLOBAL_REQ_OK_EXT_SUPPORT
150 #define SSH_GLOBAL_REQ_OK_EXT_SUPPORT DISABLED
151 #elif (SSH_GLOBAL_REQ_OK_EXT_SUPPORT != ENABLED && SSH_GLOBAL_REQ_OK_EXT_SUPPORT != DISABLED)
152 #error SSH_GLOBAL_REQ_OK_EXT_SUPPORT parameter is not valid
156 #ifndef SSH_KEX_STRICT_SUPPORT
157 #define SSH_KEX_STRICT_SUPPORT ENABLED
158 #elif (SSH_KEX_STRICT_SUPPORT != ENABLED && SSH_KEX_STRICT_SUPPORT != DISABLED)
159 #error SSH_KEX_STRICT_SUPPORT parameter is not valid
163 #ifndef SSH_SIGN_CALLBACK_SUPPORT
164 #define SSH_SIGN_CALLBACK_SUPPORT DISABLED
165 #elif (SSH_SIGN_CALLBACK_SUPPORT != ENABLED && SSH_SIGN_CALLBACK_SUPPORT != DISABLED)
166 #error SSH_SIGN_CALLBACK_SUPPORT parameter is not valid
170 #ifndef SSH_ECDH_CALLBACK_SUPPORT
171 #define SSH_ECDH_CALLBACK_SUPPORT DISABLED
172 #elif (SSH_ECDH_CALLBACK_SUPPORT != ENABLED && SSH_ECDH_CALLBACK_SUPPORT != DISABLED)
173 #error SSH_ECDH_CALLBACK_SUPPORT parameter is not valid
177 #ifndef SSH_MAX_HOST_KEYS
178 #define SSH_MAX_HOST_KEYS 3
179 #elif (SSH_MAX_HOST_KEYS < 1)
180 #error SSH_MAX_HOST_KEYS parameter is not valid
184 #ifndef SSH_MAX_CONNECTIONS
185 #define SSH_MAX_CONNECTIONS 10
186 #elif (SSH_MAX_CONNECTIONS < 1)
187 #error SSH_MAX_CONNECTIONS parameter is not valid
191 #ifndef SSH_MAX_GLOBAL_REQ_CALLBACKS
192 #define SSH_MAX_GLOBAL_REQ_CALLBACKS 3
193 #elif (SSH_MAX_GLOBAL_REQ_CALLBACKS < 1)
194 #error SSH_MAX_GLOBAL_REQ_CALLBACKS parameter is not valid
198 #ifndef SSH_MAX_CHANNEL_REQ_CALLBACKS
199 #define SSH_MAX_CHANNEL_REQ_CALLBACKS 3
200 #elif (SSH_MAX_CHANNEL_REQ_CALLBACKS < 1)
201 #error SSH_MAX_CHANNEL_REQ_CALLBACKS parameter is not valid
205 #ifndef SSH_MAX_CHANNEL_OPEN_CALLBACKS
206 #define SSH_MAX_CHANNEL_OPEN_CALLBACKS 1
207 #elif (SSH_MAX_CHANNEL_OPEN_CALLBACKS < 1)
208 #error SSH_MAX_CHANNEL_OPEN_CALLBACKS parameter is not valid
212 #ifndef SSH_MAX_CONN_OPEN_CALLBACKS
213 #define SSH_MAX_CONN_OPEN_CALLBACKS 1
214 #elif (SSH_MAX_CONN_OPEN_CALLBACKS < 1)
215 #error SSH_MAX_CONN_OPEN_CALLBACKS parameter is not valid
219 #ifndef SSH_MAX_CONN_CLOSE_CALLBACKS
220 #define SSH_MAX_CONN_CLOSE_CALLBACKS 1
221 #elif (SSH_MAX_CONN_CLOSE_CALLBACKS < 1)
222 #error SSH_MAX_CONN_CLOSE_CALLBACKS parameter is not valid
226 #ifndef SSH_MAX_AUTH_ATTEMPTS
227 #define SSH_MAX_AUTH_ATTEMPTS 10
228 #elif (SSH_MAX_AUTH_ATTEMPTS < 1 && SSH_MAX_AUTH_ATTEMPTS > 20)
229 #error SSH_MAX_AUTH_ATTEMPTS parameter is not valid
233 #ifndef SSH_MAX_PACKET_SIZE
234 #define SSH_MAX_PACKET_SIZE 2048
235 #elif (SSH_MAX_PACKET_SIZE < 128)
236 #error SSH_MAX_PACKET_SIZE parameter is not valid
240 #ifndef SSH_CHANNEL_BUFFER_SIZE
241 #define SSH_CHANNEL_BUFFER_SIZE 2048
242 #elif (SSH_CHANNEL_BUFFER_SIZE < 128)
243 #error SSH_CHANNEL_BUFFER_SIZE parameter is not valid
247 #ifndef SSH_MAX_ID_LEN
248 #define SSH_MAX_ID_LEN 80
249 #elif (SSH_MAX_ID_LEN < 1)
250 #error SSH_MAX_ID_LEN parameter is not valid
254 #ifndef SSH_MAX_USERNAME_LEN
255 #define SSH_MAX_USERNAME_LEN 32
256 #elif (SSH_MAX_USERNAME_LEN < 0)
257 #error SSH_MAX_USERNAME_LEN parameter is not valid
261 #ifndef SSH_MAX_PASSWORD_LEN
262 #define SSH_MAX_PASSWORD_LEN 32
263 #elif (SSH_MAX_PASSWORD_LEN < 0)
264 #error SSH_MAX_PASSWORD_LEN parameter is not valid
268 #ifndef SSH_MAX_PASSWORD_CHANGE_PROMPT_LEN
269 #define SSH_MAX_PASSWORD_CHANGE_PROMPT_LEN 0
270 #elif (SSH_MAX_PASSWORD_CHANGE_PROMPT_LEN < 0)
271 #error SSH_MAX_PASSWORD_CHANGE_PROMPT_LEN parameter is not valid
275 #ifndef SSH_ETM_SUPPORT
276 #define SSH_ETM_SUPPORT DISABLED
277 #elif (SSH_ETM_SUPPORT != ENABLED && SSH_ETM_SUPPORT != DISABLED)
278 #error SSH_ETM_SUPPORT parameter is not valid
282 #ifndef SSH_STREAM_CIPHER_SUPPORT
283 #define SSH_STREAM_CIPHER_SUPPORT DISABLED
284 #elif (SSH_STREAM_CIPHER_SUPPORT != ENABLED && SSH_STREAM_CIPHER_SUPPORT != DISABLED)
285 #error SSH_STREAM_CIPHER_SUPPORT parameter is not valid
289 #ifndef SSH_CBC_CIPHER_SUPPORT
290 #define SSH_CBC_CIPHER_SUPPORT DISABLED
291 #elif (SSH_CBC_CIPHER_SUPPORT != ENABLED && SSH_CBC_CIPHER_SUPPORT != DISABLED)
292 #error SSH_CBC_CIPHER_SUPPORT parameter is not valid
296 #ifndef SSH_CTR_CIPHER_SUPPORT
297 #define SSH_CTR_CIPHER_SUPPORT ENABLED
298 #elif (SSH_CTR_CIPHER_SUPPORT != ENABLED && SSH_CTR_CIPHER_SUPPORT != DISABLED)
299 #error SSH_CTR_CIPHER_SUPPORT parameter is not valid
303 #ifndef SSH_GCM_CIPHER_SUPPORT
304 #define SSH_GCM_CIPHER_SUPPORT ENABLED
305 #elif (SSH_GCM_CIPHER_SUPPORT != ENABLED && SSH_GCM_CIPHER_SUPPORT != DISABLED)
306 #error SSH_GCM_CIPHER_SUPPORT parameter is not valid
310 #ifndef SSH_RFC5647_SUPPORT
311 #define SSH_RFC5647_SUPPORT DISABLED
312 #elif (SSH_RFC5647_SUPPORT != ENABLED && SSH_RFC5647_SUPPORT != DISABLED)
313 #error SSH_RFC5647_SUPPORT parameter is not valid
317 #ifndef SSH_CHACHA20_POLY1305_SUPPORT
318 #define SSH_CHACHA20_POLY1305_SUPPORT DISABLED
319 #elif (SSH_CHACHA20_POLY1305_SUPPORT != ENABLED && SSH_CHACHA20_POLY1305_SUPPORT != DISABLED)
320 #error SSH_CHACHA20_POLY1305_SUPPORT parameter is not valid
324 #ifndef SSH_RC4_SUPPORT
325 #define SSH_RC4_SUPPORT DISABLED
326 #elif (SSH_RC4_SUPPORT != ENABLED && SSH_RC4_SUPPORT != DISABLED)
327 #error SSH_RC4_SUPPORT parameter is not valid
331 #ifndef SSH_RC4_128_SUPPORT
332 #define SSH_RC4_128_SUPPORT DISABLED
333 #elif (SSH_RC4_128_SUPPORT != ENABLED && SSH_RC4_128_SUPPORT != DISABLED)
334 #error SSH_RC4_128_SUPPORT parameter is not valid
338 #ifndef SSH_RC4_256_SUPPORT
339 #define SSH_RC4_256_SUPPORT DISABLED
340 #elif (SSH_RC4_256_SUPPORT != ENABLED && SSH_RC4_256_SUPPORT != DISABLED)
341 #error SSH_RC4_256_SUPPORT parameter is not valid
345 #ifndef SSH_CAST128_SUPPORT
346 #define SSH_CAST128_SUPPORT DISABLED
347 #elif (SSH_CAST128_SUPPORT != ENABLED && SSH_CAST128_SUPPORT != DISABLED)
348 #error SSH_CAST128_SUPPORT parameter is not valid
352 #ifndef SSH_IDEA_SUPPORT
353 #define SSH_IDEA_SUPPORT DISABLED
354 #elif (SSH_IDEA_SUPPORT != ENABLED && SSH_IDEA_SUPPORT != DISABLED)
355 #error SSH_IDEA_SUPPORT parameter is not valid
359 #ifndef SSH_BLOWFISH_SUPPORT
360 #define SSH_BLOWFISH_SUPPORT DISABLED
361 #elif (SSH_BLOWFISH_SUPPORT != ENABLED && SSH_BLOWFISH_SUPPORT != DISABLED)
362 #error SSH_BLOWFISH_SUPPORT parameter is not valid
366 #ifndef SSH_3DES_SUPPORT
367 #define SSH_3DES_SUPPORT DISABLED
368 #elif (SSH_3DES_SUPPORT != ENABLED && SSH_3DES_SUPPORT != DISABLED)
369 #error SSH_3DES_SUPPORT parameter is not valid
373 #ifndef SSH_AES_128_SUPPORT
374 #define SSH_AES_128_SUPPORT ENABLED
375 #elif (SSH_AES_128_SUPPORT != ENABLED && SSH_AES_128_SUPPORT != DISABLED)
376 #error SSH_AES_128_SUPPORT parameter is not valid
380 #ifndef SSH_AES_192_SUPPORT
381 #define SSH_AES_192_SUPPORT ENABLED
382 #elif (SSH_AES_192_SUPPORT != ENABLED && SSH_AES_192_SUPPORT != DISABLED)
383 #error SSH_AES_192_SUPPORT parameter is not valid
387 #ifndef SSH_AES_256_SUPPORT
388 #define SSH_AES_256_SUPPORT ENABLED
389 #elif (SSH_AES_256_SUPPORT != ENABLED && SSH_AES_256_SUPPORT != DISABLED)
390 #error SSH_AES_256_SUPPORT parameter is not valid
394 #ifndef SSH_TWOFISH_128_SUPPORT
395 #define SSH_TWOFISH_128_SUPPORT DISABLED
396 #elif (SSH_TWOFISH_128_SUPPORT != ENABLED && SSH_TWOFISH_128_SUPPORT != DISABLED)
397 #error SSH_TWOFISH_128_SUPPORT parameter is not valid
401 #ifndef SSH_TWOFISH_192_SUPPORT
402 #define SSH_TWOFISH_192_SUPPORT DISABLED
403 #elif (SSH_TWOFISH_192_SUPPORT != ENABLED && SSH_TWOFISH_192_SUPPORT != DISABLED)
404 #error SSH_TWOFISH_192_SUPPORT parameter is not valid
408 #ifndef SSH_TWOFISH_256_SUPPORT
409 #define SSH_TWOFISH_256_SUPPORT DISABLED
410 #elif (SSH_TWOFISH_256_SUPPORT != ENABLED && SSH_TWOFISH_256_SUPPORT != DISABLED)
411 #error SSH_TWOFISH_256_SUPPORT parameter is not valid
415 #ifndef SSH_SERPENT_128_SUPPORT
416 #define SSH_SERPENT_128_SUPPORT DISABLED
417 #elif (SSH_SERPENT_128_SUPPORT != ENABLED && SSH_SERPENT_128_SUPPORT != DISABLED)
418 #error SSH_SERPENT_128_SUPPORT parameter is not valid
422 #ifndef SSH_SERPENT_192_SUPPORT
423 #define SSH_SERPENT_192_SUPPORT DISABLED
424 #elif (SSH_SERPENT_192_SUPPORT != ENABLED && SSH_SERPENT_192_SUPPORT != DISABLED)
425 #error SSH_SERPENT_192_SUPPORT parameter is not valid
429 #ifndef SSH_SERPENT_256_SUPPORT
430 #define SSH_SERPENT_256_SUPPORT DISABLED
431 #elif (SSH_SERPENT_256_SUPPORT != ENABLED && SSH_SERPENT_256_SUPPORT != DISABLED)
432 #error SSH_SERPENT_256_SUPPORT parameter is not valid
436 #ifndef SSH_CAMELLIA_128_SUPPORT
437 #define SSH_CAMELLIA_128_SUPPORT DISABLED
438 #elif (SSH_CAMELLIA_128_SUPPORT != ENABLED && SSH_CAMELLIA_128_SUPPORT != DISABLED)
439 #error SSH_CAMELLIA_128_SUPPORT parameter is not valid
443 #ifndef SSH_CAMELLIA_192_SUPPORT
444 #define SSH_CAMELLIA_192_SUPPORT DISABLED
445 #elif (SSH_CAMELLIA_192_SUPPORT != ENABLED && SSH_CAMELLIA_192_SUPPORT != DISABLED)
446 #error SSH_CAMELLIA_192_SUPPORT parameter is not valid
450 #ifndef SSH_CAMELLIA_256_SUPPORT
451 #define SSH_CAMELLIA_256_SUPPORT DISABLED
452 #elif (SSH_CAMELLIA_256_SUPPORT != ENABLED && SSH_CAMELLIA_256_SUPPORT != DISABLED)
453 #error SSH_CAMELLIA_256_SUPPORT parameter is not valid
457 #ifndef SSH_SEED_SUPPORT
458 #define SSH_SEED_SUPPORT DISABLED
459 #elif (SSH_SEED_SUPPORT != ENABLED && SSH_SEED_SUPPORT != DISABLED)
460 #error SSH_SEED_SUPPORT parameter is not valid
464 #ifndef SSH_MD5_SUPPORT
465 #define SSH_MD5_SUPPORT DISABLED
466 #elif (SSH_MD5_SUPPORT != ENABLED && SSH_MD5_SUPPORT != DISABLED)
467 #error SSH_MD5_SUPPORT parameter is not valid
471 #ifndef SSH_MD5_96_SUPPORT
472 #define SSH_MD5_96_SUPPORT DISABLED
473 #elif (SSH_MD5_96_SUPPORT != ENABLED && SSH_MD5_96_SUPPORT != DISABLED)
474 #error SSH_MD5_96_SUPPORT parameter is not valid
478 #ifndef SSH_RIPEMD160_SUPPORT
479 #define SSH_RIPEMD160_SUPPORT DISABLED
480 #elif (SSH_RIPEMD160_SUPPORT != ENABLED && SSH_RIPEMD160_SUPPORT != DISABLED)
481 #error SSH_RIPEMD160_SUPPORT parameter is not valid
485 #ifndef SSH_SHA1_SUPPORT
486 #define SSH_SHA1_SUPPORT ENABLED
487 #elif (SSH_SHA1_SUPPORT != ENABLED && SSH_SHA1_SUPPORT != DISABLED)
488 #error SSH_SHA1_SUPPORT parameter is not valid
492 #ifndef SSH_SHA1_96_SUPPORT
493 #define SSH_SHA1_96_SUPPORT DISABLED
494 #elif (SSH_SHA1_96_SUPPORT != ENABLED && SSH_SHA1_96_SUPPORT != DISABLED)
495 #error SSH_SHA1_96_SUPPORT parameter is not valid
499 #ifndef SSH_SHA224_SUPPORT
500 #define SSH_SHA224_SUPPORT DISABLED
501 #elif (SSH_SHA224_SUPPORT != ENABLED && SSH_SHA224_SUPPORT != DISABLED)
502 #error SSH_SHA224_SUPPORT parameter is not valid
506 #ifndef SSH_SHA256_SUPPORT
507 #define SSH_SHA256_SUPPORT ENABLED
508 #elif (SSH_SHA256_SUPPORT != ENABLED && SSH_SHA256_SUPPORT != DISABLED)
509 #error SSH_SHA256_SUPPORT parameter is not valid
513 #ifndef SSH_SHA384_SUPPORT
514 #define SSH_SHA384_SUPPORT ENABLED
515 #elif (SSH_SHA384_SUPPORT != ENABLED && SSH_SHA384_SUPPORT != DISABLED)
516 #error SSH_SHA384_SUPPORT parameter is not valid
520 #ifndef SSH_SHA512_SUPPORT
521 #define SSH_SHA512_SUPPORT ENABLED
522 #elif (SSH_SHA512_SUPPORT != ENABLED && SSH_SHA512_SUPPORT != DISABLED)
523 #error SSH_SHA512_SUPPORT parameter is not valid
527 #ifndef SSH_RSA_KEX_SUPPORT
528 #define SSH_RSA_KEX_SUPPORT DISABLED
529 #elif (SSH_RSA_KEX_SUPPORT != ENABLED && SSH_RSA_KEX_SUPPORT != DISABLED)
530 #error SSH_RSA_KEX_SUPPORT parameter is not valid
534 #ifndef SSH_DH_KEX_SUPPORT
535 #define SSH_DH_KEX_SUPPORT ENABLED
536 #elif (SSH_DH_KEX_SUPPORT != ENABLED && SSH_DH_KEX_SUPPORT != DISABLED)
537 #error SSH_DH_KEX_SUPPORT parameter is not valid
541 #ifndef SSH_DH_GEX_KEX_SUPPORT
542 #define SSH_DH_GEX_KEX_SUPPORT DISABLED
543 #elif (SSH_DH_GEX_KEX_SUPPORT != ENABLED && SSH_DH_GEX_KEX_SUPPORT != DISABLED)
544 #error SSH_DH_GEX_KEX_SUPPORT parameter is not valid
548 #ifndef SSH_ECDH_KEX_SUPPORT
549 #define SSH_ECDH_KEX_SUPPORT ENABLED
550 #elif (SSH_ECDH_KEX_SUPPORT != ENABLED && SSH_ECDH_KEX_SUPPORT != DISABLED)
551 #error SSH_ECDH_KEX_SUPPORT parameter is not valid
555 #ifndef SSH_HYBRID_KEX_SUPPORT
556 #define SSH_HYBRID_KEX_SUPPORT DISABLED
557 #elif (SSH_HYBRID_KEX_SUPPORT != ENABLED && SSH_HYBRID_KEX_SUPPORT != DISABLED)
558 #error SSH_HYBRID_KEX_SUPPORT parameter is not valid
562 #ifndef SSH_RSA_SIGN_SUPPORT
563 #define SSH_RSA_SIGN_SUPPORT ENABLED
564 #elif (SSH_RSA_SIGN_SUPPORT != ENABLED && SSH_RSA_SIGN_SUPPORT != DISABLED)
565 #error SSH_RSA_SIGN_SUPPORT parameter is not valid
569 #ifndef SSH_DSA_SIGN_SUPPORT
570 #define SSH_DSA_SIGN_SUPPORT ENABLED
571 #elif (SSH_DSA_SIGN_SUPPORT != ENABLED && SSH_DSA_SIGN_SUPPORT != DISABLED)
572 #error SSH_DSA_SIGN_SUPPORT parameter is not valid
576 #ifndef SSH_ECDSA_SIGN_SUPPORT
577 #define SSH_ECDSA_SIGN_SUPPORT ENABLED
578 #elif (SSH_ECDSA_SIGN_SUPPORT != ENABLED && SSH_ECDSA_SIGN_SUPPORT != DISABLED)
579 #error SSH_ECDSA_SIGN_SUPPORT parameter is not valid
583 #ifndef SSH_ED25519_SIGN_SUPPORT
584 #define SSH_ED25519_SIGN_SUPPORT ENABLED
585 #elif (SSH_ED25519_SIGN_SUPPORT != ENABLED && SSH_ED25519_SIGN_SUPPORT != DISABLED)
586 #error SSH_ED25519_SIGN_SUPPORT parameter is not valid
590 #ifndef SSH_ED448_SIGN_SUPPORT
591 #define SSH_ED448_SIGN_SUPPORT DISABLED
592 #elif (SSH_ED448_SIGN_SUPPORT != ENABLED && SSH_ED448_SIGN_SUPPORT != DISABLED)
593 #error SSH_ED448_SIGN_SUPPORT parameter is not valid
597 #ifndef SSH_NISTP256_SUPPORT
598 #define SSH_NISTP256_SUPPORT ENABLED
599 #elif (SSH_NISTP256_SUPPORT != ENABLED && SSH_NISTP256_SUPPORT != DISABLED)
600 #error SSH_NISTP256_SUPPORT parameter is not valid
604 #ifndef SSH_NISTP384_SUPPORT
605 #define SSH_NISTP384_SUPPORT ENABLED
606 #elif (SSH_NISTP384_SUPPORT != ENABLED && SSH_NISTP384_SUPPORT != DISABLED)
607 #error SSH_NISTP384_SUPPORT parameter is not valid
611 #ifndef SSH_NISTP521_SUPPORT
612 #define SSH_NISTP521_SUPPORT ENABLED
613 #elif (SSH_NISTP521_SUPPORT != ENABLED && SSH_NISTP521_SUPPORT != DISABLED)
614 #error SSH_NISTP521_SUPPORT parameter is not valid
618 #ifndef SSH_CURVE25519_SUPPORT
619 #define SSH_CURVE25519_SUPPORT ENABLED
620 #elif (SSH_CURVE25519_SUPPORT != ENABLED && SSH_CURVE25519_SUPPORT != DISABLED)
621 #error SSH_CURVE25519_SUPPORT parameter is not valid
625 #ifndef SSH_CURVE448_SUPPORT
626 #define SSH_CURVE448_SUPPORT DISABLED
627 #elif (SSH_CURVE448_SUPPORT != ENABLED && SSH_CURVE448_SUPPORT != DISABLED)
628 #error SSH_CURVE448_SUPPORT parameter is not valid
632 #ifndef SSH_SNTRUP761_SUPPORT
633 #define SSH_SNTRUP761_SUPPORT DISABLED
634 #elif (SSH_SNTRUP761_SUPPORT != ENABLED && SSH_SNTRUP761_SUPPORT != DISABLED)
635 #error SSH_SNTRUP761_SUPPORT parameter is not valid
639 #ifndef SSH_KYBER512_SUPPORT
640 #define SSH_KYBER512_SUPPORT DISABLED
641 #elif (SSH_KYBER512_SUPPORT != ENABLED && SSH_KYBER512_SUPPORT != DISABLED)
642 #error SSH_KYBER512_SUPPORT parameter is not valid
646 #ifndef SSH_KYBER768_SUPPORT
647 #define SSH_KYBER768_SUPPORT DISABLED
648 #elif (SSH_KYBER768_SUPPORT != ENABLED && SSH_KYBER768_SUPPORT != DISABLED)
649 #error SSH_KYBER768_SUPPORT parameter is not valid
653 #ifndef SSH_KYBER1024_SUPPORT
654 #define SSH_KYBER1024_SUPPORT DISABLED
655 #elif (SSH_KYBER1024_SUPPORT != ENABLED && SSH_KYBER1024_SUPPORT != DISABLED)
656 #error SSH_KYBER1024_SUPPORT parameter is not valid
660 #ifndef SSH_KEY_LOG_SUPPORT
661 #define SSH_KEY_LOG_SUPPORT DISABLED
662 #elif (SSH_KEY_LOG_SUPPORT != ENABLED && SSH_KEY_LOG_SUPPORT != DISABLED)
663 #error SSH_KEY_LOG_SUPPORT parameter is not valid
667 #ifndef SSH_MAX_RSA_KEYS
668 #define SSH_MAX_RSA_KEYS 2
669 #elif (SSH_MAX_RSA_KEYS < 1)
670 #error SSH_MAX_RSA_KEYS parameter is not valid
674 #ifndef SSH_MAX_DH_GEX_GROUPS
675 #define SSH_MAX_DH_GEX_GROUPS 2
676 #elif (SSH_MAX_DH_GEX_GROUPS < 1)
677 #error SSH_MAX_DH_GEX_GROUPS parameter is not valid
681 #ifndef SSH_MIN_DH_MODULUS_SIZE
682 #define SSH_MIN_DH_MODULUS_SIZE 1024
683 #elif (SSH_MIN_DH_MODULUS_SIZE < 1024)
684 #error SSH_MIN_DH_MODULUS_SIZE parameter is not valid
688 #ifndef SSH_PREFERRED_DH_MODULUS_SIZE
689 #define SSH_PREFERRED_DH_MODULUS_SIZE 2048
690 #elif (SSH_PREFERRED_DH_MODULUS_SIZE < SSH_MIN_DH_MODULUS_SIZE)
691 #error SSH_PREFERRED_DH_MODULUS_SIZE parameter is not valid
695 #ifndef SSH_MAX_DH_MODULUS_SIZE
696 #define SSH_MAX_DH_MODULUS_SIZE 3072
697 #elif (SSH_MAX_DH_MODULUS_SIZE < SSH_PREFERRED_DH_MODULUS_SIZE)
698 #error SSH_MAX_DH_MODULUS_SIZE parameter is not valid
702 #ifndef SSH_MIN_RSA_MODULUS_SIZE
703 #define SSH_MIN_RSA_MODULUS_SIZE 1024
704 #elif (SSH_MIN_RSA_MODULUS_SIZE < 512)
705 #error SSH_MIN_RSA_MODULUS_SIZE parameter is not valid
709 #ifndef SSH_MAX_RSA_MODULUS_SIZE
710 #define SSH_MAX_RSA_MODULUS_SIZE 4096
711 #elif (SSH_MAX_RSA_MODULUS_SIZE < SSH_MIN_RSA_MODULUS_SIZE)
712 #error SSH_MAX_RSA_MODULUS_SIZE parameter is not valid
716 #ifndef SSH_MIN_DSA_MODULUS_SIZE
717 #define SSH_MIN_DSA_MODULUS_SIZE 1024
718 #elif (SSH_MIN_DSA_MODULUS_SIZE < 512)
719 #error SSH_MIN_DSA_MODULUS_SIZE parameter is not valid
723 #ifndef SSH_MAX_DSA_MODULUS_SIZE
724 #define SSH_MAX_DSA_MODULUS_SIZE 4096
725 #elif (SSH_MAX_DSA_MODULUS_SIZE < SSH_MIN_DSA_MODULUS_SIZE)
726 #error SSH_MAX_DSA_MODULUS_SIZE parameter is not valid
731 #define sshAllocMem(size) osAllocMem(size)
736 #define sshFreeMem(p) osFreeMem(p)
740 #if (SSH_STREAM_CIPHER_SUPPORT == ENABLED)
741 #define SSH_HMAC_SUPPORT ENABLED
742 #elif (SSH_CBC_CIPHER_SUPPORT == ENABLED)
743 #define SSH_HMAC_SUPPORT ENABLED
744 #elif (SSH_CTR_CIPHER_SUPPORT == ENABLED)
745 #define SSH_HMAC_SUPPORT ENABLED
747 #define SSH_HMAC_SUPPORT DISABLED
751 #if (SSH_CHACHA20_POLY1305_SUPPORT == ENABLED)
752 #define SSH_MAX_ENC_KEY_SIZE 64
754 #define SSH_MAX_ENC_KEY_SIZE 32
758 #if (SSH_AES_128_SUPPORT == ENABLED)
759 #define SSH_MAX_CIPHER_BLOCK_SIZE AES_BLOCK_SIZE
760 #elif (SSH_AES_192_SUPPORT == ENABLED)
761 #define SSH_MAX_CIPHER_BLOCK_SIZE AES_BLOCK_SIZE
762 #elif (SSH_AES_256_SUPPORT == ENABLED)
763 #define SSH_MAX_CIPHER_BLOCK_SIZE AES_BLOCK_SIZE
764 #elif (SSH_TWOFISH_128_SUPPORT == ENABLED)
765 #define SSH_MAX_CIPHER_BLOCK_SIZE TWOFISH_BLOCK_SIZE
766 #elif (SSH_TWOFISH_192_SUPPORT == ENABLED)
767 #define SSH_MAX_CIPHER_BLOCK_SIZE TWOFISH_BLOCK_SIZE
768 #elif (SSH_TWOFISH_256_SUPPORT == ENABLED)
769 #define SSH_MAX_CIPHER_BLOCK_SIZE TWOFISH_BLOCK_SIZE
770 #elif (SSH_SERPENT_128_SUPPORT == ENABLED)
771 #define SSH_MAX_CIPHER_BLOCK_SIZE SERPENT_BLOCK_SIZE
772 #elif (SSH_SERPENT_192_SUPPORT == ENABLED)
773 #define SSH_MAX_CIPHER_BLOCK_SIZE SERPENT_BLOCK_SIZE
774 #elif (SSH_SERPENT_256_SUPPORT == ENABLED)
775 #define SSH_MAX_CIPHER_BLOCK_SIZE SERPENT_BLOCK_SIZE
776 #elif (SSH_CAMELLIA_128_SUPPORT == ENABLED)
777 #define SSH_MAX_CIPHER_BLOCK_SIZE CAMELLIA_BLOCK_SIZE
778 #elif (SSH_CAMELLIA_192_SUPPORT == ENABLED)
779 #define SSH_MAX_CIPHER_BLOCK_SIZE CAMELLIA_BLOCK_SIZE
780 #elif (SSH_CAMELLIA_256_SUPPORT == ENABLED)
781 #define SSH_MAX_CIPHER_BLOCK_SIZE CAMELLIA_BLOCK_SIZE
782 #elif (SSH_SEED_SUPPORT == ENABLED)
783 #define SSH_MAX_CIPHER_BLOCK_SIZE SEED_BLOCK_SIZE
784 #elif (SSH_CAST128_SUPPORT == ENABLED)
785 #define SSH_MAX_CIPHER_BLOCK_SIZE CAST128_BLOCK_SIZE
786 #elif (SSH_IDEA_SUPPORT == ENABLED)
787 #define SSH_MAX_CIPHER_BLOCK_SIZE IDEA_BLOCK_SIZE
788 #elif (SSH_BLOWFISH_SUPPORT == ENABLED)
789 #define SSH_MAX_CIPHER_BLOCK_SIZE BLOWFISH_BLOCK_SIZE
791 #define SSH_MAX_CIPHER_BLOCK_SIZE DES3_BLOCK_SIZE
795 #if (SSH_SHA512_SUPPORT == ENABLED)
796 #define SSH_MAX_HASH_DIGEST_SIZE SHA512_DIGEST_SIZE
797 #elif (SSH_SHA384_SUPPORT == ENABLED)
798 #define SSH_MAX_HASH_DIGEST_SIZE SHA384_DIGEST_SIZE
799 #elif (SSH_SHA256_SUPPORT == ENABLED)
800 #define SSH_MAX_HASH_DIGEST_SIZE SHA256_DIGEST_SIZE
801 #elif (SSH_SHA1_SUPPORT == ENABLED || SSH_SHA1_96_SUPPORT == ENABLED)
802 #define SSH_MAX_HASH_DIGEST_SIZE SHA1_DIGEST_SIZE
803 #elif (SSH_RIPEMD160_SUPPORT == ENABLED)
804 #define SSH_MAX_HASH_DIGEST_SIZE RIPEMD160_DIGEST_SIZE
806 #define SSH_MAX_HASH_DIGEST_SIZE MD5_DIGEST_SIZE
810 #if (SSH_RSA_KEX_SUPPORT == ENABLED)
811 #define SSH_MAX_RSA_SHARED_SECRET_LEN ((SSH_MAX_RSA_MODULUS_SIZE + 47) / 8)
813 #define SSH_MAX_RSA_SHARED_SECRET_LEN 0
817 #if (SSH_DH_KEX_SUPPORT == ENABLED || SSH_DH_GEX_KEX_SUPPORT == ENABLED)
818 #define SSH_MAX_DH_SHARED_SECRET_LEN ((SSH_MAX_DH_MODULUS_SIZE + 47) / 8)
820 #define SSH_MAX_DH_SHARED_SECRET_LEN 0
824 #if (SSH_ECDH_KEX_SUPPORT == ENABLED && SSH_NISTP521_SUPPORT == ENABLED)
825 #define SSH_MAX_ECDH_SHARED_SECRET_LEN 71
826 #elif (SSH_ECDH_KEX_SUPPORT == ENABLED && SSH_CURVE448_SUPPORT == ENABLED)
827 #define SSH_MAX_ECDH_SHARED_SECRET_LEN 61
828 #elif (SSH_ECDH_KEX_SUPPORT == ENABLED && SSH_NISTP384_SUPPORT == ENABLED)
829 #define SSH_MAX_ECDH_SHARED_SECRET_LEN 53
831 #define SSH_MAX_ECDH_SHARED_SECRET_LEN 37
835 #if (SSH_HYBRID_KEX_SUPPORT == ENABLED && SSH_SNTRUP761_SUPPORT == ENABLED)
836 #define SSH_MAX_HYBRID_SHARED_SECRET_LEN 68
837 #elif (SSH_HYBRID_KEX_SUPPORT == ENABLED && SSH_KYBER1024_SUPPORT == ENABLED)
838 #define SSH_MAX_HYBRID_SHARED_SECRET_LEN 68
839 #elif (SSH_HYBRID_KEX_SUPPORT == ENABLED && SSH_KYBER768_SUPPORT == ENABLED)
840 #define SSH_MAX_HYBRID_SHARED_SECRET_LEN 52
841 #elif (SSH_HYBRID_KEX_SUPPORT == ENABLED && SSH_KYBER512_SUPPORT == ENABLED)
842 #define SSH_MAX_HYBRID_SHARED_SECRET_LEN 36
844 #define SSH_MAX_HYBRID_SHARED_SECRET_LEN 0
848 #if (SSH_MAX_RSA_SHARED_SECRET_LEN >= SSH_MAX_DH_SHARED_SECRET_LEN && \
849 SSH_MAX_RSA_SHARED_SECRET_LEN >= SSH_MAX_ECDH_SHARED_SECRET_LEN && \
850 SSH_MAX_RSA_SHARED_SECRET_LEN >= SSH_MAX_HYBRID_SHARED_SECRET_LEN)
851 #define SSH_MAX_SHARED_SECRET_LEN SSH_MAX_RSA_SHARED_SECRET_LEN
852 #elif (SSH_MAX_DH_SHARED_SECRET_LEN >= SSH_MAX_RSA_SHARED_SECRET_LEN && \
853 SSH_MAX_DH_SHARED_SECRET_LEN >= SSH_MAX_ECDH_SHARED_SECRET_LEN && \
854 SSH_MAX_DH_SHARED_SECRET_LEN >= SSH_MAX_HYBRID_SHARED_SECRET_LEN)
855 #define SSH_MAX_SHARED_SECRET_LEN SSH_MAX_DH_SHARED_SECRET_LEN
856 #elif (SSH_MAX_ECDH_SHARED_SECRET_LEN >= SSH_MAX_RSA_SHARED_SECRET_LEN && \
857 SSH_MAX_ECDH_SHARED_SECRET_LEN >= SSH_MAX_DH_SHARED_SECRET_LEN && \
858 SSH_MAX_ECDH_SHARED_SECRET_LEN >= SSH_MAX_HYBRID_SHARED_SECRET_LEN)
859 #define SSH_MAX_SHARED_SECRET_LEN SSH_MAX_ECDH_SHARED_SECRET_LEN
861 #define SSH_MAX_SHARED_SECRET_LEN SSH_MAX_HYBRID_SHARED_SECRET_LEN
868 #define SSH_COOKIE_SIZE 16
870 #define SSH_MAX_MPINT_OVERHEAD 5
872 #define SSH_MAX_PACKET_OVERHEAD 128
875 #define SSH_BUFFER_SIZE (SSH_MAX_PACKET_SIZE + SSH_MAX_PACKET_OVERHEAD)
879 #define SshContext struct _SshContext
883 #define SshConnection struct _SshConnection
887 #define SshChannel struct _SshChannel
934 #define SSH_FLAG_BREAK(c) (SSH_FLAG_BREAK_CHAR | LSB(c))
1159 #if (SSH_CLIENT_SUPPORT == ENABLED)
1182 const uint8_t *hostKey,
size_t hostKeyLen);
1198 const uint8_t *publicKey,
size_t publicKeyLen);
1206 const char_t *user,
const uint8_t *publicKey,
size_t publicKeyLen);
1222 const char_t *user,
const char_t *password,
size_t passwordLen);
1230 const char_t *user,
const char_t *oldPassword,
size_t oldPasswordLen,
1231 const char_t *newPassword,
size_t newPasswordLen);
1241 uint8_t *
p,
size_t *written);
1292 const SshString *
type, uint32_t senderChannel, uint32_t initialWindowSize,
1338 #if (SSH_GCM_CIPHER_SUPPORT == ENABLED || SSH_RFC5647_SUPPORT == ENABLED)
1341 #if (SSH_CHACHA20_POLY1305_SUPPORT == ENABLED)
1411 #if (SSH_SERVER_SUPPORT == ENABLED && SSH_PASSWORD_AUTH_SUPPORT == ENABLED)
1424 #if (SSH_RSA_KEX_SUPPORT == ENABLED)
1429 #if (SSH_DH_GEX_KEX_SUPPORT == ENABLED)
1442 #if (SSH_HMAC_SUPPORT == ENABLED)
1445 #if (SSH_DH_KEX_SUPPORT == ENABLED || SSH_DH_GEX_KEX_SUPPORT == ENABLED)
1448 #if (SSH_ECDH_KEX_SUPPORT == ENABLED || SSH_HYBRID_KEX_SUPPORT == ENABLED)
1451 #if (SSH_HYBRID_KEX_SUPPORT == ENABLED)
1470 #if (SSH_EXT_INFO_SUPPORT == ENABLED)
1473 #if (SSH_KEX_STRICT_SUPPORT == ENABLED)
1500 #if (SSH_CLIENT_SUPPORT == ENABLED)
1505 #if (SSH_SERVER_SUPPORT == ENABLED && SSH_RSA_KEX_SUPPORT == ENABLED)
1508 #if (SSH_SERVER_SUPPORT == ENABLED && SSH_DH_GEX_KEX_SUPPORT == ENABLED)
1513 #if (SSH_CERT_SUPPORT == ENABLED)
1517 #if (SSH_PUBLIC_KEY_AUTH_SUPPORT == ENABLED)
1520 #if (SSH_PUBLIC_KEY_AUTH_SUPPORT == ENABLED && SSH_CERT_SUPPORT == ENABLED)
1523 #if (SSH_PASSWORD_AUTH_SUPPORT == ENABLED)
1527 #if (SSH_SIGN_CALLBACK_SUPPORT == ENABLED)
1531 #if (SSH_ECDH_CALLBACK_SUPPORT == ENABLED)
1545 #if (SSH_KEY_LOG_SUPPORT == ENABLED)
1646 const char_t *publicKey,
size_t publicKeyLen,
const char_t *privateKey,
1647 size_t privateKeyLen,
const char_t *password);
1652 const char_t *dhParams,
size_t dhParamsLen);
1657 const char_t *publicKey,
size_t publicKeyLen,
const char_t *privateKey,
1658 size_t privateKeyLen,
const char_t *password);
1663 const char_t *cert,
size_t certLen,
const char_t *privateKey,
1664 size_t privateKeyLen,
const char_t *password);
Collection of AEAD algorithms.
Block cipher modes of operation.
General definitions for cryptographic algorithms.
CipherMode
Cipher operation modes.
ECC (Elliptic Curve Cryptography)
Collection of hash algorithms.
Collection of key exchange algorithms.
Collection of MAC algorithms.
uint32_t systime_t
System time.
#define SSH_MAX_ENC_KEY_SIZE
#define SSH_MAX_CHANNEL_REQ_CALLBACKS
error_t sshUnregisterChannelRequestCallback(SshContext *context, SshChannelReqCallback callback)
Unregister channel request callback function.
error_t sshUnregisterChannelOpenCallback(SshContext *context, SshChannelOpenCallback callback)
Unregister channel open callback function.
SshAuthStatus(* SshPasswordAuthCallback)(SshConnection *connection, const char_t *user, const char_t *password, size_t passwordLen)
Password authentication callback function.
#define SSH_MAX_HASH_DIGEST_SIZE
error_t sshUnregisterGlobalRequestCallback(SshContext *context, SshGlobalReqCallback callback)
Unregister global request callback function.
error_t sshSetOperationMode(SshContext *context, SshOperationMode mode)
Set operation mode (client or server)
error_t(* SshChannelOpenCallback)(SshConnection *connection, const SshString *type, uint32_t senderChannel, uint32_t initialWindowSize, uint32_t maxPacketSize, const uint8_t *data, size_t length, void *param)
Channel open callback function.
error_t(* SshChannelReqCallback)(SshChannel *channel, const SshString *type, const uint8_t *data, size_t length, void *param)
Channel request callback function.
error_t(* SshConnectionOpenCallback)(SshConnection *connection, void *param)
Connection open callback function.
error_t sshLoadHostKey(SshContext *context, uint_t index, const char_t *publicKey, size_t publicKeyLen, const char_t *privateKey, size_t privateKeyLen, const char_t *password)
Load entity's host key.
#define SSH_CHANNEL_BUFFER_SIZE
error_t sshSetChannelTimeout(SshChannel *channel, systime_t timeout)
Set timeout for read/write operations.
error_t sshUnloadDhGexGroup(SshContext *context, uint_t index)
Unload Diffie-Hellman group.
SshChannel * sshCreateChannel(SshConnection *connection)
Create a new SSH channel.
error_t sshLoadCertificate(SshContext *context, uint_t index, const char_t *cert, size_t certLen, const char_t *privateKey, size_t privateKeyLen, const char_t *password)
Load entity's certificate.
error_t sshRegisterSignVerifyCallback(SshContext *context, SshSignVerifyCallback callback)
Register signature verification callback function.
void(* SshConnectionCloseCallback)(SshConnection *connection, void *param)
Connection close callback function.
error_t sshRegisterPasswordChangeCallback(SshContext *context, SshPasswordChangeCallback callback)
Register password change callback function.
error_t sshRegisterGlobalRequestCallback(SshContext *context, SshGlobalReqCallback callback, void *param)
Register global request callback function.
error_t(* SshSignVerifyCallback)(SshConnection *connection, const SshString *publicKeyAlgo, const SshBinaryString *publicKeyBlob, const SshBinaryString *sessionId, const SshBinaryString *message, const SshBinaryString *signatureBlob)
Signature verification callback function.
#define SSH_MAX_CHANNEL_OPEN_CALLBACKS
error_t sshLoadDhGexGroup(SshContext *context, uint_t index, const char_t *dhParams, size_t dhParamsLen)
Load Diffie-Hellman group.
error_t sshRegisterHostKeyVerifyCallback(SshContext *context, SshHostKeyVerifyCallback callback)
Register host key verification callback function.
error_t(* SshCaPublicKeyVerifyCallback)(SshConnection *connection, const uint8_t *publicKey, size_t publicKeyLen)
CA public key verification callback function.
SshChannelState
SSH channel state.
@ SSH_CHANNEL_STATE_RESERVED
@ SSH_CHANNEL_STATE_UNUSED
@ SSH_CHANNEL_STATE_CLOSED
#define SSH_MAX_PASSWORD_LEN
SshConnectionState
SSH connection state.
@ SSH_CONN_STATE_KEX_ECDH_REPLY
@ SSH_CONN_STATE_KEX_DH_GEX_REPLY
@ SSH_CONN_STATE_KEX_DH_REPLY
@ SSH_CONN_STATE_SERVER_ID
@ SSH_CONN_STATE_CLIENT_EXT_INFO
@ SSH_CONN_STATE_KEX_DH_GEX_GROUP
@ SSH_CONN_STATE_SERVER_KEX_INIT
@ SSH_CONN_STATE_KEX_ECDH_INIT
@ SSH_CONN_STATE_KEX_RSA_PUB_KEY
@ SSH_CONN_STATE_KEX_RSA_DONE
@ SSH_CONN_STATE_KEX_DH_GEX_REQUEST
@ SSH_CONN_STATE_USER_AUTH_REQUEST
@ SSH_CONN_STATE_SERVICE_ACCEPT
@ SSH_CONN_STATE_CLIENT_NEW_KEYS
@ SSH_CONN_STATE_USER_AUTH_BANNER
@ SSH_CONN_STATE_KEX_RSA_SECRET
@ SSH_CONN_STATE_DISCONNECT
@ SSH_CONN_STATE_KEX_HYBRID_REPLY
@ SSH_CONN_STATE_CLIENT_KEX_INIT
@ SSH_CONN_STATE_KEX_DH_INIT
@ SSH_CONN_STATE_SERVICE_REQUEST
@ SSH_CONN_STATE_SERVER_EXT_INFO_1
@ SSH_CONN_STATE_CLIENT_ID
@ SSH_CONN_STATE_SERVER_EXT_INFO_2
@ SSH_CONN_STATE_USER_AUTH_REPLY
@ SSH_CONN_STATE_SERVER_NEW_KEYS
@ SSH_CONN_STATE_KEX_HYBRID_INIT
@ SSH_CONN_STATE_KEX_DH_GEX_INIT
@ SSH_CONN_STATE_USER_AUTH_SUCCESS
#define SSH_MAX_HOST_KEYS
#define SSH_MAX_PASSWORD_CHANGE_PROMPT_LEN
error_t(* SshGlobalReqCallback)(SshConnection *connection, const SshString *name, const uint8_t *data, size_t length, void *param)
Global request callback function.
error_t(* SshCertVerifyCallback)(SshConnection *connection, const SshCertificate *cert)
Certificate verification callback function.
#define SSH_MAX_USERNAME_LEN
void(* SshKeyLogCallback)(SshConnection *connection, const char_t *key)
Key logging callback function (for debugging purpose only)
error_t sshRegisterChannelRequestCallback(SshContext *context, SshChannelReqCallback callback, void *param)
Register channel request callback function.
SshOperationMode
Mode of operation.
@ SSH_OPERATION_MODE_SERVER
@ SSH_OPERATION_MODE_CLIENT
error_t sshRegisterCertVerifyCallback(SshContext *context, SshCertVerifyCallback callback)
Register certificate verification callback function.
error_t sshCloseChannel(SshChannel *channel)
Close channel.
error_t sshRegisterEcdhKeyPairGenCallback(SshContext *context, SshEcdhKeyPairGenCallback callback)
Register ECDH key pair generation callback function.
error_t sshRegisterKeyLogCallback(SshContext *context, SshKeyLogCallback callback)
Register key logging callback function (for debugging purpose only)
error_t sshRegisterPasswordAuthCallback(SshContext *context, SshPasswordAuthCallback callback)
Register password authentication callback function.
error_t(* SshEcdhKeyPairGenCallback)(SshConnection *connection, const char_t *kexAlgo, EcPublicKey *publicKey)
ECDH key pair generation callback.
error_t(* SshHostKeyVerifyCallback)(SshConnection *connection, const uint8_t *hostKey, size_t hostKeyLen)
Host key verification callback function.
error_t sshPollChannels(SshChannelEventDesc *eventDesc, uint_t size, OsEvent *extEvent, systime_t timeout)
Wait for one of a set of channels to become ready to perform I/O.
error_t sshSetPassword(SshContext *context, const char_t *password)
Set the password to be used for authentication.
error_t sshRegisterConnectionCloseCallback(SshContext *context, SshConnectionCloseCallback callback, void *param)
Register connection close callback function.
error_t sshUnloadCertificate(SshContext *context, uint_t index)
Unload entity's certificate.
error_t sshRegisterCertAuthCallback(SshContext *context, SshCertAuthCallback callback)
Register certificate authentication callback function.
error_t(* SshCertAuthCallback)(SshConnection *connection, const char_t *user, const SshCertificate *cert)
Certificate authentication callback function.
SshChannelFlags
Flags used by read and write functions.
error_t sshRegisterChannelOpenCallback(SshContext *context, SshChannelOpenCallback callback, void *param)
Register channel open callback function.
error_t(* SshSignGenCallback)(SshConnection *connection, const char_t *publicKeyAlgo, const SshHostKey *hostKey, const SshBinaryString *sessionId, const SshBinaryString *message, uint8_t *p, size_t *written)
Signature generation callback function.
#define SSH_MAX_GLOBAL_REQ_CALLBACKS
error_t sshSetUsername(SshContext *context, const char_t *username)
Set the user name to be used for authentication.
#define SSH_MAX_DH_GEX_GROUPS
error_t sshRegisterEcdhSharedSecretCalcCallback(SshContext *context, SshEcdhSharedSecretCalcCallback callback)
Register ECDH shared secret calculation callback function.
SshOpenFailureReasonCode
Channel connection failure reason codes.
@ SSH_OPEN_CONNECT_FAILED
@ SSH_OPEN_ADMINISTRATIVELY_PROHIBITED
@ SSH_OPEN_UNKNOWN_CHANNEL_TYPE
@ SSH_OPEN_RESOURCE_SHORTAGE
#define SSH_MAX_SHARED_SECRET_LEN
error_t sshSetPrng(SshContext *context, const PrngAlgo *prngAlgo, void *prngContext)
Set the pseudo-random number generator to be used.
#define SSH_MAX_CONN_OPEN_CALLBACKS
SshAuthStatus(* SshPasswordChangeCallback)(SshConnection *connection, const char_t *user, const char_t *oldPassword, size_t oldPasswordLen, const char_t *newPassword, size_t newPasswordLen)
Password change callback function.
error_t sshInit(SshContext *context, SshConnection *connections, uint_t numConnections, SshChannel *channels, uint_t numChannels)
SSH context initialization.
error_t sshWriteChannel(SshChannel *channel, const void *data, size_t length, size_t *written, uint_t flags)
Write data to the specified channel.
error_t sshUnloadRsaKey(SshContext *context, uint_t index)
Unload transient RSA key (for RSA key exchange)
error_t sshReadChannel(SshChannel *channel, void *data, size_t size, size_t *received, uint_t flags)
Receive data from the specified channel.
error_t(* SshPublicKeyAuthCallback)(SshConnection *connection, const char_t *user, const uint8_t *publicKey, size_t publicKeyLen)
Public key authentication callback function.
error_t sshSetPasswordChangePrompt(SshConnection *connection, const char_t *prompt)
Set password change prompt message.
#define SSH_MAX_CONNECTIONS
error_t sshRegisterConnectionOpenCallback(SshContext *context, SshConnectionOpenCallback callback, void *param)
Register connection open callback function.
error_t sshUnregisterConnectionCloseCallback(SshContext *context, SshConnectionCloseCallback callback)
Unregister connection close callback function.
error_t sshUnloadHostKey(SshContext *context, uint_t index)
Unload entity's host key.
error_t sshUnregisterConnectionOpenCallback(SshContext *context, SshConnectionOpenCallback callback)
Unregister connection open callback function.
error_t sshRegisterPublicKeyAuthCallback(SshContext *context, SshPublicKeyAuthCallback callback)
Register public key authentication callback function.
SshRequestState
SSH request states.
@ SSH_REQUEST_STATE_PENDING
@ SSH_REQUEST_STATE_SUCCESS
@ SSH_REQUEST_STATE_FAILURE
SshDisconnectReasonCode
Disconnection messages reason codes.
@ SSH_DISCONNECT_SERVICE_NOT_AVAILABLE
@ SSH_DISCONNECT_RESERVED
@ SSH_DISCONNECT_KEY_EXCHANGE_FAILED
@ SSH_DISCONNECT_MAC_ERROR
@ SSH_DISCONNECT_PROTOCOL_VERSION_NOT_SUPPORTED
@ SSH_DISCONNECT_COMPRESSION_ERROR
@ SSH_DISCONNECT_BY_APPLICATION
@ SSH_DISCONNECT_CONNECTION_LOST
@ SSH_DISCONNECT_AUTH_CANCELLED_BY_USER
@ SSH_DISCONNECT_TOO_MANY_CONNECTIONS
@ SSH_DISCONNECT_NO_MORE_AUTH_METHODS_AVAILABLE
@ SSH_DISCONNECT_PROTOCOL_ERROR
@ SSH_DISCONNECT_HOST_NOT_ALLOWED_TO_CONNECT
@ SSH_DISCONNECT_HOST_KEY_NOT_VERIFIABLE
@ SSH_DISCONNECT_ILLEGAL_USER_NAME
void sshDeleteChannel(SshChannel *channel)
Release channel.
error_t sshLoadRsaKey(SshContext *context, uint_t index, const char_t *publicKey, size_t publicKeyLen, const char_t *privateKey, size_t privateKeyLen, const char_t *password)
Load transient RSA key (for RSA key exchange)
SshChannelEvent
SSH channel events.
@ SSH_CHANNEL_EVENT_TX_READY
@ SSH_CHANNEL_EVENT_TX_ACKED
@ SSH_CHANNEL_EVENT_CONNECTED
@ SSH_CHANNEL_EVENT_RX_SHUTDOWN
@ SSH_CHANNEL_EVENT_TIMEOUT
@ SSH_CHANNEL_EVENT_TX_DONE
@ SSH_CHANNEL_EVENT_TX_SHUTDOWN
@ SSH_CHANNEL_EVENT_RX_READY
@ SSH_CHANNEL_EVENT_CLOSED
#define SSH_MAX_CONN_CLOSE_CALLBACKS
#define SSH_MAX_CIPHER_BLOCK_SIZE
SshAuthStatus
Authentication status.
@ SSH_AUTH_STATUS_FAILURE
@ SSH_AUTH_STATUS_SUCCESS
@ SSH_AUTH_STATUS_PASSWORD_EXPIRED
error_t sshRegisterCaPublicKeyVerifyCallback(SshContext *context, SshCaPublicKeyVerifyCallback callback)
Register CA public key verification callback function.
void sshDeinit(SshContext *context)
Release SSH context.
error_t sshRegisterSignGenCallback(SshContext *context, SshSignGenCallback callback)
Register signature generation callback function.
SshMessageType
SSH message types.
@ SSH_MSG_KEX_DH_GEX_REQUEST
@ SSH_MSG_KEX_DH_GEX_INIT
@ SSH_MSG_REQUEST_FAILURE
@ SSH_MSG_USERAUTH_REQUEST
@ SSH_MSG_CHANNEL_EXTENDED_DATA
@ SSH_MSG_USERAUTH_BANNER
@ SSH_MSG_KEX_DH_GEX_GROUP
@ SSH_MSG_CHANNEL_WINDOW_ADJUST
@ SSH_MSG_USERAUTH_FAILURE
@ SSH_MSG_REQUEST_SUCCESS
@ SSH_MSG_CHANNEL_FAILURE
@ SSH_MSG_CHANNEL_OPEN_CONFIRMATION
@ SSH_MSG_USERAUTH_INFO_RESPONSE
@ SSH_MSG_SERVICE_REQUEST
@ SSH_MSG_CHANNEL_REQUEST
@ SSH_MSG_KEX_DH_GEX_REPLY
@ SSH_MSG_CHANNEL_OPEN_FAILURE
@ SSH_MSG_USERAUTH_INFO_REQUEST
@ SSH_MSG_CHANNEL_SUCCESS
@ SSH_MSG_KEX_DH_GEX_REQUEST_OLD
@ SSH_MSG_KEX_HYBRID_INIT
@ SSH_MSG_KEX_HYBRID_REPLY
@ SSH_MSG_USERAUTH_PASSWD_CHANGEREQ
@ SSH_MSG_USERAUTH_SUCCESS
error_t(* SshEcdhSharedSecretCalcCallback)(SshConnection *connection, const char_t *kexAlgo, const EcPublicKey *publicKey, uint8_t *output, size_t *outputLen)
ECDH shared secret calculation callback.
SSH data type representations.
uint32_t maxPacketSize
Maximum packet size.
bool_t closeReceived
An SSH_MSG_CHANNEL_CLOSE message has been received.
SshConnection * connection
SSH connection.
uint32_t localChannelNum
Local channel number.
SshChannelBuffer txBuffer
TX buffer.
size_t rxWindowSizeInc
Window size increment.
size_t txWindowSize
TX flow-control window.
size_t rxWindowSize
RX flow-control window.
SshChannelState state
Channel state.
uint32_t remoteChannelNum
Remote channel number.
bool_t channelSuccessSent
An SSH_MSG_CHANNEL_SUCCESS message has been sent.
bool_t closeRequest
Channel close request.
bool_t eofSent
An SSH_MSG_CHANNEL_EOF message has been sent.
bool_t eofReceived
An SSH_MSG_CHANNEL_EOF message has been received.
bool_t closeSent
An SSH_MSG_CHANNEL_CLOSE message has been sent.
systime_t timeout
Timeout value.
SshContext * context
SSH context.
SshRequestState requestState
Channel request state.
bool_t eofRequest
Channel EOF request.
SshChannelBuffer rxBuffer
RX buffer.
bool_t kexInitReceived
An SSH_MSG_KEXINIT message has been received.
bool_t kexInitSent
An SSH_MSG_KEXINIT message has been sent.
systime_t timestamp
Time stamp to manage connection timeout.
size_t serverHostKeyLen
Length of the server's host key, in bytes.
const char_t * serverEncAlgo
Selected server's encryption algorithm name.
uint8_t h[SSH_MAX_HASH_DIGEST_SIZE]
Exchange hash H.
bool_t disconnectSent
An SSH_MSG_DISCONNECT message has been sent.
uint8_t sessionId[SSH_MAX_HASH_DIGEST_SIZE]
Session identifier.
bool_t newKeysReceived
An SSH_MSG_NEWKEYS message has been received.
uint8_t buffer[SSH_BUFFER_SIZE]
Internal buffer.
uint8_t * serverHostKey
Server's host key.
bool_t disconnectRequest
Request for disconnection.
uint32_t localChannelNum
Current channel number.
DhContext dhContext
Diffie-Hellman context.
int_t hostKeyIndex
Index of the selected host key.
const HashAlgo * hashAlgo
Exchange hash algorithm.
SshConnectionState state
Connection state.
size_t sessionIdLen
Length of the session identifier, in bytes.
const char_t * serverCompressAlgo
Selected server's encryption algorithm name.
const char_t * clientMacAlgo
Selected client's MAC algorithm name.
size_t txBufferPos
Current position in TX buffer.
char_t passwordChangePrompt[SSH_MAX_PASSWORD_CHANGE_PROMPT_LEN+1]
Password change prompt string.
size_t txBufferLen
Number of bytes that are pending to be sent.
uint_t authAttempts
Number of authentication attempts.
const char_t * serverMacAlgo
Selected server's MAC algorithm name.
bool_t extInfoReceived
"ext-info-c" or "ext-info-s" indicator has been received
KemContext kemContext
KEM context.
size_t rxBufferLen
Number of bytes available for reading.
uint8_t cookie[SSH_COOKIE_SIZE]
Random value generated by the sender.
SshEncryptionEngine decryptionEngine
Decryption engine.
const char_t * serverHostKeyAlgo
Selected server's host key algorithm name.
const char_t * clientEncAlgo
Selected client's encryption algorithm name.
int_t rsaKeyIndex
Index of the transient RSA key to use.
char_t clientId[SSH_MAX_ID_LEN+1]
Client's identification string.
size_t rxBufferPos
Current position in RX buffer.
bool_t wrongGuess
A wrong guessed key exchange packet follows.
char_t serverId[SSH_MAX_ID_LEN+1]
Server's identification string.
Socket * socket
Underlying socket.
const char_t * clientCompressAlgo
Selected client's encryption algorithm name.
HmacContext hmacContext
HMAC context.
bool_t kexStrictReceived
"strict KEX" pseudo-algorithm received
bool_t newKeysSent
An SSH_MSG_NEWKEYS message has been sent.
bool_t publicKeyOk
The provided host key is acceptable.
size_t kLen
Length of the shared secret, in bytes.
SshEncryptionEngine encryptionEngine
Encryption engine.
EcdhContext ecdhContext
ECDH context.
const char_t * kexAlgo
Selected key exchange algorithm name.
size_t hLen
Length of the exchange hash, in bytes.
SshContext * context
SSH context.
SshRequestState requestState
Global request state.
uint8_t k[SSH_MAX_SHARED_SECRET_LEN]
Shared secret K.
bool_t disconnectReceived
An SSH_MSG_DISCONNECT message has been received.
int_t dhGexGroupIndex
Index of the selected Diffie-Hellman group.
char_t user[SSH_MAX_USERNAME_LEN+1]
User name.
HashContext hashContext
Exchange hash context.
SshEcdhSharedSecretCalcCallback ecdhSharedSecretCalcCallback
ECDH shared secret calculation callback.
SshHostKey hostKeys[SSH_MAX_HOST_KEYS]
List of host keys.
void * channelOpenParam[SSH_MAX_CHANNEL_OPEN_CALLBACKS]
Opaque pointer passed to the channel open callback.
SshPasswordChangeCallback passwordChangeCallback
Password change callback.
SshPublicKeyAuthCallback publicKeyAuthCallback
Public key authentication callback.
SshOperationMode mode
Mode of operation (client or server)
SshConnectionOpenCallback connectionOpenCallback[SSH_MAX_CONN_OPEN_CALLBACKS]
Connection open callback function.
SshCaPublicKeyVerifyCallback caPublicKeyVerifyCallback
CA public key verification callback.
SshCertVerifyCallback certVerifyCallback
Certificate verification callback.
SshConnection * connections
SSH connections.
uint_t numConnections
Maximum number of SSH connections.
char_t password[SSH_MAX_PASSWORD_LEN+1]
Password.
const PrngAlgo * prngAlgo
Pseudo-random number generator to be used.
SshCertAuthCallback certAuthCallback
Certificate authentication callback.
void * connectionCloseParam[SSH_MAX_CONN_CLOSE_CALLBACKS]
Opaque pointer passed to the connection close callback.
SshEcdhKeyPairGenCallback ecdhKeyPairGenCallback
ECDH key pair generation callback.
void * globalReqParam[SSH_MAX_GLOBAL_REQ_CALLBACKS]
Opaque pointer passed to the global request callback.
SshConnectionCloseCallback connectionCloseCallback[SSH_MAX_CONN_CLOSE_CALLBACKS]
Connection close callback function.
char_t username[SSH_MAX_USERNAME_LEN+1]
User name.
SshRsaKey rsaKeys[SSH_MAX_RSA_KEYS]
Transient RSA keys (for RSA key exchange)
SshHostKeyVerifyCallback hostKeyVerifyCallback
Host key verification callback.
SshPasswordAuthCallback passwordAuthCallback
Password authentication callback.
uint_t numChannels
Maximum number of SSH channels.
SshChannel * channels
SSH channels.
SshKeyLogCallback keyLogCallback
Key logging callback (for debugging purpose only)
SshChannelOpenCallback channelOpenCallback[SSH_MAX_CHANNEL_OPEN_CALLBACKS]
Channel open callbacks.
SshSignGenCallback signGenCallback
Signature generation callback.
SocketEventDesc eventDesc[SSH_MAX_CONNECTIONS+1]
The events the application is interested in.
OsEvent event
Event object used to poll the sockets.
void * connectionOpenParam[SSH_MAX_CONN_OPEN_CALLBACKS]
Opaque pointer passed to the connection open callback.
SshGlobalReqCallback globalReqCallback[SSH_MAX_GLOBAL_REQ_CALLBACKS]
Global request callbacks.
SshDhGexGroup dhGexGroups[SSH_MAX_DH_GEX_GROUPS]
Diffie-Hellman groups.
SshSignVerifyCallback signVerifyCallback
Signature verification callback.
OsMutex mutex
Mutex preventing simultaneous access to the context.
void * prngContext
Pseudo-random number generator context.
SshChannelReqCallback channelReqCallback[SSH_MAX_CHANNEL_REQ_CALLBACKS]
Channel request callbacks.
void * channelReqParam[SSH_MAX_CHANNEL_REQ_CALLBACKS]
Opaque pointer passed to the channel request callback.
Common interface for encryption algorithms.
Common interface for hash algorithms.
Structure describing socket events.
SSH certificate (OpenSSH format)
Structure describing channel events.
uint_t eventMask
Requested events.
SshChannel * channel
Handle to a channel to monitor.
uint_t eventFlags
Returned events.
uint_t dhModulusSize
Length of the prime modulus, in bits.
const char_t * dhParams
Diffie-Hellman parameters (PEM format)
size_t dhParamsLen
Length of the Diffie-Hellman parameters.
CipherMode cipherMode
Cipher mode of operation.
size_t macSize
Size of the MAC tag, in bytes.
HmacContext * hmacContext
HMAC context.
const HashAlgo * hashAlgo
Hash algorithm for MAC operations.
const CipherAlgo * cipherAlgo
Cipher algorithm.
CipherContext cipherContext
Cipher context.
bool_t etm
Encrypt-then-MAC.
GcmContext gcmContext
GCM context.
size_t encKeyLen
Length of the encryption key, in bytes.
const char_t * signFormatId
Signature format identifier.
const char_t * publicKeyAlgo
Public key algorithm.
const char_t * keyFormatId
Key format identifier.
const char_t * privateKey
Private key (PEM or OpenSSH format)
const char_t * publicKey
Public key (PEM, SSH2 or OpenSSH format)
const char_t * publicKeyAlgo
Public key algorithm to use during user authentication.
size_t publicKeyLen
Length of the public key.
size_t privateKeyLen
Length of the private key.
const char_t * keyFormatId
Key format identifier.
Transient RSA key (for RSA key exchange)
const char_t * privateKey
RSA private key (PEM or OpenSSH format)
uint_t modulusSize
Length of the modulus, in bits.
const char_t * publicKey
RSA public key (PEM, SSH2 or OpenSSH format)
size_t publicKeyLen
Length of the RSA public key.
size_t privateKeyLen
Length of the RSA private key.
Generic cipher algorithm context.
Generic hash algorithm context.