RSA key exchange. More...
#include "ssh/ssh.h"#include "ssh/ssh_algorithms.h"#include "ssh/ssh_transport.h"#include "ssh/ssh_kex.h"#include "ssh/ssh_kex_rsa.h"#include "ssh/ssh_packet.h"#include "ssh/ssh_key_material.h"#include "ssh/ssh_exchange_hash.h"#include "ssh/ssh_key_import.h"#include "ssh/ssh_key_format.h"#include "ssh/ssh_key_verify.h"#include "ssh/ssh_cert_verify.h"#include "ssh/ssh_misc.h"#include "pkix/pem_key_import.h"#include "debug.h"Go to the source code of this file.
Macros | |
| #define | TRACE_LEVEL SSH_TRACE_LEVEL |
Functions | |
| error_t | sshSendKexRsaPubKey (SshConnection *connection) |
| Send SSH_MSG_KEXRSA_PUBKEY message. More... | |
| error_t | sshSendKexRsaSecret (SshConnection *connection, const SshBinaryString *transientRsaPublicKey) |
| Send SSH_MSG_KEXRSA_SECRET message. More... | |
| error_t | sshSendKexRsaDone (SshConnection *connection) |
| Send SSH_MSG_KEXRSA_DONE message. More... | |
| error_t | sshFormatKexRsaPubKey (SshConnection *connection, uint8_t *p, size_t *length) |
| Format SSH_MSG_KEXRSA_PUBKEY message. More... | |
| error_t | sshFormatKexRsaSecret (SshConnection *connection, const SshBinaryString *transientRsaPublicKey, uint8_t *p, size_t *length) |
| Format SSH_MSG_KEXRSA_SECRET message. More... | |
| error_t | sshFormatKexRsaDone (SshConnection *connection, uint8_t *p, size_t *length) |
| Format SSH_MSG_KEXRSA_DONE message. More... | |
| error_t | sshParseKexRsaPubKey (SshConnection *connection, const uint8_t *message, size_t length) |
| Parse SSH_MSG_KEXRSA_PUBKEY message. More... | |
| error_t | sshParseKexRsaSecret (SshConnection *connection, const uint8_t *message, size_t length) |
| Parse SSH_MSG_KEXRSA_SECRET message. More... | |
| error_t | sshParseKexRsaDone (SshConnection *connection, const uint8_t *message, size_t length) |
| Parse SSH_MSG_KEXRSA_DONE message. More... | |
| error_t | sshParseKexRsaMessage (SshConnection *connection, uint8_t type, const uint8_t *message, size_t length) |
| Parse Diffie-Hellman specific messages. More... | |
| int_t | sshSelectTransientRsaKey (SshContext *context, const char_t *kexAlgo) |
| Select a transient RSA key. More... | |
| error_t | sshFormatTransientRsaPublicKey (SshConnection *connection, uint8_t *p, size_t *written) |
| Format transient RSA public key. More... | |
| error_t | sshEncryptSharedSecret (SshConnection *connection, const SshBinaryString *transientRsaPublicKey, uint8_t *encryptedSecret, size_t *encryptedSecretLen) |
| Encrypt shared secret using RSAES-OAEP. More... | |
| error_t | sshDecryptSharedSecret (SshConnection *connection, const uint8_t *encryptedSecret, size_t encryptedSecretLen) |
| Decrypt shared secret using RSAES-OAEP. More... | |
Detailed Description
RSA key exchange.
License
SPDX-License-Identifier: GPL-2.0-or-later
Copyright (C) 2019-2025 Oryx Embedded SARL. All rights reserved.
This file is part of CycloneSSH Open.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- Version
- 2.5.4
Definition in file ssh_kex_rsa.c.
Macro Definition Documentation
◆ TRACE_LEVEL
| #define TRACE_LEVEL SSH_TRACE_LEVEL |
Definition at line 32 of file ssh_kex_rsa.c.
Function Documentation
◆ sshDecryptSharedSecret()
| error_t sshDecryptSharedSecret | ( | SshConnection * | connection, |
| const uint8_t * | encryptedSecret, | ||
| size_t | encryptedSecretLen | ||
| ) |
Decrypt shared secret using RSAES-OAEP.
- Parameters
-
[in] connection Pointer to the SSH connection [in] encryptedSecret Ciphertext to be decrypted [in] encryptedSecretLen Length of the ciphertext to be decrypted
- Returns
- Error code
Definition at line 971 of file ssh_kex_rsa.c.
◆ sshEncryptSharedSecret()
| error_t sshEncryptSharedSecret | ( | SshConnection * | connection, |
| const SshBinaryString * | transientRsaPublicKey, | ||
| uint8_t * | encryptedSecret, | ||
| size_t * | encryptedSecretLen | ||
| ) |
Encrypt shared secret using RSAES-OAEP.
- Parameters
-
[in] connection Pointer to the SSH connection [in] transientRsaPublicKey Transient RSA public key (K_T) [out] encryptedSecret Ciphertext resulting from the encryption operation [out] encryptedSecretLen Length of the resulting ciphertext
- Returns
- Error code
Definition at line 866 of file ssh_kex_rsa.c.
◆ sshFormatKexRsaDone()
| error_t sshFormatKexRsaDone | ( | SshConnection * | connection, |
| uint8_t * | p, | ||
| size_t * | length | ||
| ) |
Format SSH_MSG_KEXRSA_DONE message.
- Parameters
-
[in] connection Pointer to the SSH connection [out] p Buffer where to format the message [out] length Length of the resulting message, in bytes
- Returns
- Error code
Definition at line 336 of file ssh_kex_rsa.c.
◆ sshFormatKexRsaPubKey()
| error_t sshFormatKexRsaPubKey | ( | SshConnection * | connection, |
| uint8_t * | p, | ||
| size_t * | length | ||
| ) |
Format SSH_MSG_KEXRSA_PUBKEY message.
- Parameters
-
[in] connection Pointer to the SSH connection [out] p Buffer where to format the message [out] length Length of the resulting message, in bytes
- Returns
- Error code
Definition at line 217 of file ssh_kex_rsa.c.
◆ sshFormatKexRsaSecret()
| error_t sshFormatKexRsaSecret | ( | SshConnection * | connection, |
| const SshBinaryString * | transientRsaPublicKey, | ||
| uint8_t * | p, | ||
| size_t * | length | ||
| ) |
Format SSH_MSG_KEXRSA_SECRET message.
- Parameters
-
[in] connection Pointer to the SSH connection [in] transientRsaPublicKey Transient RSA public key (K_T) [out] p Buffer where to format the message [out] length Length of the resulting message, in bytes
- Returns
- Error code
Definition at line 283 of file ssh_kex_rsa.c.
◆ sshFormatTransientRsaPublicKey()
| error_t sshFormatTransientRsaPublicKey | ( | SshConnection * | connection, |
| uint8_t * | p, | ||
| size_t * | written | ||
| ) |
Format transient RSA public key.
- Parameters
-
[in] connection Pointer to the SSH connection [out] p Output stream where to write the RSA public key [out] written Total number of bytes that have been written
- Returns
- Error code
Definition at line 803 of file ssh_kex_rsa.c.
◆ sshParseKexRsaDone()
| error_t sshParseKexRsaDone | ( | SshConnection * | connection, |
| const uint8_t * | message, | ||
| size_t | length | ||
| ) |
Parse SSH_MSG_KEXRSA_DONE message.
- Parameters
-
[in] connection Pointer to the SSH connection [in] message Pointer to message [in] length Length of the message, in bytes
- Returns
- Error code
Definition at line 596 of file ssh_kex_rsa.c.
◆ sshParseKexRsaMessage()
| error_t sshParseKexRsaMessage | ( | SshConnection * | connection, |
| uint8_t | type, | ||
| const uint8_t * | message, | ||
| size_t | length | ||
| ) |
Parse Diffie-Hellman specific messages.
- Parameters
-
[in] connection Pointer to the SSH connection [in] type SSH message type [in] message Pointer to message [in] length Length of the message, in bytes
- Returns
- Error code
Definition at line 680 of file ssh_kex_rsa.c.
◆ sshParseKexRsaPubKey()
| error_t sshParseKexRsaPubKey | ( | SshConnection * | connection, |
| const uint8_t * | message, | ||
| size_t | length | ||
| ) |
Parse SSH_MSG_KEXRSA_PUBKEY message.
- Parameters
-
[in] connection Pointer to the SSH connection [in] message Pointer to message [in] length Length of the message, in bytes
- Returns
- Error code
Definition at line 390 of file ssh_kex_rsa.c.
◆ sshParseKexRsaSecret()
| error_t sshParseKexRsaSecret | ( | SshConnection * | connection, |
| const uint8_t * | message, | ||
| size_t | length | ||
| ) |
Parse SSH_MSG_KEXRSA_SECRET message.
- Parameters
-
[in] connection Pointer to the SSH connection [in] message Pointer to message [in] length Length of the message, in bytes
- Returns
- Error code
Definition at line 510 of file ssh_kex_rsa.c.
◆ sshSelectTransientRsaKey()
| int_t sshSelectTransientRsaKey | ( | SshContext * | context, |
| const char_t * | kexAlgo | ||
| ) |
Select a transient RSA key.
- Parameters
-
[in] context Pointer to the SSH context [in] kexAlgo Key exchange algorithm name
- Returns
- Index of the selected transient RSA key, if any
Definition at line 744 of file ssh_kex_rsa.c.
◆ sshSendKexRsaDone()
| error_t sshSendKexRsaDone | ( | SshConnection * | connection | ) |
Send SSH_MSG_KEXRSA_DONE message.
- Parameters
-
[in] connection Pointer to the SSH connection
- Returns
- Error code
Definition at line 169 of file ssh_kex_rsa.c.
◆ sshSendKexRsaPubKey()
| error_t sshSendKexRsaPubKey | ( | SshConnection * | connection | ) |
Send SSH_MSG_KEXRSA_PUBKEY message.
- Parameters
-
[in] connection Pointer to the SSH connection
- Returns
- Error code
Definition at line 61 of file ssh_kex_rsa.c.
◆ sshSendKexRsaSecret()
| error_t sshSendKexRsaSecret | ( | SshConnection * | connection, |
| const SshBinaryString * | transientRsaPublicKey | ||
| ) |
Send SSH_MSG_KEXRSA_SECRET message.
- Parameters
-
[in] connection Pointer to the SSH connection [in] transientRsaPublicKey Transient RSA public key (K_T)
- Returns
- Error code
Definition at line 121 of file ssh_kex_rsa.c.