ssh_packet.h File Reference

SSH packet encryption/decryption. More...

#include "ssh/ssh.h"

Go to the source code of this file.

Macros

#define SSH_PACKET_HEADER_SIZE   5
 
#define SSH_MIN_PACKET_SIZE   8
 
#define SSH_DEFAULT_MAX_PACKET_SIZE   32768
 
#define SSH_CHANNEL_DATA_MSG_HEADER_SIZE   9
 

Typedefs

struct {
   char_t   type
 
   uint32_t   dataStart
 
   uint32_t   dataLength
 
   uint8_t   nameLength
 
   char_t   name []
 
   uint8_t   tokenLen: 4
 
   uint8_t   type: 2
 
   uint8_t   version: 2
 
   uint8_t   code
 
   uint16_t   mid
 
   uint8_t   token []
 
   union {
      uint8_t   b [6]
 
      uint16_t   w [3]
 
   } 
 
   uint16_t   srcPort
 
   uint16_t   destPort
 
   uint32_t   seqNum
 
   uint32_t   ackNum
 
   uint8_t   reserved1: 4
 
   uint8_t   dataOffset: 4
 
   uint8_t   flags: 6
 
   uint8_t   reserved2: 2
 
   uint16_t   window
 
   uint16_t   checksum
 
   uint16_t   urgentPointer
 
   uint8_t   options []
 
   uint16_t   length
 
   uint8_t   data []
 
   uint8_t   op
 
   uint8_t   htype
 
   uint8_t   hlen
 
   uint8_t   hops
 
   uint32_t   xid
 
   uint16_t   secs
 
   uint16_t   flags
 
   Ipv4Addr   ciaddr
 
   Ipv4Addr   yiaddr
 
   Ipv4Addr   siaddr
 
   Ipv4Addr   giaddr
 
   MacAddr   chaddr
 
   uint8_t   unused [10]
 
   uint8_t   sname [64]
 
   uint8_t   file [128]
 
   uint32_t   magicCookie
 
   uint16_t   type
 
   uint16_t   hardwareType
 
   uint32_t   time
 
   MacAddr   linkLayerAddr
 
   uint16_t   id
 
   uint8_t   rd: 1
 
   uint8_t   tc: 1
 
   uint8_t   aa: 1
 
   uint8_t   opcode: 4
 
   uint8_t   qr: 1
 
   uint8_t   rcode: 4
 
   uint8_t   z: 3
 
   uint8_t   ra: 1
 
   uint16_t   qdcount
 
   uint16_t   ancount
 
   uint16_t   nscount
 
   uint16_t   arcount
 
   uint8_t   questions []
 
   uint16_t   controlWord
 
   uint16_t   byteCount
 
   uint8_t   bLength
 
   uint8_t   bDescriptorType
 
   uint16_t   bcdUsb
 
   uint8_t   bDeviceClass
 
   uint8_t   bDeviceSubClass
 
   uint8_t   bDeviceProtocol
 
   uint8_t   bMaxPacketSize0
 
   uint16_t   idVendor
 
   uint16_t   idProduct
 
   uint16_t   bcdDevice
 
   uint8_t   iManufacturer
 
   uint8_t   iProduct
 
   uint8_t   iSerialNumber
 
   uint8_t   bNumConfigurations
 
   uint8_t   maxRespTime
 
   Ipv4Addr   groupAddr
 
   uint16_t   hrd
 
   uint16_t   pro
 
   uint8_t   hln
 
   uint8_t   pln
 
   uint16_t   op
 
   MacAddr   sha
 
   Ipv4Addr   spa
 
   MacAddr   tha
 
   Ipv4Addr   tpa
 
   uint8_t   length
 
   uint8_t   value []
 
   uint16_t   first
 
   uint16_t   last
 
   uint16_t   next
 
   union {
      uint8_t   b [16]
 
      uint16_t   w [8]
 
      uint32_t   dw [4]
 
   } 
 
   uint16_t   maxRespDelay
 
   uint16_t   reserved
 
   Ipv6Addr   multicastAddr
 
   uint32_t   reserved
 
   uint16_t   pvid
 
   uint8_t   autoNegSupportStatus
 
   uint16_t   pmdAutoNegAdvCap
 
   uint16_t   operationalMauType
 
   uint16_t   capabilities
 
   uint8_t   deviceType
 
   uint8_t   lengthH: 1
 
   uint8_t   lengthL
 
   uint8_t   t: 1
 
   uint8_t   c: 1
 
   union {
      int32_t   integer
 
      uint8_t   octetString [1]
 
      uint8_t   oid [1]
 
      uint8_t   ipAddr [4]
 
      uint32_t   counter32
 
      uint32_t   gauge32
 
      uint32_t   unsigned32
 
      uint32_t   timeTicks
 
      uint64_t   counter64
 
   } 
 
   uint16_t   transactionId
 
   uint16_t   protocolId
 
   uint8_t   unitId
 
   uint8_t   pdu []
 
   uint8_t   retain: 1
 
   uint8_t   qos: 2
 
   uint8_t   dup: 1
 
   union {
      uint8_t   all
 
      struct {
         uint8_t   topicIdType: 2
 
         uint8_t   cleanSession: 1
 
         uint8_t   will: 1
 
         uint8_t   retain: 1
 
         uint8_t   qos: 2
 
         uint8_t   dup: 1
 
      } 
 
   } 
 
   uint8_t   b: 1
 
   uint8_t   identifier
 
   uint8_t   valueSize
 
   Ipv4Addr   srcIpAddr
 
   Ipv4Addr   destIpAddr
 
   Eui64   interfaceId
 
   uint16_t   mru
 
   uint8_t   peerIdLength
 
   uint8_t   peerId []
 
   uint32_t   seconds
 
   uint32_t   fraction
 
   uint16_t   opcode
 
   char_t   filename []
 
   uint8_t   reserved: 3
 
   uint8_t   fin: 1
 
   uint8_t   payloadLen: 7
 
   uint8_t   mask: 1
 
   uint8_t   extPayloadLen []
 
   uint32_t   length
 
   uint8_t   payload []
 
   uint32_t   packetLen
 
   uint8_t   paddingLen
 
   uint8_t   protocolVersionId
 
   uint8_t   bpduType
 
   StpBridgeId   rootId
 
   uint32_t   rootPathCost
 
   StpBridgeId   bridgeId
 
   uint16_t   portId
 
   uint16_t   messageAge
 
   uint16_t   maxAge
 
   uint16_t   helloTime
 
   uint16_t   forwardDelay
 
   uint8_t   version1Length
 
   uint16_t   priority
 
   MacAddr   addr
 
SshPacketHeader
 SSH packet header. More...
 

Functions

error_t sshSendPacket (SshConnection *connection, uint8_t *payload, size_t payloadLen)
 Send SSH packet. More...
 
error_t sshReceivePacket (SshConnection *connection)
 Receive SSH packet. More...
 
error_t sshParsePacket (SshConnection *connection, uint8_t *packet, size_t length)
 Parse SSH packet. More...
 
error_t sshEncryptPacket (SshConnection *connection, uint8_t *packet, size_t *length)
 Encrypt an outgoing SSH packet. More...
 
error_t sshDecryptPacket (SshConnection *connection, uint8_t *packet, size_t *length)
 Decrypt an incoming SSH packet. More...
 
error_t sshParsePacketLength (SshConnection *connection, uint8_t *packet)
 Retrieve the length of an incoming SSH packet. More...
 
error_t sshDecryptPacketLength (SshConnection *connection, uint8_t *packet)
 Decrypt the length field of an incoming SSH packet. More...
 
error_t sshParseMessage (SshConnection *connection, const uint8_t *message, size_t length)
 Parse SSH message. More...
 
void sshAppendMessageAuthCode (SshEncryptionEngine *encryptionEngine, uint8_t *packet, size_t length)
 Compute message authentication code. More...
 
error_t sshVerifyMessageAuthCode (SshEncryptionEngine *decryptionEngine, const uint8_t *packet, size_t length)
 Verify message authentication code. More...
 
void sshIncSequenceNumber (uint8_t *seqNum)
 Increment sequence number. More...
 
void sshIncInvocationCounter (uint8_t *iv)
 Increment invocation counter. More...
 

Detailed Description

SSH packet encryption/decryption.

License

SPDX-License-Identifier: GPL-2.0-or-later

Copyright (C) 2019-2022 Oryx Embedded SARL. All rights reserved.

This file is part of CycloneSSH Open.

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

Author
Oryx Embedded SARL (www.oryx-embedded.com)
Version
2.1.6

Definition in file ssh_packet.h.

Macro Definition Documentation

◆ SSH_CHANNEL_DATA_MSG_HEADER_SIZE

#define SSH_CHANNEL_DATA_MSG_HEADER_SIZE   9

Definition at line 44 of file ssh_packet.h.

◆ SSH_DEFAULT_MAX_PACKET_SIZE

#define SSH_DEFAULT_MAX_PACKET_SIZE   32768

Definition at line 42 of file ssh_packet.h.

◆ SSH_MIN_PACKET_SIZE

#define SSH_MIN_PACKET_SIZE   8

Definition at line 40 of file ssh_packet.h.

◆ SSH_PACKET_HEADER_SIZE

#define SSH_PACKET_HEADER_SIZE   5

Definition at line 38 of file ssh_packet.h.

Typedef Documentation

◆ SshPacketHeader

typedef { ... } SshPacketHeader

SSH packet header.

Function Documentation

◆ sshAppendMessageAuthCode()

void sshAppendMessageAuthCode ( SshEncryptionEngine encryptionEngine,
uint8_t *  packet,
size_t  length 
)

Compute message authentication code.

Parameters
[in]encryptionEnginePointer to the encryption engine
[in]packetPointer to the packet to be authenticated
[in]lengthof the packet, in bytes

Definition at line 1336 of file ssh_packet.c.

◆ sshDecryptPacket()

error_t sshDecryptPacket ( SshConnection connection,
uint8_t *  packet,
size_t *  length 
)

Decrypt an incoming SSH packet.

Parameters
[in]connectionPointer to the SSH connection
[in,out]packetSSH packet to be decrypted
[in,out]lengthActual length of the SSH packet
Returns
Error code

Definition at line 675 of file ssh_packet.c.

◆ sshDecryptPacketLength()

error_t sshDecryptPacketLength ( SshConnection connection,
uint8_t *  packet 
)

Decrypt the length field of an incoming SSH packet.

Parameters
[in]connectionPointer to the SSH connection
[in,out]packetPointer to the first block of data
Returns
Error code

Definition at line 948 of file ssh_packet.c.

◆ sshEncryptPacket()

error_t sshEncryptPacket ( SshConnection connection,
uint8_t *  packet,
size_t *  length 
)

Encrypt an outgoing SSH packet.

Parameters
[in]connectionPointer to the SSH connection
[in,out]packetSSH packet to be encrypted
[in,out]lengthActual length of the SSH packet
Returns
Error code

Definition at line 465 of file ssh_packet.c.

◆ sshIncInvocationCounter()

void sshIncInvocationCounter ( uint8_t *  iv)

Increment invocation counter.

Parameters
[in,out]ivPointer to the 12-octet initialization vector

Definition at line 1431 of file ssh_packet.c.

◆ sshIncSequenceNumber()

void sshIncSequenceNumber ( uint8_t *  seqNum)

Increment sequence number.

Parameters
[in,out]seqNumPointer to the 32-bit sequence number

Definition at line 1410 of file ssh_packet.c.

◆ sshParseMessage()

error_t sshParseMessage ( SshConnection connection,
const uint8_t *  message,
size_t  length 
)

Parse SSH message.

Parameters
[in]connectionPointer to the SSH connection
[in]messagePointer to received message
[in]lengthLength of the message, in bytes
Returns
Error code

Definition at line 1127 of file ssh_packet.c.

◆ sshParsePacket()

error_t sshParsePacket ( SshConnection connection,
uint8_t *  packet,
size_t  length 
)

Parse SSH packet.

Parameters
[in]connectionPointer to the SSH connection
[in]packetPointer to the received SSH packet
[in]lengthLength of the packet, in bytes
Returns
Error code

Definition at line 336 of file ssh_packet.c.

◆ sshParsePacketLength()

error_t sshParsePacketLength ( SshConnection connection,
uint8_t *  packet 
)

Retrieve the length of an incoming SSH packet.

Parameters
[in]connectionPointer to the SSH connection
[in]packetPointer to the received SSH packet
Returns
Error code

Definition at line 911 of file ssh_packet.c.

◆ sshReceivePacket()

error_t sshReceivePacket ( SshConnection connection)

Receive SSH packet.

Parameters
[in]connectionPointer to the SSH connection
Returns
Error code

Definition at line 182 of file ssh_packet.c.

◆ sshSendPacket()

error_t sshSendPacket ( SshConnection connection,
uint8_t *  payload,
size_t  payloadLen 
)

Send SSH packet.

Parameters
[in]connectionPointer to the SSH connection
[in]payloadPointer to the payload data
[in]payloadLenLength of the payload data, in bytes
Returns
Error code

Definition at line 57 of file ssh_packet.c.

◆ sshVerifyMessageAuthCode()

error_t sshVerifyMessageAuthCode ( SshEncryptionEngine decryptionEngine,
const uint8_t *  packet,
size_t  length 
)

Verify message authentication code.

Parameters
[in]decryptionEnginePointer to the decryption engine
[in]packetPointer to the packet to be authenticated
[in]lengthof the packet, in bytes
Returns
Error code

Definition at line 1366 of file ssh_packet.c.

Variable Documentation

◆ packetLen

uint32_t packetLen

Definition at line 63 of file ssh_packet.h.

◆ paddingLen

uint8_t paddingLen

Definition at line 64 of file ssh_packet.h.

◆ payload

uint8_t payload[]

Definition at line 65 of file ssh_packet.h.