ssh_server.h
Go to the documentation of this file.
1 /**
2  * @file ssh_server.h
3  * @brief SSH server
4  *
5  * @section License
6  *
7  * SPDX-License-Identifier: GPL-2.0-or-later
8  *
9  * Copyright (C) 2019-2026 Oryx Embedded SARL. All rights reserved.
10  *
11  * This file is part of CycloneSSH Open.
12  *
13  * This program is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU General Public License
15  * as published by the Free Software Foundation; either version 2
16  * of the License, or (at your option) any later version.
17  *
18  * This program is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21  * GNU General Public License for more details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with this program; if not, write to the Free Software Foundation,
25  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26  *
27  * @author Oryx Embedded SARL (www.oryx-embedded.com)
28  * @version 2.6.0
29  **/
30 
31 #ifndef _SSH_SERVER_H
32 #define _SSH_SERVER_H
33 
34 //Dependencies
35 #include "ssh/ssh.h"
36 
37 //Stack size required to run the SSH server
38 #ifndef SSH_SERVER_STACK_SIZE
39  #define SSH_SERVER_STACK_SIZE 750
40 #elif (SSH_SERVER_STACK_SIZE < 1)
41  #error SSH_SERVER_STACK_SIZE parameter is not valid
42 #endif
43 
44 //Priority at which the SSH server should run
45 #ifndef SSH_SERVER_PRIORITY
46  #define SSH_SERVER_PRIORITY OS_TASK_PRIORITY_NORMAL
47 #endif
48 
49 //Idle connection timeout
50 #ifndef SSH_SERVER_TIMEOUT
51  #define SSH_SERVER_TIMEOUT 60000
52 #elif (SSH_SERVER_TIMEOUT < 1000)
53  #error SSH_SERVER_TIMEOUT parameter is not valid
54 #endif
55 
56 //SSH server tick interval
57 #ifndef SSH_SERVER_TICK_INTERVAL
58  #define SSH_SERVER_TICK_INTERVAL 1000
59 #elif (SSH_SERVER_TICK_INTERVAL < 100)
60  #error SSH_SERVER_TICK_INTERVAL parameter is not valid
61 #endif
62 
63 //C++ guard
64 #ifdef __cplusplus
65 extern "C" {
66 #endif
67 
68 
69 /**
70  * @brief SSH server settings
71  **/
72 
73 typedef struct
74 {
75  OsTaskParameters task; ///<Task parameters
76  NetContext *netContext; ///<TCP/IP stack context
77  NetInterface *interface; ///<Underlying network interface
78  uint16_t port; ///<SSH port number
79  systime_t timeout; ///<Idle connection timeout
80  uint_t numConnections; ///<Maximum number of SSH connections
81  SshConnection *connections; ///<SSH connections
82  uint_t numChannels; ///<Maximum number of SSH channels
83  SshChannel *channels; ///<SSH channels
84  const PrngAlgo *prngAlgo; ///<Pseudo-random number generator to be used
85  void *prngContext; ///<Pseudo-random number generator context
86 #if (SSH_PUBLIC_KEY_AUTH_SUPPORT == ENABLED)
87  SshPublicKeyAuthCallback publicKeyAuthCallback; ///<Public key authentication callback
88 #endif
89 #if (SSH_PUBLIC_KEY_AUTH_SUPPORT == ENABLED && SSH_CERT_SUPPORT == ENABLED)
90  SshCertAuthCallback certAuthCallback; ///<Certificate authentication callback
91  SshCaPublicKeyVerifyCallback caPublicKeyVerifyCallback; ///<CA public key verification callback
92 #endif
93 #if (SSH_PASSWORD_AUTH_SUPPORT == ENABLED)
94  SshPasswordAuthCallback passwordAuthCallback; ///<Password authentication callback
95  SshPasswordChangeCallback passwordChangeCallback; ///<Password change callback
96 #endif
97 #if (SSH_SIGN_CALLBACK_SUPPORT == ENABLED)
98  SshSignGenCallback signGenCallback; ///<Signature generation callback
99  SshSignVerifyCallback signVerifyCallback; ///<Signature verification callback
100 #endif
101 #if (SSH_ECDH_CALLBACK_SUPPORT == ENABLED)
102  SshEcdhKeyPairGenCallback ecdhKeyPairGenCallback; ///<ECDH key pair generation callback
103  SshEcdhSharedSecretCalcCallback ecdhSharedSecretCalcCallback; ///<ECDH shared secret calculation callback
104 #endif
105 #if (SSH_KEY_LOG_SUPPORT == ENABLED)
106  SshKeyLogCallback keyLogCallback; ///<Key logging callback (for debugging purpose only)
107 #endif
108 } SshServerSettings;
109 
110 
111 /**
112  * @brief SSH server context
113  **/
114 
115 typedef struct
116 {
117  bool_t running; ///<Operational state of the SSH server
118  bool_t stop; ///<Stop request
119  OsTaskParameters taskParams; ///<Task parameters
120  OsTaskId taskId; ///<Task identifier
121  NetContext *netContext; ///<TCP/IP stack context
122  NetInterface *interface; ///<Underlying network interface
123  Socket *socket; ///<Listening socket
124  uint16_t port; ///<SSH port number
125  systime_t timeout; ///<Idle connection timeout
126  SshContext sshContext; ///<SSH context
127 } SshServerContext;
128 
129 
130 //SSH server related functions
131 void sshServerGetDefaultSettings(SshServerSettings *settings);
132 
133 error_t sshServerInit(SshServerContext *context,
134  const SshServerSettings *settings);
135 
136 error_t sshServerRegisterGlobalRequestCallback(SshServerContext *context,
137  SshGlobalReqCallback callback, void *param);
138 
139 error_t sshServerUnregisterGlobalRequestCallback(SshServerContext *context,
140  SshGlobalReqCallback callback);
141 
142 error_t sshServerRegisterChannelRequestCallback(SshServerContext *context,
143  SshChannelReqCallback callback, void *param);
144 
145 error_t sshServerUnregisterChannelRequestCallback(SshServerContext *context,
146  SshChannelReqCallback callback);
147 
148 error_t sshServerRegisterChannelOpenCallback(SshServerContext *context,
149  SshChannelOpenCallback callback, void *param);
150 
151 error_t sshServerUnregisterChannelOpenCallback(SshServerContext *context,
152  SshChannelOpenCallback callback);
153 
154 error_t sshServerRegisterConnectionOpenCallback(SshServerContext *context,
155  SshConnectionOpenCallback callback, void *param);
156 
157 error_t sshServerUnregisterConnectionOpenCallback(SshServerContext *context,
158  SshConnectionOpenCallback callback);
159 
160 error_t sshServerRegisterConnectionCloseCallback(SshServerContext *context,
161  SshConnectionCloseCallback callback, void *param);
162 
163 error_t sshServerUnregisterConnectionCloseCallback(SshServerContext *context,
164  SshConnectionCloseCallback callback);
165 
166 error_t sshServerLoadRsaKey(SshServerContext *context, uint_t index,
167  const char_t *publicKey, size_t publicKeyLen, const char_t *privateKey,
168  size_t privateKeyLen, const char_t *password);
169 
170 error_t sshServerUnloadRsaKey(SshServerContext *context, uint_t index);
171 
172 error_t sshServerLoadDhGexGroup(SshServerContext *context, uint_t index,
173  const char_t *dhParams, size_t dhParamsLen);
174 
175 error_t sshServerUnloadDhGexGroup(SshServerContext *context, uint_t index);
176 
177 error_t sshServerLoadHostKey(SshServerContext *context, uint_t index,
178  const char_t *publicKey, size_t publicKeyLen, const char_t *privateKey,
179  size_t privateKeyLen, const char_t *password);
180 
181 error_t sshServerUnloadHostKey(SshServerContext *context, uint_t index);
182 
183 error_t sshServerLoadCertificate(SshServerContext *context, uint_t index,
184  const char_t *cert, size_t certLen, const char_t *privateKey,
185  size_t privateKeyLen, const char_t *password);
186 
187 error_t sshServerUnloadCertificate(SshServerContext *context, uint_t index);
188 
189 error_t sshServerStart(SshServerContext *context);
190 error_t sshServerStop(SshServerContext *context);
191 
192 void sshServerTask(SshServerContext *context);
193 
194 void sshServerDeinit(SshServerContext *context);
195 
196 //C++ guard
197 #ifdef __cplusplus
198 }
199 #endif
200 
201 #endif
SshServerSettings::interface
NetInterface * interface
Underlying network interface.
Definition: ssh_server.h:77
SshChannelReqCallback
error_t(* SshChannelReqCallback)(SshChannel *channel, const SshString *type, const uint8_t *data, size_t length, void *param)
Channel request callback function.
Definition: ssh.h:1300
NetContext
#define NetContext
Definition: net.h:36
sshServerStart
error_t sshServerStart(SshServerContext *context)
Start SSH server.
Definition: ssh_server.c:662
bool_t
int bool_t
Definition: compiler_port.h:63
SshCaPublicKeyVerifyCallback
error_t(* SshCaPublicKeyVerifyCallback)(SshConnection *connection, const uint8_t *publicKey, size_t publicKeyLen)
CA public key verification callback function.
Definition: ssh.h:1214
SshConnectionCloseCallback
void(* SshConnectionCloseCallback)(SshConnection *connection, void *param)
Connection close callback function.
Definition: ssh.h:1325
SshKeyLogCallback
void(* SshKeyLogCallback)(SshConnection *connection, const char_t *key)
Key logging callback function (for debugging purpose only)
Definition: ssh.h:1333
PrngAlgo
#define PrngAlgo
Definition: crypto.h:1035
SshServerSettings
SSH server settings.
Definition: ssh_server.h:74
SshServerContext::stop
bool_t stop
Stop request.
Definition: ssh_server.h:118
SshServerSettings::ecdhSharedSecretCalcCallback
SshEcdhSharedSecretCalcCallback ecdhSharedSecretCalcCallback
ECDH shared secret calculation callback.
Definition: ssh_server.h:103
SshServerSettings::publicKeyAuthCallback
SshPublicKeyAuthCallback publicKeyAuthCallback
Public key authentication callback.
Definition: ssh_server.h:87
SshCertAuthCallback
error_t(* SshCertAuthCallback)(SshConnection *connection, const char_t *user, const SshCertificate *cert)
Certificate authentication callback function.
Definition: ssh.h:1230
sshServerInit
error_t sshServerInit(SshServerContext *context, const SshServerSettings *settings)
Initialize SSH server context.
Definition: ssh_server.c:126
SshServerSettings::ecdhKeyPairGenCallback
SshEcdhKeyPairGenCallback ecdhKeyPairGenCallback
ECDH key pair generation callback.
Definition: ssh_server.h:102
SshServerSettings::signVerifyCallback
SshSignVerifyCallback signVerifyCallback
Signature verification callback.
Definition: ssh_server.h:99
sshServerTask
void sshServerTask(SshServerContext *context)
SSH server task.
Definition: ssh_server.c:810
sshServerRegisterChannelRequestCallback
error_t sshServerRegisterChannelRequestCallback(SshServerContext *context, SshChannelReqCallback callback, void *param)
Register channel request callback function.
Definition: ssh_server.c:376
sshServerUnregisterChannelOpenCallback
error_t sshServerUnregisterChannelOpenCallback(SshServerContext *context, SshChannelOpenCallback callback)
Unregister channel open callback function.
Definition: ssh_server.c:424
sshServerRegisterConnectionOpenCallback
error_t sshServerRegisterConnectionOpenCallback(SshServerContext *context, SshConnectionOpenCallback callback, void *param)
Register connection open callback function.
Definition: ssh_server.c:440
SshServerSettings::timeout
systime_t timeout
Idle connection timeout.
Definition: ssh_server.h:79
sshServerLoadCertificate
error_t sshServerLoadCertificate(SshServerContext *context, uint_t index, const char_t *cert, size_t certLen, const char_t *privateKey, size_t privateKeyLen, const char_t *password)
Load server's certificate.
Definition: ssh_server.c:622
sshServerUnregisterChannelRequestCallback
error_t sshServerUnregisterChannelRequestCallback(SshServerContext *context, SshChannelReqCallback callback)
Unregister channel request callback function.
Definition: ssh_server.c:392
sshServerGetDefaultSettings
void sshServerGetDefaultSettings(SshServerSettings *settings)
Initialize settings with default values.
Definition: ssh_server.c:50
SshServerContext::timeout
systime_t timeout
Idle connection timeout.
Definition: ssh_server.h:125
SshContext
#define SshContext
Definition: ssh.h:892
error_t
error_t
Error codes.
Definition: error.h:43
sshServerLoadRsaKey
error_t sshServerLoadRsaKey(SshServerContext *context, uint_t index, const char_t *publicKey, size_t publicKeyLen, const char_t *privateKey, size_t privateKeyLen, const char_t *password)
Load transient RSA key (for RSA key exchange)
Definition: ssh_server.c:511
SshGlobalReqCallback
error_t(* SshGlobalReqCallback)(SshConnection *connection, const SshString *name, const uint8_t *data, size_t length, void *param)
Global request callback function.
Definition: ssh.h:1292
SshServerContext::running
bool_t running
Operational state of the SSH server.
Definition: ssh_server.h:117
sshServerUnregisterConnectionCloseCallback
error_t sshServerUnregisterConnectionCloseCallback(SshServerContext *context, SshConnectionCloseCallback callback)
Unregister connection close callback function.
Definition: ssh_server.c:488
SshServerSettings::numConnections
uint_t numConnections
Maximum number of SSH connections.
Definition: ssh_server.h:80
SshChannelOpenCallback
error_t(* SshChannelOpenCallback)(SshConnection *connection, const SshString *type, uint32_t senderChannel, uint32_t initialWindowSize, uint32_t maxPacketSize, const uint8_t *data, size_t length, void *param)
Channel open callback function.
Definition: ssh.h:1308
SshServerSettings::netContext
NetContext * netContext
TCP/IP stack context.
Definition: ssh_server.h:76
NetInterface
#define NetInterface
Definition: net.h:40
sshServerDeinit
void sshServerDeinit(SshServerContext *context)
Release SSH server context.
Definition: ssh_server.c:916
SshServerSettings::caPublicKeyVerifyCallback
SshCaPublicKeyVerifyCallback caPublicKeyVerifyCallback
CA public key verification callback.
Definition: ssh_server.h:91
SshServerContext
SSH server context.
Definition: ssh_server.h:116
SshPasswordChangeCallback
SshAuthStatus(* SshPasswordChangeCallback)(SshConnection *connection, const char_t *user, const char_t *oldPassword, size_t oldPasswordLen, const char_t *newPassword, size_t newPasswordLen)
Password change callback function.
Definition: ssh.h:1246
SshEcdhKeyPairGenCallback
error_t(* SshEcdhKeyPairGenCallback)(SshConnection *connection, const char_t *kexAlgo, EcPublicKey *publicKey)
ECDH key pair generation callback.
Definition: ssh.h:1275
SshServerSettings::task
OsTaskParameters task
Task parameters.
Definition: ssh_server.h:75
SshEcdhSharedSecretCalcCallback
error_t(* SshEcdhSharedSecretCalcCallback)(SshConnection *connection, const char_t *kexAlgo, const EcPublicKey *publicKey, uint8_t *output, size_t *outputLen)
ECDH shared secret calculation callback.
Definition: ssh.h:1283
OsTaskParameters
Task parameters.
Definition: os_port_chibios.h:116
SshServerSettings::prngContext
void * prngContext
Pseudo-random number generator context.
Definition: ssh_server.h:85
sshServerUnloadHostKey
error_t sshServerUnloadHostKey(SshServerContext *context, uint_t index)
Unload server's host key.
Definition: ssh_server.c:600
sshServerUnloadCertificate
error_t sshServerUnloadCertificate(SshServerContext *context, uint_t index)
Unload server's certificate.
Definition: ssh_server.c:644
SshConnectionOpenCallback
error_t(* SshConnectionOpenCallback)(SshConnection *connection, void *param)
Connection open callback function.
Definition: ssh.h:1317
SshSignVerifyCallback
error_t(* SshSignVerifyCallback)(SshConnection *connection, const SshString *publicKeyAlgo, const SshBinaryString *publicKeyBlob, const SshBinaryString *sessionId, const SshBinaryString *message, const SshBinaryString *signatureBlob)
Signature verification callback function.
Definition: ssh.h:1265
SshServerSettings::certAuthCallback
SshCertAuthCallback certAuthCallback
Certificate authentication callback.
Definition: ssh_server.h:90
sshServerRegisterChannelOpenCallback
error_t sshServerRegisterChannelOpenCallback(SshServerContext *context, SshChannelOpenCallback callback, void *param)
Register channel open callback function.
Definition: ssh_server.c:408
systime_t
uint32_t systime_t
System time.
Definition: os_port_chibios.h:101
SshServerSettings::keyLogCallback
SshKeyLogCallback keyLogCallback
Key logging callback (for debugging purpose only)
Definition: ssh_server.h:106
SshServerSettings::port
uint16_t port
SSH port number.
Definition: ssh_server.h:78
char_t
char char_t
Definition: compiler_port.h:55
sshServerLoadDhGexGroup
error_t sshServerLoadDhGexGroup(SshServerContext *context, uint_t index, const char_t *dhParams, size_t dhParamsLen)
Load Diffie-Hellman group.
Definition: ssh_server.c:545
SshServerContext::taskId
OsTaskId taskId
Task identifier.
Definition: ssh_server.h:120
SshServerSettings::passwordChangeCallback
SshPasswordChangeCallback passwordChangeCallback
Password change callback.
Definition: ssh_server.h:95
sshServerUnloadDhGexGroup
error_t sshServerUnloadDhGexGroup(SshServerContext *context, uint_t index)
Unload Diffie-Hellman group.
Definition: ssh_server.c:561
SshPublicKeyAuthCallback
error_t(* SshPublicKeyAuthCallback)(SshConnection *connection, const char_t *user, const uint8_t *publicKey, size_t publicKeyLen)
Public key authentication callback function.
Definition: ssh.h:1222
sshServerRegisterConnectionCloseCallback
error_t sshServerRegisterConnectionCloseCallback(SshServerContext *context, SshConnectionCloseCallback callback, void *param)
Register connection close callback function.
Definition: ssh_server.c:472
SshConnection
#define SshConnection
Definition: ssh.h:896
sshServerRegisterGlobalRequestCallback
error_t sshServerRegisterGlobalRequestCallback(SshServerContext *context, SshGlobalReqCallback callback, void *param)
Register global request callback function.
Definition: ssh_server.c:344
Socket
#define Socket
Definition: socket.h:36
SshServerSettings::connections
SshConnection * connections
SSH connections.
Definition: ssh_server.h:81
SshPasswordAuthCallback
SshAuthStatus(* SshPasswordAuthCallback)(SshConnection *connection, const char_t *user, const char_t *password, size_t passwordLen)
Password authentication callback function.
Definition: ssh.h:1238
sshServerUnloadRsaKey
error_t sshServerUnloadRsaKey(SshServerContext *context, uint_t index)
Unload transient RSA key (for RSA key exchange)
Definition: ssh_server.c:528
SshServerContext::sshContext
SshContext sshContext
SSH context.
Definition: ssh_server.h:126
SshServerSettings::passwordAuthCallback
SshPasswordAuthCallback passwordAuthCallback
Password authentication callback.
Definition: ssh_server.h:94
sshServerUnregisterGlobalRequestCallback
error_t sshServerUnregisterGlobalRequestCallback(SshServerContext *context, SshGlobalReqCallback callback)
Unregister global request callback function.
Definition: ssh_server.c:360
SshServerContext::interface
NetInterface * interface
Underlying network interface.
Definition: ssh_server.h:122
SshServerContext::port
uint16_t port
SSH port number.
Definition: ssh_server.h:124
OsTaskId
thread_t * OsTaskId
Task identifier.
Definition: os_port_chibios.h:108
sshServerStop
error_t sshServerStop(SshServerContext *context)
Stop SSH server.
Definition: ssh_server.c:757
sshServerUnregisterConnectionOpenCallback
error_t sshServerUnregisterConnectionOpenCallback(SshServerContext *context, SshConnectionOpenCallback callback)
Unregister connection open callback function.
Definition: ssh_server.c:456
SshServerSettings::numChannels
uint_t numChannels
Maximum number of SSH channels.
Definition: ssh_server.h:82
SshServerSettings::signGenCallback
SshSignGenCallback signGenCallback
Signature generation callback.
Definition: ssh_server.h:98
uint_t
unsigned int uint_t
Definition: compiler_port.h:57
SshSignGenCallback
error_t(* SshSignGenCallback)(SshConnection *connection, const char_t *publicKeyAlgo, const SshHostKey *hostKey, const SshBinaryString *sessionId, const SshBinaryString *message, uint8_t *p, size_t *written)
Signature generation callback function.
Definition: ssh.h:1255
ssh.h
Secure Shell (SSH)
SshServerContext::netContext
NetContext * netContext
TCP/IP stack context.
Definition: ssh_server.h:121
SshServerSettings::prngAlgo
const PrngAlgo * prngAlgo
Pseudo-random number generator to be used.
Definition: ssh_server.h:84
SshServerSettings::channels
SshChannel * channels
SSH channels.
Definition: ssh_server.h:83
SshServerContext::taskParams
OsTaskParameters taskParams
Task parameters.
Definition: ssh_server.h:119
SshServerContext::socket
Socket * socket
Listening socket.
Definition: ssh_server.h:123
sshServerLoadHostKey
error_t sshServerLoadHostKey(SshServerContext *context, uint_t index, const char_t *publicKey, size_t publicKeyLen, const char_t *privateKey, size_t privateKeyLen, const char_t *password)
Load server's host key.
Definition: ssh_server.c:583
SshChannel
#define SshChannel
Definition: ssh.h:900