Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code | Sign in
(206)

Delta Between Two Patch Sets: ssh/common.go

Issue 13352055: code review 13352055: go.crypto/ssh: separate kex algorithms into kexAlgorith... (Closed)
Left Patch Set: Created 10 years, 6 months ago
Right Patch Set: diff -r 3a49c11added https://code.google.com/p/go.crypto Created 10 years, 6 months ago
Left:
Right:
Use n/p to move between diff chunks; N/P to move between comments. Please Sign in to add in-line comments.
Jump to:
Right: Side by side diff | Download
« no previous file with change/comment | « ssh/client_auth.go ('k') | ssh/kex.go » ('j') | no next file with change/comment »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
LEFTRIGHT
(no file at all)
1 // Copyright 2011 The Go Authors. All rights reserved. 1 // Copyright 2011 The Go Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style 2 // Use of this source code is governed by a BSD-style
3 // license that can be found in the LICENSE file. 3 // license that can be found in the LICENSE file.
4 4
5 package ssh 5 package ssh
6 6
7 import ( 7 import (
8 "crypto" 8 "crypto"
9 "errors"
10 "fmt" 9 "fmt"
11 "math/big"
12 "sync" 10 "sync"
13 11
14 _ "crypto/sha1" 12 _ "crypto/sha1"
15 _ "crypto/sha256" 13 _ "crypto/sha256"
16 _ "crypto/sha512" 14 _ "crypto/sha512"
17 ) 15 )
18 16
19 // These are string constants in the SSH protocol. 17 // These are string constants in the SSH protocol.
20 const ( 18 const (
21 kexAlgoDH1SHA1 = "diffie-hellman-group1-sha1"
22 kexAlgoDH14SHA1 = "diffie-hellman-group14-sha1"
23 kexAlgoECDH256 = "ecdh-sha2-nistp256"
24 kexAlgoECDH384 = "ecdh-sha2-nistp384"
25 kexAlgoECDH521 = "ecdh-sha2-nistp521"
26 hostAlgoRSA = "ssh-rsa" 19 hostAlgoRSA = "ssh-rsa"
27 hostAlgoDSA = "ssh-dss" 20 hostAlgoDSA = "ssh-dss"
28 compressionNone = "none" 21 compressionNone = "none"
29 serviceUserAuth = "ssh-userauth" 22 serviceUserAuth = "ssh-userauth"
30 serviceSSH = "ssh-connection" 23 serviceSSH = "ssh-connection"
31 ) 24 )
32 25
33 var supportedKexAlgos = []string{ 26 var supportedKexAlgos = []string{
34 kexAlgoECDH256, kexAlgoECDH384, kexAlgoECDH521, 27 kexAlgoECDH256, kexAlgoECDH384, kexAlgoECDH521,
35 kexAlgoDH14SHA1, kexAlgoDH1SHA1, 28 kexAlgoDH14SHA1, kexAlgoDH1SHA1,
(...skipping 10 matching lines...) Expand all
46 KeyAlgoECDSA256: crypto.SHA256, 39 KeyAlgoECDSA256: crypto.SHA256,
47 KeyAlgoECDSA384: crypto.SHA384, 40 KeyAlgoECDSA384: crypto.SHA384,
48 KeyAlgoECDSA521: crypto.SHA512, 41 KeyAlgoECDSA521: crypto.SHA512,
49 CertAlgoRSAv01: crypto.SHA1, 42 CertAlgoRSAv01: crypto.SHA1,
50 CertAlgoDSAv01: crypto.SHA1, 43 CertAlgoDSAv01: crypto.SHA1,
51 CertAlgoECDSA256v01: crypto.SHA256, 44 CertAlgoECDSA256v01: crypto.SHA256,
52 CertAlgoECDSA384v01: crypto.SHA384, 45 CertAlgoECDSA384v01: crypto.SHA384,
53 CertAlgoECDSA521v01: crypto.SHA512, 46 CertAlgoECDSA521v01: crypto.SHA512,
54 } 47 }
55 48
56 // dhGroup is a multiplicative group suitable for implementing Diffie-Hellman ke y agreement.
57 type dhGroup struct {
58 g, p *big.Int
59 }
60
61 func (group *dhGroup) diffieHellman(theirPublic, myPrivate *big.Int) (*big.Int, error) {
62 if theirPublic.Sign() <= 0 || theirPublic.Cmp(group.p) >= 0 {
63 return nil, errors.New("ssh: DH parameter out of bounds")
64 }
65 return new(big.Int).Exp(theirPublic, myPrivate, group.p), nil
66 }
67
68 // dhGroup1 is the group called diffie-hellman-group1-sha1 in RFC 4253 and
69 // Oakley Group 2 in RFC 2409.
70 var dhGroup1 *dhGroup
71
72 var dhGroup1Once sync.Once
73
74 func initDHGroup1() {
75 p, _ := new(big.Int).SetString("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B 80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6D F25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB 5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF", 16)
76
77 dhGroup1 = &dhGroup{
78 g: new(big.Int).SetInt64(2),
79 p: p,
80 }
81 }
82
83 // dhGroup14 is the group called diffie-hellman-group14-sha1 in RFC 4253 and
84 // Oakley Group 14 in RFC 3526.
85 var dhGroup14 *dhGroup
86
87 var dhGroup14Once sync.Once
88
89 func initDHGroup14() {
90 p, _ := new(big.Int).SetString("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B 80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6D F25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB 5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8 FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08 CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6 955817183995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF", 16)
91
92 dhGroup14 = &dhGroup{
93 g: new(big.Int).SetInt64(2),
94 p: p,
95 }
96 }
97
98 // UnexpectedMessageError results when the SSH message that we received didn't 49 // UnexpectedMessageError results when the SSH message that we received didn't
99 // match what we wanted. 50 // match what we wanted.
100 type UnexpectedMessageError struct { 51 type UnexpectedMessageError struct {
101 expected, got uint8 52 expected, got uint8
102 } 53 }
103 54
104 func (u UnexpectedMessageError) Error() string { 55 func (u UnexpectedMessageError) Error() string {
105 return fmt.Sprintf("ssh: unexpected message type %d (expected %d)", u.go t, u.expected) 56 return fmt.Sprintf("ssh: unexpected message type %d (expected %d)", u.go t, u.expected)
106 } 57 }
107 58
108 // ParseError results from a malformed SSH message. 59 // ParseError results from a malformed SSH message.
109 type ParseError struct { 60 type ParseError struct {
110 msgType uint8 61 msgType uint8
111 } 62 }
112 63
113 func (p ParseError) Error() string { 64 func (p ParseError) Error() string {
114 return fmt.Sprintf("ssh: parse error in message type %d", p.msgType) 65 return fmt.Sprintf("ssh: parse error in message type %d", p.msgType)
115 }
116
117 type handshakeMagics struct {
118 clientVersion, serverVersion []byte
119 clientKexInit, serverKexInit []byte
120 } 66 }
121 67
122 func findCommonAlgorithm(clientAlgos []string, serverAlgos []string) (commonAlgo string, ok bool) { 68 func findCommonAlgorithm(clientAlgos []string, serverAlgos []string) (commonAlgo string, ok bool) {
123 for _, clientAlgo := range clientAlgos { 69 for _, clientAlgo := range clientAlgos {
124 for _, serverAlgo := range serverAlgos { 70 for _, serverAlgo := range serverAlgos {
125 if clientAlgo == serverAlgo { 71 if clientAlgo == serverAlgo {
126 return clientAlgo, true 72 return clientAlgo, true
127 } 73 }
128 } 74 }
129 } 75 }
(...skipping 253 matching lines...) Expand 10 before | Expand all | Expand 10 after
383 for w.win == 0 { 329 for w.win == 0 {
384 w.Wait() 330 w.Wait()
385 } 331 }
386 if w.win < win { 332 if w.win < win {
387 win = w.win 333 win = w.win
388 } 334 }
389 w.win -= win 335 w.win -= win
390 w.L.Unlock() 336 w.L.Unlock()
391 return win 337 return win
392 } 338 }
LEFTRIGHT

Powered by Google App Engine
RSS Feeds Recent Issues | This issue
This is Rietveld f62528b