ssh.h

老外写的加密库cryptlib(版本3.1)

/****************************************************************************
*																			*
*						SSHv1/SSHv2 Definitions Header File					*
*						Copyright Peter Gutmann 1998-2003					*
*																			*
****************************************************************************/

#ifndef _SSH_DEFINED

#define _SSH_DEFINED

/* Default SSH port */

#define SSH_PORT				22

/* Various SSH constants */

#define ID_SIZE					1	/* ID byte */
#define LENGTH_SIZE				4	/* Size of packet length field */
#define UINT_SIZE				4	/* Size of integer value */
#define PADLENGTH_SIZE			1	/* Size of padding length field */
#define BOOLEAN_SIZE			1	/* Size of boolean value */

#define SSH1_COOKIE_SIZE		8	/* Size of SSHv1 cookie */
#define SSH1_HEADER_SIZE		5	/* Size of SSHv1 packet header */
#define SSH1_CRC_SIZE			4	/* Size of CRC value */
#define SSH1_MPI_LENGTH_SIZE	2	/* Size of MPI length field */
#define SSH1_SESSIONID_SIZE		16	/* Size of SSHv1 session ID */
#define SSH1_SECRET_SIZE		32	/* Size of SSHv1 shared secret */
#define SSH1_CHALLENGE_SIZE		32	/* Size of SSHv1 RSA auth.challenge */
#define SSH1_RESPONSE_SIZE		16	/* Size of SSHv1 RSA auth.response */

#define SSH2_COOKIE_SIZE		16	/* Size of SSHv2 cookie */
#define SSH2_HEADER_SIZE		5	/* Size of SSHv2 packet header */
#define SSH2_MIN_ALGOID_SIZE	4	/* Size of shortest SSHv2 algo.name */
#define SSH2_MIN_PADLENGTH_SIZE	4	/* Minimum amount of padding for packets */
#define SSH2_PAYLOAD_HEADER_SIZE 9	/* Size of SSHv2 inner payload header */
#define SSH2_FIXED_KEY_SIZE		16	/* Size of SSHv2 fixed-size keys */
#define SSH2_DEFAULT_KEYSIZE	128	/* Size of SSHv2 default DH key */

/* SSH packet/buffer size information */

#define MAX_PACKET_SIZE			262144L
#define EXTRA_PACKET_SIZE		64
#define DEFAULT_PACKET_SIZE		16384
#define MAX_WINDOW_SIZE			0x7FFFFFFFL

/* SSH protocol-specific flags that augment the general session flags */

#define SSH_PFLAG_NONE			0x00/* No protocol-specific flags */
#define SSH_PFLAG_HMACKEYSIZE	0x01/* Peer is using short HMAC keys */
#define SSH_PFLAG_SIGFORMAT		0x02/* Peer omits sig.algo name */
#define SSH_PFLAG_NOHASHSECRET	0x04/* Peer omits secret in key derive */
#define SSH_PFLAG_NOHASHLENGTH	0x08/* Peer omits length in exchge.hash */
#define SSH_PFLAG_WINDOWBUG		0x10/* Peer requires unnec.window-adjusts */
#define SSH_PFLAG_TEXTDIAGS		0x20/* Peer dumps text diagnostics on error */
#define SSH_PFLAG_CHANNELCLOSED	0x40/* Peer has closed the channel */

/* Various data sizes used for read-ahead and buffering.  The minimum SSH
   packet size is used to determine how much data we can read when reading
   a packet header, the SSHv2 header remainder size is how much data we've
   got left once we've extracted just the length but no other data, the
   SSHv2 remainder size is how much data we've got left once we've
   extracted all fixed information values, and the SSHv1 maximum header size
   is used to determine how much space we need to reserve at the start of
   the buffer when encoding SSHv1's variable-length data packets (SSHv2 has
   a fixed header size so this isn't a problem any more) */

#define MIN_PACKET_SIZE			16
#define SSH2_HEADER_REMAINDER_SIZE \
								( MIN_PACKET_SIZE - LENGTH_SIZE )
#define SSH2_PACKET_REMAINDER_SIZE \
								( SSH2_HEADER_REMAINDER_SIZE - \
									( ID_SIZE + PADLENGTH_SIZE ) )
#define SSH1_MAX_HEADER_SIZE	( LENGTH_SIZE + 8 + ID_SIZE + LENGTH_SIZE )

/* SSH ID information */

#define SSH_ID					"SSH-"		/* Start of SSH ID */
#define SSH_ID_SIZE				4	/* Size of SSH ID */
#define SSH_VERSION_SIZE		4	/* Size of SSH version */
#define SSH_ID_MAX_SIZE			255	/* Max.size of SSHv2 ID string */
#define SSH1_ID_STRING			"SSH-1.5-cryptlib"
#define SSH2_ID_STRING			"SSH-2.0-cryptlib"	/* cryptlib SSH ID strings */

/* SSHv1 packet types */

#define SSH1_MSG_DISCONNECT		1	/* Disconnect session */
#define SSH1_SMSG_PUBLIC_KEY	2	/* Server public key */
#define SSH1_CMSG_SESSION_KEY	3	/* Encrypted session key */
#define SSH1_CMSG_USER			4	/* User name */
#define SSH1_CMSG_AUTH_RSA		6	/* RSA public key */
#define SSH1_SMSG_AUTH_RSA_CHALLENGE 7	/* RSA challenge from server */
#define SSH1_CMSG_AUTH_RSA_RESPONSE 8	/* RSA response from client */
#define SSH1_CMSG_AUTH_PASSWORD	9	/* Password */
#define SSH1_CMSG_REQUEST_PTY	10	/* Request a pty */
#define SSH1_CMSG_EXEC_SHELL	12	/* Request a shell */
#define SSH1_CMSG_EXEC_CMD		13	/* Request command execution */
#define SSH1_SMSG_SUCCESS		14	/* Success status message */
#define SSH1_SMSG_FAILURE		15	/* Failure status message */
#define SSH1_CMSG_STDIN_DATA	16	/* Data from client stdin */
#define SSH1_SMSG_STDOUT_DATA	17	/* Data from server stdout */
#define SSH1_SMSG_EXITSTATUS	20	/* Exit status of command run on server */
#define SSH1_MSG_IGNORE			32	/* No-op */
#define SSH1_CMSG_EXIT_CONFIRMATION 33 /* Client response to server exitstatus */
#define SSH1_MSG_DEBUG			36	/* Debugging/informational message */
#define SSH1_CMSG_MAX_PACKET_SIZE 38	/* Maximum data packet size */

/* Further SSHv1 packet types that aren't used but which we need to
   recognise */

#define SSH1_CMSG_PORT_FORWARD_REQUEST		28
#define SSH1_CMSG_AGENT_REQUEST_FORWARDING	30
#define SSH1_CMSG_X11_REQUEST_FORWARDING	34
#define SSH1_CMSG_REQUEST_COMPRESSION		37

/* SSHv2 packet types.  There is some overlap with SSHv1, but an annoying
   number of messages have the same name but different values.  Note also
   that the keyex (static DH keys) and keyex_gex (ephemeral DH keys) message
   types overlap */

#define SSH2_MSG_DISCONNECT		1	/* Disconnect session */
#define SSH2_MSG_IGNORE			2	/* No-op */
#define SSH2_MSG_DEBUG			4	/* No-op */
#define SSH2_MSG_SERVICE_REQUEST 5	/* Request authentiction */
#define SSH2_MSG_SERVICE_ACCEPT	6	/* Acknowledge request */
#define SSH2_MSG_KEXINIT		20	/* Hello */
#define SSH2_MSG_NEWKEYS		21	/* Change cipherspec */
#define SSH2_MSG_KEXDH_INIT		30	/* DH, phase 1 */
#define SSH2_MSG_KEXDH_REPLY	31	/* DH, phase 2 */
#define SSH2_MSG_KEXDH_GEX_REQUEST 30 /* Ephem.DH key request */
#define SSH2_MSG_KEXDH_GEX_GROUP 31	/* Ephem.DH key response */
#define SSH2_MSG_KEXDH_GEX_INIT	32	/* Ephem.DH, phase 1 */
#define SSH2_MSG_KEXDH_GEX_REPLY 33	/* Ephem.DH, phase 2 */
#define SSH2_MSG_KEXDH_GEX_REQUEST_NEW 34 /* Ephem.DH key request */
#define SSH2_MSG_USERAUTH_REQUEST 50 /* Request authentication */
#define SSH2_MSG_USERAUTH_FAILURE 51 /* Authentication failed */
#define SSH2_MSG_USERAUTH_SUCCESS 52 /* Authentication succeeded */
#define SSH2_MSG_USERAUTH_BANNER 53	/* No-op */
#define SSH2_MSG_GLOBAL_REQUEST	80	/* Perform a global ioctl */
#define SSH2_MSG_GLOBAL_SUCCESS	81	/* Global request succeeded */
#define SSH2_MSG_GLOBAL_FAILURE	82	/* Global request failed */
#define	SSH2_MSG_CHANNEL_OPEN	90	/* Open a channel over an SSH link */
#define	SSH2_MSG_CHANNEL_OPEN_CONFIRMATION 91	/* Channel open succeeded */
#define	SSH2_MSG_CHANNEL_WINDOW_ADJUST 93	/* No-op */
#define SSH2_MSG_CHANNEL_DATA	94	/* Data */
#define SSH2_MSG_CHANNEL_EXTENDED_DATA 95	/* Out-of-band data */
#define SSH2_MSG_CHANNEL_EOF	96	/* EOF */
#define SSH2_MSG_CHANNEL_CLOSE	97	/* Close the channel */
#define SSH2_MSG_CHANNEL_REQUEST 98	/* Perform a channel ioctl */
#define SSH2_MSG_CHANNEL_SUCCESS 99	/* Channel request succeeded */
#define SSH2_MSG_CHANNEL_FAILURE 100/* Channel request failed */

/* Special-case expected-packet-type values that are passed to 
   readPacketSSHx() to handle situations where more than one return value is 
   valid.  CMSG_USER can return failure meaning "no password" even if 
   there's no actual failure, CMSG_AUTH_PASSWORD can return SMSG_FAILURE 
   which indicates a wrong password used iff it's a response to the client 
   sending a password, and MSG_USERAUTH_REQUEST can similarly return a 
   failure or success response.

   In addition to these types there's a "any" type which is used during the
   setup negotiation which will accept any (non-error) packet type and return
   the type as the return code */

#define SSH1_MSG_SPECIAL_USEROPT	500	/* Value to handle SSHv1 user name */
#define SSH1_MSG_SPECIAL_PWOPT		501	/* Value to handle SSHv1 password */
#define SSH1_MSG_SPECIAL_RSAOPT		502	/* Value to handle SSHv1 RSA challenge */
#define SSH1_MSG_SPECIAL_ANY		503	/* Any SSHv1 packet type */
#define SSH2_MSG_SPECIAL_USERAUTH	504	/* Value to handle SSHv2 combined auth.*/
#define SSH2_MSG_SPECIAL_REQUEST	505	/* Value to handle SSHv2 global/channel req.*/