dropbear

mirror of https://github.com/clearml/dropbear synced 2025-01-31 02:46:58 +00:00

Author	SHA1	Message	Date
Matt Johnston	d277f140ba	merge rsa-sha256	2020-05-26 00:24:02 +08:00
Vladislav Grishenko	d3d0d60076	Add Chacha20-Poly1305, AES128-GCM and AES256-GCM support (#93 ) * Add Chacha20-Poly1305 authenticated encryption * Add general AEAD approach. * Add chacha20-poly1305@openssh.com algo using LibTomCrypt chacha and poly1305 routines. Chacha20-Poly1305 is generally faster than AES256 on CPU w/o dedicated AES instructions, having the same key size. Compiling in will add ~5,5kB to binary size on x86-64. function old new delta chacha_crypt - 1397 +1397 _poly1305_block - 608 +608 poly1305_done - 595 +595 dropbear_chachapoly_crypt - 457 +457 .rodata 26976 27392 +416 poly1305_process - 290 +290 poly1305_init - 221 +221 chacha_setup - 218 +218 encrypt_packet 1068 1270 +202 dropbear_chachapoly_getlength - 147 +147 decrypt_packet 756 897 +141 chacha_ivctr64 - 137 +137 read_packet 543 637 +94 dropbear_chachapoly_start - 94 +94 read_kex_algos 792 880 +88 chacha_keystream - 69 +69 dropbear_mode_chachapoly - 48 +48 sshciphers 280 320 +40 dropbear_mode_none 24 48 +24 dropbear_mode_ctr 24 48 +24 dropbear_mode_cbc 24 48 +24 dropbear_chachapoly_mac - 24 +24 dropbear_chachapoly - 24 +24 gen_new_keys 848 854 +6 ------------------------------------------------------------------------------ (add/remove: 14/0 grow/shrink: 10/0 up/down: 5388/0) Total: 5388 bytes * Add AES128-GCM and AES256-GCM authenticated encryption * Add general AES-GCM mode. * Add aes128-gcm@openssh.com and aes256-gcm@openssh.com algo using LibTomCrypt gcm routines. AES-GCM is combination of AES CTR mode and GHASH, slower than AES-CTR on CPU w/o dedicated AES/GHASH instructions therefore disabled by default. Compiling in will add ~6kB to binary size on x86-64. function old new delta gcm_process - 1060 +1060 .rodata 26976 27808 +832 gcm_gf_mult - 820 +820 gcm_add_aad - 660 +660 gcm_shift_table - 512 +512 gcm_done - 471 +471 gcm_add_iv - 384 +384 gcm_init - 347 +347 dropbear_gcm_crypt - 309 +309 encrypt_packet 1068 1270 +202 decrypt_packet 756 897 +141 gcm_reset - 118 +118 read_packet 543 637 +94 read_kex_algos 792 880 +88 sshciphers 280 360 +80 gcm_mult_h - 80 +80 dropbear_gcm_start - 62 +62 dropbear_mode_gcm - 48 +48 dropbear_mode_none 24 48 +24 dropbear_mode_ctr 24 48 +24 dropbear_mode_cbc 24 48 +24 dropbear_ghash - 24 +24 dropbear_gcm_getlength - 24 +24 gen_new_keys 848 854 +6 ------------------------------------------------------------------------------ (add/remove: 14/0 grow/shrink: 10/0 up/down: 6434/0) Total: 6434 bytes	2020-05-25 23:50:25 +08:00
Matt Johnston	331d4a714f	Make server send SSH_MSG_EXT_INFO Ensure that only valid hostkey algorithms are sent in the first kex guess	2020-05-21 23:00:22 +08:00
Matt Johnston	5acee497bf	ext-info handling for server-sig-algs only client side is handled	2020-05-19 00:31:41 +08:00
Matt Johnston	7dc2f36c3e	use sigtype where appropriate	2020-04-06 23:18:26 +08:00
Francois Perrad	89e64c631e	Pointer parameter could be declared as pointing to const	2017-08-19 17:16:13 +02:00
Matt Johnston	32a28d0d9c	Convert #ifdef to #if, other build changes	2016-05-04 15:33:40 +02:00
Matt Johnston	d6daad29fc	options for disabling "normal" DH	2016-05-02 23:48:16 +02:00
Gaël PORTAY	6b90885d4f	Turn Algo_Type's name attribute into const char *	2015-05-05 20:39:14 +02:00
Thorsten Horstmann	fdb7ffa864	DROPBEAR_ prefix for include guards to avoid collisions	2015-02-24 20:43:01 +08:00
Matt Johnston	a7a79d569a	Disable non-delayed zlib for server	2015-01-28 21:38:27 +08:00
Matt Johnston	de1deaf0bd	use oldstyle comments	2013-11-14 22:03:30 +08:00
Matt Johnston	e60a84d0ed	Various cleanups and fixes for warnings --HG-- branch : ecc	2013-11-12 23:02:32 +08:00
Matt Johnston	0162c116da	curve25519 --HG-- branch : ecc	2013-11-08 23:11:43 +08:00
Matt Johnston	04518e9e80	merge in HEAD --HG-- branch : ecc	2013-05-21 12:09:35 +08:00
Matt Johnston	5c87c6a435	A bit of work on ecdsa for host/auth keys --HG-- branch : ecc	2013-04-14 00:50:03 +08:00
Matt Johnston	7f091e7019	start on ecdsa keys --HG-- branch : ecc	2013-04-09 00:36:04 +08:00
Matt Johnston	c6bdc810ab	ecc kind of works, needs fixing/testing --HG-- branch : ecc	2013-04-07 01:36:42 +08:00
Matt Johnston	9c7485331a	Get rid of client/server specific buf_match_algo, use single function with a couple of if statements instead --HG-- branch : kexguess	2013-03-30 23:55:05 +08:00
Matt Johnston	99d9cf500b	Add kexguess2 behaviour --HG-- branch : kexguess	2013-03-29 23:29:48 +08:00
Matt Johnston	b4bcc60657	More changes for KEX and ECDH. Set up hash descriptors, make ECC code work, ses.hash and ses.session_id are now buffers (doesn't compile) --HG-- branch : ecc	2013-03-29 00:28:09 +08:00
Matt Johnston	74cad1612f	more bits on ecc branch --HG-- branch : ecc	2013-03-27 00:38:03 +08:00
Matt Johnston	73e22c115c	refactor kexdh code a bit, start working on ecdh etc --HG-- branch : ecc	2013-03-26 01:35:22 +08:00
Matt Johnston	db34044c7f	ENABLE_USER_ALGO_LIST should work for the client	2012-05-17 00:26:12 +08:00
Matt Johnston	036edd6206	Add rough support for choosing ciphers/hashes with "-c" or "-m"	2012-05-17 00:12:42 +08:00
Matt Johnston	e3ca0513a0	- Disable compression for non-final multihops --HG-- extra : convert_revision : c507a2aacb9e0db4c0266891b8915c614e32857e	2009-09-11 14:02:04 +00:00
Matt Johnston	511f6555c9	- Add Counter Mode support --HG-- extra : convert_revision : 5225162bdf32d70b58b6d3ae375a290326c59f3a	2008-09-29 13:53:31 +00:00
Matt Johnston	7b403dc57f	Switching to libtomcrypt 1.02 (still has problems) --HG-- extra : convert_revision : 4dfd70544ed9a766876ddda9f6ac3f26054eb3db	2005-05-09 09:32:33 +00:00
Matt Johnston	a9c38fb37f	snapshot of stuff --HG-- extra : convert_revision : 2903853ba24669d01547710986ad531357602633	2004-07-26 02:44:20 +00:00
Matt Johnston	674a607488	Makefile.in contains updated files required --HG-- extra : convert_revision : cc8a8c49dc70e632c352853a39801089b08149be	2004-06-01 02:46:09 +00:00

30 Commits