1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118

//! Helpers for different hashes and signatures encountered through the protocol.

use binrw::binwrite;

use super::arch;

/// The exchange hash for ECDH, computed as the
/// hash of the concatenation of the following.
///
/// see <https://datatracker.ietf.org/doc/html/rfc5656#section-4>.
#[binwrite]
#[derive(Debug, Clone)]
#[bw(big)]
pub struct EcdhExchange<'e> {
    /// Client's identification string (`\r` and `\n` excluded).
    pub v_c: &'e arch::Bytes,

    /// Server's identification string (`\r` and `\n` excluded).
    pub v_s: &'e arch::Bytes,

    /// Payload of the client's `SSH_MSG_KEXINIT` message.
    pub i_c: &'e arch::Bytes,

    /// Payload of the server's `SSH_MSG_KEXINIT` message.
    pub i_s: &'e arch::Bytes,

    /// Server's public host key.
    pub k_s: &'e arch::Bytes,

    /// Client's ephemeral public key octet string.
    pub q_c: &'e arch::Bytes,

    /// Server's ephemeral public key octet string.
    pub q_s: &'e arch::Bytes,

    /// Computed shared secret.
    pub k: &'e arch::MpInt,
}

impl EcdhExchange<'_> {
    /// Produce the exchange hash with the specified digest algorithm.
    #[cfg(feature = "digest")]
    #[cfg_attr(docsrs, doc(cfg(feature = "digest")))]
    pub fn hash<D: digest::Digest>(&self) -> digest::Output<D> {
        use binrw::BinWrite;

        let mut buffer = Vec::new();
        self.write(&mut std::io::Cursor::new(&mut buffer))
            .expect("The binrw structure serialization failed");

        D::digest(&buffer)
    }
}

/// The data that gets _signed_ and _verified_ to prove the possession of the said private key in
/// the `publickey` authentication method, computed from the concatenation of the following.
///
/// see <https://datatracker.ietf.org/doc/html/rfc4252#section-7>.
#[binwrite]
#[derive(Debug, Clone)]
#[bw(big)]
pub struct PublickeySignature<'s> {
    /// The session identifier issued by the key-exchange.
    pub session_id: &'s arch::Bytes,

    #[bw(calc = 50)]
    magic: u8,

    /// Username for the auth request.
    pub username: &'s arch::StringUtf8,

    /// Service name to query.
    pub service_name: &'s arch::StringAscii,

    #[bw(calc = "publickey".into())]
    method: arch::StringUtf8,

    #[bw(calc = true.into())]
    signed: arch::Bool,

    /// Public key algorithm's name.
    pub algorithm: &'s arch::Bytes,

    /// Public key blob.
    pub blob: &'s arch::Bytes,
}

impl PublickeySignature<'_> {
    /// Verify the structure against the provided `signature` with the `key`.
    #[cfg(feature = "signature")]
    #[cfg_attr(docsrs, doc(cfg(feature = "signature")))]
    pub fn verify<S, K: signature::Verifier<S>>(
        &self,
        key: &K,
        signature: &S,
    ) -> signature::Result<()> {
        use binrw::BinWrite;

        let mut buffer = Vec::new();
        self.write(&mut std::io::Cursor::new(&mut buffer))
            .expect("The binrw structure serialization failed");

        K::verify(key, &buffer, signature)
    }

    /// Sign the structure with the provided `key` to produce the `signature`.
    #[cfg(feature = "signature")]
    #[cfg_attr(docsrs, doc(cfg(feature = "signature")))]
    pub fn sign<S, K: signature::Signer<S>>(&self, key: &K) -> S {
        use binrw::BinWrite;

        let mut buffer = Vec::new();
        self.write(&mut std::io::Cursor::new(&mut buffer))
            .expect("The binrw structure serialization failed");

        K::sign(key, &buffer)
    }
}