ssh_packet/crypto/
exchange.rs

1//! Facilities to produce some of the _exchange hashes_.
2
3use binrw::binwrite;
4
5use super::Lengthed;
6use crate::{arch, trans};
7
8/// The exchange hash for ECDH, computed as the
9/// hash of the concatenation of the following.
10///
11/// see <https://datatracker.ietf.org/doc/html/rfc5656#section-4>.
12#[binwrite]
13#[derive(Debug)]
14#[bw(big)]
15pub struct Ecdh<'b> {
16    /// Client's identification string (`\r` and `\n` excluded).
17    pub v_c: arch::Bytes<'b>,
18
19    /// Server's identification string (`\r` and `\n` excluded).
20    pub v_s: arch::Bytes<'b>,
21
22    /// Payload of the client's `SSH_MSG_KEXINIT` message.
23    pub i_c: Lengthed<&'b trans::KexInit<'b>>,
24
25    /// Payload of the server's `SSH_MSG_KEXINIT` message.
26    pub i_s: Lengthed<&'b trans::KexInit<'b>>,
27
28    /// Server's public host key.
29    pub k_s: arch::Bytes<'b>,
30
31    /// Client's ephemeral public key octet string.
32    pub q_c: arch::Bytes<'b>,
33
34    /// Server's ephemeral public key octet string.
35    pub q_s: arch::Bytes<'b>,
36
37    /// Computed shared secret.
38    pub k: arch::MpInt<'b>,
39}
40
41impl Ecdh<'_> {
42    /// Produce the exchange hash with the specified digest algorithm.
43    #[cfg(feature = "digest")]
44    #[cfg_attr(docsrs, doc(cfg(feature = "digest")))]
45    pub fn hash<D: digest::Digest>(&self) -> digest::Output<D> {
46        use binrw::BinWrite;
47
48        let mut buffer = Vec::new();
49        self.write(&mut std::io::Cursor::new(&mut buffer))
50            .expect("The binrw structure serialization failed");
51
52        D::digest(&buffer)
53    }
54}