From 8e6d09e37a97706af4fc43c343f38a3f471ee872 Mon Sep 17 00:00:00 2001
From: Jakub Witczak <kuba@erlang.org>
Date: Fri, 10 Jan 2025 17:32:25 +0100
Subject: [PATCH] ssh: types for legacy algorithm sets
---
lib/ssh/src/ssh.hrl | 118 +++++++++++++++++++++++++-------------------
1 file changed, 67 insertions(+), 51 deletions(-)
diff --git a/lib/ssh/src/ssh.hrl b/lib/ssh/src/ssh.hrl
index aecce6c1efea..5cf53b1b4b99 100644
--- a/lib/ssh/src/ssh.hrl
+++ b/lib/ssh/src/ssh.hrl
@@ -128,64 +128,80 @@
-type open_socket() :: gen_tcp:socket().
-type subsystem_spec() :: {Name::string(), mod_args()} .
-
+
-type algs_list() :: list( alg_entry() ).
--type alg_entry() :: {kex, [kex_alg()]}
+-type alg_entry() :: {kex, [kex_alg()]}
| {public_key, [pubkey_alg()]}
| {cipher, double_algs(cipher_alg())}
| {mac, double_algs(mac_alg())}
| {compression, double_algs(compression_alg())} .
--type kex_alg() :: 'diffie-hellman-group-exchange-sha1' |
- 'diffie-hellman-group-exchange-sha256' |
- 'diffie-hellman-group1-sha1' |
- 'diffie-hellman-group14-sha1' |
- 'diffie-hellman-group14-sha256' |
- 'diffie-hellman-group16-sha512' |
- 'diffie-hellman-group18-sha512' |
- 'curve25519-sha256' |
- 'curve25519-sha256@libssh.org' |
- 'curve448-sha512' |
- 'ecdh-sha2-nistp256' |
- 'ecdh-sha2-nistp384' |
- 'ecdh-sha2-nistp521'
- .
-
--type pubkey_alg() :: 'ecdsa-sha2-nistp256' |
- 'ecdsa-sha2-nistp384' |
- 'ecdsa-sha2-nistp521' |
- 'ssh-ed25519' |
- 'ssh-ed448' |
- 'rsa-sha2-256' |
- 'rsa-sha2-512' |
- 'ssh-dss' |
- 'ssh-rsa'
- .
-
--type cipher_alg() :: '3des-cbc' |
- 'AEAD_AES_128_GCM' |
- 'AEAD_AES_256_GCM' |
- 'aes128-cbc' |
- 'aes128-ctr' |
- 'aes128-gcm@openssh.com' |
- 'aes192-ctr' |
- 'aes192-cbc' |
- 'aes256-cbc' |
- 'aes256-ctr' |
- 'aes256-gcm@openssh.com' |
- 'chacha20-poly1305@openssh.com'
- .
+-type kex_alg() ::
+ 'diffie-hellman-group-exchange-sha256' |
+ 'diffie-hellman-group14-sha256' |
+ 'diffie-hellman-group16-sha512' |
+ 'diffie-hellman-group18-sha512' |
+ 'curve25519-sha256' |
+ 'curve25519-sha256@libssh.org' |
+ 'curve448-sha512' |
+ 'ecdh-sha2-nistp256' |
+ 'ecdh-sha2-nistp384' |
+ 'ecdh-sha2-nistp521' |
+ legacy_kex_alg().
+
+-type legacy_kex_alg() ::
+ %% Gone in OpenSSH 7.3.p1
+ 'diffie-hellman-group1-sha1' |
+ %% Gone in OpenSSH 8.2
+ 'diffie-hellman-group14-sha1' |
+ 'diffie-hellman-group-exchange-sha1'.
+
+-type pubkey_alg() ::
+ 'ecdsa-sha2-nistp256' |
+ 'ecdsa-sha2-nistp384' |
+ 'ecdsa-sha2-nistp521' |
+ 'ssh-ed25519' |
+ 'ssh-ed448' |
+ 'rsa-sha2-256' |
+ 'rsa-sha2-512'.
+
+-type legacy_pubkey_alg() ::
+ 'ssh-rsa' |
+ %% Gone in OpenSSH 7.3.p1:
+ 'ssh-dss'.
+
+-type cipher_alg() ::
+ 'aes128-ctr' |
+ 'aes128-gcm@openssh.com' |
+ 'aes192-ctr' |
+ 'aes256-ctr' |
+ 'aes256-gcm@openssh.com' |
+ 'chacha20-poly1305@openssh.com' |
+ legacy_cipher_alg()
+ .
--type mac_alg() :: 'AEAD_AES_128_GCM' |
- 'AEAD_AES_256_GCM' |
- 'hmac-sha1' |
- 'hmac-sha1-etm@openssh.com' |
- 'hmac-sha1-96' |
- 'hmac-sha2-256' |
- 'hmac-sha2-512' |
- 'hmac-sha2-256-etm@openssh.com' |
- 'hmac-sha2-512-etm@openssh.com'
- .
+-type legacy_cipher_alg() ::
+ 'AEAD_AES_128_GCM' |
+ 'AEAD_AES_256_GCM' |
+ %% Gone in OpenSSH 7.6
+ 'aes128-cbc' |
+ 'aes192-cbc' |
+ 'aes256-cbc' |
+ '3des-cbc'.
+
+-type mac_alg() ::
+ 'hmac-sha1' |
+ 'hmac-sha1-etm@openssh.com' |
+ 'hmac-sha2-256' |
+ 'hmac-sha2-512' |
+ 'hmac-sha2-256-etm@openssh.com' |
+ 'hmac-sha2-512-etm@openssh.com' |
+ legacy_mac_alg().
+
+-type legacy_mac_alg() ::
+ 'AEAD_AES_128_GCM' |
+ 'AEAD_AES_256_GCM' |
+ 'hmac-sha1-96'.
-type compression_alg() :: 'none' |
'zlib' |