kex: Enable chacha20-poly1304 KEX with mbedtls

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>

ConfigureChecks.cmake

@@ -138,7 +138,6 @@ endif ()
 
 if (NOT WITH_MBEDTLS)
     set(HAVE_DSA 1)
-    set(HAVE_CHACHA 1)
 endif (NOT WITH_MBEDTLS)
 
 # FUNCTIONS

config.h.cmake

@@ -89,9 +89,6 @@
 /* Define to 1 if you have DSA */
 #cmakedefine HAVE_DSA 1
 
-/* Define to 1 if you have chacha20-poly1305 */
-#cmakedefine HAVE_CHACHA 1
-
 /*************************** FUNCTIONS ***************************/
 
 /* Define to 1 if you have the `EVP_aes128_ctr' function. */

include/libssh/crypto.h

@@ -129,11 +129,10 @@ struct ssh_cipher_struct {
     unsigned int blocksize; /* blocksize of the algo */
     enum ssh_cipher_e ciphertype;
     uint32_t lenfield_blocksize; /* blocksize of the packet length field */
-#ifdef HAVE_LIBGCRYPT
     size_t keylen; /* length of the key structure */
+#ifdef HAVE_LIBGCRYPT
     gcry_cipher_hd_t *key;
 #elif defined HAVE_LIBCRYPTO
-    size_t keylen; /* length of the key structure */
     struct ssh_3des_key_schedule *des3_key;
     struct ssh_aes_key_schedule *aes_key;
     const EVP_CIPHER *cipher;

src/CMakeLists.txt

@@ -164,15 +164,9 @@ set(libssh_SRCS
   external/ge25519.c
   external/poly1305.c
   external/sc25519.c
+  chachapoly.c
 )
 
-if (NOT WITH_MBEDTLS)
-    set(libssh_SRCS
-        ${libssh_SRCS}
-        chachapoly.c
-       )
-endif (NOT WITH_MBEDTLS)
-
 if (WITH_GCRYPT)
     set(libssh_SRCS
         ${libssh_SRCS}

src/kex.c

@@ -95,11 +95,7 @@
 #define ECDH ""
 #endif
 
-#ifdef    HAVE_CHACHA
 #define CHACHA20 "chacha20-poly1305@openssh.com,"
-#else  /* HAVE_CHACHA */
-#define CHACHA20
-#endif /* HAVE_CHACHA */
 
 #define KEY_EXCHANGE CURVE25519 ECDH "diffie-hellman-group14-sha1,diffie-hellman-group1-sha1"
 #define KEX_METHODS_SIZE 10

src/libmbedcrypto.c

@@ -30,6 +30,8 @@
 #ifdef HAVE_LIBMBEDCRYPTO
 #include <mbedtls/md.h>
 
+extern const struct ssh_cipher_struct chacha20poly1305_cipher;
+
 struct ssh_mac_ctx_struct {
     enum ssh_mac_e mac_type;
     mbedtls_md_context_t ctx;
@@ -1066,6 +1068,9 @@ static struct ssh_cipher_struct ssh_ciphertab[] = {
         .encrypt = cipher_encrypt_cbc,
         .decrypt = cipher_decrypt_cbc,
     },
+    {
+        .name = "chacha20-poly1305@openssh.com"
+    },
     {
         .name = NULL,
         .blocksize = 0,
@@ -1085,6 +1090,7 @@ struct ssh_cipher_struct *ssh_get_ciphertab(void)
 
 void ssh_mbedtls_init(void)
 {
+    size_t i;
     int rc;
 
     mbedtls_entropy_init(&ssh_mbedtls_entropy);
@@ -1095,6 +1101,18 @@ void ssh_mbedtls_init(void)
     if (rc != 0) {
         mbedtls_ctr_drbg_free(&ssh_mbedtls_ctr_drbg);
     }
+
+    for (i = 0; ssh_ciphertab[i].name != NULL; i++) {
+        int cmp;
+
+        cmp = strcmp(ssh_ciphertab[i].name, "chacha20-poly1305@openssh.com");
+        if (cmp == 0) {
+            memcpy(&ssh_ciphertab[i],
+                   &chacha20poly1305_cipher,
+                   sizeof(struct ssh_cipher_struct));
+            break;
+        }
+    }
 }
 
 int ssh_mbedtls_random(void *where, int len, int strong)