aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

rust/ssh: add hassh generation

Browse Source 
Add generation of hassh fingerprints based on fields in the kexinit record
pull/5141/head
Vadym Malakhatko 5 years ago
parent f7a47a4477
commit 536cee3ba9
5 changed files with 694 additions and 19 deletions
Show Stats Download Patch File Download Diff File

1
rust/Cargo.toml.in
Unescape Escape View File

@ -28,6 +28,7 @@ num = "0.2"
num-derive = "0.2"
num-traits = "0.2"
widestring = "0.4"
md5 = "0.7.0"
der-parser = "3.0"
kerberos-parser = "0.4"

78
rust/src/ssh/detect.rs
Unescape Escape View File

@ -90,3 +90,81 @@ pub extern "C" fn rs_ssh_tx_get_software(
return 0;
}
#[no_mangle]
pub extern "C" fn rs_ssh_tx_get_hassh(
tx: *mut std::os::raw::c_void,
buffer: *mut *const u8,
buffer_len: *mut u32,
direction: u8,
) -> u8 {
let tx = cast_pointer!(tx, SSHTransaction);
match direction {
STREAM_TOSERVER => {
let m = &tx.cli_hdr.hassh;
if m.len() > 0 {
unsafe {
*buffer = m.as_ptr();
*buffer_len = m.len() as u32;
}
return 1;
}
}
STREAM_TOCLIENT => {
let m = &tx.srv_hdr.hassh;
if m.len() > 0 {
unsafe {
*buffer = m.as_ptr();
*buffer_len = m.len() as u32;
}
return 1;
}
}
_ => {}
}
unsafe {
*buffer = ptr::null();
*buffer_len = 0;
}
return 0;
}
#[no_mangle]
pub extern "C" fn rs_ssh_tx_get_hassh_string(
tx: *mut std::os::raw::c_void,
buffer: *mut *const u8,
buffer_len: *mut u32,
direction: u8,
) -> u8 {
let tx = cast_pointer!(tx, SSHTransaction);
match direction {
STREAM_TOSERVER => {
let m = &tx.cli_hdr.hassh_string;
if m.len() > 0 {
unsafe {
*buffer = m.as_ptr();
*buffer_len = m.len() as u32;
}
return 1;
}
}
STREAM_TOCLIENT => {
let m = &tx.srv_hdr.hassh_string;
if m.len() > 0 {
unsafe {
*buffer = m.as_ptr();
*buffer_len = m.len() as u32;
}
return 1;
}
}
_ => {}
}
unsafe {
*buffer = ptr::null();
*buffer_len = 0;
}
return 0;
}

516
rust/src/ssh/parser.rs
Unescape Escape View File

@ -19,6 +19,40 @@ use nom::combinator::rest;
use nom::number::streaming::{be_u32, be_u8};
use std::fmt;
#[derive(PartialEq, Eq, Copy, Clone, Debug)]
pub enum MessageCode {
SshMsgDisconnect,
SshMsgIgnore,
SshMsgUnimplemented,
SshMsgDebug,
SshMsgServiceRequest,
SshMsgServiceAccept,
SshMsgKexinit,
SshMsgNewKeys,
SshMsgKexdhInit,
SshMsgKexdhReply,
SshMsgUndefined(u8),
}
impl MessageCode {
fn from_u8(value: u8) -> MessageCode {
match value {
1 => MessageCode::SshMsgDisconnect,
2 => MessageCode::SshMsgIgnore,
3 => MessageCode::SshMsgUnimplemented,
4 => MessageCode::SshMsgDebug,
5 => MessageCode::SshMsgServiceRequest,
6 => MessageCode::SshMsgServiceAccept,
20 => MessageCode::SshMsgKexinit,
21 => MessageCode::SshMsgNewKeys,
30 => MessageCode::SshMsgKexdhInit,
31 => MessageCode::SshMsgKexdhReply,
_ => MessageCode::SshMsgUndefined(value),
}
}
}
#[inline]
fn is_not_lineend(b: u8) -> bool {
if b == 10 || b == 13 {
@ -63,14 +97,14 @@ named!(pub ssh_parse_banner<SshBanner>,
pub struct SshRecordHeader {
pub pkt_len: u32,
padding_len: u8,
pub msg_code: u8,
pub msg_code: MessageCode,
}
impl fmt::Display for SshRecordHeader {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
write!(
f,
"(pkt_len:{}, padding_len:{}, msg_code:{})",
"(pkt_len:{}, padding_len:{}, msg_code:{:?})",
self.pkt_len, self.padding_len, self.msg_code
)
}
@ -81,7 +115,9 @@ named!(pub ssh_parse_record_header<SshRecordHeader>,
pkt_len: verify!(be_u32, |&val| val > 1) >>
padding_len: be_u8 >>
msg_code: be_u8 >>
(SshRecordHeader{pkt_len, padding_len, msg_code})
(SshRecordHeader{pkt_len: pkt_len,
padding_len: padding_len,
msg_code: MessageCode::from_u8(msg_code)})
)
);
@ -92,10 +128,91 @@ named!(pub ssh_parse_record<SshRecordHeader>,
padding_len: be_u8 >>
msg_code: be_u8 >>
take!((pkt_len-2) as usize) >>
(SshRecordHeader{pkt_len, padding_len, msg_code})
(SshRecordHeader{pkt_len: pkt_len,
padding_len: padding_len,
msg_code: MessageCode::from_u8(msg_code)})
)
);
#[derive(Debug,PartialEq)]
pub struct SshPacketKeyExchange<'a> {
pub cookie: &'a[u8],
pub kex_algs: &'a [u8],
pub server_host_key_algs: &'a [u8],
pub encr_algs_client_to_server: &'a [u8],
pub encr_algs_server_to_client: &'a [u8],
pub mac_algs_client_to_server: &'a [u8],
pub mac_algs_server_to_client: &'a [u8],
pub comp_algs_client_to_server: &'a [u8],
pub comp_algs_server_to_client: &'a [u8],
pub langs_client_to_server: &'a [u8],
pub langs_server_to_client: &'a [u8],
pub first_kex_packet_follows: u8,
pub reserved: u32,
}
use md5::compute;
const SSH_HASSH_STRING_DELIMITER_SLICE: [u8; 1] = [b';'];
impl<'a> SshPacketKeyExchange<'a> {
pub fn generate_hassh(&self, hassh_string: &mut Vec<u8>, hassh: &mut Vec<u8>, to_server: &bool) {
let slices = if *to_server {
[self.kex_algs, &SSH_HASSH_STRING_DELIMITER_SLICE,
self.encr_algs_server_to_client, &SSH_HASSH_STRING_DELIMITER_SLICE,
self.mac_algs_server_to_client, &SSH_HASSH_STRING_DELIMITER_SLICE,
self.comp_algs_server_to_client]}
else {
[self.kex_algs, &SSH_HASSH_STRING_DELIMITER_SLICE,
self.encr_algs_client_to_server, &SSH_HASSH_STRING_DELIMITER_SLICE,
self.mac_algs_client_to_server, &SSH_HASSH_STRING_DELIMITER_SLICE,
self.comp_algs_client_to_server]
};
// reserving memory
hassh_string.reserve_exact(slices.iter().fold(0, |acc, x| acc + x.len()));
// copying slices to hassh string
slices.iter().for_each(|&x| hassh_string.extend_from_slice(x));
hassh.extend(format!("{:x?}", compute(&hassh_string)).as_bytes());
}
}
named!(parse_string<&[u8]>, do_parse!(
len: be_u32 >>
string: take!(len) >>
( string )
));
named!(pub ssh_parse_key_exchange<SshPacketKeyExchange>, do_parse!(
cookie: take!(16) >>
kex_algs: parse_string >>
server_host_key_algs: parse_string >>
encr_algs_client_to_server: parse_string >>
encr_algs_server_to_client: parse_string >>
mac_algs_client_to_server: parse_string >>
mac_algs_server_to_client: parse_string >>
comp_algs_client_to_server: parse_string >>
comp_algs_server_to_client: parse_string >>
langs_client_to_server: parse_string >>
langs_server_to_client: parse_string >>
first_kex_packet_follows: be_u8 >>
reserved: be_u32 >>
( SshPacketKeyExchange {
cookie: cookie,
kex_algs: kex_algs,
server_host_key_algs: server_host_key_algs,
encr_algs_client_to_server: encr_algs_client_to_server,
encr_algs_server_to_client: encr_algs_server_to_client,
mac_algs_client_to_server: mac_algs_client_to_server,
mac_algs_server_to_client: mac_algs_server_to_client,
comp_algs_client_to_server: comp_algs_client_to_server,
comp_algs_server_to_client: comp_algs_server_to_client,
langs_client_to_server: langs_client_to_server,
langs_server_to_client: langs_server_to_client,
first_kex_packet_follows: first_kex_packet_follows,
reserved: reserved,
} )
));
#[cfg(test)]
mod tests {
@ -192,5 +309,396 @@ mod tests {
}
}
}
#[test]
fn test_parse_key_exchange() {
let client_key_exchange = [0x18 ,0x70 ,0xCB ,0xA4 ,0xA3 ,0xD4 ,0xDC ,0x88 ,0x6F
,0xFD ,0x76 ,0x06 ,0xCF ,0x36 ,0x1B ,0xC6 ,0x00 ,0x00 ,0x01 ,0x0D ,0x63 ,0x75 ,0x72 ,0x76
,0x65 ,0x32 ,0x35 ,0x35 ,0x31 ,0x39 ,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x35 ,0x36 ,0x2C ,0x63
,0x75 ,0x72 ,0x76 ,0x65 ,0x32 ,0x35 ,0x35 ,0x31 ,0x39 ,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x35
,0x36 ,0x40 ,0x6C ,0x69 ,0x62 ,0x73 ,0x73 ,0x68 ,0x2E ,0x6F ,0x72 ,0x67 ,0x2C ,0x65 ,0x63
,0x64 ,0x68 ,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x2D ,0x6E ,0x69 ,0x73 ,0x74 ,0x70 ,0x32 ,0x35
,0x36 ,0x2C ,0x65 ,0x63 ,0x64 ,0x68 ,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x2D ,0x6E ,0x69 ,0x73
,0x74 ,0x70 ,0x33 ,0x38 ,0x34 ,0x2C ,0x65 ,0x63 ,0x64 ,0x68 ,0x2D ,0x73 ,0x68 ,0x61 ,0x32
,0x2D ,0x6E ,0x69 ,0x73 ,0x74 ,0x70 ,0x35 ,0x32 ,0x31 ,0x2C ,0x64 ,0x69 ,0x66 ,0x66 ,0x69
,0x65 ,0x2D ,0x68 ,0x65 ,0x6C ,0x6C ,0x6D ,0x61 ,0x6E ,0x2D ,0x67 ,0x72 ,0x6F ,0x75 ,0x70
,0x2D ,0x65 ,0x78 ,0x63 ,0x68 ,0x61 ,0x6E ,0x67 ,0x65 ,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x35
,0x36 ,0x2C ,0x64 ,0x69 ,0x66 ,0x66 ,0x69 ,0x65 ,0x2D ,0x68 ,0x65 ,0x6C ,0x6C ,0x6D ,0x61
,0x6E ,0x2D ,0x67 ,0x72 ,0x6F ,0x75 ,0x70 ,0x31 ,0x36 ,0x2D ,0x73 ,0x68 ,0x61 ,0x35 ,0x31
,0x32 ,0x2C ,0x64 ,0x69 ,0x66 ,0x66 ,0x69 ,0x65 ,0x2D ,0x68 ,0x65 ,0x6C ,0x6C ,0x6D ,0x61
,0x6E ,0x2D ,0x67 ,0x72 ,0x6F ,0x75 ,0x70 ,0x31 ,0x38 ,0x2D ,0x73 ,0x68 ,0x61 ,0x35 ,0x31
,0x32 ,0x2C ,0x64 ,0x69 ,0x66 ,0x66 ,0x69 ,0x65 ,0x2D ,0x68 ,0x65 ,0x6C ,0x6C ,0x6D ,0x61
,0x6E ,0x2D ,0x67 ,0x72 ,0x6F ,0x75 ,0x70 ,0x31 ,0x34 ,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x35
,0x36 ,0x2C ,0x64 ,0x69 ,0x66 ,0x66 ,0x69 ,0x65 ,0x2D ,0x68 ,0x65 ,0x6C ,0x6C ,0x6D ,0x61
,0x6E ,0x2D ,0x67 ,0x72 ,0x6F ,0x75 ,0x70 ,0x31 ,0x34 ,0x2D ,0x73 ,0x68 ,0x61 ,0x31 ,0x2C
,0x65 ,0x78 ,0x74 ,0x2D ,0x69 ,0x6E ,0x66 ,0x6F ,0x2D ,0x63 ,0x00 ,0x00 ,0x01 ,0x66 ,0x65
,0x63 ,0x64 ,0x73 ,0x61 ,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x2D ,0x6E ,0x69 ,0x73 ,0x74 ,0x70
,0x32 ,0x35 ,0x36 ,0x2D ,0x63 ,0x65 ,0x72 ,0x74 ,0x2D ,0x76 ,0x30 ,0x31 ,0x40 ,0x6F ,0x70
,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x65 ,0x63 ,0x64 ,0x73 ,0x61
,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x2D ,0x6E ,0x69 ,0x73 ,0x74 ,0x70 ,0x33 ,0x38 ,0x34 ,0x2D
,0x63 ,0x65 ,0x72 ,0x74 ,0x2D ,0x76 ,0x30 ,0x31 ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73
,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x65 ,0x63 ,0x64 ,0x73 ,0x61 ,0x2D ,0x73 ,0x68 ,0x61
,0x32 ,0x2D ,0x6E ,0x69 ,0x73 ,0x74 ,0x70 ,0x35 ,0x32 ,0x31 ,0x2D ,0x63 ,0x65 ,0x72 ,0x74
,0x2D ,0x76 ,0x30 ,0x31 ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F
,0x6D ,0x2C ,0x65 ,0x63 ,0x64 ,0x73 ,0x61 ,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x2D ,0x6E ,0x69
,0x73 ,0x74 ,0x70 ,0x32 ,0x35 ,0x36 ,0x2C ,0x65 ,0x63 ,0x64 ,0x73 ,0x61 ,0x2D ,0x73 ,0x68
,0x61 ,0x32 ,0x2D ,0x6E ,0x69 ,0x73 ,0x74 ,0x70 ,0x33 ,0x38 ,0x34 ,0x2C ,0x65 ,0x63 ,0x64
,0x73 ,0x61 ,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x2D ,0x6E ,0x69 ,0x73 ,0x74 ,0x70 ,0x35 ,0x32
,0x31 ,0x2C ,0x73 ,0x73 ,0x68 ,0x2D ,0x65 ,0x64 ,0x32 ,0x35 ,0x35 ,0x31 ,0x39 ,0x2D ,0x63
,0x65 ,0x72 ,0x74 ,0x2D ,0x76 ,0x30 ,0x31 ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68
,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x72 ,0x73 ,0x61 ,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x2D ,0x35
,0x31 ,0x32 ,0x2D ,0x63 ,0x65 ,0x72 ,0x74 ,0x2D ,0x76 ,0x30 ,0x31 ,0x40 ,0x6F ,0x70 ,0x65
,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x72 ,0x73 ,0x61 ,0x2D ,0x73 ,0x68
,0x61 ,0x32 ,0x2D ,0x32 ,0x35 ,0x36 ,0x2D ,0x63 ,0x65 ,0x72 ,0x74 ,0x2D ,0x76 ,0x30 ,0x31
,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x73 ,0x73
,0x68 ,0x2D ,0x72 ,0x73 ,0x61 ,0x2D ,0x63 ,0x65 ,0x72 ,0x74 ,0x2D ,0x76 ,0x30 ,0x31 ,0x40
,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x73 ,0x73 ,0x68
,0x2D ,0x65 ,0x64 ,0x32 ,0x35 ,0x35 ,0x31 ,0x39 ,0x2C ,0x72 ,0x73 ,0x61 ,0x2D ,0x73 ,0x68
,0x61 ,0x32 ,0x2D ,0x35 ,0x31 ,0x32 ,0x2C ,0x72 ,0x73 ,0x61 ,0x2D ,0x73 ,0x68 ,0x61 ,0x32
,0x2D ,0x32 ,0x35 ,0x36 ,0x2C ,0x73 ,0x73 ,0x68 ,0x2D ,0x72 ,0x73 ,0x61 ,0x00 ,0x00 ,0x00
,0x6C ,0x63 ,0x68 ,0x61 ,0x63 ,0x68 ,0x61 ,0x32 ,0x30 ,0x2D ,0x70 ,0x6F ,0x6C ,0x79 ,0x31
,0x33 ,0x30 ,0x35 ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D
,0x2C ,0x61 ,0x65 ,0x73 ,0x31 ,0x32 ,0x38 ,0x2D ,0x63 ,0x74 ,0x72 ,0x2C ,0x61 ,0x65 ,0x73
,0x31 ,0x39 ,0x32 ,0x2D ,0x63 ,0x74 ,0x72 ,0x2C ,0x61 ,0x65 ,0x73 ,0x32 ,0x35 ,0x36 ,0x2D
,0x63 ,0x74 ,0x72 ,0x2C ,0x61 ,0x65 ,0x73 ,0x31 ,0x32 ,0x38 ,0x2D ,0x67 ,0x63 ,0x6D ,0x40
,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x61 ,0x65 ,0x73
,0x32 ,0x35 ,0x36 ,0x2D ,0x67 ,0x63 ,0x6D ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68
,0x2E ,0x63 ,0x6F ,0x6D ,0x00 ,0x00 ,0x00 ,0x6C ,0x63 ,0x68 ,0x61 ,0x63 ,0x68 ,0x61 ,0x32
,0x30 ,0x2D ,0x70 ,0x6F ,0x6C ,0x79 ,0x31 ,0x33 ,0x30 ,0x35 ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E
,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x61 ,0x65 ,0x73 ,0x31 ,0x32 ,0x38 ,0x2D
,0x63 ,0x74 ,0x72 ,0x2C ,0x61 ,0x65 ,0x73 ,0x31 ,0x39 ,0x32 ,0x2D ,0x63 ,0x74 ,0x72 ,0x2C
,0x61 ,0x65 ,0x73 ,0x32 ,0x35 ,0x36 ,0x2D ,0x63 ,0x74 ,0x72 ,0x2C ,0x61 ,0x65 ,0x73 ,0x31
,0x32 ,0x38 ,0x2D ,0x67 ,0x63 ,0x6D ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E
,0x63 ,0x6F ,0x6D ,0x2C ,0x61 ,0x65 ,0x73 ,0x32 ,0x35 ,0x36 ,0x2D ,0x67 ,0x63 ,0x6D ,0x40
,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x00 ,0x00 ,0x00 ,0xD5
,0x75 ,0x6D ,0x61 ,0x63 ,0x2D ,0x36 ,0x34 ,0x2D ,0x65 ,0x74 ,0x6D ,0x40 ,0x6F ,0x70 ,0x65
,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x75 ,0x6D ,0x61 ,0x63 ,0x2D ,0x31
,0x32 ,0x38 ,0x2D ,0x65 ,0x74 ,0x6D ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E
,0x63 ,0x6F ,0x6D ,0x2C ,0x68 ,0x6D ,0x61 ,0x63 ,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x2D ,0x32
,0x35 ,0x36 ,0x2D ,0x65 ,0x74 ,0x6D ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E
,0x63 ,0x6F ,0x6D ,0x2C ,0x68 ,0x6D ,0x61 ,0x63 ,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x2D ,0x35
,0x31 ,0x32 ,0x2D ,0x65 ,0x74 ,0x6D ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E
,0x63 ,0x6F ,0x6D ,0x2C ,0x68 ,0x6D ,0x61 ,0x63 ,0x2D ,0x73 ,0x68 ,0x61 ,0x31 ,0x2D ,0x65
,0x74 ,0x6D ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C
,0x75 ,0x6D ,0x61 ,0x63 ,0x2D ,0x36 ,0x34 ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68
,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x75 ,0x6D ,0x61 ,0x63 ,0x2D ,0x31 ,0x32 ,0x38 ,0x40 ,0x6F
,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x68 ,0x6D ,0x61 ,0x63
,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x2D ,0x32 ,0x35 ,0x36 ,0x2C ,0x68 ,0x6D ,0x61 ,0x63 ,0x2D
,0x73 ,0x68 ,0x61 ,0x32 ,0x2D ,0x35 ,0x31 ,0x32 ,0x2C ,0x68 ,0x6D ,0x61 ,0x63 ,0x2D ,0x73
,0x68 ,0x61 ,0x31 ,0x00 ,0x00 ,0x00 ,0xD5 ,0x75 ,0x6D ,0x61 ,0x63 ,0x2D ,0x36 ,0x34 ,0x2D
,0x65 ,0x74 ,0x6D ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D
,0x2C ,0x75 ,0x6D ,0x61 ,0x63 ,0x2D ,0x31 ,0x32 ,0x38 ,0x2D ,0x65 ,0x74 ,0x6D ,0x40 ,0x6F
,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x68 ,0x6D ,0x61 ,0x63
,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x2D ,0x32 ,0x35 ,0x36 ,0x2D ,0x65 ,0x74 ,0x6D ,0x40 ,0x6F
,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x68 ,0x6D ,0x61 ,0x63
,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x2D ,0x35 ,0x31 ,0x32 ,0x2D ,0x65 ,0x74 ,0x6D ,0x40 ,0x6F
,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x68 ,0x6D ,0x61 ,0x63
,0x2D ,0x73 ,0x68 ,0x61 ,0x31 ,0x2D ,0x65 ,0x74 ,0x6D ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73
,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x75 ,0x6D ,0x61 ,0x63 ,0x2D ,0x36 ,0x34 ,0x40
,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x75 ,0x6D ,0x61
,0x63 ,0x2D ,0x31 ,0x32 ,0x38 ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63
,0x6F ,0x6D ,0x2C ,0x68 ,0x6D ,0x61 ,0x63 ,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x2D ,0x32 ,0x35
,0x36 ,0x2C ,0x68 ,0x6D ,0x61 ,0x63 ,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x2D ,0x35 ,0x31 ,0x32
,0x2C ,0x68 ,0x6D ,0x61 ,0x63 ,0x2D ,0x73 ,0x68 ,0x61 ,0x31 ,0x00 ,0x00 ,0x00 ,0x1A ,0x6E
,0x6F ,0x6E ,0x65 ,0x2C ,0x7A ,0x6C ,0x69 ,0x62 ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73
,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x7A ,0x6C ,0x69 ,0x62 ,0x00 ,0x00 ,0x00 ,0x1A ,0x6E
,0x6F ,0x6E ,0x65 ,0x2C ,0x7A ,0x6C ,0x69 ,0x62 ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73
,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x7A ,0x6C ,0x69 ,0x62 ,0x00 ,0x00 ,0x00 ,0x00 ,0x00
,0x00 ,0x00 ,0x00 ,0x00 ,0x00 ,0x00 ,0x00 ,0x00];
let cookie = [0x18, 0x70, 0xcb, 0xa4, 0xa3, 0xd4, 0xdc, 0x88, 0x6f, 0xfd, 0x76, 0x06, 0xcf, 0x36, 0x1b, 0xc6];
let key_exchange = SshPacketKeyExchange {
cookie: &cookie,
kex_algs: b"curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c",
server_host_key_algs: b"ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa",
encr_algs_client_to_server: b"chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com",
encr_algs_server_to_client: b"chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com",
mac_algs_client_to_server: b"umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1",
mac_algs_server_to_client: b"umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1",
comp_algs_client_to_server: b"none,zlib@openssh.com,zlib",
comp_algs_server_to_client: b"none,zlib@openssh.com,zlib",
langs_client_to_server: b"",
langs_server_to_client: b"",
first_kex_packet_follows: 0,
reserved: 0,
};
let expected = Ok((b"" as &[u8], key_exchange));
let res = ssh_parse_key_exchange(&client_key_exchange);
assert_eq!(res, expected);
}
#[test]
fn test_parse_hassh() {
let client_key_exchange = [0x18 ,0x70 ,0xCB ,0xA4 ,0xA3 ,0xD4 ,0xDC ,0x88 ,0x6F
,0xFD ,0x76 ,0x06 ,0xCF ,0x36 ,0x1B ,0xC6 ,0x00 ,0x00 ,0x01 ,0x0D ,0x63 ,0x75 ,0x72 ,0x76
,0x65 ,0x32 ,0x35 ,0x35 ,0x31 ,0x39 ,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x35 ,0x36 ,0x2C ,0x63
,0x75 ,0x72 ,0x76 ,0x65 ,0x32 ,0x35 ,0x35 ,0x31 ,0x39 ,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x35
,0x36 ,0x40 ,0x6C ,0x69 ,0x62 ,0x73 ,0x73 ,0x68 ,0x2E ,0x6F ,0x72 ,0x67 ,0x2C ,0x65 ,0x63
,0x64 ,0x68 ,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x2D ,0x6E ,0x69 ,0x73 ,0x74 ,0x70 ,0x32 ,0x35
,0x36 ,0x2C ,0x65 ,0x63 ,0x64 ,0x68 ,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x2D ,0x6E ,0x69 ,0x73
,0x74 ,0x70 ,0x33 ,0x38 ,0x34 ,0x2C ,0x65 ,0x63 ,0x64 ,0x68 ,0x2D ,0x73 ,0x68 ,0x61 ,0x32
,0x2D ,0x6E ,0x69 ,0x73 ,0x74 ,0x70 ,0x35 ,0x32 ,0x31 ,0x2C ,0x64 ,0x69 ,0x66 ,0x66 ,0x69
,0x65 ,0x2D ,0x68 ,0x65 ,0x6C ,0x6C ,0x6D ,0x61 ,0x6E ,0x2D ,0x67 ,0x72 ,0x6F ,0x75 ,0x70
,0x2D ,0x65 ,0x78 ,0x63 ,0x68 ,0x61 ,0x6E ,0x67 ,0x65 ,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x35
,0x36 ,0x2C ,0x64 ,0x69 ,0x66 ,0x66 ,0x69 ,0x65 ,0x2D ,0x68 ,0x65 ,0x6C ,0x6C ,0x6D ,0x61
,0x6E ,0x2D ,0x67 ,0x72 ,0x6F ,0x75 ,0x70 ,0x31 ,0x36 ,0x2D ,0x73 ,0x68 ,0x61 ,0x35 ,0x31
,0x32 ,0x2C ,0x64 ,0x69 ,0x66 ,0x66 ,0x69 ,0x65 ,0x2D ,0x68 ,0x65 ,0x6C ,0x6C ,0x6D ,0x61
,0x6E ,0x2D ,0x67 ,0x72 ,0x6F ,0x75 ,0x70 ,0x31 ,0x38 ,0x2D ,0x73 ,0x68 ,0x61 ,0x35 ,0x31
,0x32 ,0x2C ,0x64 ,0x69 ,0x66 ,0x66 ,0x69 ,0x65 ,0x2D ,0x68 ,0x65 ,0x6C ,0x6C ,0x6D ,0x61
,0x6E ,0x2D ,0x67 ,0x72 ,0x6F ,0x75 ,0x70 ,0x31 ,0x34 ,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x35
,0x36 ,0x2C ,0x64 ,0x69 ,0x66 ,0x66 ,0x69 ,0x65 ,0x2D ,0x68 ,0x65 ,0x6C ,0x6C ,0x6D ,0x61
,0x6E ,0x2D ,0x67 ,0x72 ,0x6F ,0x75 ,0x70 ,0x31 ,0x34 ,0x2D ,0x73 ,0x68 ,0x61 ,0x31 ,0x2C
,0x65 ,0x78 ,0x74 ,0x2D ,0x69 ,0x6E ,0x66 ,0x6F ,0x2D ,0x63 ,0x00 ,0x00 ,0x01 ,0x66 ,0x65
,0x63 ,0x64 ,0x73 ,0x61 ,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x2D ,0x6E ,0x69 ,0x73 ,0x74 ,0x70
,0x32 ,0x35 ,0x36 ,0x2D ,0x63 ,0x65 ,0x72 ,0x74 ,0x2D ,0x76 ,0x30 ,0x31 ,0x40 ,0x6F ,0x70
,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x65 ,0x63 ,0x64 ,0x73 ,0x61
,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x2D ,0x6E ,0x69 ,0x73 ,0x74 ,0x70 ,0x33 ,0x38 ,0x34 ,0x2D
,0x63 ,0x65 ,0x72 ,0x74 ,0x2D ,0x76 ,0x30 ,0x31 ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73
,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x65 ,0x63 ,0x64 ,0x73 ,0x61 ,0x2D ,0x73 ,0x68 ,0x61
,0x32 ,0x2D ,0x6E ,0x69 ,0x73 ,0x74 ,0x70 ,0x35 ,0x32 ,0x31 ,0x2D ,0x63 ,0x65 ,0x72 ,0x74
,0x2D ,0x76 ,0x30 ,0x31 ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F
,0x6D ,0x2C ,0x65 ,0x63 ,0x64 ,0x73 ,0x61 ,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x2D ,0x6E ,0x69
,0x73 ,0x74 ,0x70 ,0x32 ,0x35 ,0x36 ,0x2C ,0x65 ,0x63 ,0x64 ,0x73 ,0x61 ,0x2D ,0x73 ,0x68
,0x61 ,0x32 ,0x2D ,0x6E ,0x69 ,0x73 ,0x74 ,0x70 ,0x33 ,0x38 ,0x34 ,0x2C ,0x65 ,0x63 ,0x64
,0x73 ,0x61 ,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x2D ,0x6E ,0x69 ,0x73 ,0x74 ,0x70 ,0x35 ,0x32
,0x31 ,0x2C ,0x73 ,0x73 ,0x68 ,0x2D ,0x65 ,0x64 ,0x32 ,0x35 ,0x35 ,0x31 ,0x39 ,0x2D ,0x63
,0x65 ,0x72 ,0x74 ,0x2D ,0x76 ,0x30 ,0x31 ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68
,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x72 ,0x73 ,0x61 ,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x2D ,0x35
,0x31 ,0x32 ,0x2D ,0x63 ,0x65 ,0x72 ,0x74 ,0x2D ,0x76 ,0x30 ,0x31 ,0x40 ,0x6F ,0x70 ,0x65
,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x72 ,0x73 ,0x61 ,0x2D ,0x73 ,0x68
,0x61 ,0x32 ,0x2D ,0x32 ,0x35 ,0x36 ,0x2D ,0x63 ,0x65 ,0x72 ,0x74 ,0x2D ,0x76 ,0x30 ,0x31
,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x73 ,0x73
,0x68 ,0x2D ,0x72 ,0x73 ,0x61 ,0x2D ,0x63 ,0x65 ,0x72 ,0x74 ,0x2D ,0x76 ,0x30 ,0x31 ,0x40
,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x73 ,0x73 ,0x68
,0x2D ,0x65 ,0x64 ,0x32 ,0x35 ,0x35 ,0x31 ,0x39 ,0x2C ,0x72 ,0x73 ,0x61 ,0x2D ,0x73 ,0x68
,0x61 ,0x32 ,0x2D ,0x35 ,0x31 ,0x32 ,0x2C ,0x72 ,0x73 ,0x61 ,0x2D ,0x73 ,0x68 ,0x61 ,0x32
,0x2D ,0x32 ,0x35 ,0x36 ,0x2C ,0x73 ,0x73 ,0x68 ,0x2D ,0x72 ,0x73 ,0x61 ,0x00 ,0x00 ,0x00
,0x6C ,0x63 ,0x68 ,0x61 ,0x63 ,0x68 ,0x61 ,0x32 ,0x30 ,0x2D ,0x70 ,0x6F ,0x6C ,0x79 ,0x31
,0x33 ,0x30 ,0x35 ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D
,0x2C ,0x61 ,0x65 ,0x73 ,0x31 ,0x32 ,0x38 ,0x2D ,0x63 ,0x74 ,0x72 ,0x2C ,0x61 ,0x65 ,0x73
,0x31 ,0x39 ,0x32 ,0x2D ,0x63 ,0x74 ,0x72 ,0x2C ,0x61 ,0x65 ,0x73 ,0x32 ,0x35 ,0x36 ,0x2D
,0x63 ,0x74 ,0x72 ,0x2C ,0x61 ,0x65 ,0x73 ,0x31 ,0x32 ,0x38 ,0x2D ,0x67 ,0x63 ,0x6D ,0x40
,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x61 ,0x65 ,0x73
,0x32 ,0x35 ,0x36 ,0x2D ,0x67 ,0x63 ,0x6D ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68
,0x2E ,0x63 ,0x6F ,0x6D ,0x00 ,0x00 ,0x00 ,0x6C ,0x63 ,0x68 ,0x61 ,0x63 ,0x68 ,0x61 ,0x32
,0x30 ,0x2D ,0x70 ,0x6F ,0x6C ,0x79 ,0x31 ,0x33 ,0x30 ,0x35 ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E
,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x61 ,0x65 ,0x73 ,0x31 ,0x32 ,0x38 ,0x2D
,0x63 ,0x74 ,0x72 ,0x2C ,0x61 ,0x65 ,0x73 ,0x31 ,0x39 ,0x32 ,0x2D ,0x63 ,0x74 ,0x72 ,0x2C
,0x61 ,0x65 ,0x73 ,0x32 ,0x35 ,0x36 ,0x2D ,0x63 ,0x74 ,0x72 ,0x2C ,0x61 ,0x65 ,0x73 ,0x31
,0x32 ,0x38 ,0x2D ,0x67 ,0x63 ,0x6D ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E
,0x63 ,0x6F ,0x6D ,0x2C ,0x61 ,0x65 ,0x73 ,0x32 ,0x35 ,0x36 ,0x2D ,0x67 ,0x63 ,0x6D ,0x40
,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x00 ,0x00 ,0x00 ,0xD5
,0x75 ,0x6D ,0x61 ,0x63 ,0x2D ,0x36 ,0x34 ,0x2D ,0x65 ,0x74 ,0x6D ,0x40 ,0x6F ,0x70 ,0x65
,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x75 ,0x6D ,0x61 ,0x63 ,0x2D ,0x31
,0x32 ,0x38 ,0x2D ,0x65 ,0x74 ,0x6D ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E
,0x63 ,0x6F ,0x6D ,0x2C ,0x68 ,0x6D ,0x61 ,0x63 ,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x2D ,0x32
,0x35 ,0x36 ,0x2D ,0x65 ,0x74 ,0x6D ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E
,0x63 ,0x6F ,0x6D ,0x2C ,0x68 ,0x6D ,0x61 ,0x63 ,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x2D ,0x35
,0x31 ,0x32 ,0x2D ,0x65 ,0x74 ,0x6D ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E
,0x63 ,0x6F ,0x6D ,0x2C ,0x68 ,0x6D ,0x61 ,0x63 ,0x2D ,0x73 ,0x68 ,0x61 ,0x31 ,0x2D ,0x65
,0x74 ,0x6D ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C
,0x75 ,0x6D ,0x61 ,0x63 ,0x2D ,0x36 ,0x34 ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68
,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x75 ,0x6D ,0x61 ,0x63 ,0x2D ,0x31 ,0x32 ,0x38 ,0x40 ,0x6F
,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x68 ,0x6D ,0x61 ,0x63
,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x2D ,0x32 ,0x35 ,0x36 ,0x2C ,0x68 ,0x6D ,0x61 ,0x63 ,0x2D
,0x73 ,0x68 ,0x61 ,0x32 ,0x2D ,0x35 ,0x31 ,0x32 ,0x2C ,0x68 ,0x6D ,0x61 ,0x63 ,0x2D ,0x73
,0x68 ,0x61 ,0x31 ,0x00 ,0x00 ,0x00 ,0xD5 ,0x75 ,0x6D ,0x61 ,0x63 ,0x2D ,0x36 ,0x34 ,0x2D
,0x65 ,0x74 ,0x6D ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D
,0x2C ,0x75 ,0x6D ,0x61 ,0x63 ,0x2D ,0x31 ,0x32 ,0x38 ,0x2D ,0x65 ,0x74 ,0x6D ,0x40 ,0x6F
,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x68 ,0x6D ,0x61 ,0x63
,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x2D ,0x32 ,0x35 ,0x36 ,0x2D ,0x65 ,0x74 ,0x6D ,0x40 ,0x6F
,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x68 ,0x6D ,0x61 ,0x63
,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x2D ,0x35 ,0x31 ,0x32 ,0x2D ,0x65 ,0x74 ,0x6D ,0x40 ,0x6F
,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x68 ,0x6D ,0x61 ,0x63
,0x2D ,0x73 ,0x68 ,0x61 ,0x31 ,0x2D ,0x65 ,0x74 ,0x6D ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73
,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x75 ,0x6D ,0x61 ,0x63 ,0x2D ,0x36 ,0x34 ,0x40
,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x75 ,0x6D ,0x61
,0x63 ,0x2D ,0x31 ,0x32 ,0x38 ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73 ,0x68 ,0x2E ,0x63
,0x6F ,0x6D ,0x2C ,0x68 ,0x6D ,0x61 ,0x63 ,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x2D ,0x32 ,0x35
,0x36 ,0x2C ,0x68 ,0x6D ,0x61 ,0x63 ,0x2D ,0x73 ,0x68 ,0x61 ,0x32 ,0x2D ,0x35 ,0x31 ,0x32
,0x2C ,0x68 ,0x6D ,0x61 ,0x63 ,0x2D ,0x73 ,0x68 ,0x61 ,0x31 ,0x00 ,0x00 ,0x00 ,0x1A ,0x6E
,0x6F ,0x6E ,0x65 ,0x2C ,0x7A ,0x6C ,0x69 ,0x62 ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73
,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x7A ,0x6C ,0x69 ,0x62 ,0x00 ,0x00 ,0x00 ,0x1A ,0x6E
,0x6F ,0x6E ,0x65 ,0x2C ,0x7A ,0x6C ,0x69 ,0x62 ,0x40 ,0x6F ,0x70 ,0x65 ,0x6E ,0x73 ,0x73
,0x68 ,0x2E ,0x63 ,0x6F ,0x6D ,0x2C ,0x7A ,0x6C ,0x69 ,0x62 ,0x00 ,0x00 ,0x00 ,0x00 ,0x00
,0x00 ,0x00 ,0x00 ,0x00 ,0x00 ,0x00 ,0x00 ,0x00];
let mut hassh_string: Vec<u8> = vec!();
let mut hassh: Vec<u8> = vec!();
match ssh_parse_key_exchange(&client_key_exchange){
Ok((_, key_exchange)) => {
key_exchange.generate_hassh(&mut hassh_string, &mut hassh, &true);
}
Err(_) => { }
}
assert_eq!(hassh_string, "curve25519-sha256,curve25519-sha256@libssh.org,\
ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,\
diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,\
diffie-hellman-group14-sha1,ext-info-c;chacha20-poly1305@openssh.com,aes128-ctr,\
aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com;umac-64-etm@openssh.com,\
umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,\
hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,\
hmac-sha2-256,hmac-sha2-512,hmac-sha1;none,zlib@openssh.com,zlib".as_bytes().to_vec());
assert_eq!(hassh, "ec7378c1a92f5a8dde7e8b7a1ddf33d1".as_bytes().to_vec());
}
#[test]
fn test_parse_hassh_server() {
let server_key_exchange = [0x7d, 0x76, 0x4f, 0x78, 0x81, 0x9e, 0x10, 0xfa, 0x23, 0x72,
0xb5, 0x15, 0x56, 0xba, 0xf9, 0x46, 0x00, 0x00, 0x01, 0x02, 0x63, 0x75, 0x72, 0x76, 0x65, 0x32,
0x35, 0x35, 0x31, 0x39, 0x2d, 0x73, 0x68, 0x61, 0x32, 0x35, 0x36, 0x2c, 0x63, 0x75, 0x72, 0x76,
0x65, 0x32, 0x35, 0x35, 0x31, 0x39, 0x2d, 0x73, 0x68, 0x61, 0x32, 0x35, 0x36, 0x40, 0x6c, 0x69,
0x62, 0x73, 0x73, 0x68, 0x2e, 0x6f, 0x72, 0x67, 0x2c, 0x65, 0x63, 0x64, 0x68, 0x2d, 0x73, 0x68,
0x61, 0x32, 0x2d, 0x6e, 0x69, 0x73, 0x74, 0x70, 0x32, 0x35, 0x36, 0x2c, 0x65, 0x63, 0x64, 0x68,
0x2d, 0x73, 0x68, 0x61, 0x32, 0x2d, 0x6e, 0x69, 0x73, 0x74, 0x70, 0x33, 0x38, 0x34, 0x2c, 0x65,
0x63, 0x64, 0x68, 0x2d, 0x73, 0x68, 0x61, 0x32, 0x2d, 0x6e, 0x69, 0x73, 0x74, 0x70, 0x35, 0x32,
0x31, 0x2c, 0x64, 0x69, 0x66, 0x66, 0x69, 0x65, 0x2d, 0x68, 0x65, 0x6c, 0x6c, 0x6d, 0x61, 0x6e,
0x2d, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x2d, 0x65, 0x78, 0x63, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x2d,
0x73, 0x68, 0x61, 0x32, 0x35, 0x36, 0x2c, 0x64, 0x69, 0x66, 0x66, 0x69, 0x65, 0x2d, 0x68, 0x65,
0x6c, 0x6c, 0x6d, 0x61, 0x6e, 0x2d, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x31, 0x36, 0x2d, 0x73, 0x68,
0x61, 0x35, 0x31, 0x32, 0x2c, 0x64, 0x69, 0x66, 0x66, 0x69, 0x65, 0x2d, 0x68, 0x65, 0x6c, 0x6c,
0x6d, 0x61, 0x6e, 0x2d, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x31, 0x38, 0x2d, 0x73, 0x68, 0x61, 0x35,
0x31, 0x32, 0x2c, 0x64, 0x69, 0x66, 0x66, 0x69, 0x65, 0x2d, 0x68, 0x65, 0x6c, 0x6c, 0x6d, 0x61,
0x6e, 0x2d, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x31, 0x34, 0x2d, 0x73, 0x68, 0x61, 0x32, 0x35, 0x36,
0x2c, 0x64, 0x69, 0x66, 0x66, 0x69, 0x65, 0x2d, 0x68, 0x65, 0x6c, 0x6c, 0x6d, 0x61, 0x6e, 0x2d,
0x67, 0x72, 0x6f, 0x75, 0x70, 0x31, 0x34, 0x2d, 0x73, 0x68, 0x61, 0x31, 0x00, 0x00, 0x00, 0x41,
0x73, 0x73, 0x68, 0x2d, 0x72, 0x73, 0x61, 0x2c, 0x72, 0x73, 0x61, 0x2d, 0x73, 0x68, 0x61, 0x32,
0x2d, 0x35, 0x31, 0x32, 0x2c, 0x72, 0x73, 0x61, 0x2d, 0x73, 0x68, 0x61, 0x32, 0x2d, 0x32, 0x35,
0x36, 0x2c, 0x65, 0x63, 0x64, 0x73, 0x61, 0x2d, 0x73, 0x68, 0x61, 0x32, 0x2d, 0x6e, 0x69, 0x73,
0x74, 0x70, 0x32, 0x35, 0x36, 0x2c, 0x73, 0x73, 0x68, 0x2d, 0x65, 0x64, 0x32, 0x35, 0x35, 0x31,
0x39, 0x00, 0x00, 0x00, 0x6c, 0x63, 0x68, 0x61, 0x63, 0x68, 0x61, 0x32, 0x30, 0x2d, 0x70, 0x6f,
0x6c, 0x79, 0x31, 0x33, 0x30, 0x35, 0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73, 0x68, 0x2e, 0x63,
0x6f, 0x6d, 0x2c, 0x61, 0x65, 0x73, 0x31, 0x32, 0x38, 0x2d, 0x63, 0x74, 0x72, 0x2c, 0x61, 0x65,
0x73, 0x31, 0x39, 0x32, 0x2d, 0x63, 0x74, 0x72, 0x2c, 0x61, 0x65, 0x73, 0x32, 0x35, 0x36, 0x2d,
0x63, 0x74, 0x72, 0x2c, 0x61, 0x65, 0x73, 0x31, 0x32, 0x38, 0x2d, 0x67, 0x63, 0x6d, 0x40, 0x6f,
0x70, 0x65, 0x6e, 0x73, 0x73, 0x68, 0x2e, 0x63, 0x6f, 0x6d, 0x2c, 0x61, 0x65, 0x73, 0x32, 0x35,
0x36, 0x2d, 0x67, 0x63, 0x6d, 0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73, 0x68, 0x2e, 0x63, 0x6f,
0x6d, 0x00, 0x00, 0x00, 0x6c, 0x63, 0x68, 0x61, 0x63, 0x68, 0x61, 0x32, 0x30, 0x2d, 0x70, 0x6f,
0x6c, 0x79, 0x31, 0x33, 0x30, 0x35, 0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73, 0x68, 0x2e, 0x63,
0x6f, 0x6d, 0x2c, 0x61, 0x65, 0x73, 0x31, 0x32, 0x38, 0x2d, 0x63, 0x74, 0x72, 0x2c, 0x61, 0x65,
0x73, 0x31, 0x39, 0x32, 0x2d, 0x63, 0x74, 0x72, 0x2c, 0x61, 0x65, 0x73, 0x32, 0x35, 0x36, 0x2d,
0x63, 0x74, 0x72, 0x2c, 0x61, 0x65, 0x73, 0x31, 0x32, 0x38, 0x2d, 0x67, 0x63, 0x6d, 0x40, 0x6f,
0x70, 0x65, 0x6e, 0x73, 0x73, 0x68, 0x2e, 0x63, 0x6f, 0x6d, 0x2c, 0x61, 0x65, 0x73, 0x32, 0x35,
0x36, 0x2d, 0x67, 0x63, 0x6d, 0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73, 0x68, 0x2e, 0x63, 0x6f,
0x6d, 0x00, 0x00, 0x00, 0xd5, 0x75, 0x6d, 0x61, 0x63, 0x2d, 0x36, 0x34, 0x2d, 0x65, 0x74, 0x6d,
0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73, 0x68, 0x2e, 0x63, 0x6f, 0x6d, 0x2c, 0x75, 0x6d, 0x61,
0x63, 0x2d, 0x31, 0x32, 0x38, 0x2d, 0x65, 0x74, 0x6d, 0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73,
0x68, 0x2e, 0x63, 0x6f, 0x6d, 0x2c, 0x68, 0x6d, 0x61, 0x63, 0x2d, 0x73, 0x68, 0x61, 0x32, 0x2d,
0x32, 0x35, 0x36, 0x2d, 0x65, 0x74, 0x6d, 0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73, 0x68, 0x2e,
0x63, 0x6f, 0x6d, 0x2c, 0x68, 0x6d, 0x61, 0x63, 0x2d, 0x73, 0x68, 0x61, 0x32, 0x2d, 0x35, 0x31,
0x32, 0x2d, 0x65, 0x74, 0x6d, 0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73, 0x68, 0x2e, 0x63, 0x6f,
0x6d, 0x2c, 0x68, 0x6d, 0x61, 0x63, 0x2d, 0x73, 0x68, 0x61, 0x31, 0x2d, 0x65, 0x74, 0x6d, 0x40,
0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73, 0x68, 0x2e, 0x63, 0x6f, 0x6d, 0x2c, 0x75, 0x6d, 0x61, 0x63,
0x2d, 0x36, 0x34, 0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73, 0x68, 0x2e, 0x63, 0x6f, 0x6d, 0x2c,
0x75, 0x6d, 0x61, 0x63, 0x2d, 0x31, 0x32, 0x38, 0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73, 0x68,
0x2e, 0x63, 0x6f, 0x6d, 0x2c, 0x68, 0x6d, 0x61, 0x63, 0x2d, 0x73, 0x68, 0x61, 0x32, 0x2d, 0x32,
0x35, 0x36, 0x2c, 0x68, 0x6d, 0x61, 0x63, 0x2d, 0x73, 0x68, 0x61, 0x32, 0x2d, 0x35, 0x31, 0x32,
0x2c, 0x68, 0x6d, 0x61, 0x63, 0x2d, 0x73, 0x68, 0x61, 0x31, 0x00, 0x00, 0x00, 0xd5, 0x75, 0x6d,
0x61, 0x63, 0x2d, 0x36, 0x34, 0x2d, 0x65, 0x74, 0x6d, 0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73,
0x68, 0x2e, 0x63, 0x6f, 0x6d, 0x2c, 0x75, 0x6d, 0x61, 0x63, 0x2d, 0x31, 0x32, 0x38, 0x2d, 0x65,
0x74, 0x6d, 0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73, 0x68, 0x2e, 0x63, 0x6f, 0x6d, 0x2c, 0x68,
0x6d, 0x61, 0x63, 0x2d, 0x73, 0x68, 0x61, 0x32, 0x2d, 0x32, 0x35, 0x36, 0x2d, 0x65, 0x74, 0x6d,
0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73, 0x68, 0x2e, 0x63, 0x6f, 0x6d, 0x2c, 0x68, 0x6d, 0x61,
0x63, 0x2d, 0x73, 0x68, 0x61, 0x32, 0x2d, 0x35, 0x31, 0x32, 0x2d, 0x65, 0x74, 0x6d, 0x40, 0x6f,
0x70, 0x65, 0x6e, 0x73, 0x73, 0x68, 0x2e, 0x63, 0x6f, 0x6d, 0x2c, 0x68, 0x6d, 0x61, 0x63, 0x2d,
0x73, 0x68, 0x61, 0x31, 0x2d, 0x65, 0x74, 0x6d, 0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73, 0x68,
0x2e, 0x63, 0x6f, 0x6d, 0x2c, 0x75, 0x6d, 0x61, 0x63, 0x2d, 0x36, 0x34, 0x40, 0x6f, 0x70, 0x65,
0x6e, 0x73, 0x73, 0x68, 0x2e, 0x63, 0x6f, 0x6d, 0x2c, 0x75, 0x6d, 0x61, 0x63, 0x2d, 0x31, 0x32,
0x38, 0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73, 0x68, 0x2e, 0x63, 0x6f, 0x6d, 0x2c, 0x68, 0x6d,
0x61, 0x63, 0x2d, 0x73, 0x68, 0x61, 0x32, 0x2d, 0x32, 0x35, 0x36, 0x2c, 0x68, 0x6d, 0x61, 0x63,
0x2d, 0x73, 0x68, 0x61, 0x32, 0x2d, 0x35, 0x31, 0x32, 0x2c, 0x68, 0x6d, 0x61, 0x63, 0x2d, 0x73,
0x68, 0x61, 0x31, 0x00, 0x00, 0x00, 0x15, 0x6e, 0x6f, 0x6e, 0x65, 0x2c, 0x7a, 0x6c, 0x69, 0x62,
0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73, 0x68, 0x2e, 0x63, 0x6f, 0x6d, 0x00, 0x00, 0x00, 0x15,
0x6e, 0x6f, 0x6e, 0x65, 0x2c, 0x7a, 0x6c, 0x69, 0x62, 0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73,
0x68, 0x2e, 0x63, 0x6f, 0x6d, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00];
let mut hassh_server_string: Vec<u8> = vec!();
let mut hassh_server: Vec<u8> = vec!();
match ssh_parse_key_exchange(&server_key_exchange){
Ok((_, key_exchange)) => {
key_exchange.generate_hassh(&mut hassh_server_string, &mut hassh_server, &true);
}
Err(_) => { }
}
assert_eq!(hassh_server, "b12d2871a1189eff20364cf5333619ee".as_bytes().to_vec());
}
#[test]
fn test_parse_hassh_server_malicious() {
let server_key_exchange = [0x7d, 0x76, 0x4f, 0x78, 0x81, 0x9e, 0x10, 0xfa, 0x23, 0x72,
0xb5, 0x15, 0x56, 0xba, 0xf9, 0x46, 0x00, 0x00, 0x01, 0x02, 0x75, 0x72, 0x76, 0x65, 0x32,
0x35, 0x35, 0x31, 0x39, 0x2d, 0x73, 0x68, 0x61, 0x32, 0x35, 0x36, 0x2c, 0x63, 0x75, 0x72, 0x76,
0x65, 0x32, 0x35, 0x35, 0x31, 0x39, 0x2d, 0x73, 0x68, 0x61, 0x32, 0x35, 0x36, 0x40, 0x6c, 0x69,
0x62, 0x73, 0x73, 0x68, 0x2e, 0x6f, 0x72, 0x67, 0x2c, 0x65, 0x63, 0x64, 0x68, 0x2d, 0x73, 0x68,
0x61, 0x32, 0x2d, 0x6e, 0x69, 0x73, 0x74, 0x70, 0x32, 0x35, 0x36, 0x2c, 0x65, 0x63, 0x64, 0x68,
0x2d, 0x73, 0x68, 0x61, 0x32, 0x2d, 0x6e, 0x69, 0x73, 0x74, 0x70, 0x33, 0x38, 0x34, 0x2c, 0x65,
0x63, 0x64, 0x68, 0x2d, 0x73, 0x68, 0x61, 0x32, 0x2d, 0x6e, 0x69, 0x73, 0x74, 0x70, 0x35, 0x32,
0x31, 0x2c, 0x64, 0x69, 0x66, 0x66, 0x69, 0x65, 0x2d, 0x68, 0x65, 0x6c, 0x6c, 0x6d, 0x61, 0x6e,
0x2d, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x2d, 0x65, 0x78, 0x63, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x2d,
0x73, 0x68, 0x61, 0x32, 0x35, 0x36, 0x2c, 0x64, 0x69, 0x66, 0x66, 0x69, 0x65, 0x2d, 0x68, 0x65,
0x6c, 0x6c, 0x6d, 0x61, 0x6e, 0x2d, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x31, 0x36, 0x2d, 0x73, 0x68,
0x61, 0x35, 0x31, 0x32, 0x2c, 0x64, 0x69, 0x66, 0x66, 0x69, 0x65, 0x2d, 0x68, 0x65, 0x6c, 0x6c,
0x6d, 0x61, 0x6e, 0x2d, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x31, 0x38, 0x2d, 0x73, 0x68, 0x61, 0x35,
0x31, 0x32, 0x2c, 0x64, 0x69, 0x66, 0x66, 0x69, 0x65, 0x2d, 0x68, 0x65, 0x6c, 0x6c, 0x6d, 0x61,
0x6e, 0x2d, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x31, 0x34, 0x2d, 0x73, 0x68, 0x61, 0x32, 0x35, 0x36,
0x2c, 0x64, 0x69, 0x66, 0x66, 0x69, 0x65, 0x2d, 0x68, 0x65, 0x6c, 0x6c, 0x6d, 0x61, 0x6e, 0x2d,
0x67, 0x72, 0x6f, 0x75, 0x70, 0x31, 0x34, 0x2d, 0x73, 0x68, 0x61, 0x31, 0x00, 0x00, 0x00, 0x41,
0x73, 0x73, 0x68, 0x2d, 0x72, 0x73, 0x61, 0x2c, 0x72, 0x73, 0x61, 0x2d, 0x73, 0x68, 0x61, 0x32,
0x2d, 0x35, 0x31, 0x32, 0x2c, 0x72, 0x73, 0x61, 0x2d, 0x73, 0x68, 0x61, 0x32, 0x2d, 0x32, 0x35,
0x36, 0x2c, 0x65, 0x63, 0x64, 0x73, 0x61, 0x2d, 0x73, 0x68, 0x61, 0x32, 0x2d, 0x6e, 0x69, 0x73,
0x74, 0x70, 0x32, 0x35, 0x36, 0x2c, 0x73, 0x73, 0x68, 0x2d, 0x65, 0x64, 0x32, 0x35, 0x35, 0x31,
0x39, 0x00, 0x00, 0x00, 0x6c, 0x63, 0x68, 0x61, 0x63, 0x68, 0x61, 0x32, 0x30, 0x2d, 0x70, 0x6f,
0x6c, 0x79, 0x31, 0x33, 0x30, 0x35, 0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73, 0x68, 0x2e, 0x63,
0x6f, 0x6d, 0x2c, 0x61, 0x65, 0x73, 0x31, 0x32, 0x38, 0x2d, 0x63, 0x74, 0x72, 0x2c, 0x61, 0x65,
0x73, 0x31, 0x39, 0x32, 0x2d, 0x63, 0x74, 0x72, 0x2c, 0x61, 0x65, 0x73, 0x32, 0x35, 0x36, 0x2d,
0x63, 0x74, 0x72, 0x2c, 0x61, 0x65, 0x73, 0x31, 0x32, 0x38, 0x2d, 0x67, 0x63, 0x6d, 0x40, 0x6f,
0x70, 0x65, 0x6e, 0x73, 0x73, 0x68, 0x2e, 0x63, 0x6f, 0x6d, 0x2c, 0x61, 0x65, 0x73, 0x32, 0x35,
0x36, 0x2d, 0x67, 0x63, 0x6d, 0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73, 0x68, 0x2e, 0x63, 0x6f,
0x6d, 0x00, 0x00, 0x00, 0x6c, 0x63, 0x68, 0x61, 0x63, 0x68, 0x61, 0x32, 0x30, 0x2d, 0x70, 0x6f,
0x6c, 0x79, 0x31, 0x33, 0x30, 0x35, 0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73, 0x68, 0x2e, 0x63,
0x6f, 0x6d, 0x2c, 0x61, 0x65, 0x73, 0x31, 0x32, 0x38, 0x2d, 0x63, 0x74, 0x72, 0x2c, 0x61, 0x65,
0x73, 0x31, 0x39, 0x32, 0x2d, 0x63, 0x74, 0x72, 0x2c, 0x61, 0x65, 0x73, 0x32, 0x35, 0x36, 0x2d,
0x63, 0x74, 0x72, 0x2c, 0x61, 0x65, 0x73, 0x31, 0x32, 0x38, 0x2d, 0x67, 0x63, 0x6d, 0x40, 0x6f,
0x70, 0x65, 0x6e, 0x73, 0x73, 0x68, 0x2e, 0x63, 0x6f, 0x6d, 0x2c, 0x61, 0x65, 0x73, 0x32, 0x35,
0x36, 0x2d, 0x67, 0x63, 0x6d, 0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73, 0x68, 0x2e, 0x63, 0x6f,
0x6d, 0x00, 0x00, 0x00, 0xd5, 0x75, 0x6d, 0x61, 0x63, 0x2d, 0x36, 0x34, 0x2d, 0x65, 0x74, 0x6d,
0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73, 0x68, 0x2e, 0x63, 0x6f, 0x6d, 0x2c, 0x75, 0x6d, 0x61,
0x63, 0x2d, 0x31, 0x32, 0x38, 0x2d, 0x65, 0x74, 0x6d, 0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73,
0x68, 0x2e, 0x63, 0x6f, 0x6d, 0x2c, 0x68, 0x6d, 0x61, 0x63, 0x2d, 0x73, 0x68, 0x61, 0x32, 0x2d,
0x32, 0x35, 0x36, 0x2d, 0x65, 0x74, 0x6d, 0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73, 0x68, 0x2e,
0x63, 0x6f, 0x6d, 0x2c, 0x68, 0x6d, 0x61, 0x63, 0x2d, 0x73, 0x68, 0x61, 0x32, 0x2d, 0x35, 0x31,
0x32, 0x2d, 0x65, 0x74, 0x6d, 0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73, 0x68, 0x2e, 0x63, 0x6f,
0x6d, 0x2c, 0x68, 0x6d, 0x61, 0x63, 0x2d, 0x73, 0x68, 0x61, 0x31, 0x2d, 0x65, 0x74, 0x6d, 0x40,
0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73, 0x68, 0x2e, 0x63, 0x6f, 0x6d, 0x2c, 0x75, 0x6d, 0x61, 0x63,
0x2d, 0x36, 0x34, 0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73, 0x68, 0x2e, 0x63, 0x6f, 0x6d, 0x2c,
0x75, 0x6d, 0x61, 0x63, 0x2d, 0x31, 0x32, 0x38, 0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73, 0x68,
0x2e, 0x63, 0x6f, 0x6d, 0x2c, 0x68, 0x6d, 0x61, 0x63, 0x2d, 0x73, 0x68, 0x61, 0x32, 0x2d, 0x32,
0x35, 0x36, 0x2c, 0x68, 0x6d, 0x61, 0x63, 0x2d, 0x73, 0x68, 0x61, 0x32, 0x2d, 0x35, 0x31, 0x32,
0x2c, 0x68, 0x6d, 0x61, 0x63, 0x2d, 0x73, 0x68, 0x61, 0x31, 0x00, 0x00, 0x00, 0xd5, 0x75, 0x6d,
0x61, 0x63, 0x2d, 0x36, 0x34, 0x2d, 0x65, 0x74, 0x6d, 0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73,
0x68, 0x2e, 0x63, 0x6f, 0x6d, 0x2c, 0x75, 0x6d, 0x61, 0x63, 0x2d, 0x31, 0x32, 0x38, 0x2d, 0x65,
0x74, 0x6d, 0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73, 0x68, 0x2e, 0x63, 0x6f, 0x6d, 0x2c, 0x68,
0x6d, 0x61, 0x63, 0x2d, 0x73, 0x68, 0x61, 0x32, 0x2d, 0x32, 0x35, 0x36, 0x2d, 0x65, 0x74, 0x6d,
0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73, 0x68, 0x2e, 0x63, 0x6f, 0x6d, 0x2c, 0x68, 0x6d, 0x61,
0x63, 0x2d, 0x73, 0x68, 0x61, 0x32, 0x2d, 0x35, 0x31, 0x32, 0x2d, 0x65, 0x74, 0x6d, 0x40, 0x6f,
0x70, 0x65, 0x6e, 0x73, 0x73, 0x68, 0x2e, 0x63, 0x6f, 0x6d, 0x2c, 0x68, 0x6d, 0x61, 0x63, 0x2d,
0x73, 0x68, 0x61, 0x31, 0x2d, 0x65, 0x74, 0x6d, 0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73, 0x68,
0x2e, 0x63, 0x6f, 0x6d, 0x2c, 0x75, 0x6d, 0x61, 0x63, 0x2d, 0x36, 0x34, 0x40, 0x6f, 0x70, 0x65,
0x6e, 0x73, 0x73, 0x68, 0x2e, 0x63, 0x6f, 0x6d, 0x2c, 0x75, 0x6d, 0x61, 0x63, 0x2d, 0x31, 0x32,
0x38, 0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73, 0x68, 0x2e, 0x63, 0x6f, 0x6d, 0x2c, 0x68, 0x6d,
0x61, 0x63, 0x2d, 0x73, 0x68, 0x61, 0x32, 0x2d, 0x32, 0x35, 0x36, 0x2c, 0x68, 0x6d, 0x61, 0x63,
0x2d, 0x73, 0x68, 0x61, 0x32, 0x2d, 0x35, 0x31, 0x32, 0x2c, 0x68, 0x6d, 0x61, 0x63, 0x2d, 0x73,
0x68, 0x61, 0x31, 0x00, 0x00, 0x00, 0x15, 0x6e, 0x6f, 0x6e, 0x65, 0x2c, 0x7a, 0x6c, 0x69, 0x62,
0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73, 0x68, 0x2e, 0x63, 0x6f, 0x6d, 0x00, 0x00, 0x00, 0x15,
0x6e, 0x6f, 0x6e, 0x65, 0x2c, 0x7a, 0x6c, 0x69, 0x62, 0x40, 0x6f, 0x70, 0x65, 0x6e, 0x73, 0x73,
0x68, 0x2e, 0x63, 0x6f, 0x6d, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00];
if let Err(e) = ssh_parse_key_exchange(&server_key_exchange) {
assert_eq!(e, nom::Err::Incomplete(nom::Needed::Size(16755)));
}
else {
panic!("ssh_parse_key_exchange() parsed malicious key_exchange");
}
}
}

99
rust/src/ssh/ssh.rs
Unescape Escape View File

@ -22,14 +22,21 @@ use crate::core::{self, AppProto, Flow, ALPROTO_UNKNOWN, IPPROTO_TCP};
use crate::log::*;
use std::ffi::{CStr, CString};
use std::mem::transmute;
use std::sync::atomic::{AtomicBool, Ordering};
static mut ALPROTO_SSH: AppProto = ALPROTO_UNKNOWN;
static HASSH_ENABLED: AtomicBool = AtomicBool::new(false);
fn hassh_is_enabled() -> bool {
HASSH_ENABLED.load(Ordering::Relaxed)
}
#[repr(u32)]
pub enum SSHEvent {
InvalidBanner = 0,
LongBanner,
InvalidRecord,
LongKexRecord,
}
impl SSHEvent {
@ -38,6 +45,7 @@ impl SSHEvent {
0 => Some(SSHEvent::InvalidBanner),
1 => Some(SSHEvent::LongBanner),
2 => Some(SSHEvent::InvalidRecord),
3 => Some(SSHEvent::LongKexRecord),
_ => None,
}
}
@ -54,23 +62,33 @@ pub enum SSHConnectionState {
const SSH_MAX_BANNER_LEN: usize = 256;
const SSH_RECORD_HEADER_LEN: usize = 6;
//TODO complete enum and parse messages contents
const SSH_MSG_NEWKEYS: u8 = 21;
const SSH_RECORD_PADDING_LEN: usize = 4;
const SSH_MAX_REASSEMBLED_RECORD_LEN: usize = 65535;
pub struct SshHeader {
record_left: u32,
record_left_msg: parser::MessageCode,
flags: SSHConnectionState,
pub protover: Vec<u8>,
pub swver: Vec<u8>,
pub hassh: Vec<u8>,
pub hassh_string: Vec<u8>,
}
impl SshHeader {
pub fn new() -> SshHeader {
SshHeader {
record_left: 0,
record_left_msg: parser::MessageCode::SshMsgUndefined(0),
flags: SSHConnectionState::SshStateInProgress,
protover: Vec::new(),
swver: Vec::new(),
hassh: Vec::new(),
hassh_string: Vec::new(),
}
}
}
@ -146,8 +164,20 @@ impl SSHState {
hdr.record_left -= ilen;
return AppLayerResult::ok();
} else {
let start = hdr.record_left as usize;
input = &input[start..];
match hdr.record_left_msg {
// parse reassembled tcp segments
parser::MessageCode::SshMsgKexinit if hassh_is_enabled() => {
if let Ok((rem, key_exchange)) = parser::ssh_parse_key_exchange(&input) {
key_exchange.generate_hassh(&mut hdr.hassh_string, &mut hdr.hassh, &resp);
input = &rem[SSH_RECORD_PADDING_LEN..];
}
hdr.record_left_msg = parser::MessageCode::SshMsgUndefined(0);
}
_ => {
let start = hdr.record_left as usize;
input = &input[start..];
}
}
hdr.record_left = 0;
}
}
@ -156,20 +186,29 @@ impl SSHState {
match parser::ssh_parse_record(input) {
Ok((rem, head)) => {
SCLogDebug!("SSH valid record {}", head);
input = rem;
if head.msg_code == SSH_MSG_NEWKEYS {
hdr.flags = SSHConnectionState::SshStateFinished;
if ohdr.flags >= SSHConnectionState::SshStateFinished {
unsafe {
AppLayerParserStateSetFlag(
pstate,
APP_LAYER_PARSER_NO_INSPECTION
match head.msg_code {
parser::MessageCode::SshMsgKexinit if hassh_is_enabled() => {
if let Ok((_, key_exchange)) = parser::ssh_parse_key_exchange(&input[SSH_RECORD_HEADER_LEN..]) {
key_exchange.generate_hassh(&mut hdr.hassh_string, &mut hdr.hassh, &resp);
}
}
parser::MessageCode::SshMsgNewKeys => {
hdr.flags = SSHConnectionState::SshStateFinished;
if ohdr.flags >= SSHConnectionState::SshStateFinished {
unsafe {
AppLayerParserStateSetFlag(
pstate,
APP_LAYER_PARSER_NO_INSPECTION
| APP_LAYER_PARSER_NO_REASSEMBLY
| APP_LAYER_PARSER_BYPASS_READY,
);
);
}
}
}
_ => {}
}
input = rem;
//header and complete data (not returned)
}
Err(nom::Err::Incomplete(_)) => {
@ -179,8 +218,26 @@ impl SSHState {
let remlen = rem.len() as u32;
hdr.record_left = head.pkt_len - 2 - remlen;
//header with rem as incomplete data
if head.msg_code == SSH_MSG_NEWKEYS {
hdr.flags = SSHConnectionState::SshStateFinished;
match head.msg_code {
parser::MessageCode::SshMsgNewKeys => {
hdr.flags = SSHConnectionState::SshStateFinished;
}
parser::MessageCode::SshMsgKexinit if hassh_is_enabled() => {
// check if buffer is bigger than maximum reassembled packet size
if hdr.record_left < SSH_MAX_REASSEMBLED_RECORD_LEN as u32 {
// saving type of incomplete kex message
hdr.record_left_msg = parser::MessageCode::SshMsgKexinit;
return AppLayerResult::incomplete(
SSH_RECORD_HEADER_LEN as u32,
hdr.record_left as u32
);
}
else {
SCLogDebug!("SSH buffer is bigger than maximum reassembled packet size");
self.set_event(SSHEvent::LongKexRecord);
}
}
_ => {}
}
return AppLayerResult::ok();
}
@ -333,6 +390,7 @@ pub extern "C" fn rs_ssh_state_get_event_info(
"invalid_banner" => SSHEvent::InvalidBanner as i32,
"long_banner" => SSHEvent::LongBanner as i32,
"invalid_record" => SSHEvent::InvalidRecord as i32,
"long_kex_record" => SSHEvent::LongKexRecord as i32,
_ => -1, // unknown event
}
}
@ -355,6 +413,7 @@ pub extern "C" fn rs_ssh_state_get_event_info_by_id(
SSHEvent::InvalidBanner => "invalid_banner\0",
SSHEvent::LongBanner => "long_banner\0",
SSHEvent::InvalidRecord => "invalid_record\0",
SSHEvent::LongKexRecord => "long_kex_record\0",
};
unsafe {
*event_name = estr.as_ptr() as *const std::os::raw::c_char;
@ -537,3 +596,13 @@ pub unsafe extern "C" fn rs_ssh_register_parser() {
SCLogNotice!("Protocol detector and parser disabled for SSH.");
}
}
#[no_mangle]
pub extern "C" fn rs_ssh_enable_hassh() {
HASSH_ENABLED.store(true, Ordering::Relaxed)
}
#[no_mangle]
pub extern "C" fn rs_ssh_hassh_is_enabled() -> bool {
hassh_is_enabled()
}

19
src/app-layer-ssh.c
Unescape Escape View File

@ -53,6 +53,8 @@
#include "util-byte.h"
#include "util-memcmp.h"
/* HASSH fingerprints are disabled by default */
#define SSH_CONFIG_DEFAULT_HASSH FALSE
static int SSHRegisterPatternsForProtocolDetection(void)
{
@ -79,6 +81,23 @@ void RegisterSSHParsers(void)
AppLayerProtoDetectRegisterProtocol(ALPROTO_SSH, proto_name);
if (SSHRegisterPatternsForProtocolDetection() < 0)
return;
/* Check if we should generate Hassh fingerprints */
int enable_hassh = SSH_CONFIG_DEFAULT_HASSH;
const char *strval = NULL;
if (ConfGetValue("app-layer.protocols.ssh.hassh", &strval) != 1) {
enable_hassh = SSH_CONFIG_DEFAULT_HASSH;
} else if (strcmp(strval, "auto") == 0) {
enable_hassh = SSH_CONFIG_DEFAULT_HASSH;
} else if (ConfValIsFalse(strval)) {
enable_hassh = SSH_CONFIG_DEFAULT_HASSH;
} else if (ConfValIsTrue(strval)) {
enable_hassh = true;
}
if (RunmodeIsUnittests() || enable_hassh) {
rs_ssh_enable_hassh();
}
}
SCLogDebug("Registering Rust SSH parser.");

Write Preview
Loading…
Cancel
Save