1. Forum
  2. DOVE-Net
  3. Synchronet Programming

  • src/ssh/enc/aes256-ctr.c

    From Deuc¿@VERT to Git commit to main/sbbs/m on Sun Mar 22 04:50:00 2026
    https://gitlab.synchro.net/main/sbbs/-/commit/e4025e5f8610b08330745538
    Added Files:
    src/ssh/enc/aes256-ctr.c aes256-ctr.h src/ssh/kex/curve25519-sha256.c curve25519-sha256.h dh-gex-sha256.c dh-gex-sha256.h src/ssh/key_algo/rsa-sha2-256.c rsa-sha2-256.h ssh-ed25519.c ssh-ed25519.h src/ssh/mac/hmac-sha2-256.c hmac-sha2-256.h src/ssh/server.c ssh-auth.c ssh-auth.h ssh-conn.c ssh-conn.h
    Modified Files:
    src/ssh/CMakeLists.txt client.c src/ssh/comp/none.c src/ssh/deucessh.h src/ssh/enc/none.c src/ssh/mac/none.c src/ssh/portable.h ssh-arch.c ssh-arch.h ssh-trans.c ssh-trans.h ssh.c
    Log Message:
    Get this stuff committed and out of my untracked files.

    Implements the minimum "stuff" for an exec channel with password auth
    now, "works" with cryptlib and OpenSSH.

    C23 aspiration is basically dead, and it still needs a try in Windows
    to crush my dreams. The "no malloc in library" thing is looking
    impossible without C23 too, so there's malloc in there now.

    Claude seems to have understood what I was driving at, and I let it
    take a pass at cleaning it up and making it comprehensible... I still
    need to audit those bits though.

    I should have Claude split up ssh-trans.c too.

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Deuc¿@VERT to Git commit to main/sbbs/m on Mon Mar 23 20:49:00 2026
    https://gitlab.synchro.net/main/sbbs/-/commit/f71fe26992b4638e30d57a3f
    Modified Files:
    src/ssh/enc/aes256-ctr.c src/ssh/kex/curve25519-sha256.c dh-gex-sha256.c src/ssh/key_algo/rsa-sha2-256.c ssh-ed25519.c src/ssh/mac/hmac-sha2-256.c src/ssh/ssh-arch.c ssh-conn.c ssh-trans.c
    Log Message:
    Compile out unreachable defense-in-depth guards under DSSH_TESTING

    Wrap ~46 dead-code branches in #ifndef DSSH_TESTING so coverage
    reports reflect only reachable code. Each guard has a comment
    explaining why it is unreachable:

    ssh-arch.c: dssh_parse_uint32 cannot fail after bufsz >= 4 check

    ssh-trans.c: rekey_time never 0 after init, enc blocksize always >= 8,
    payload_len always > 0, enc->encrypt/decrypt always non-NULL, all
    modules provide cleanup, ka->haskey always non-NULL, kex_selected
    validated before kex(), shared secret always non-empty, namelist
    buffers adequate, remote_languages never populated

    ssh-conn.c: send_extended_data len already clamped by public API,
    chan_type always set after init, channels array never contains NULL

    key_algo: cbd->pkey always set before sign/pubkey/save callable,
    caller buffers always adequate, EVP_PKEY_id always matches module,
    cleanup only called after successful init

    kex modules: ka and function pointers always set by negotiation,
    own-key pubkey always succeeds, serialize buffers adequate

    enc/mac: cleanup only called after successful init

    Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Deuc¿@VERT to Git commit to main/sbbs/m on Wed Mar 25 23:06:00 2026
    https://gitlab.synchro.net/main/sbbs/-/commit/8e2516b4d55c52b3e792a909
    Modified Files:
    src/ssh/enc/aes256-ctr.c src/ssh/kex/curve25519-sha256.c src/ssh/key_algo/rsa-sha2-256.c ssh-ed25519.c
    Log Message:
    Modernize OpenSSL API: remove all deprecated 3.0 usage

    - EVP_PKEY_CTX_new_id() -> EVP_PKEY_CTX_new_from_name()
    - EVP_PKEY_id() -> EVP_PKEY_is_a()
    - EVP_PKEY_new_raw_public_key() -> EVP_PKEY_new_raw_public_key_ex()
    - EVP_aes_256_ctr()/EVP_aes_256_cbc() -> EVP_CIPHER_fetch()

    All OpenSSL usage now follows 3.0+ best practices with no
    deprecated function calls.

    Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Deuc¿@VERT to Git commit to main/sbbs/m on Wed Mar 25 23:06:00 2026
    https://gitlab.synchro.net/main/sbbs/-/commit/7aa05c370a0dbe347d819876
    Modified Files:
    src/ssh/enc/aes256-ctr.c src/ssh/kex/curve25519-sha256.c dh-gex-sha256.c src/ssh/key_algo/rsa-sha2-256.c src/ssh/ssh-auth.c ssh-conn.c ssh-internal.h ssh-trans.c
    Log Message:
    Range-check all narrowing casts; DSSH_STRLEN macro

    Every runtime size_t  uint32_t cast now has an explicit range
    check before the narrowing. Casts backed by provable invariants
    (received packet lengths, fixed-size buffers, BN_num_bytes chain)
    are documented and left as single-use inline casts. Values used
    more than once after narrowing get an initializer variable.

    DSSH_STRLEN(lit) macro replaces (uint32_t)(sizeof(lit) - 1).
    EVP_EncryptUpdate bufsz gets INT_MAX guard. send_packet
    arithmetic cast replaced with range-checked initializer.

    Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net