1. Forum
  2. DOVE-Net
  3. Synchronet Programming

  • src/ssh/crypto/botan.cpp openssl.c src/ssh/deucessh-crypto.h deucesshC

    From Deuc¨@VERT to Git commit to main/sbbs/master on Wed Apr 1 08:04:20 2026
    https://gitlab.synchro.net/main/sbbs/-/commit/04a86211e6041ce899b9c74a
    Added Files:
    src/ssh/crypto/botan.cpp openssl.c src/ssh/deucessh-crypto.h deucesshConfig.cmake.in src/ssh/enc/aes256-ctr-botan.c aes256-ctr-botan.cpp aes256-ctr-openssl.c src/ssh/kex/curve25519-sha256-botan.c curve25519-sha256-botan.cpp curve25519-sha256-openssl.c curve25519-sha256-ops.h dh-gex-groups.c dh-gex-groups.h dh-gex-sha256-botan.c dh-gex-sha256-botan.cpp dh-gex-sha256-openssl.c dh-gex-sha256-ops.h hybrid-pq-kex-ops.h hybrid-pq-kex.c mlkem768x25519-sha256-botan.c mlkem768x25519-sha256-botan.cpp mlkem768x25519-sha256-openssl.c sntrup761x25519-sha512-botan.c sntrup761x25519-sha512-botan.cpp sntrup761x25519-sha512-openssl.c src/ssh/key_algo/rsa-sha2-256-botan.c rsa-sha2-256-botan.cpp rsa-sha2-256-openssl.c rsa-sha2-512-botan.c rsa-sha2-512-botan.cpp rsa-sha2-512-openssl.c ssh-ed25519-botan.c ssh-ed25519-botan.cpp ssh-ed25519-openssl.c src/ssh/mac/hmac-sha2-256-botan.c hmac-sha2-256-botan.cpp hmac-sha2-256-openssl.c hmac-sha2-512-botan.c hmac-sha2-512-botan.cpp hmac-sha2-512-openssl.c src/ssh/test/kex_test.c test_botan_algo_key.cpp test_botan_transport.cpp test_crypto.c
    Modified Files:
    src/ssh/CLAUDE.md CMakeLists.txt TODO.md deucessh-comp.h deucessh-enc.h deucessh-kex.h deucessh-key-algo.h deucessh-lang.h deucessh-mac.h deucessh-portable.h deucessh.pc.in src/ssh/docs/audit-4251.md audit-4253.md src/ssh/kex/curve25519-sha256.c dh-gex-sha256.c libcrux_mlkem768_sha3.h mlkem768.c sntrup761.c sntrup761.h src/ssh/ssh-auth.c ssh-internal.h ssh-trans.c ssh.c src/ssh/test/CMakeLists.txt dssh_test_internal.h dssh_test_ossl.c test_algo_enc.c test_algo_key.c test_algo_mac.c test_alloc.c test_transport.c
    Removed Files:
    src/ssh/kex/mlkem768x25519-sha256.c sntrup761x25519-sha512.c
    Log Message:
    Add Botan3 crypto backend with native C++ API, deduplicate KEX modules

    Add a second crypto backend using Botan3's native C++ API alongside the existing OpenSSL backend. Selected at build time via -DDEUCESSH_CRYPTO_BACKEND=Botan (default remains OpenSSL). CXX is
    enabled conditionally only when Botan is selected Ä OpenSSL-only builds
    no longer require a C++ compiler.

    Backend-agnostic crypto layer:
    - New deucessh-crypto.h public API: dssh_hash_*, dssh_random,
    dssh_cleanse, dssh_crypto_memcmp, dssh_base64_encode
    - crypto/openssl.c and crypto/botan.cpp implement the same interface
    - All algorithm modules use only the public crypto API and module
    headers; no backend headers leak into production builds

    Algorithm module deduplication:
    - KEX: protocol logic (curve25519-sha256.c, dh-gex-sha256.c,
    hybrid-pq-kex.c) split from crypto operations via ops vtables
    (curve25519-sha256-ops.h, dh-gex-sha256-ops.h, hybrid-pq-kex-ops.h);
    dhgex_handler_impl() and hybrid_pq_handler_impl() further split into
    separate static client/server helpers with single goto-cleanup labels
    - Each backend provides only the crypto ops (*-openssl.c, *-botan.cpp)
    - DH-GEX groups extracted to kex/dh-gex-groups.c (shared between
    backends)
    - Botan modules use native C++ API (not FFI): Botan::system_rng(),
    Botan::X25519_PrivateKey, Botan::RSA_PrivateKey, Botan::BigInt,
    Botan::Cipher_Mode, Botan::MessageAuthenticationCode, etc.
    - Each Botan module split into .cpp (crypto impl with extern "C"
    wrappers and try/catch) + .c (struct allocation and registration)

    Renamed files for consistency:
    - enc/aes256-ctr.c -> enc/aes256-ctr-openssl.c
    - mac/hmac-sha2-{256,512}.c -> mac/hmac-sha2-{256,512}-openssl.c
    - key_algo/{ssh-ed25519,rsa-sha2-256,rsa-sha2-512}.c -> *-openssl.c

    Other changes:
    - derive_key(): replace hardcoded uint8_t tmp[64] with malloc(md_len)
    for forward-compatibility with any hash digest size
    - mlkem768.c: replace #undef htole64/le64toh/le32toh system macro
    overrides with libcrux-local lcx_htole64/lcx_le64toh/lcx_le32toh

    Pre-existing bug fixes (in OpenSSL code that predates this commit):
    - Password callback buffer overflow (missing upper bound check, 6 sites)
    - mpint parse uint32_t overflow (4 + len > bufsz wraps on large len)
    - DH-GEX server reply buffer overflow (unchecked sum of 5 fields)
    - RSA verify missing error codes at n-parse failure
    - dssh_hash_final NULL output check

    Testing:
    - New test/test_crypto.c for backend-agnostic crypto API
    - New test/test_botan_algo_key.cpp (18 Botan-specific tests)
    - New test/test_botan_transport.cpp (12 Botan-specific tests)
    - Backend-specific tests properly guarded with DSSH_CRYPTO_OPENSSL /
    DSSH_CRYPTO_BOTAN
    - OpenSSL: 3490/3490 tests pass
    - Botan: 3491/3491 tests pass

    Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net