DeterministicESPAsyncWebServer v6.27.1
Zero-allocation, bounded-execution async HTTP server for ESP32
Loading...
Searching...
No Matches
ssh_auth.h
Go to the documentation of this file.
1// Copyright (C) 2026 Douglas Quigg (dstroy0) <dquigg123@gmail.com>
2// SPDX-License-Identifier: AGPL-3.0-or-later
3
4/**
5 * @file ssh_auth.h
6 * @brief SSH user-authentication layer (RFC 4252).
7 *
8 * After NEWKEYS the client requests the "ssh-userauth" service; the server
9 * accepts it and then drives SSH_MSG_USERAUTH_REQUEST exchanges until a method
10 * succeeds (SSH_MSG_USERAUTH_SUCCESS) or the connection is dropped.
11 *
12 * This implementation supports the "password" method (RFC 4252 §8): the
13 * password travels inside the encrypted transport and is checked against an
14 * application-supplied callback. The "none" method is always answered with a
15 * failure that advertises "password" (RFC 4252 §5.2), which is how a client
16 * discovers the supported methods.
17 *
18 * @author Douglas Quigg (dstroy0)
19 * @date 2026
20 */
21
22#ifndef DETERMINISTICESPASYNCWEBSERVER_SSH_AUTH_H
23#define DETERMINISTICESPASYNCWEBSERVER_SSH_AUTH_H
24
25#include "ServerConfig.h"
26#include <stddef.h>
27#include <stdint.h>
28
29/** @brief Parsed SSH_MSG_USERAUTH_REQUEST. */
31{
32 char user[SSH_AUTH_USER_MAX]; ///< User name, null-terminated.
33 char service[32]; ///< Requested service ("ssh-connection").
34 char method[16]; ///< Method name ("none", "password", "publickey").
35 char password[SSH_AUTH_PASS_MAX]; ///< Password (method == "password").
36 bool is_password; ///< True if a password method-request was parsed.
37
38 // publickey method (RFC 4252 §7)
39 bool is_pubkey; ///< True if a publickey method-request was parsed.
40 bool has_signature; ///< True if the request carried a signature.
41 char pk_algo[20]; ///< Public-key algorithm name.
42 const uint8_t *pk_blob; ///< Public-key blob (points into the payload).
43 uint32_t pk_blob_len; ///< Length of pk_blob.
44 const uint8_t *signature; ///< Raw signature bytes (points into the payload).
45 uint32_t signature_len; ///< Length of signature.
46 const uint8_t *signed_prefix; ///< Bytes of the request that the signature covers.
47 size_t signed_prefix_len; ///< Length of signed_prefix (payload up to the signature).
48};
49
50/**
51 * @brief Application callback that validates a username/password pair.
52 * @return true to accept the credentials.
53 */
54typedef bool (*SshPasswordCb)(const char *user, const char *password);
55
56/** @brief Install the password-verification callback (nullptr → all fail). */
58
59/**
60 * @brief Application callback that decides whether a public key is authorized
61 * for @p user. @p blob is the "ssh-rsa" public-key blob.
62 * @return true if the key may authenticate this user.
63 */
64typedef bool (*SshPubkeyCb)(const char *user, const uint8_t *blob, size_t blob_len);
65
66/** @brief Install the publickey-authorization callback (nullptr → all fail). */
68
69/**
70 * @brief Handle SSH_MSG_SERVICE_REQUEST; emit SERVICE_ACCEPT for ssh-userauth.
71 * @return 0 and writes SERVICE_ACCEPT to @p out, or -1 if the service is not
72 * "ssh-userauth" or the message is malformed.
73 */
74int ssh_auth_handle_service_request(const uint8_t *payload, size_t len, uint8_t *out, size_t *out_len, size_t cap);
75
76/**
77 * @brief Parse an SSH_MSG_USERAUTH_REQUEST into @p req.
78 * @return 0 on success, -1 if malformed.
79 */
80int ssh_auth_parse_request(const uint8_t *payload, size_t len, SshAuthReq *req);
81
82/** @brief Build SSH_MSG_USERAUTH_FAILURE advertising "password". */
83int ssh_auth_build_failure(uint8_t *out, size_t *out_len, size_t cap, bool partial);
84
85/** @brief Build SSH_MSG_USERAUTH_SUCCESS. */
86int ssh_auth_build_success(uint8_t *out, size_t *out_len, size_t cap);
87
88/**
89 * @brief Handle a USERAUTH_REQUEST end-to-end for slot @p i.
90 *
91 * Parses the request, checks "password" credentials via the installed callback,
92 * and writes either USERAUTH_SUCCESS or USERAUTH_FAILURE to @p out. On success
93 * the session is marked authenticated and advanced to the connection phase.
94 *
95 * @return 0 if a response was produced (check the message type), -1 on parse
96 * error.
97 */
98int ssh_auth_handle_request(uint8_t i, const uint8_t *payload, size_t len, uint8_t *out, size_t *out_len, size_t cap);
99
100#endif // DETERMINISTICESPASYNCWEBSERVER_SSH_AUTH_H
User-facing configuration for DeterministicESPAsyncWebServer.
#define SSH_AUTH_PASS_MAX
Max stored password length.
#define SSH_AUTH_USER_MAX
Max stored user name (RFC 4252 imposes no limit; we cap for BSS).
void ssh_auth_set_pubkey_cb(SshPubkeyCb cb)
Install the publickey-authorization callback (nullptr → all fail).
Definition ssh_auth.cpp:35
int ssh_auth_build_success(uint8_t *out, size_t *out_len, size_t cap)
Build SSH_MSG_USERAUTH_SUCCESS.
Definition ssh_auth.cpp:304
void ssh_auth_set_password_cb(SshPasswordCb cb)
Install the password-verification callback (nullptr → all fail).
Definition ssh_auth.cpp:30
int ssh_auth_handle_request(uint8_t i, const uint8_t *payload, size_t len, uint8_t *out, size_t *out_len, size_t cap)
Handle a USERAUTH_REQUEST end-to-end for slot i.
Definition ssh_auth.cpp:408
int ssh_auth_build_failure(uint8_t *out, size_t *out_len, size_t cap, bool partial)
Build SSH_MSG_USERAUTH_FAILURE advertising "password".
Definition ssh_auth.cpp:285
bool(* SshPasswordCb)(const char *user, const char *password)
Application callback that validates a username/password pair.
Definition ssh_auth.h:54
int ssh_auth_parse_request(const uint8_t *payload, size_t len, SshAuthReq *req)
Parse an SSH_MSG_USERAUTH_REQUEST into req.
Definition ssh_auth.cpp:222
int ssh_auth_handle_service_request(const uint8_t *payload, size_t len, uint8_t *out, size_t *out_len, size_t cap)
Handle SSH_MSG_SERVICE_REQUEST; emit SERVICE_ACCEPT for ssh-userauth.
Definition ssh_auth.cpp:194
bool(* SshPubkeyCb)(const char *user, const uint8_t *blob, size_t blob_len)
Application callback that decides whether a public key is authorized for user. blob is the "ssh-rsa" ...
Definition ssh_auth.h:64
Parsed SSH_MSG_USERAUTH_REQUEST.
Definition ssh_auth.h:31
const uint8_t * signature
Raw signature bytes (points into the payload).
Definition ssh_auth.h:44
bool is_pubkey
True if a publickey method-request was parsed.
Definition ssh_auth.h:39
char pk_algo[20]
Public-key algorithm name.
Definition ssh_auth.h:41
bool is_password
True if a password method-request was parsed.
Definition ssh_auth.h:36
char method[16]
Method name ("none", "password", "publickey").
Definition ssh_auth.h:34
char password[SSH_AUTH_PASS_MAX]
Password (method == "password").
Definition ssh_auth.h:35
char user[SSH_AUTH_USER_MAX]
User name, null-terminated.
Definition ssh_auth.h:32
uint32_t pk_blob_len
Length of pk_blob.
Definition ssh_auth.h:43
char service[32]
Requested service ("ssh-connection").
Definition ssh_auth.h:33
size_t signed_prefix_len
Length of signed_prefix (payload up to the signature).
Definition ssh_auth.h:47
const uint8_t * pk_blob
Public-key blob (points into the payload).
Definition ssh_auth.h:42
const uint8_t * signed_prefix
Bytes of the request that the signature covers.
Definition ssh_auth.h:46
uint32_t signature_len
Length of signature.
Definition ssh_auth.h:45
bool has_signature
True if the request carried a signature.
Definition ssh_auth.h:40