Updating support for additional diffie-helman. (#486)

Summary: 

Adding additional support for other common SSH algorithms

---

- Added support for `diffie-hellman-group15-sha512`
https://www.ietf.org/rfc/rfc3526.txt
- Added support for `diffie-hellman-group17-sha512`
https://www.ietf.org/rfc/rfc3526.txt
- Added support for `diffie-hellman-group18-sha512`
https://www.ietf.org/rfc/rfc3526.txt


Tests
---

- All current test pass

---------

Co-authored-by: Eugene <[email protected]>

Author: jvanbrunt

.vscode/settings.json

@@ -1,2 +1,3 @@
 {
+  "rust-analyzer.check.command": "check"
 }

russh/src/client/mod.rs

@@ -874,10 +874,10 @@ where
     let (kex_done_signal, kex_done_signal_rx) = oneshot::channel();
     let join = russh_util::runtime::spawn(session.run(stream, handler, Some(kex_done_signal)));
 
-    if kex_done_signal_rx.await.is_err() {
+    if let Err(err) = kex_done_signal_rx.await {
         // kex_done_signal Sender is dropped when the session
         // fails before a succesful key exchange
-        debug!("kex_done_signal sender was dropped");
+        debug!("kex_done_signal sender was dropped {err:?}");
         join.await.map_err(crate::Error::Join)??;
         return Err(H::Error::from(crate::Error::Disconnect));
     }

russh/src/kex/dh/groups.rs

@@ -103,6 +103,34 @@ pub const DH_GROUP14: DhGroup = DhGroup {
     // exp_size: 256,
 };
 
+/// https://www.ietf.org/rfc/rfc3526.txt
+pub const DH_GROUP15: DhGroup = DhGroup {
+    prime: DhGroupUInt::new(
+        hex!(
+            "
+        FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1
+        29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD
+        EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245
+        E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED
+        EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE45B3D
+        C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8 FD24CF5F
+        83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D
+        670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B
+        E39E772C 180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9
+        DE2BCBF6 95581718 3995497C EA956AE5 15D22618 98FA0510
+        15728E5A 8AAAC42D AD33170D 04507A33 A85521AB DF1CBA64
+        ECFB8504 58DBEF0A 8AEA7157 5D060C7D B3970F85 A6E1E4C7
+        ABF5AE8C DB0933D7 1E8C94E0 4A25619D CEE3D226 1AD2EE6B
+        F12FFA06 D98A0864 D8760273 3EC86A64 521F2B18 177B200C
+        BBE11757 7A615D6C 770988C0 BAD946E2 08E24FA0 74E5AB31
+        43DB5BFC E0FD108E 4B82D120 A93AD2CA FFFFFFFF FFFFFFFF
+            "
+        )
+        .as_slice(),
+    ),
+    generator: DhGroupUInt::new(&[2]),
+};
+
 pub const DH_GROUP16: DhGroup = DhGroup {
     prime: DhGroupUInt::new(
         hex!(
@@ -137,6 +165,101 @@ pub const DH_GROUP16: DhGroup = DhGroup {
     // exp_size: 512,
 };
 
+/// https://www.ietf.org/rfc/rfc3526.txt
+pub const DH_GROUP17: DhGroup = DhGroup {
+    prime: DhGroupUInt::new(
+        hex!(
+            "
+    FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 29024E08
+    8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD EF9519B3 CD3A431B
+    302B0A6D F25F1437 4FE1356D 6D51C245 E485B576 625E7EC6 F44C42E9
+    A637ED6B 0BFF5CB6 F406B7ED EE386BFB 5A899FA5 AE9F2411 7C4B1FE6
+    49286651 ECE45B3D C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8
+    FD24CF5F 83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D
+    670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B E39E772C
+    180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9 DE2BCBF6 95581718
+    3995497C EA956AE5 15D22618 98FA0510 15728E5A 8AAAC42D AD33170D
+    04507A33 A85521AB DF1CBA64 ECFB8504 58DBEF0A 8AEA7157 5D060C7D
+    B3970F85 A6E1E4C7 ABF5AE8C DB0933D7 1E8C94E0 4A25619D CEE3D226
+    1AD2EE6B F12FFA06 D98A0864 D8760273 3EC86A64 521F2B18 177B200C
+    BBE11757 7A615D6C 770988C0 BAD946E2 08E24FA0 74E5AB31 43DB5BFC
+    E0FD108E 4B82D120 A9210801 1A723C12 A787E6D7 88719A10 BDBA5B26
+    99C32718 6AF4E23C 1A946834 B6150BDA 2583E9CA 2AD44CE8 DBBBC2DB
+    04DE8EF9 2E8EFC14 1FBECAA6 287C5947 4E6BC05D 99B2964F A090C3A2
+    233BA186 515BE7ED 1F612970 CEE2D7AF B81BDD76 2170481C D0069127
+    D5B05AA9 93B4EA98 8D8FDDC1 86FFB7DC 90A6C08F 4DF435C9 34028492
+    36C3FAB4 D27C7026 C1D4DCB2 602646DE C9751E76 3DBA37BD F8FF9406
+    AD9E530E E5DB382F 413001AE B06A53ED 9027D831 179727B0 865A8918
+    DA3EDBEB CF9B14ED 44CE6CBA CED4BB1B DB7F1447 E6CC254B 33205151
+    2BD7AF42 6FB8F401 378CD2BF 5983CA01 C64B92EC F032EA15 D1721D03
+    F482D7CE 6E74FEF6 D55E702F 46980C82 B5A84031 900B1C9E 59E7C97F
+    BEC7E8F3 23A97A7E 36CC88BE 0F1D45B7 FF585AC5 4BD407B2 2B4154AA
+    CC8F6D7E BF48E1D8 14CC5ED2 0F8037E0 A79715EE F29BE328 06A1D58B
+    B7C5DA76 F550AA3D 8A1FBFF0 EB19CCB1 A313D55C DA56C9EC 2EF29632
+    387FE8D7 6E3C0468 043E8F66 3F4860EE 12BF2D5B 0B7474D6 E694F91E
+    6DCC4024 FFFFFFFF FFFFFFFF
+    "
+        )
+        .as_slice(),
+    ),
+    generator: DhGroupUInt::new(&[2]),
+};
+
+/// https://www.ietf.org/rfc/rfc3526.txt
+pub const DH_GROUP18: DhGroup = DhGroup {
+    prime: DhGroupUInt::new(
+        hex!(
+            "
+      FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1
+      29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD
+      EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245
+      E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED
+      EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE45B3D
+      C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8 FD24CF5F
+      83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D
+      670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B
+      E39E772C 180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9
+      DE2BCBF6 95581718 3995497C EA956AE5 15D22618 98FA0510
+      15728E5A 8AAAC42D AD33170D 04507A33 A85521AB DF1CBA64
+      ECFB8504 58DBEF0A 8AEA7157 5D060C7D B3970F85 A6E1E4C7
+      ABF5AE8C DB0933D7 1E8C94E0 4A25619D CEE3D226 1AD2EE6B
+      F12FFA06 D98A0864 D8760273 3EC86A64 521F2B18 177B200C
+      BBE11757 7A615D6C 770988C0 BAD946E2 08E24FA0 74E5AB31
+      43DB5BFC E0FD108E 4B82D120 A9210801 1A723C12 A787E6D7
+      88719A10 BDBA5B26 99C32718 6AF4E23C 1A946834 B6150BDA
+      2583E9CA 2AD44CE8 DBBBC2DB 04DE8EF9 2E8EFC14 1FBECAA6
+      287C5947 4E6BC05D 99B2964F A090C3A2 233BA186 515BE7ED
+      1F612970 CEE2D7AF B81BDD76 2170481C D0069127 D5B05AA9
+      93B4EA98 8D8FDDC1 86FFB7DC 90A6C08F 4DF435C9 34028492
+      36C3FAB4 D27C7026 C1D4DCB2 602646DE C9751E76 3DBA37BD
+      F8FF9406 AD9E530E E5DB382F 413001AE B06A53ED 9027D831
+      179727B0 865A8918 DA3EDBEB CF9B14ED 44CE6CBA CED4BB1B
+      DB7F1447 E6CC254B 33205151 2BD7AF42 6FB8F401 378CD2BF
+      5983CA01 C64B92EC F032EA15 D1721D03 F482D7CE 6E74FEF6
+      D55E702F 46980C82 B5A84031 900B1C9E 59E7C97F BEC7E8F3
+      23A97A7E 36CC88BE 0F1D45B7 FF585AC5 4BD407B2 2B4154AA
+      CC8F6D7E BF48E1D8 14CC5ED2 0F8037E0 A79715EE F29BE328
+      06A1D58B B7C5DA76 F550AA3D 8A1FBFF0 EB19CCB1 A313D55C
+      DA56C9EC 2EF29632 387FE8D7 6E3C0468 043E8F66 3F4860EE
+      12BF2D5B 0B7474D6 E694F91E 6DBE1159 74A3926F 12FEE5E4
+      38777CB6 A932DF8C D8BEC4D0 73B931BA 3BC832B6 8D9DD300
+      741FA7BF 8AFC47ED 2576F693 6BA42466 3AAB639C 5AE4F568
+      3423B474 2BF1C978 238F16CB E39D652D E3FDB8BE FC848AD9
+      22222E04 A4037C07 13EB57A8 1A23F0C7 3473FC64 6CEA306B
+      4BCBC886 2F8385DD FA9D4B7F A2C087E8 79683303 ED5BDD3A
+      062B3CF5 B3A278A6 6D2A13F8 3F44F82D DF310EE0 74AB6A36
+      4597E899 A0255DC1 64F31CC5 0846851D F9AB4819 5DED7EA1
+      B1D510BD 7EE74D73 FAF36BC3 1ECFA268 359046F4 EB879F92
+      4009438B 481C6CD7 889A002E D5EE382B C9190DA6 FC026E47
+      9558E447 5677E9AA 9E3050E2 765694DF C81F56E8 80B96E71
+      60C980DD 98EDD3DF FFFFFFFF FFFFFFFF
+            "
+        )
+        .as_slice(),
+    ),
+    generator: DhGroupUInt::new(&[2]),
+};
+
 #[derive(Debug, PartialEq, Eq, Clone)]
 pub(crate) struct DH {
     prime_num: BigUint,

russh/src/kex/dh/mod.rs

@@ -10,12 +10,38 @@ use sha1::Sha1;
 use sha2::{Sha256, Sha512};
 use ssh_encoding::{Decode, Encode, Reader, Writer};
 
-use self::groups::{DhGroup, DH_GROUP1, DH_GROUP14, DH_GROUP16};
+use self::groups::{
+    DhGroup, DH_GROUP1, DH_GROUP14, DH_GROUP15, DH_GROUP16, DH_GROUP17, DH_GROUP18,
+};
 use super::{compute_keys, KexAlgorithm, KexAlgorithmImplementor, KexType};
 use crate::client::GexParams;
 use crate::session::Exchange;
 use crate::{cipher, mac, msg, CryptoVec, Error};
 
+pub(crate) struct DhGroup15Sha512KexType {}
+
+impl KexType for DhGroup15Sha512KexType {
+    fn make(&self) -> KexAlgorithm {
+        DhGroupKex::<Sha512>::new(Some(&DH_GROUP15)).into()
+    }
+}
+
+pub(crate) struct DhGroup17Sha512KexType {}
+
+impl KexType for DhGroup17Sha512KexType {
+    fn make(&self) -> KexAlgorithm {
+        DhGroupKex::<Sha512>::new(Some(&DH_GROUP17)).into()
+    }
+}
+
+pub(crate) struct DhGroup18Sha512KexType {}
+
+impl KexType for DhGroup18Sha512KexType {
+    fn make(&self) -> KexAlgorithm {
+        DhGroupKex::<Sha512>::new(Some(&DH_GROUP18)).into()
+    }
+}
+
 pub(crate) struct DhGexSha1KexType {}
 
 impl KexType for DhGexSha1KexType {

russh/src/kex/mod.rs

@@ -30,7 +30,8 @@ use delegate::delegate;
 use dh::groups::DhGroup;
 use dh::{
     DhGexSha1KexType, DhGexSha256KexType, DhGroup14Sha1KexType, DhGroup14Sha256KexType,
-    DhGroup16Sha512KexType, DhGroup1Sha1KexType,
+    DhGroup15Sha512KexType, DhGroup16Sha512KexType, DhGroup17Sha512KexType, DhGroup18Sha512KexType,
+    DhGroup1Sha1KexType,
 };
 use digest::Digest;
 use ecdh_nistp::{EcdhNistP256KexType, EcdhNistP384KexType, EcdhNistP521KexType};
@@ -232,8 +233,14 @@ pub const DH_G1_SHA1: Name = Name("diffie-hellman-group1-sha1");
 pub const DH_G14_SHA1: Name = Name("diffie-hellman-group14-sha1");
 /// `diffie-hellman-group14-sha256`
 pub const DH_G14_SHA256: Name = Name("diffie-hellman-group14-sha256");
+/// `diffie-hellman-group15-sha512`
+pub const DH_G15_SHA512: Name = Name("diffie-hellman-group15-sha512");
 /// `diffie-hellman-group16-sha512`
 pub const DH_G16_SHA512: Name = Name("diffie-hellman-group16-sha512");
+/// `diffie-hellman-group17-sha512`
+pub const DH_G17_SHA512: Name = Name("diffie-hellman-group17-sha512");
+/// `diffie-hellman-group18-sha512`
+pub const DH_G18_SHA512: Name = Name("diffie-hellman-group18-sha512");
 /// `ecdh-sha2-nistp256`
 pub const ECDH_SHA2_NISTP256: Name = Name("ecdh-sha2-nistp256");
 /// `ecdh-sha2-nistp384`
@@ -257,7 +264,10 @@ const _DH_GEX_SHA256: DhGexSha256KexType = DhGexSha256KexType {};
 const _DH_G1_SHA1: DhGroup1Sha1KexType = DhGroup1Sha1KexType {};
 const _DH_G14_SHA1: DhGroup14Sha1KexType = DhGroup14Sha1KexType {};
 const _DH_G14_SHA256: DhGroup14Sha256KexType = DhGroup14Sha256KexType {};
+const _DH_G15_SHA512: DhGroup15Sha512KexType = DhGroup15Sha512KexType {};
 const _DH_G16_SHA512: DhGroup16Sha512KexType = DhGroup16Sha512KexType {};
+const _DH_G17_SHA512: DhGroup17Sha512KexType = DhGroup17Sha512KexType {};
+const _DH_G18_SHA512: DhGroup18Sha512KexType = DhGroup18Sha512KexType {};
 const _ECDH_SHA2_NISTP256: EcdhNistP256KexType = EcdhNistP256KexType {};
 const _ECDH_SHA2_NISTP384: EcdhNistP384KexType = EcdhNistP384KexType {};
 const _ECDH_SHA2_NISTP521: EcdhNistP521KexType = EcdhNistP521KexType {};
@@ -271,7 +281,10 @@ pub const ALL_KEX_ALGORITHMS: &[&Name] = &[
     &DH_G1_SHA1,
     &DH_G14_SHA1,
     &DH_G14_SHA256,
+    &DH_G15_SHA512,
     &DH_G16_SHA512,
+    &DH_G17_SHA512,
+    &DH_G18_SHA512,
     &ECDH_SHA2_NISTP256,
     &ECDH_SHA2_NISTP384,
     &ECDH_SHA2_NISTP521,
@@ -285,7 +298,10 @@ pub(crate) static KEXES: Lazy<HashMap<&'static Name, &(dyn KexType + Send + Sync
         h.insert(&CURVE25519_PRE_RFC_8731, &_CURVE25519);
         h.insert(&DH_GEX_SHA1, &_DH_GEX_SHA1);
         h.insert(&DH_GEX_SHA256, &_DH_GEX_SHA256);
+        h.insert(&DH_G18_SHA512, &_DH_G18_SHA512);
+        h.insert(&DH_G17_SHA512, &_DH_G17_SHA512);
         h.insert(&DH_G16_SHA512, &_DH_G16_SHA512);
+        h.insert(&DH_G15_SHA512, &_DH_G15_SHA512);
         h.insert(&DH_G14_SHA256, &_DH_G14_SHA256);
         h.insert(&DH_G14_SHA1, &_DH_G14_SHA1);
         h.insert(&DH_G1_SHA1, &_DH_G1_SHA1);

russh/src/negotiation.rs

@@ -92,7 +92,10 @@ const SAFE_KEX_ORDER: &[kex::Name] = &[
     kex::CURVE25519,
     kex::CURVE25519_PRE_RFC_8731,
     kex::DH_GEX_SHA256,
+    kex::DH_G18_SHA512,
+    kex::DH_G17_SHA512,
     kex::DH_G16_SHA512,
+    kex::DH_G15_SHA512,
     kex::DH_G14_SHA256,
     kex::EXTENSION_SUPPORT_AS_CLIENT,
     kex::EXTENSION_SUPPORT_AS_SERVER,