start client

2026-01-16 01:15:04 +01:00 · 2024-08-15 20:59:23 +02:00 · 2024-08-15 20:59:23 +02:00 · ff06ea5c72
commit ff06ea5c72
parent c0f9687696
14 changed files with 598 additions and 105 deletions
--- a/ssh-transport/src/client.rs
+++ b/ssh-transport/src/client.rs
@ -0,0 +1,197 @@
+use std::{collections::VecDeque, mem};
+
+use tracing::{debug, info, trace};
+
+use crate::{
+    crypto::{self, AlgorithmName, AlgorithmNegotiation},
+    numbers,
+    packet::{Packet, PacketTransport, ProtocolIdentParser},
+    parse::{NameList, Parser, Writer},
+    peer_error, Msg, Result, SshRng, SshStatus,
+};
+
+pub struct ClientConnection {
+    state: ClientState,
+    packet_transport: PacketTransport,
+    rng: Box<dyn SshRng + Send + Sync>,
+
+    plaintext_packets: VecDeque<Packet>,
+}
+
+enum ClientState {
+    ProtoExchange {
+        client_ident: Vec<u8>,
+        ident_parser: ProtocolIdentParser,
+    },
+    KexInit {
+        client_ident: Vec<u8>,
+    },
+}
+
+impl ClientConnection {
+    pub fn new(rng: impl SshRng + Send + Sync + 'static) -> Self {
+        let client_ident = b"SSH-2.0-FakeSSH\r\n".to_vec();
+
+        let mut packet_transport = PacketTransport::new();
+        packet_transport.queue_send_protocol_info(client_ident.clone());
+
+        Self {
+            state: ClientState::ProtoExchange {
+                ident_parser: ProtocolIdentParser::new(),
+                client_ident,
+            },
+            packet_transport,
+            rng: Box::new(rng),
+
+            plaintext_packets: VecDeque::new(),
+        }
+    }
+
+    pub fn recv_bytes(&mut self, bytes: &[u8]) -> Result<()> {
+        if let ClientState::ProtoExchange {
+            ident_parser,
+            client_ident,
+        } = &mut self.state
+        {
+            ident_parser.recv_bytes(bytes);
+            if ident_parser.get_peer_ident().is_some() {
+                let client_ident = mem::take(client_ident);
+                // This moves to the next state.
+                self.send_kexinit(client_ident);
+                return Ok(());
+            }
+            return Ok(());
+        }
+
+        self.packet_transport.recv_bytes(bytes)?;
+
+        while let Some(packet) = self.packet_transport.recv_next_packet() {
+            let packet_type = packet.payload.get(0).unwrap_or(&0xFF);
+            let packet_type_string = numbers::packet_type_to_string(*packet_type);
+
+            trace!(%packet_type, %packet_type_string, packet_len = %packet.payload.len(), "Received packet");
+
+            // Handle some packets ignoring the state.
+            match packet.payload.get(0).copied() {
+                Some(numbers::SSH_MSG_DISCONNECT) => {
+                    // <https://datatracker.ietf.org/doc/html/rfc4253#section-11.1>
+                    let mut disconnect = Parser::new(&packet.payload[1..]);
+                    let reason = disconnect.u32()?;
+                    let description = disconnect.utf8_string()?;
+                    let _language_tag = disconnect.utf8_string()?;
+
+                    let reason_string =
+                        numbers::disconnect_reason_to_string(reason).unwrap_or("<unknown>");
+
+                    info!(%reason, %reason_string, %description, "Server disconnecting");
+
+                    return Err(SshStatus::Disconnect);
+                }
+                _ => {}
+            }
+
+            match &mut self.state {
+                ClientState::ProtoExchange { .. } => unreachable!("handled above"),
+                ClientState::KexInit { client_ident } => {
+                    let mut kexinit = packet.payload_parser();
+                    let packet_type = kexinit.u8()?;
+                    if packet_type != numbers::SSH_MSG_KEXINIT {
+                        return Err(peer_error!(
+                            "expected SSH_MSG_KEXINIT, found {}",
+                            numbers::packet_type_to_string(packet_type)
+                        ));
+                    }
+/* 
+                    let cookie = kexinit.array::<16>()?;
+                    let kex_algorithm = kexinit.name_list()?;
+                    let kex_algorithms = AlgorithmNegotiation {
+                        supported: vec![
+                            crypto::KEX_CURVE_25519_SHA256,
+                            crypto::KEX_ECDH_SHA2_NISTP256,
+                        ],
+                    };
+                    let kex_algorithm = kex_algorithms.find(kex_algorithm.0)?;
+                    debug!(name = %kex_algorithm.name(), "Using KEX algorithm");
+
+                    let server_hostkey_algorithm = kexinit.name_list()?;
+                    let server_hostkey_algorithms = AlgorithmNegotiation {
+                        supported: vec![
+                            crypto::hostkey_ed25519(ED25519_PRIVKEY_BYTES.to_vec()),
+                            crypto::hostkey_ecdsa_sha2_p256(ECDSA_P256_PRIVKEY_BYTES.to_vec()),
+                        ],
+                    };
+                    let server_hostkey_algorithm =
+                        server_hostkey_algorithms.find(server_hostkey_algorithm.0)?;
+                    debug!(name = %server_hostkey_algorithm.name(), "Using host key algorithm");
+
+                    let encryption_algorithms_client_to_server = kexinit.name_list()?;
+                    let encryption_algorithms_client_to_server = select_alg(
+                        encryption_algorithms_client_to_server,
+                        [
+                            crypto::encrypt::CHACHA20POLY1305,
+                            crypto::encrypt::AES256_GCM,
+                        ],
+                    );
+                    let encryption_algorithms_server_to_client = kexinit.name_list()?;
+                    let encryption_algorithms_server_to_client = select_alg(
+                        encryption_algorithms_server_to_client,
+                        [
+                            crypto::encrypt::CHACHA20POLY1305,
+                            crypto::encrypt::AES256_GCM,
+                        ],
+                    );
+                    let mac_algorithms_client_to_server = kexinit.name_list()?;
+                    select_alg(mac_algorithms_client_to_server, ["hmac-sha2-256"])?;
+                    let mac_algorithms_server_to_client = kexinit.name_list()?;
+                    select_alg(mac_algorithms_server_to_client, ["hmac-sha2-256"])?;
+
+                    let compression_algorithms_client_to_server = kexinit.name_list()?;
+                    select_alg(compression_algorithms_client_to_server, ["none"])?;
+                    let compression_algorithms_server_to_client = kexinit.name_list()?;
+                    select_alg(compression_algorithms_server_to_client, ["none"])?;
+                    let _languages_client_to_server = kexinit.name_list()?;
+                    let _languages_server_to_client = kexinit.name_list()?;
+                    let first_kex_packet_follows = kexinit.bool()?;
+                    if first_kex_packet_follows {
+                        return Err(peer_error!("does not support guessed kex init packages"));
+                    }*/
+                }
+            }
+        }
+        Ok(())
+    }
+
+    pub fn next_msg_to_send(&mut self) -> Option<Msg> {
+        self.packet_transport.next_msg_to_send()
+    }
+
+    fn send_kexinit(&mut self, client_ident: Vec<u8>) {
+        let mut cookie = [0; 16];
+        self.rng.fill_bytes(&mut cookie);
+
+        let mut kexinit = Writer::new();
+        kexinit.u8(numbers::SSH_MSG_KEXINIT);
+        kexinit.array(cookie);
+        kexinit.name_list(NameList::multi("curve25519-sha256,ecdh-sha2-nistp256")); // kex_algorithms
+        kexinit.name_list(NameList::multi("ssh-ed25519,ecdsa-sha2-nistp256")); // server_host_key_algorithms
+        kexinit.name_list(NameList::multi(
+            "chacha20-poly1305@openssh.com,aes256-gcm@openssh.com",
+        )); // encryption_algorithms_client_to_server
+        kexinit.name_list(NameList::multi(
+            "chacha20-poly1305@openssh.com,aes256-gcm@openssh.com",
+        )); // encryption_algorithms_server_to_client
+        kexinit.name_list(NameList::one("hmac-sha2-256")); // mac_algorithms_client_to_server
+        kexinit.name_list(NameList::one("hmac-sha2-256")); // mac_algorithms_server_to_client
+        kexinit.name_list(NameList::one("none")); // compression_algorithms_client_to_server
+        kexinit.name_list(NameList::one("none")); // compression_algorithms_server_to_client
+        kexinit.name_list(NameList::none()); // languages_client_to_server
+        kexinit.name_list(NameList::none()); // languages_server_to_client
+        kexinit.bool(false); // first_kex_packet_follows
+        kexinit.u32(0); // reserved
+        let kexinit = kexinit.finish();
+
+        self.packet_transport
+            .queue_packet(Packet { payload: kexinit });
+        self.state = ClientState::KexInit { client_ident };
+    }
+}
--- a/ssh-transport/src/crypto.rs
+++ b/ssh-transport/src/crypto.rs
@ -4,16 +4,22 @@ use p256::ecdsa::signature::Signer;
 use sha2::Digest;

 use crate::{
-    client_error,
    packet::{EncryptedPacket, MsgKind, Packet, RawPacket},
    parse::{self, Writer},
-    Msg, Result, SshRng,
+    peer_error, Msg, Result, SshRng,
 };

 pub trait AlgorithmName {
    fn name(&self) -> &'static str;
 }

+// Dummy algorithm.
+impl AlgorithmName for &'static str {
+    fn name(&self) -> &'static str {
+        self
+    }
+}
+
 #[derive(Clone, Copy)]
 pub struct KexAlgorithm {
    name: &'static str,
@ -42,7 +48,7 @@ pub const KEX_CURVE_25519_SHA256: KexAlgorithm = KexAlgorithm {
        let server_public_key = x25519_dalek::PublicKey::from(&secret); // Q_S

        let Ok(arr) = <[u8; 32]>::try_from(client_public_key) else {
-            return Err(crate::client_error!(
+            return Err(crate::peer_error!(
                "invalid x25519 public key length, should be 32, was: {}",
                client_public_key.len()
            ));
@ -65,7 +71,7 @@ pub const KEX_ECDH_SHA2_NISTP256: KexAlgorithm = KexAlgorithm {

        let client_public_key =
            p256::PublicKey::from_sec1_bytes(client_public_key).map_err(|_| {
-                crate::client_error!(
+                crate::peer_error!(
                    "invalid p256 public key length: {}",
                    client_public_key.len()
                )
@ -196,12 +202,58 @@ impl<T: AlgorithmName> AlgorithmNegotiation<T> {
            }
        }

-        Err(client_error!(
-            "client does not support any matching algorithm: supported: {client_supports:?}"
+        Err(peer_error!(
+            "peer does not support any matching algorithm: peer supports: {client_supports:?}"
        ))
    }
 }

+pub struct SupportedAlgorithms {
+    pub key_exchange: AlgorithmNegotiation<KexAlgorithm>,
+    pub hostkey: AlgorithmNegotiation<HostKeySigningAlgorithm>,
+    pub encryption_to_peer: AlgorithmNegotiation<EncryptionAlgorithm>,
+    pub encryption_from_peer: AlgorithmNegotiation<EncryptionAlgorithm>,
+    pub mac_to_peer: AlgorithmNegotiation<&'static str>,
+    pub mac_from_peer: AlgorithmNegotiation<&'static str>,
+    pub compression_to_peer: AlgorithmNegotiation<&'static str>,
+    pub compression_from_peer: AlgorithmNegotiation<&'static str>,
+}
+
+impl SupportedAlgorithms {
+    /// A secure default using elliptic curves and AEAD.
+    pub fn secure() -> Self {
+        Self {
+            key_exchange: AlgorithmNegotiation {
+                supported: vec![KEX_CURVE_25519_SHA256, KEX_ECDH_SHA2_NISTP256],
+            },
+            hostkey: AlgorithmNegotiation {
+                supported: vec![
+                    hostkey_ed25519(crate::server::ED25519_PRIVKEY_BYTES.to_vec()),
+                    hostkey_ecdsa_sha2_p256(crate::server::ECDSA_P256_PRIVKEY_BYTES.to_vec()),
+                ],
+            },
+            encryption_to_peer: AlgorithmNegotiation {
+                supported: vec![encrypt::CHACHA20POLY1305, encrypt::AES256_GCM],
+            },
+            encryption_from_peer: AlgorithmNegotiation {
+                supported: vec![encrypt::CHACHA20POLY1305, encrypt::AES256_GCM],
+            },
+            mac_to_peer: AlgorithmNegotiation {
+                supported: vec!["hmac-sha2-256"],
+            },
+            mac_from_peer: AlgorithmNegotiation {
+                supported: vec!["hmac-sha2-256"],
+            },
+            compression_to_peer: AlgorithmNegotiation {
+                supported: vec!["none"],
+            },
+            compression_from_peer: AlgorithmNegotiation {
+                supported: vec!["none"],
+            },
+        }
+    }
+}
+
 pub(crate) struct Session {
    session_id: [u8; 32],
    client_to_server: Tunnel,
--- a/ssh-transport/src/crypto/encrypt.rs
+++ b/ssh-transport/src/crypto/encrypt.rs
@ -108,7 +108,7 @@ impl ChaCha20Poly1305OpenSsh {
        let read_tag = poly1305::Tag::from_slice(&bytes.full_packet()[tag_offset..]);

        if !bool::from(mac.ct_eq(read_tag)) {
-            return Err(crate::client_error!(
+            return Err(crate::peer_error!(
                "failed to decrypt: invalid poly1305 MAC"
            ));
        }
@ -199,7 +199,7 @@ impl<'a> Aes256GcmOpenSsh<'a> {
                encrypted_packet_content,
                (&tag).into(),
            )
-            .map_err(|_| crate::client_error!("failed to decrypt: invalid GCM MAC"))?;
+            .map_err(|_| crate::peer_error!("failed to decrypt: invalid GCM MAC"))?;
        self.inc_nonce();

        Packet::from_full(encrypted_packet_content)
--- a/ssh-transport/src/lib.rs
+++ b/ssh-transport/src/lib.rs
@ -1,3 +1,4 @@
+pub mod client;
 mod crypto;
 pub mod numbers;
 pub mod packet;
@ -54,7 +55,7 @@ impl rand_core::RngCore for SshRngRandAdapter<'_> {
 }

 #[macro_export]
-macro_rules! client_error {
+macro_rules! peer_error {
    ($($tt:tt)*) => {
        $crate::SshStatus::ClientError(::std::format!($($tt)*))
    };
--- a/ssh-transport/src/numbers.rs
+++ b/ssh-transport/src/numbers.rs
@ -54,8 +54,8 @@ pub const SSH_MSG_CHANNEL_REQUEST: u8 = 98;
 pub const SSH_MSG_CHANNEL_SUCCESS: u8 = 99;
 pub const SSH_MSG_CHANNEL_FAILURE: u8 = 100;

-pub fn packet_type_to_string(packet_type: u8) -> Option<&'static str> {
-    Some(match packet_type {
+pub fn packet_type_to_string(packet_type: u8) -> &'static str {
+    match packet_type {
        1 => "SSH_MSG_DISCONNECT",
        2 => "SSH_MSG_IGNORE",
        3 => "SSH_MSG_UNIMPLEMENTED",
@ -84,8 +84,8 @@ pub fn packet_type_to_string(packet_type: u8) -> Option<&'static str> {
        98 => "SSH_MSG_CHANNEL_REQUEST",
        99 => "SSH_MSG_CHANNEL_SUCCESS",
        100 => "SSH_MSG_CHANNEL_FAILURE",
-        _ => return None,
-    })
+        _ => return "<unknown>",
+    }
 }

 pub const SSH_DISCONNECT_HOST_NOT_ALLOWED_TO_CONNECT: u32 = 1;
--- a/ssh-transport/src/packet.rs
+++ b/ssh-transport/src/packet.rs
@ -1,11 +1,14 @@
 mod ctors;

 use std::collections::VecDeque;
+use std::mem;
+
+use tracing::debug;

 use crate::crypto::{EncryptionAlgorithm, Keys, Plaintext, Session};
 use crate::parse::{NameList, Parser, Writer};
 use crate::Result;
-use crate::{client_error, numbers};
+use crate::{peer_error, numbers};

 /// Frames the byte stream into packets.
 pub(crate) struct PacketTransport {
@ -15,7 +18,7 @@ pub(crate) struct PacketTransport {
    recv_packets: VecDeque<Packet>,
    recv_next_seq_nr: u64,

-    send_packets: VecDeque<Msg>,
+    msgs_to_send: VecDeque<Msg>,
    send_next_seq_nr: u64,
 }

@ -48,7 +51,7 @@ impl PacketTransport {
            recv_packets: VecDeque::new(),
            recv_next_seq_nr: 0,

-            send_packets: VecDeque::new(),
+            msgs_to_send: VecDeque::new(),
            send_next_seq_nr: 0,
        }
    }
@ -95,10 +98,11 @@ impl PacketTransport {

    // Private: Make sure all sending goes through variant-specific functions here.
    fn queue_send_msg(&mut self, msg: Msg) {
-        self.send_packets.push_back(msg);
+        self.msgs_to_send.push_back(msg);
    }
+
    pub(crate) fn next_msg_to_send(&mut self) -> Option<Msg> {
-        self.send_packets.pop_front()
+        self.msgs_to_send.pop_front()
    }

    pub(crate) fn set_key(
@ -154,18 +158,18 @@ impl Packet {

    pub(crate) fn from_full(bytes: &[u8]) -> Result<Self> {
        let Some(padding_length) = bytes.first() else {
-            return Err(client_error!("empty packet"));
+            return Err(peer_error!("empty packet"));
        };

        let Some(payload_len) = (bytes.len() - 1).checked_sub(*padding_length as usize) else {
-            return Err(client_error!("packet padding longer than packet"));
+            return Err(peer_error!("packet padding longer than packet"));
        };
        let payload = &bytes[1..][..payload_len];

        // TODO: handle the annoying decryption special case differnt where its +0 instead of +4
        // also TODO: this depends on the cipher!
        //if (bytes.len() + 4) % 8 != 0 {
-        //    return Err(client_error!("full packet length must be multiple of 8: {}", bytes.len()));
+        //    return Err(peer_error!("full packet length must be multiple of 8: {}", bytes.len()));
        //}

        Ok(Self {
@ -244,7 +248,7 @@ impl<'a> KeyExchangeInitPacket<'a> {

        let kind = c.u8()?;
        if kind != numbers::SSH_MSG_KEXINIT {
-            return Err(client_error!(
+            return Err(peer_error!(
                "expected SSH_MSG_KEXINIT packet, found {kind}"
            ));
        }
@ -313,7 +317,7 @@ impl<'a> KeyExchangeEcDhInitPacket<'a> {

        let kind = c.u8()?;
        if kind != numbers::SSH_MSG_KEX_ECDH_INIT {
-            return Err(client_error!(
+            return Err(peer_error!(
                "expected SSH_MSG_KEXDH_INIT packet, found {kind}"
            ));
        }
@ -411,7 +415,7 @@ impl PacketParser {
        // 'padding_length', 'payload', 'random padding', and 'mac').
        // Implementations SHOULD support longer packets, where they might be needed.
        if packet_length > 500_000 {
-            return Err(client_error!(
+            return Err(peer_error!(
                "packet too large (>500_000): {packet_length}"
            ));
        }
@ -439,6 +443,30 @@ impl PacketParser {
    }
 }

+pub(crate) struct ProtocolIdentParser(Vec<u8>);
+
+impl ProtocolIdentParser {
+    pub(crate) fn new() -> Self {
+        Self(Vec::new())
+    }
+    pub(crate) fn recv_bytes(&mut self, bytes: &[u8]) {
+        self.0.extend_from_slice(bytes);
+    }
+    pub(crate) fn get_peer_ident(&mut self) -> Option<Vec<u8>> {
+        if self.0.windows(2).any(|win| win == b"\r\n") {
+            // TODO: care that its SSH 2.0 instead of anythin anything else
+            // The peer will not send any more information than this until we respond, so discord the rest of the bytes.
+            let peer_ident = mem::take(&mut self.0);
+            let peer_ident_string = String::from_utf8_lossy(&peer_ident);
+            debug!(identification = %peer_ident_string, "Peer identifier");
+
+            Some(peer_ident)
+        } else {
+            None
+        }
+    }
+}
+
 #[cfg(test)]
 mod tests {
    use crate::packet::PacketParser;
--- a/ssh-transport/src/parse.rs
+++ b/ssh-transport/src/parse.rs
@ -24,7 +24,7 @@ impl<'a> Parser<'a> {
    pub fn array<const N: usize>(&mut self) -> Result<[u8; N]> {
        assert!(N < 100_000);
        if self.0.len() < N {
-            return Err(crate::client_error!("packet too short"));
+            return Err(crate::peer_error!("packet too short"));
        }
        let result = self.0[..N].try_into().unwrap();
        self.0 = &self.0[N..];
@ -33,10 +33,10 @@ impl<'a> Parser<'a> {

    pub fn slice(&mut self, len: usize) -> Result<&'a [u8]> {
        if self.0.len() < len {
-            return Err(crate::client_error!("packet too short"));
+            return Err(crate::peer_error!("packet too short"));
        }
        if len > 100_000 {
-            return Err(crate::client_error!("bytes too long: {len}"));
+            return Err(crate::peer_error!("bytes too long: {len}"));
        }
        let result = &self.0[..len];
        self.0 = &self.0[len..];
@ -48,7 +48,7 @@ impl<'a> Parser<'a> {
        match b {
            0 => Ok(false),
            1 => Ok(true),
-            _ => Err(crate::client_error!("invalid bool: {b}")),
+            _ => Err(crate::peer_error!("invalid bool: {b}")),
        }
    }

@ -70,7 +70,7 @@ impl<'a> Parser<'a> {
    pub fn utf8_string(&mut self) -> Result<&'a str> {
        let s = self.string()?;
        let Ok(s) = str::from_utf8(s) else {
-            return Err(crate::client_error!("name-list is invalid UTF-8"));
+            return Err(crate::peer_error!("name-list is invalid UTF-8"));
        };
        Ok(s)
    }
@ -148,10 +148,13 @@ pub struct NameList<'a>(pub &'a str);
 impl<'a> NameList<'a> {
    pub fn one(item: &'a str) -> Self {
        if item.contains(',') {
-            //panic!("tried creating name list with comma in item: {item}");
+            panic!("tried creating name list with comma in item: {item}");
        }
        Self(item)
    }
+    pub fn multi(items: &'a str) -> Self {
+        Self(items)
+    }
    pub fn none() -> NameList<'static> {
        NameList("")
    }
--- a/ssh-transport/src/server.rs
+++ b/ssh-transport/src/server.rs
@ -3,11 +3,14 @@ use std::{collections::VecDeque, mem::take};

 use crate::crypto::{
    self, AlgorithmName, AlgorithmNegotiation, EncryptionAlgorithm, HostKeySigningAlgorithm,
+    SupportedAlgorithms,
+};
+use crate::packet::{
+    KeyExchangeEcDhInitPacket, KeyExchangeInitPacket, Packet, PacketTransport, ProtocolIdentParser,
 };
-use crate::packet::{KeyExchangeEcDhInitPacket, KeyExchangeInitPacket, Packet, PacketTransport};
 use crate::parse::{NameList, Parser, Writer};
-use crate::{client_error, Msg, SshRng, SshStatus};
 use crate::{numbers, Result};
+use crate::{peer_error, Msg, SshRng, SshStatus};
 use sha2::Digest;
 use tracing::{debug, info, trace};

@ -24,7 +27,7 @@ pub struct ServerConnection {

 enum ServerState {
    ProtoExchange {
-        received: Vec<u8>,
+        ident_parser: ProtocolIdentParser,
    },
    KeyExchangeInit {
        client_identification: Vec<u8>,
@ -52,7 +55,7 @@ impl ServerConnection {
    pub fn new(rng: impl SshRng + Send + Sync + 'static) -> Self {
        Self {
            state: ServerState::ProtoExchange {
-                received: Vec::new(),
+                ident_parser: ProtocolIdentParser::new(),
            },
            packet_transport: PacketTransport::new(),
            rng: Box::new(rng),
@ -60,18 +63,11 @@ impl ServerConnection {
            plaintext_packets: VecDeque::new(),
        }
    }
-}

-impl ServerConnection {
    pub fn recv_bytes(&mut self, bytes: &[u8]) -> Result<()> {
-        if let ServerState::ProtoExchange { received } = &mut self.state {
-            received.extend_from_slice(bytes);
-            if received.windows(2).any(|win| win == b"\r\n") {
-                // TODO: care that its SSH 2.0 instead of anythin anything else
-                // The client will not send any more information than this until we respond, so discord the rest of the bytes.
-                let client_identification = received.to_owned();
-                let client_ident_string = String::from_utf8_lossy(&client_identification);
-                debug!(identification = %client_ident_string, "Client identifier");
+        if let ServerState::ProtoExchange { ident_parser } = &mut self.state {
+            ident_parser.recv_bytes(bytes);
+            if let Some(client_identification) = ident_parser.get_peer_ident() {
                self.packet_transport
                    .queue_send_protocol_info(SERVER_IDENTIFICATION.to_vec());
                self.state = ServerState::KeyExchangeInit {
@ -86,8 +82,7 @@ impl ServerConnection {

        while let Some(packet) = self.packet_transport.recv_next_packet() {
            let packet_type = packet.payload.get(0).unwrap_or(&0xFF);
-            let packet_type_string =
-                numbers::packet_type_to_string(*packet_type).unwrap_or("<unknown>");
+            let packet_type_string = numbers::packet_type_to_string(*packet_type);

            trace!(%packet_type, %packet_type_string, packet_len = %packet.payload.len(), "Received packet");

@ -122,69 +117,54 @@ impl ServerConnection {
                            if list.iter().any(|alg| alg == expected) {
                                Ok(expected)
                            } else {
-                                Err(client_error!(
+                                Err(peer_error!(
                                "client does not support algorithm {expected}. supported: {list:?}",
                            ))
                            }
                        };

-                    let kex_algorithms = AlgorithmNegotiation {
-                        supported: vec![
-                            crypto::KEX_CURVE_25519_SHA256,
-                            crypto::KEX_ECDH_SHA2_NISTP256,
-                        ],
-                    };
-                    let kex_algorithm = kex_algorithms.find(kex.kex_algorithms.0)?;
+                    let sup_algs = SupportedAlgorithms::secure();
+
+                    let kex_algorithm = sup_algs.key_exchange.find(kex.kex_algorithms.0)?;
                    debug!(name = %kex_algorithm.name(), "Using KEX algorithm");

-                    let hostkey_algorithms = AlgorithmNegotiation {
-                        supported: vec![
-                            crypto::hostkey_ed25519(ED25519_PRIVKEY_BYTES.to_vec()),
-                            crypto::hostkey_ecdsa_sha2_p256(ECDSA_P256_PRIVKEY_BYTES.to_vec()),
-                        ],
-                    };
                    let server_host_key_algorithm =
-                        hostkey_algorithms.find(kex.server_host_key_algorithms.0)?;
+                        sup_algs.hostkey.find(kex.server_host_key_algorithms.0)?;
                    debug!(name = %server_host_key_algorithm.name(), "Using host key algorithm");

                    // TODO: Implement aes128-ctr
                    let _ = crypto::encrypt::ENC_AES128_CTR;

-                    let encryption_algorithms_client_to_server = AlgorithmNegotiation {
-                        supported: vec![
-                            crypto::encrypt::CHACHA20POLY1305,
-                            crypto::encrypt::AES256_GCM,
-                        ],
-                    };
-                    let encryption_algorithms_server_to_client = AlgorithmNegotiation {
-                        supported: vec![
-                            crypto::encrypt::CHACHA20POLY1305,
-                            crypto::encrypt::AES256_GCM,
-                        ],
-                    };
-
-                    let encryption_client_to_server = encryption_algorithms_client_to_server
+                    let encryption_client_to_server = sup_algs
+                        .encryption_from_peer
                        .find(kex.encryption_algorithms_client_to_server.0)?;
                    debug!(name = %encryption_client_to_server.name(), "Using encryption algorithm C->S");

-                    let encryption_server_to_client = encryption_algorithms_server_to_client
+                    let encryption_server_to_client = sup_algs
+                        .encryption_to_peer
                        .find(kex.encryption_algorithms_server_to_client.0)?;
                    debug!(name = %encryption_server_to_client.name(), "Using encryption algorithm S->C");

-                    let mac_algorithm_client_to_server =
-                        require_algorithm("hmac-sha2-256", kex.mac_algorithms_client_to_server)?;
-                    let mac_algorithm_server_to_client =
-                        require_algorithm("hmac-sha2-256", kex.mac_algorithms_server_to_client)?;
-                    let compression_algorithm_client_to_server =
-                        require_algorithm("none", kex.compression_algorithms_client_to_server)?;
-                    let compression_algorithm_server_to_client =
-                        require_algorithm("none", kex.compression_algorithms_server_to_client)?;
+                    let mac_algorithm_client_to_server = sup_algs
+                        .mac_from_peer
+                        .find(kex.mac_algorithms_client_to_server.0)?;
+                    let mac_algorithm_server_to_client = sup_algs
+                        .mac_to_peer
+                        .find(kex.mac_algorithms_server_to_client.0)?;
+                    debug!("x");

+                    let compression_algorithm_client_to_server = sup_algs
+                        .compression_from_peer
+                        .find(kex.compression_algorithms_client_to_server.0)?;
+                    let compression_algorithm_server_to_client = sup_algs
+                        .compression_to_peer
+                        .find(kex.compression_algorithms_server_to_client.0)?;
+                    debug!("x");
                    let _ = kex.languages_client_to_server;
                    let _ = kex.languages_server_to_client;

                    if kex.first_kex_packet_follows {
-                        return Err(client_error!(
+                        return Err(peer_error!(
                            "the client wants to send a guessed packet, that's annoying :("
                        ));
                    }
@ -314,7 +294,7 @@ impl ServerConnection {
                    encryption_server_to_client,
                } => {
                    if packet.payload != [numbers::SSH_MSG_NEWKEYS] {
-                        return Err(client_error!("did not send SSH_MSG_NEWKEYS"));
+                        return Err(peer_error!("did not send SSH_MSG_NEWKEYS"));
                    }

                    self.packet_transport.queue_packet(Packet {
@ -331,14 +311,14 @@ impl ServerConnection {
                ServerState::ServiceRequest => {
                    // TODO: this should probably move out of here? unsure.
                    if packet.payload.first() != Some(&numbers::SSH_MSG_SERVICE_REQUEST) {
-                        return Err(client_error!("did not send SSH_MSG_SERVICE_REQUEST"));
+                        return Err(peer_error!("did not send SSH_MSG_SERVICE_REQUEST"));
                    }
                    let mut p = Parser::new(&packet.payload[1..]);
                    let service = p.utf8_string()?;
                    debug!(%service, "Client requesting service");

                    if service != "ssh-userauth" {
-                        return Err(client_error!("only supports ssh-userauth"));
+                        return Err(peer_error!("only supports ssh-userauth"));
                    }

                    self.packet_transport.queue_packet(Packet {
@ -385,12 +365,13 @@ impl ServerConnection {
 /// 1Ref4AwwRVdSFyJLGbj2AAAAB3Rlc3RrZXkBAgMEBQY=
 /// -----END OPENSSH PRIVATE KEY-----
 /// ```
-const ED25519_PRIVKEY_BYTES: &[u8; 32] = &[
+// todo: remove this lol, lmao
+pub(crate) const ED25519_PRIVKEY_BYTES: &[u8; 32] = &[
    0x92, 0x7a, 0xc9, 0x31, 0xb8, 0x4b, 0x49, 0xae, 0xbf, 0x4b, 0xed, 0x99, 0x1b, 0xa6, 0x88, 0x17,
    0x0b, 0x9a, 0x4a, 0x44, 0xd5, 0x47, 0xc7, 0x5b, 0x9e, 0x31, 0x7d, 0xa1, 0xd5, 0x75, 0x27, 0x99,
 ];

-const ECDSA_P256_PRIVKEY_BYTES: &[u8; 32] = &[
+pub(crate) const ECDSA_P256_PRIVKEY_BYTES: &[u8; 32] = &[
    0x89, 0xdd, 0x0c, 0x96, 0x22, 0x85, 0x10, 0xec, 0x3c, 0xa4, 0xa1, 0xb8, 0xac, 0x2a, 0x77, 0xa8,
    0xd4, 0x4d, 0xcb, 0x9d, 0x90, 0x25, 0xc6, 0xd8, 0x3a, 0x02, 0x74, 0x4f, 0x9e, 0x44, 0xcd, 0xa3,
 ];