nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-10 01:48:00 +00:00
Code Issues Projects Releases Wiki Activity

Add a key-length field to 'struct ssh_mac'.

Browse Source 
The key derivation code has been assuming (though non-critically, as
it happens) that the size of the MAC output is the same as the size of
the MAC key. That isn't even a good assumption for the HMAC family,
due to HMAC-SHA1-96 and also the bug-compatible versions of HMAC-SHA1
that only use 16 bytes of key material; so now we have an explicit
key-length field separate from the MAC-length field.
This commit is contained in:
Simon Tatham 2015-08-21 23:20:12 +01:00
parent 1df12e3915
commit 42cf086b6b
6 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ssh.c
View File

@ -7164,7 +7164,7 @@ static void do_ssh2_transport(Ssh ssh, const void *vin, int inlen,
ssh->kex->hash->hlen * SSH2_MKKEY_ITERS); ssh->kex->hash->hlen * SSH2_MKKEY_ITERS);
ssh->cscipher->setiv(ssh->cs_cipher_ctx, keyspace); ssh->cscipher->setiv(ssh->cs_cipher_ctx, keyspace);
ssh2_mkkey(ssh,s->K,s->exchange_hash,'E',keyspace); ssh2_mkkey(ssh,s->K,s->exchange_hash,'E',keyspace);
assert(ssh->csmac->len <= assert(ssh->csmac->keylen <=
ssh->kex->hash->hlen * SSH2_MKKEY_ITERS); ssh->kex->hash->hlen * SSH2_MKKEY_ITERS);
ssh->csmac->setkey(ssh->cs_mac_ctx, keyspace); ssh->csmac->setkey(ssh->cs_mac_ctx, keyspace);
smemclr(keyspace, sizeof(keyspace)); smemclr(keyspace, sizeof(keyspace));
@ -7233,7 +7233,7 @@ static void do_ssh2_transport(Ssh ssh, const void *vin, int inlen,
ssh->kex->hash->hlen * SSH2_MKKEY_ITERS); ssh->kex->hash->hlen * SSH2_MKKEY_ITERS);
ssh->sccipher->setiv(ssh->sc_cipher_ctx, keyspace); ssh->sccipher->setiv(ssh->sc_cipher_ctx, keyspace);
ssh2_mkkey(ssh,s->K,s->exchange_hash,'F',keyspace); ssh2_mkkey(ssh,s->K,s->exchange_hash,'F',keyspace);
assert(ssh->scmac->len <= assert(ssh->scmac->keylen <=
ssh->kex->hash->hlen * SSH2_MKKEY_ITERS); ssh->kex->hash->hlen * SSH2_MKKEY_ITERS);
ssh->scmac->setkey(ssh->sc_mac_ctx, keyspace); ssh->scmac->setkey(ssh->sc_mac_ctx, keyspace);
smemclr(keyspace, sizeof(keyspace)); smemclr(keyspace, sizeof(keyspace));

2
ssh.h
View File

@ -347,7 +347,7 @@ struct ssh_mac {
void (*genresult) (void *, unsigned char *); void (*genresult) (void *, unsigned char *);
int (*verresult) (void *, unsigned char const *); int (*verresult) (void *, unsigned char const *);
const char *name, *etm_name; const char *name, *etm_name;
int len; int len, keylen;
const char *text_name; const char *text_name;
}; };

2
sshccp.c
View File

@ -1238,7 +1238,7 @@ static const struct ssh_mac ssh2_poly1305 = {
poly_start, poly_bytes, poly_genresult, poly_verresult, poly_start, poly_bytes, poly_genresult, poly_verresult,
"", "", /* Not selectable individually, just part of ChaCha20-Poly1305 */ "", "", /* Not selectable individually, just part of ChaCha20-Poly1305 */
16, "Poly1305" 16, 0, "Poly1305"
}; };
static void *ccp_make_context(void) static void *ccp_make_context(void)

2
sshmd5.c
View File

@ -337,6 +337,6 @@ const struct ssh_mac ssh_hmac_md5 = {
hmacmd5_generate, hmacmd5_verify, hmacmd5_generate, hmacmd5_verify,
hmacmd5_start, hmacmd5_bytes, hmacmd5_genresult, hmacmd5_verresult, hmacmd5_start, hmacmd5_bytes, hmacmd5_genresult, hmacmd5_verresult,
"hmac-md5", "hmac-md5-etm@openssh.com", "hmac-md5", "hmac-md5-etm@openssh.com",
16, 16, 16,
"HMAC-MD5" "HMAC-MD5"
}; };

2
sshsh256.c
View File

@ -345,7 +345,7 @@ const struct ssh_mac ssh_hmac_sha256 = {
hmacsha256_start, hmacsha256_bytes, hmacsha256_start, hmacsha256_bytes,
hmacsha256_genresult, hmacsha256_verresult, hmacsha256_genresult, hmacsha256_verresult,
"hmac-sha2-256", "hmac-sha2-256-etm@openssh.com", "hmac-sha2-256", "hmac-sha2-256-etm@openssh.com",
32, 32, 32,
"HMAC-SHA-256" "HMAC-SHA-256"
}; };

8
sshsha.c
View File

@ -421,7 +421,7 @@ const struct ssh_mac ssh_hmac_sha1 = {
sha1_generate, sha1_verify, sha1_generate, sha1_verify,
hmacsha1_start, hmacsha1_bytes, hmacsha1_genresult, hmacsha1_verresult, hmacsha1_start, hmacsha1_bytes, hmacsha1_genresult, hmacsha1_verresult,
"hmac-sha1", "hmac-sha1-etm@openssh.com", "hmac-sha1", "hmac-sha1-etm@openssh.com",
20, 20, 20,
"HMAC-SHA1" "HMAC-SHA1"
}; };
@ -431,7 +431,7 @@ const struct ssh_mac ssh_hmac_sha1_96 = {
hmacsha1_start, hmacsha1_bytes, hmacsha1_start, hmacsha1_bytes,
hmacsha1_96_genresult, hmacsha1_96_verresult, hmacsha1_96_genresult, hmacsha1_96_verresult,
"hmac-sha1-96", "hmac-sha1-96-etm@openssh.com", "hmac-sha1-96", "hmac-sha1-96-etm@openssh.com",
12, 12, 20,
"HMAC-SHA1-96" "HMAC-SHA1-96"
}; };
@ -440,7 +440,7 @@ const struct ssh_mac ssh_hmac_sha1_buggy = {
sha1_generate, sha1_verify, sha1_generate, sha1_verify,
hmacsha1_start, hmacsha1_bytes, hmacsha1_genresult, hmacsha1_verresult, hmacsha1_start, hmacsha1_bytes, hmacsha1_genresult, hmacsha1_verresult,
"hmac-sha1", NULL, "hmac-sha1", NULL,
20, 20, 16,
"bug-compatible HMAC-SHA1" "bug-compatible HMAC-SHA1"
}; };
@ -450,6 +450,6 @@ const struct ssh_mac ssh_hmac_sha1_96_buggy = {
hmacsha1_start, hmacsha1_bytes, hmacsha1_start, hmacsha1_bytes,
hmacsha1_96_genresult, hmacsha1_96_verresult, hmacsha1_96_genresult, hmacsha1_96_verresult,
"hmac-sha1-96", NULL, "hmac-sha1-96", NULL,
12, 12, 16,
"bug-compatible HMAC-SHA1-96" "bug-compatible HMAC-SHA1-96"
}; };