1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-09 17:38:00 +00:00

Implement hmac-sha1-96. It's RECOMMENDED in the current transport draft,

and we don't have any strong reason not to implement it, for all that it's
rather pointless.

[originally from svn r6284]
This commit is contained in:
Ben Harris 2005-09-10 16:19:53 +00:00
parent 9131914278
commit c0d36aa00a
3 changed files with 36 additions and 2 deletions

4
ssh.c
View File

@ -462,10 +462,10 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen,
const static struct ssh_signkey *hostkey_algs[] = { &ssh_rsa, &ssh_dss };
const static struct ssh_mac *macs[] = {
&ssh_hmac_sha1, &ssh_hmac_md5
&ssh_hmac_sha1, &ssh_hmac_sha1_96, &ssh_hmac_md5
};
const static struct ssh_mac *buggymacs[] = {
&ssh_hmac_sha1_buggy, &ssh_hmac_md5
&ssh_hmac_sha1_buggy, &ssh_hmac_sha1_96_buggy, &ssh_hmac_md5
};
static void *ssh_comp_none_init(void)

2
ssh.h
View File

@ -269,6 +269,8 @@ extern const struct ssh_signkey ssh_rsa;
extern const struct ssh_mac ssh_hmac_md5;
extern const struct ssh_mac ssh_hmac_sha1;
extern const struct ssh_mac ssh_hmac_sha1_buggy;
extern const struct ssh_mac ssh_hmac_sha1_96;
extern const struct ssh_mac ssh_hmac_sha1_96_buggy;
/*

View File

@ -301,6 +301,22 @@ static int sha1_verify(void *handle, unsigned char *blk, int len,
return !memcmp(correct, blk + len, 20);
}
static void sha1_96_generate(void *handle, unsigned char *blk, int len,
unsigned long seq)
{
unsigned char full[20];
sha1_do_hmac(handle, blk, len, seq, full);
memcpy(blk + len, full, 12);
}
static int sha1_96_verify(void *handle, unsigned char *blk, int len,
unsigned long seq)
{
unsigned char correct[20];
sha1_do_hmac(handle, blk, len, seq, correct);
return !memcmp(correct, blk + len, 12);
}
void hmac_sha1_simple(void *key, int keylen, void *data, int datalen,
unsigned char *output) {
SHA_State states[2];
@ -322,6 +338,14 @@ const struct ssh_mac ssh_hmac_sha1 = {
"HMAC-SHA1"
};
const struct ssh_mac ssh_hmac_sha1_96 = {
sha1_make_context, sha1_free_context, sha1_key,
sha1_96_generate, sha1_96_verify,
"hmac-sha1-96",
12,
"HMAC-SHA1-96"
};
const struct ssh_mac ssh_hmac_sha1_buggy = {
sha1_make_context, sha1_free_context, sha1_key_buggy,
sha1_generate, sha1_verify,
@ -329,3 +353,11 @@ const struct ssh_mac ssh_hmac_sha1_buggy = {
20,
"bug-compatible HMAC-SHA1"
};
const struct ssh_mac ssh_hmac_sha1_96_buggy = {
sha1_make_context, sha1_free_context, sha1_key_buggy,
sha1_96_generate, sha1_96_verify,
"hmac-sha1-96",
12,
"bug-compatible HMAC-SHA1-96"
};