mirror of
https://git.tartarus.org/simon/putty.git
synced 2025-01-10 01:48:00 +00:00
Implement hmac-sha1-96. It's RECOMMENDED in the current transport draft,
and we don't have any strong reason not to implement it, for all that it's rather pointless. [originally from svn r6284]
This commit is contained in:
parent
9131914278
commit
c0d36aa00a
4
ssh.c
4
ssh.c
@ -462,10 +462,10 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen,
|
|||||||
const static struct ssh_signkey *hostkey_algs[] = { &ssh_rsa, &ssh_dss };
|
const static struct ssh_signkey *hostkey_algs[] = { &ssh_rsa, &ssh_dss };
|
||||||
|
|
||||||
const static struct ssh_mac *macs[] = {
|
const static struct ssh_mac *macs[] = {
|
||||||
&ssh_hmac_sha1, &ssh_hmac_md5
|
&ssh_hmac_sha1, &ssh_hmac_sha1_96, &ssh_hmac_md5
|
||||||
};
|
};
|
||||||
const static struct ssh_mac *buggymacs[] = {
|
const static struct ssh_mac *buggymacs[] = {
|
||||||
&ssh_hmac_sha1_buggy, &ssh_hmac_md5
|
&ssh_hmac_sha1_buggy, &ssh_hmac_sha1_96_buggy, &ssh_hmac_md5
|
||||||
};
|
};
|
||||||
|
|
||||||
static void *ssh_comp_none_init(void)
|
static void *ssh_comp_none_init(void)
|
||||||
|
2
ssh.h
2
ssh.h
@ -269,6 +269,8 @@ extern const struct ssh_signkey ssh_rsa;
|
|||||||
extern const struct ssh_mac ssh_hmac_md5;
|
extern const struct ssh_mac ssh_hmac_md5;
|
||||||
extern const struct ssh_mac ssh_hmac_sha1;
|
extern const struct ssh_mac ssh_hmac_sha1;
|
||||||
extern const struct ssh_mac ssh_hmac_sha1_buggy;
|
extern const struct ssh_mac ssh_hmac_sha1_buggy;
|
||||||
|
extern const struct ssh_mac ssh_hmac_sha1_96;
|
||||||
|
extern const struct ssh_mac ssh_hmac_sha1_96_buggy;
|
||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
32
sshsha.c
32
sshsha.c
@ -301,6 +301,22 @@ static int sha1_verify(void *handle, unsigned char *blk, int len,
|
|||||||
return !memcmp(correct, blk + len, 20);
|
return !memcmp(correct, blk + len, 20);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static void sha1_96_generate(void *handle, unsigned char *blk, int len,
|
||||||
|
unsigned long seq)
|
||||||
|
{
|
||||||
|
unsigned char full[20];
|
||||||
|
sha1_do_hmac(handle, blk, len, seq, full);
|
||||||
|
memcpy(blk + len, full, 12);
|
||||||
|
}
|
||||||
|
|
||||||
|
static int sha1_96_verify(void *handle, unsigned char *blk, int len,
|
||||||
|
unsigned long seq)
|
||||||
|
{
|
||||||
|
unsigned char correct[20];
|
||||||
|
sha1_do_hmac(handle, blk, len, seq, correct);
|
||||||
|
return !memcmp(correct, blk + len, 12);
|
||||||
|
}
|
||||||
|
|
||||||
void hmac_sha1_simple(void *key, int keylen, void *data, int datalen,
|
void hmac_sha1_simple(void *key, int keylen, void *data, int datalen,
|
||||||
unsigned char *output) {
|
unsigned char *output) {
|
||||||
SHA_State states[2];
|
SHA_State states[2];
|
||||||
@ -322,6 +338,14 @@ const struct ssh_mac ssh_hmac_sha1 = {
|
|||||||
"HMAC-SHA1"
|
"HMAC-SHA1"
|
||||||
};
|
};
|
||||||
|
|
||||||
|
const struct ssh_mac ssh_hmac_sha1_96 = {
|
||||||
|
sha1_make_context, sha1_free_context, sha1_key,
|
||||||
|
sha1_96_generate, sha1_96_verify,
|
||||||
|
"hmac-sha1-96",
|
||||||
|
12,
|
||||||
|
"HMAC-SHA1-96"
|
||||||
|
};
|
||||||
|
|
||||||
const struct ssh_mac ssh_hmac_sha1_buggy = {
|
const struct ssh_mac ssh_hmac_sha1_buggy = {
|
||||||
sha1_make_context, sha1_free_context, sha1_key_buggy,
|
sha1_make_context, sha1_free_context, sha1_key_buggy,
|
||||||
sha1_generate, sha1_verify,
|
sha1_generate, sha1_verify,
|
||||||
@ -329,3 +353,11 @@ const struct ssh_mac ssh_hmac_sha1_buggy = {
|
|||||||
20,
|
20,
|
||||||
"bug-compatible HMAC-SHA1"
|
"bug-compatible HMAC-SHA1"
|
||||||
};
|
};
|
||||||
|
|
||||||
|
const struct ssh_mac ssh_hmac_sha1_96_buggy = {
|
||||||
|
sha1_make_context, sha1_free_context, sha1_key_buggy,
|
||||||
|
sha1_96_generate, sha1_96_verify,
|
||||||
|
"hmac-sha1-96",
|
||||||
|
12,
|
||||||
|
"bug-compatible HMAC-SHA1-96"
|
||||||
|
};
|
||||||
|
Loading…
Reference in New Issue
Block a user