mirror of
https://git.tartarus.org/simon/putty.git
synced 2025-01-10 01:48:00 +00:00
Implement hmac-sha1-96. It's RECOMMENDED in the current transport draft,
and we don't have any strong reason not to implement it, for all that it's rather pointless. [originally from svn r6284]
This commit is contained in:
parent
9131914278
commit
c0d36aa00a
4
ssh.c
4
ssh.c
@ -462,10 +462,10 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen,
|
||||
const static struct ssh_signkey *hostkey_algs[] = { &ssh_rsa, &ssh_dss };
|
||||
|
||||
const static struct ssh_mac *macs[] = {
|
||||
&ssh_hmac_sha1, &ssh_hmac_md5
|
||||
&ssh_hmac_sha1, &ssh_hmac_sha1_96, &ssh_hmac_md5
|
||||
};
|
||||
const static struct ssh_mac *buggymacs[] = {
|
||||
&ssh_hmac_sha1_buggy, &ssh_hmac_md5
|
||||
&ssh_hmac_sha1_buggy, &ssh_hmac_sha1_96_buggy, &ssh_hmac_md5
|
||||
};
|
||||
|
||||
static void *ssh_comp_none_init(void)
|
||||
|
2
ssh.h
2
ssh.h
@ -269,6 +269,8 @@ extern const struct ssh_signkey ssh_rsa;
|
||||
extern const struct ssh_mac ssh_hmac_md5;
|
||||
extern const struct ssh_mac ssh_hmac_sha1;
|
||||
extern const struct ssh_mac ssh_hmac_sha1_buggy;
|
||||
extern const struct ssh_mac ssh_hmac_sha1_96;
|
||||
extern const struct ssh_mac ssh_hmac_sha1_96_buggy;
|
||||
|
||||
|
||||
/*
|
||||
|
32
sshsha.c
32
sshsha.c
@ -301,6 +301,22 @@ static int sha1_verify(void *handle, unsigned char *blk, int len,
|
||||
return !memcmp(correct, blk + len, 20);
|
||||
}
|
||||
|
||||
static void sha1_96_generate(void *handle, unsigned char *blk, int len,
|
||||
unsigned long seq)
|
||||
{
|
||||
unsigned char full[20];
|
||||
sha1_do_hmac(handle, blk, len, seq, full);
|
||||
memcpy(blk + len, full, 12);
|
||||
}
|
||||
|
||||
static int sha1_96_verify(void *handle, unsigned char *blk, int len,
|
||||
unsigned long seq)
|
||||
{
|
||||
unsigned char correct[20];
|
||||
sha1_do_hmac(handle, blk, len, seq, correct);
|
||||
return !memcmp(correct, blk + len, 12);
|
||||
}
|
||||
|
||||
void hmac_sha1_simple(void *key, int keylen, void *data, int datalen,
|
||||
unsigned char *output) {
|
||||
SHA_State states[2];
|
||||
@ -322,6 +338,14 @@ const struct ssh_mac ssh_hmac_sha1 = {
|
||||
"HMAC-SHA1"
|
||||
};
|
||||
|
||||
const struct ssh_mac ssh_hmac_sha1_96 = {
|
||||
sha1_make_context, sha1_free_context, sha1_key,
|
||||
sha1_96_generate, sha1_96_verify,
|
||||
"hmac-sha1-96",
|
||||
12,
|
||||
"HMAC-SHA1-96"
|
||||
};
|
||||
|
||||
const struct ssh_mac ssh_hmac_sha1_buggy = {
|
||||
sha1_make_context, sha1_free_context, sha1_key_buggy,
|
||||
sha1_generate, sha1_verify,
|
||||
@ -329,3 +353,11 @@ const struct ssh_mac ssh_hmac_sha1_buggy = {
|
||||
20,
|
||||
"bug-compatible HMAC-SHA1"
|
||||
};
|
||||
|
||||
const struct ssh_mac ssh_hmac_sha1_96_buggy = {
|
||||
sha1_make_context, sha1_free_context, sha1_key_buggy,
|
||||
sha1_96_generate, sha1_96_verify,
|
||||
"hmac-sha1-96",
|
||||
12,
|
||||
"bug-compatible HMAC-SHA1-96"
|
||||
};
|
||||
|
Loading…
Reference in New Issue
Block a user