lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-08-19 01:25:45 +03:00
Code Activity

Add logic to support SHA2 HMAC algorithms

Browse Source 
BUG: https://red.libssh.org/issues/91

Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This commit is contained in:
Dirkjan Bussink
2014-04-20 10:04:21 +00:00
committed by Andreas Schneider
parent 4a08902664
commit 164b8e99cc
7 changed files with 100 additions and 75 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/packet_crypt.c
View File

@@ -92,6 +92,7 @@ unsigned char *packet_encrypt(ssh_session session, void *data, uint32_t len) {
char *out = NULL;
unsigned int finallen;
uint32_t seq;
enum ssh_hmac_e type;
assert(len);
@@ -107,6 +108,7 @@ unsigned char *packet_encrypt(ssh_session session, void *data, uint32_t len) {
return NULL;
}
type = session->current_crypto->out_hmac;
seq = ntohl(session->send_seq);
crypto = session->current_crypto->out_cipher;
@@ -117,7 +119,7 @@ unsigned char *packet_encrypt(ssh_session session, void *data, uint32_t len) {
}
if (session->version == 2) {
ctx = hmac_init(session->current_crypto->encryptMAC,20,SSH_HMAC_SHA1);
ctx = hmac_init(session->current_crypto->encryptMAC, hmac_digest_len(type), type);
if (ctx == NULL) {
SAFE_FREE(out);
return NULL;
@@ -126,11 +128,11 @@ unsigned char *packet_encrypt(ssh_session session, void *data, uint32_t len) {
hmac_update(ctx,data,len);
hmac_final(ctx,session->current_crypto->hmacbuf,&finallen);
#ifdef DEBUG_CRYPTO
ssh_print_hexa("mac: ",data,len);
if (finallen != 20) {
ssh_print_hexa("mac: ",data,hmac_digest_len(type));
if (finallen != hmac_digest_len(type)) {
printf("Final len is %d\n",finallen);
}
ssh_print_hexa("Packet hmac", session->current_crypto->hmacbuf, 20);
ssh_print_hexa("Packet hmac", session->current_crypto->hmacbuf, hmac_digest_len(type));
#endif
}
@@ -160,13 +162,13 @@ unsigned char *packet_encrypt(ssh_session session, void *data, uint32_t len) {
* occurred.
*/
int packet_hmac_verify(ssh_session session, ssh_buffer buffer,
unsigned char *mac) {
unsigned char hmacbuf[EVP_MAX_MD_SIZE] = {0};
unsigned char *mac, enum ssh_hmac_e type) {
unsigned char hmacbuf[DIGEST_MAX_LEN] = {0};
HMACCTX ctx;
unsigned int len;
uint32_t seq;
ctx = hmac_init(session->current_crypto->decryptMAC, 20, SSH_HMAC_SHA1);
ctx = hmac_init(session->current_crypto->decryptMAC, hmac_digest_len(type), type);
if (ctx == NULL) {
return -1;
}