lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-11-27 13:21:11 +03:00
Code Activity

Add flag for tracking EtM HMACs

Browse Source 
This adds a flag to the type structures to track if we use a
Encrypt-then-MAC cipher instead of Encrypt-and-MAC. EtM is a more secure
hashing mechanism.

Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com>
Reviewed-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
This commit is contained in:
Dirkjan Bussink
2019-02-08 19:44:36 +00:00
committed by Andreas Schneider
parent c6608c9211
commit e4c7912b35
4 changed files with 23 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
include/libssh/crypto.h
View File

@@ -25,6 +25,7 @@
#ifndef _CRYPTO_H_ #ifndef _CRYPTO_H_
#define _CRYPTO_H_ #define _CRYPTO_H_
#include <stdbool.h>
#include "config.h" #include "config.h"
#ifdef HAVE_LIBGCRYPT #ifdef HAVE_LIBGCRYPT
@@ -133,6 +134,7 @@ struct ssh_crypto_struct {
unsigned char hmacbuf[DIGEST_MAX_LEN]; unsigned char hmacbuf[DIGEST_MAX_LEN];
struct ssh_cipher_struct *in_cipher, *out_cipher; /* the cipher structures/objects */ struct ssh_cipher_struct *in_cipher, *out_cipher; /* the cipher structures/objects */
enum ssh_hmac_e in_hmac, out_hmac; /* the MAC algorithms used */ enum ssh_hmac_e in_hmac, out_hmac; /* the MAC algorithms used */
bool in_hmac_etm, out_hmac_etm; /* Whether EtM mode is used or not */
ssh_key server_pubkey; ssh_key server_pubkey;
int do_compress_out; /* idem */ int do_compress_out; /* idem */

5
include/libssh/wrapper.h
View File

@@ -21,6 +21,8 @@
#ifndef WRAPPER_H_ #ifndef WRAPPER_H_
#define WRAPPER_H_ #define WRAPPER_H_
#include <stdbool.h>
#include "config.h" #include "config.h"
#include "libssh/libssh.h" #include "libssh/libssh.h"
#include "libssh/libcrypto.h" #include "libssh/libcrypto.h"
@@ -58,6 +60,7 @@ enum ssh_des_e {
struct ssh_hmac_struct { struct ssh_hmac_struct {
const char* name; const char* name;
enum ssh_hmac_e hmac_type; enum ssh_hmac_e hmac_type;
bool etm;
}; };
enum ssh_crypto_direction_e { enum ssh_crypto_direction_e {
@@ -119,6 +122,6 @@ void ssh_crypto_finalize(void);
void ssh_cipher_clear(struct ssh_cipher_struct *cipher); void ssh_cipher_clear(struct ssh_cipher_struct *cipher);
struct ssh_hmac_struct *ssh_get_hmactab(void); struct ssh_hmac_struct *ssh_get_hmactab(void);
struct ssh_cipher_struct *ssh_get_ciphertab(void); struct ssh_cipher_struct *ssh_get_ciphertab(void);
const char *ssh_hmac_type_to_string(enum ssh_hmac_e hmac_type); const char *ssh_hmac_type_to_string(enum ssh_hmac_e hmac_type, bool etm);
#endif /* WRAPPER_H_ */ #endif /* WRAPPER_H_ */

4
src/session.c
View File

@@ -419,7 +419,7 @@ const char* ssh_get_cipher_out(ssh_session session) {
const char* ssh_get_hmac_in(ssh_session session) { const char* ssh_get_hmac_in(ssh_session session) {
if ((session != NULL) && if ((session != NULL) &&
(session->current_crypto != NULL)) { (session->current_crypto != NULL)) {
return ssh_hmac_type_to_string(session->current_crypto->in_hmac); return ssh_hmac_type_to_string(session->current_crypto->in_hmac, session->current_crypto->in_hmac_etm);
} }
return NULL; return NULL;
} }
@@ -434,7 +434,7 @@ const char* ssh_get_hmac_in(ssh_session session) {
const char* ssh_get_hmac_out(ssh_session session) { const char* ssh_get_hmac_out(ssh_session session) {
if ((session != NULL) && if ((session != NULL) &&
(session->current_crypto != NULL)) { (session->current_crypto != NULL)) {
return ssh_hmac_type_to_string(session->current_crypto->out_hmac); return ssh_hmac_type_to_string(session->current_crypto->out_hmac, session->current_crypto->out_hmac_etm);
} }
return NULL; return NULL;
} }

24
src/wrapper.c
View File

@@ -56,13 +56,13 @@
#include "libssh/curve25519.h" #include "libssh/curve25519.h"
static struct ssh_hmac_struct ssh_hmac_tab[] = { static struct ssh_hmac_struct ssh_hmac_tab[] = {
{ "hmac-sha1", SSH_HMAC_SHA1 }, { "hmac-sha1", SSH_HMAC_SHA1, false },
{ "hmac-sha2-256", SSH_HMAC_SHA256 }, { "hmac-sha2-256", SSH_HMAC_SHA256, false },
{ "hmac-sha2-512", SSH_HMAC_SHA512 }, { "hmac-sha2-512", SSH_HMAC_SHA512, false },
{ "hmac-md5", SSH_HMAC_MD5 }, { "hmac-md5", SSH_HMAC_MD5, false },
{ "aead-poly1305", SSH_HMAC_AEAD_POLY1305 }, { "aead-poly1305", SSH_HMAC_AEAD_POLY1305, false },
{ "aead-gcm", SSH_HMAC_AEAD_GCM }, { "aead-gcm", SSH_HMAC_AEAD_GCM, false },
{ NULL, 0} { NULL, 0, false }
}; };
struct ssh_hmac_struct *ssh_get_hmactab(void) { struct ssh_hmac_struct *ssh_get_hmactab(void) {
@@ -88,11 +88,13 @@ size_t hmac_digest_len(enum ssh_hmac_e type) {
} }
} }
const char *ssh_hmac_type_to_string(enum ssh_hmac_e hmac_type) const char *ssh_hmac_type_to_string(enum ssh_hmac_e hmac_type, bool etm)
{ {
int i = 0; int i = 0;
struct ssh_hmac_struct *ssh_hmactab = ssh_get_hmactab(); struct ssh_hmac_struct *ssh_hmactab = ssh_get_hmactab();
while (ssh_hmactab[i].name && (ssh_hmactab[i].hmac_type != hmac_type)) { while (ssh_hmactab[i].name &&
((ssh_hmactab[i].hmac_type != hmac_type) ||
(ssh_hmactab[i].etm != etm))) {
i++; i++;
} }
return ssh_hmactab[i].name; return ssh_hmactab[i].name;
@@ -293,6 +295,7 @@ static int crypt_set_algorithms2(ssh_session session)
SSH_LOG(SSH_LOG_PACKET, "Set HMAC output algorithm to %s", wanted); SSH_LOG(SSH_LOG_PACKET, "Set HMAC output algorithm to %s", wanted);
session->next_crypto->out_hmac = ssh_hmactab[i].hmac_type; session->next_crypto->out_hmac = ssh_hmactab[i].hmac_type;
session->next_crypto->out_hmac_etm = ssh_hmactab[i].etm;
/* in */ /* in */
wanted = session->next_crypto->kex_methods[SSH_CRYPT_S_C]; wanted = session->next_crypto->kex_methods[SSH_CRYPT_S_C];
@@ -346,6 +349,7 @@ static int crypt_set_algorithms2(ssh_session session)
SSH_LOG(SSH_LOG_PACKET, "Set HMAC input algorithm to %s", wanted); SSH_LOG(SSH_LOG_PACKET, "Set HMAC input algorithm to %s", wanted);
session->next_crypto->in_hmac = ssh_hmactab[i].hmac_type; session->next_crypto->in_hmac = ssh_hmactab[i].hmac_type;
session->next_crypto->in_hmac_etm = ssh_hmactab[i].etm;
/* compression */ /* compression */
cmp = strcmp(session->next_crypto->kex_methods[SSH_COMP_C_S], "zlib"); cmp = strcmp(session->next_crypto->kex_methods[SSH_COMP_C_S], "zlib");
@@ -443,6 +447,7 @@ int crypt_set_algorithms_server(ssh_session session){
SSH_LOG(SSH_LOG_PACKET, "Set HMAC output algorithm to %s", method); SSH_LOG(SSH_LOG_PACKET, "Set HMAC output algorithm to %s", method);
session->next_crypto->out_hmac = ssh_hmactab[i].hmac_type; session->next_crypto->out_hmac = ssh_hmactab[i].hmac_type;
session->next_crypto->out_hmac_etm = ssh_hmactab[i].etm;
/* in */ /* in */
method = session->next_crypto->kex_methods[SSH_CRYPT_C_S]; method = session->next_crypto->kex_methods[SSH_CRYPT_C_S];
@@ -495,6 +500,7 @@ int crypt_set_algorithms_server(ssh_session session){
SSH_LOG(SSH_LOG_PACKET, "Set HMAC input algorithm to %s", method); SSH_LOG(SSH_LOG_PACKET, "Set HMAC input algorithm to %s", method);
session->next_crypto->in_hmac = ssh_hmactab[i].hmac_type; session->next_crypto->in_hmac = ssh_hmactab[i].hmac_type;
session->next_crypto->in_hmac_etm = ssh_hmactab[i].etm;
/* compression */ /* compression */
method = session->next_crypto->kex_methods[SSH_COMP_C_S]; method = session->next_crypto->kex_methods[SSH_COMP_C_S];