lib/libssh2
1
0
Fork 0
mirror of https://github.com/libssh2/libssh2.git synced 2025-08-07 08:02:56 +03:00
Code Activity

src: check hash update/final success

Browse Source 
Also:
- delete unused internal macro `libssh2_md5()` where defined.
- prefix `libssh2_os400qc3_hash*()` function names with underscore.
  These are public/visible, but internal.
- add FIXMEs to OS/400 code to verify update/final calls; some OS API,
  some internal.

Ref: https://github.com/libssh2/libssh2/pull/1301#discussion_r1446861650
Reviewed-by: Michael Buckley
Reviewed-by: Patrick Monnerat
Closes #1303
This commit is contained in:
Viktor Szakats
2024-01-10 12:22:21 +00:00
parent 4f551d2bac
commit 4718ede4e0
15 changed files with 581 additions and 400 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
docs/HACKING-CRYPTO
View File

@@ -98,20 +98,22 @@ int libssh2_sha1_init(libssh2_sha1_ctx *x);
Initializes the SHA-1 computation context at x. Initializes the SHA-1 computation context at x.
Returns 1 for success and 0 for failure Returns 1 for success and 0 for failure
void libssh2_sha1_update(libssh2_sha1_ctx ctx, int libssh2_sha1_update(libssh2_sha1_ctx ctx,
const unsigned char *data, const unsigned char *data,
size_t len); size_t len);
Continue computation of SHA-1 on len bytes at data using context ctx. Continue computation of SHA-1 on len bytes at data using context ctx.
Note: if the ctx parameter is modified by the underlying code, Note: if the ctx parameter is modified by the underlying code,
this procedure must be implemented as a macro to map ctx --> &ctx. this procedure must be implemented as a macro to map ctx --> &ctx.
Must return 1 for success and 0 for failure.
void libssh2_sha1_final(libssh2_sha1_ctx ctx, int libssh2_sha1_final(libssh2_sha1_ctx ctx,
unsigned char output[SHA_DIGEST_LEN]); unsigned char output[SHA_DIGEST_LEN]);
Get the computed SHA-1 signature from context ctx and store it into the Get the computed SHA-1 signature from context ctx and store it into the
output buffer. output buffer.
Release the context. Release the context.
Note: if the ctx parameter is modified by the underlying code, Note: if the ctx parameter is modified by the underlying code,
this procedure must be implemented as a macro to map ctx --> &ctx. this procedure must be implemented as a macro to map ctx --> &ctx.
Must return 1 for success and 0 for failure.
int libssh2_hmac_sha1_init(libssh2_hmac_ctx *ctx, int libssh2_hmac_sha1_init(libssh2_hmac_ctx *ctx,
const void *key, const void *key,
@@ -133,19 +135,21 @@ int libssh2_sha256_init(libssh2_sha256_ctx *x);
Initializes the SHA-256 computation context at x. Initializes the SHA-256 computation context at x.
Returns 1 for success and 0 for failure Returns 1 for success and 0 for failure
void libssh2_sha256_update(libssh2_sha256_ctx ctx, int libssh2_sha256_update(libssh2_sha256_ctx ctx,
const unsigned char *data, const unsigned char *data,
size_t len); size_t len);
Continue computation of SHA-256 on len bytes at data using context ctx. Continue computation of SHA-256 on len bytes at data using context ctx.
Note: if the ctx parameter is modified by the underlying code, Note: if the ctx parameter is modified by the underlying code,
this procedure must be implemented as a macro to map ctx --> &ctx. this procedure must be implemented as a macro to map ctx --> &ctx.
Must return 1 for success and 0 for failure.
void libssh2_sha256_final(libssh2_sha256_ctx ctx, int libssh2_sha256_final(libssh2_sha256_ctx ctx,
unsigned char output[SHA256_DIGEST_LENGTH]); unsigned char output[SHA256_DIGEST_LENGTH]);
Gets the computed SHA-256 signature from context ctx into the output buffer. Gets the computed SHA-256 signature from context ctx into the output buffer.
Release the context. Release the context.
Note: if the ctx parameter is modified by the underlying code, Note: if the ctx parameter is modified by the underlying code,
this procedure must be implemented as a macro to map ctx --> &ctx. this procedure must be implemented as a macro to map ctx --> &ctx.
Must return 1 for success and 0 for failure.
int libssh2_sha256(const unsigned char *message, int libssh2_sha256(const unsigned char *message,
size_t len, size_t len,
@@ -179,19 +183,21 @@ int libssh2_sha384_init(libssh2_sha384_ctx *x);
Initializes the SHA-384 computation context at x. Initializes the SHA-384 computation context at x.
Returns 1 for success and 0 for failure Returns 1 for success and 0 for failure
void libssh2_sha384_update(libssh2_sha384_ctx ctx, int libssh2_sha384_update(libssh2_sha384_ctx ctx,
const unsigned char *data, const unsigned char *data,
size_t len); size_t len);
Continue computation of SHA-384 on len bytes at data using context ctx. Continue computation of SHA-384 on len bytes at data using context ctx.
Note: if the ctx parameter is modified by the underlying code, Note: if the ctx parameter is modified by the underlying code,
this procedure must be implemented as a macro to map ctx --> &ctx. this procedure must be implemented as a macro to map ctx --> &ctx.
Must return 1 for success and 0 for failure.
void libssh2_sha384_final(libssh2_sha384_ctx ctx, int libssh2_sha384_final(libssh2_sha384_ctx ctx,
unsigned char output[SHA384_DIGEST_LENGTH]); unsigned char output[SHA384_DIGEST_LENGTH]);
Gets the computed SHA-384 signature from context ctx into the output buffer. Gets the computed SHA-384 signature from context ctx into the output buffer.
Release the context. Release the context.
Note: if the ctx parameter is modified by the underlying code, Note: if the ctx parameter is modified by the underlying code,
this procedure must be implemented as a macro to map ctx --> &ctx. this procedure must be implemented as a macro to map ctx --> &ctx.
Must return 1 for success and 0 for failure.
int libssh2_sha384(const unsigned char *message, int libssh2_sha384(const unsigned char *message,
size_t len, size_t len,
@@ -213,19 +219,21 @@ int libssh2_sha512_init(libssh2_sha512_ctx *x);
Initializes the SHA-512 computation context at x. Initializes the SHA-512 computation context at x.
Returns 1 for success and 0 for failure Returns 1 for success and 0 for failure
void libssh2_sha512_update(libssh2_sha512_ctx ctx, int libssh2_sha512_update(libssh2_sha512_ctx ctx,
const unsigned char *data, const unsigned char *data,
size_t len); size_t len);
Continue computation of SHA-512 on len bytes at data using context ctx. Continue computation of SHA-512 on len bytes at data using context ctx.
Note: if the ctx parameter is modified by the underlying code, Note: if the ctx parameter is modified by the underlying code,
this procedure must be implemented as a macro to map ctx --> &ctx. this procedure must be implemented as a macro to map ctx --> &ctx.
Must return 1 for success and 0 for failure.
void libssh2_sha512_final(libssh2_sha512_ctx ctx, int libssh2_sha512_final(libssh2_sha512_ctx ctx,
unsigned char output[SHA512_DIGEST_LENGTH]); unsigned char output[SHA512_DIGEST_LENGTH]);
Gets the computed SHA-512 signature from context ctx into the output buffer. Gets the computed SHA-512 signature from context ctx into the output buffer.
Release the context. Release the context.
Note: if the ctx parameter is modified by the underlying code, Note: if the ctx parameter is modified by the underlying code,
this procedure must be implemented as a macro to map ctx --> &ctx. this procedure must be implemented as a macro to map ctx --> &ctx.
Must return 1 for success and 0 for failure.
int libssh2_sha512(const unsigned char *message, int libssh2_sha512(const unsigned char *message,
size_t len, size_t len,
@@ -261,20 +269,22 @@ int libssh2_md5_init(libssh2_md5_ctx *x);
Initializes the MD5 computation context at x. Initializes the MD5 computation context at x.
Returns 1 for success and 0 for failure Returns 1 for success and 0 for failure
void libssh2_md5_update(libssh2_md5_ctx ctx, int libssh2_md5_update(libssh2_md5_ctx ctx,
const unsigned char *data, const unsigned char *data,
size_t len); size_t len);
Continues computation of MD5 on len bytes at data using context ctx. Continues computation of MD5 on len bytes at data using context ctx.
Returns 1 for success and 0 for failure. Returns 1 for success and 0 for failure.
Note: if the ctx parameter is modified by the underlying code, Note: if the ctx parameter is modified by the underlying code,
this procedure must be implemented as a macro to map ctx --> &ctx. this procedure must be implemented as a macro to map ctx --> &ctx.
Must return 1 for success and 0 for failure.
void libssh2_md5_final(libssh2_md5_ctx ctx, int libssh2_md5_final(libssh2_md5_ctx ctx,
unsigned char output[MD5_DIGEST_LENGTH]); unsigned char output[MD5_DIGEST_LENGTH]);
Gets the computed MD5 signature from context ctx into the output buffer. Gets the computed MD5 signature from context ctx into the output buffer.
Release the context. Release the context.
Note: if the ctx parameter is modified by the underlying code, Note: if the ctx parameter is modified by the underlying code,
this procedure must be implemented as a macro to map ctx --> &ctx. this procedure must be implemented as a macro to map ctx --> &ctx.
Must return 1 for success and 0 for failure.
int libssh2_hmac_md5_init(libssh2_hmac_ctx *ctx, int libssh2_hmac_md5_init(libssh2_hmac_ctx *ctx,
const void *key, const void *key,

1
include/libssh2.h
View File

@@ -589,6 +589,7 @@ typedef struct _LIBSSH2_POLLFD {
#define LIBSSH2_ERROR_ALGO_UNSUPPORTED -51 #define LIBSSH2_ERROR_ALGO_UNSUPPORTED -51
#define LIBSSH2_ERROR_MAC_FAILURE -52 #define LIBSSH2_ERROR_MAC_FAILURE -52
#define LIBSSH2_ERROR_HASH_INIT -53 #define LIBSSH2_ERROR_HASH_INIT -53
#define LIBSSH2_ERROR_HASH_CALC -54
/* this is a define to provide the old (<= 1.2.7) name */ /* this is a define to provide the old (<= 1.2.7) name */
#define LIBSSH2_ERROR_BANNER_NONE LIBSSH2_ERROR_BANNER_RECV #define LIBSSH2_ERROR_BANNER_NONE LIBSSH2_ERROR_BANNER_RECV

18
src/bcrypt_pbkdf.c
View File

@@ -127,12 +127,12 @@ bcrypt_pbkdf(const char *pass, size_t passlen, const uint8_t *salt,
memcpy(countsalt, salt, saltlen); memcpy(countsalt, salt, saltlen);
/* collapse password */ /* collapse password */
if(!libssh2_sha512_init(&ctx)) { if(!libssh2_sha512_init(&ctx) ||
!libssh2_sha512_update(ctx, pass, passlen) ||
!libssh2_sha512_final(ctx, sha2pass)) {
free(countsalt); free(countsalt);
return -1; return -1;
} }
libssh2_sha512_update(ctx, pass, passlen);
libssh2_sha512_final(ctx, sha2pass);
/* generate key, sizeof(out) at a time */ /* generate key, sizeof(out) at a time */
for(count = 1; keylen > 0; count++) { for(count = 1; keylen > 0; count++) {
@@ -142,26 +142,26 @@ bcrypt_pbkdf(const char *pass, size_t passlen, const uint8_t *salt,
countsalt[saltlen + 3] = count & 0xff; countsalt[saltlen + 3] = count & 0xff;
/* first round, salt is salt */ /* first round, salt is salt */
if(!libssh2_sha512_init(&ctx)) { if(!libssh2_sha512_init(&ctx) ||
!libssh2_sha512_update(ctx, countsalt, saltlen + 4) ||
!libssh2_sha512_final(ctx, sha2salt)) {
_libssh2_explicit_zero(out, sizeof(out)); _libssh2_explicit_zero(out, sizeof(out));
free(countsalt); free(countsalt);
return -1; return -1;
} }
libssh2_sha512_update(ctx, countsalt, saltlen + 4);
libssh2_sha512_final(ctx, sha2salt);
bcrypt_hash(sha2pass, sha2salt, tmpout); bcrypt_hash(sha2pass, sha2salt, tmpout);
memcpy(out, tmpout, sizeof(out)); memcpy(out, tmpout, sizeof(out));
for(i = 1; i < rounds; i++) { for(i = 1; i < rounds; i++) {
/* subsequent rounds, salt is previous output */ /* subsequent rounds, salt is previous output */
if(!libssh2_sha512_init(&ctx)) { if(!libssh2_sha512_init(&ctx) ||
!libssh2_sha512_update(ctx, tmpout, sizeof(tmpout)) ||
!libssh2_sha512_final(ctx, sha2salt)) {
_libssh2_explicit_zero(out, sizeof(out)); _libssh2_explicit_zero(out, sizeof(out));
free(countsalt); free(countsalt);
return -1; return -1;
} }
libssh2_sha512_update(ctx, tmpout, sizeof(tmpout));
libssh2_sha512_final(ctx, sha2salt);
bcrypt_hash(sha2pass, sha2salt, tmpout); bcrypt_hash(sha2pass, sha2salt, tmpout);
for(j = 0; j < sizeof(out); j++) for(j = 0; j < sizeof(out); j++)

58
src/hostkey.c
View File

@@ -242,13 +242,18 @@ hostkey_method_ssh_rsa_signv(LIBSSH2_SESSION * session,
unsigned char hash[SHA_DIGEST_LENGTH]; unsigned char hash[SHA_DIGEST_LENGTH];
libssh2_sha1_ctx ctx; libssh2_sha1_ctx ctx;
if(!libssh2_sha1_init(&ctx)) if(!libssh2_sha1_init(&ctx)) {
return -1;
}
for(i = 0; i < veccount; i++) {
if(!libssh2_sha1_update(ctx,
datavec[i].iov_base, datavec[i].iov_len)) {
return -1;
}
}
if(!libssh2_sha1_final(ctx, hash)) {
return -1; return -1;
for(i = 0; i < veccount; i++) {
libssh2_sha1_update(ctx, datavec[i].iov_base, datavec[i].iov_len);
} }
libssh2_sha1_final(ctx, hash);
ret = _libssh2_rsa_sha1_sign(session, rsactx, hash, SHA_DIGEST_LENGTH, ret = _libssh2_rsa_sha1_sign(session, rsactx, hash, SHA_DIGEST_LENGTH,
signature, signature_len); signature, signature_len);
@@ -318,9 +323,14 @@ hostkey_method_ssh_rsa_sha2_256_signv(LIBSSH2_SESSION * session,
return -1; return -1;
} }
for(i = 0; i < veccount; i++) { for(i = 0; i < veccount; i++) {
libssh2_sha256_update(ctx, datavec[i].iov_base, datavec[i].iov_len); if(!libssh2_sha256_update(ctx,
datavec[i].iov_base, datavec[i].iov_len)) {
return -1;
}
}
if(!libssh2_sha256_final(ctx, hash)) {
return -1;
} }
libssh2_sha256_final(ctx, hash);
ret = _libssh2_rsa_sha2_sign(session, rsactx, hash, SHA256_DIGEST_LENGTH, ret = _libssh2_rsa_sha2_sign(session, rsactx, hash, SHA256_DIGEST_LENGTH,
signature, signature_len); signature, signature_len);
@@ -388,9 +398,14 @@ hostkey_method_ssh_rsa_sha2_512_signv(LIBSSH2_SESSION * session,
return -1; return -1;
} }
for(i = 0; i < veccount; i++) { for(i = 0; i < veccount; i++) {
libssh2_sha512_update(ctx, datavec[i].iov_base, datavec[i].iov_len); if(!libssh2_sha512_update(ctx,
datavec[i].iov_base, datavec[i].iov_len)) {
return -1;
}
}
if(!libssh2_sha512_final(ctx, hash)) {
return -1;
} }
libssh2_sha512_final(ctx, hash);
ret = _libssh2_rsa_sha2_sign(session, rsactx, hash, SHA512_DIGEST_LENGTH, ret = _libssh2_rsa_sha2_sign(session, rsactx, hash, SHA512_DIGEST_LENGTH,
signature, signature_len); signature, signature_len);
@@ -675,9 +690,14 @@ hostkey_method_ssh_dss_signv(LIBSSH2_SESSION * session,
*signature_len = 2 * SHA_DIGEST_LENGTH; *signature_len = 2 * SHA_DIGEST_LENGTH;
for(i = 0; i < veccount; i++) { for(i = 0; i < veccount; i++) {
libssh2_sha1_update(ctx, datavec[i].iov_base, datavec[i].iov_len); if(!libssh2_sha1_update(ctx,
datavec[i].iov_base, datavec[i].iov_len)) {
return -1;
}
}
if(!libssh2_sha1_final(ctx, hash)) {
return -1;
} }
libssh2_sha1_final(ctx, hash);
if(_libssh2_dsa_sha1_sign(dsactx, hash, SHA_DIGEST_LENGTH, *signature)) { if(_libssh2_dsa_sha1_sign(dsactx, hash, SHA_DIGEST_LENGTH, *signature)) {
LIBSSH2_FREE(session, *signature); LIBSSH2_FREE(session, *signature);
@@ -926,10 +946,20 @@ hostkey_method_ssh_ecdsa_sig_verify(LIBSSH2_SESSION * session,
break; \ break; \
} \ } \
for(i = 0; i < veccount; i++) { \ for(i = 0; i < veccount; i++) { \
libssh2_sha##digest_type##_update(ctx, datavec[i].iov_base, \ if(!libssh2_sha##digest_type##_update(ctx, \
datavec[i].iov_len); \ datavec[i].iov_base, \
datavec[i].iov_len)) { \
ret = -1; \
break; \
} \
} \
if(ret == -1) { \
break; \
} \
if(!libssh2_sha##digest_type##_final(ctx, hash)) { \
ret = -1; \
break; \
} \ } \
libssh2_sha##digest_type##_final(ctx, hash); \
ret = _libssh2_ecdsa_sign(session, ec_ctx, hash, \ ret = _libssh2_ecdsa_sign(session, ec_ctx, hash, \
SHA##digest_type##_DIGEST_LENGTH, \ SHA##digest_type##_DIGEST_LENGTH, \
signature, signature_len); \ signature, signature_len); \

225
src/kex.c
View File

@@ -81,26 +81,40 @@ do { \
} \ } \
if(value) \ if(value) \
while(len < (size_t)reqlen) { \ while(len < (size_t)reqlen) { \
if(!libssh2_sha##digest_type##_init(&hash)) { \ if(!libssh2_sha##digest_type##_init(&hash) || \
!libssh2_sha##digest_type##_update(hash, \
exchange_state->k_value, \
exchange_state->k_value_len) || \
!libssh2_sha##digest_type##_update(hash, \
exchange_state->h_sig_comp, \
SHA##digest_type##_DIGEST_LENGTH)) { \
LIBSSH2_FREE(session, value); \ LIBSSH2_FREE(session, value); \
value = NULL; \ value = NULL; \
break; \ break; \
} \ } \
libssh2_sha##digest_type##_update(hash, \
exchange_state->k_value, \
exchange_state->k_value_len); \
libssh2_sha##digest_type##_update(hash, \
exchange_state->h_sig_comp, \
SHA##digest_type##_DIGEST_LENGTH); \
if(len > 0) { \ if(len > 0) { \
libssh2_sha##digest_type##_update(hash, value, len); \ if(!libssh2_sha##digest_type##_update(hash, value, len)) { \
LIBSSH2_FREE(session, value); \
value = NULL; \
break; \
} \
} \ } \
else { \ else { \
libssh2_sha##digest_type##_update(hash, (version), 1); \ if(!libssh2_sha##digest_type##_update(hash, \
libssh2_sha##digest_type##_update(hash, session->session_id,\ (version), 1) || \
session->session_id_len); \ !libssh2_sha##digest_type##_update(hash, \
session->session_id, \
session->session_id_len)) { \
LIBSSH2_FREE(session, value); \
value = NULL; \
break; \
} \
} \
if(!libssh2_sha##digest_type##_final(hash, (value) + len)) { \
LIBSSH2_FREE(session, value); \
value = NULL; \
break; \
} \ } \
libssh2_sha##digest_type##_final(hash, (value) + len); \
len += SHA##digest_type##_DIGEST_LENGTH; \ len += SHA##digest_type##_DIGEST_LENGTH; \
} \ } \
} while(0) } while(0)
@@ -134,56 +148,58 @@ static int _libssh2_sha_algo_ctx_init(int sha_algo, void *ctx)
return 0; return 0;
} }
static void _libssh2_sha_algo_ctx_update(int sha_algo, void *ctx, static int _libssh2_sha_algo_ctx_update(int sha_algo, void *ctx,
void *data, size_t len) void *data, size_t len)
{ {
if(sha_algo == 512) { if(sha_algo == 512) {
libssh2_sha512_ctx *_ctx = (libssh2_sha512_ctx*)ctx; libssh2_sha512_ctx *_ctx = (libssh2_sha512_ctx*)ctx;
libssh2_sha512_update(*_ctx, data, len); return libssh2_sha512_update(*_ctx, data, len);
} }
else if(sha_algo == 384) { else if(sha_algo == 384) {
libssh2_sha384_ctx *_ctx = (libssh2_sha384_ctx*)ctx; libssh2_sha384_ctx *_ctx = (libssh2_sha384_ctx*)ctx;
libssh2_sha384_update(*_ctx, data, len); return libssh2_sha384_update(*_ctx, data, len);
} }
else if(sha_algo == 256) { else if(sha_algo == 256) {
libssh2_sha256_ctx *_ctx = (libssh2_sha256_ctx*)ctx; libssh2_sha256_ctx *_ctx = (libssh2_sha256_ctx*)ctx;
libssh2_sha256_update(*_ctx, data, len); return libssh2_sha256_update(*_ctx, data, len);
} }
else if(sha_algo == 1) { else if(sha_algo == 1) {
libssh2_sha1_ctx *_ctx = (libssh2_sha1_ctx*)ctx; libssh2_sha1_ctx *_ctx = (libssh2_sha1_ctx*)ctx;
libssh2_sha1_update(*_ctx, data, len); return libssh2_sha1_update(*_ctx, data, len);
} }
else { else {
#ifdef LIBSSH2DEBUG #ifdef LIBSSH2DEBUG
assert(0); assert(0);
#endif #endif
} }
return 0;
} }
static void _libssh2_sha_algo_ctx_final(int sha_algo, void *ctx, static int _libssh2_sha_algo_ctx_final(int sha_algo, void *ctx,
void *hash) void *hash)
{ {
if(sha_algo == 512) { if(sha_algo == 512) {
libssh2_sha512_ctx *_ctx = (libssh2_sha512_ctx*)ctx; libssh2_sha512_ctx *_ctx = (libssh2_sha512_ctx*)ctx;
libssh2_sha512_final(*_ctx, hash); return libssh2_sha512_final(*_ctx, hash);
} }
else if(sha_algo == 384) { else if(sha_algo == 384) {
libssh2_sha384_ctx *_ctx = (libssh2_sha384_ctx*)ctx; libssh2_sha384_ctx *_ctx = (libssh2_sha384_ctx*)ctx;
libssh2_sha384_final(*_ctx, hash); return libssh2_sha384_final(*_ctx, hash);
} }
else if(sha_algo == 256) { else if(sha_algo == 256) {
libssh2_sha256_ctx *_ctx = (libssh2_sha256_ctx*)ctx; libssh2_sha256_ctx *_ctx = (libssh2_sha256_ctx*)ctx;
libssh2_sha256_final(*_ctx, hash); return libssh2_sha256_final(*_ctx, hash);
} }
else if(sha_algo == 1) { else if(sha_algo == 1) {
libssh2_sha1_ctx *_ctx = (libssh2_sha1_ctx*)ctx; libssh2_sha1_ctx *_ctx = (libssh2_sha1_ctx*)ctx;
libssh2_sha1_final(*_ctx, hash); return libssh2_sha1_final(*_ctx, hash);
} }
else { else {
#ifdef LIBSSH2DEBUG #ifdef LIBSSH2DEBUG
assert(0); assert(0);
#endif #endif
} }
return 0;
} }
static void _libssh2_sha_algo_value_hash(int sha_algo, static void _libssh2_sha_algo_value_hash(int sha_algo,
@@ -364,6 +380,7 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session,
struct string_buf buf; struct string_buf buf;
size_t host_key_len; size_t host_key_len;
int err; int err;
int hok;
rc = _libssh2_packet_require(session, packet_type_reply, rc = _libssh2_packet_require(session, packet_type_reply,
&exchange_state->s_packet, &exchange_state->s_packet,
@@ -406,11 +423,11 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session,
{ {
libssh2_md5_ctx fingerprint_ctx; libssh2_md5_ctx fingerprint_ctx;
if(libssh2_md5_init(&fingerprint_ctx)) { if(libssh2_md5_init(&fingerprint_ctx) &&
libssh2_md5_update(fingerprint_ctx, session->server_hostkey, libssh2_md5_update(fingerprint_ctx, session->server_hostkey,
session->server_hostkey_len); session->server_hostkey_len) &&
libssh2_md5_final(fingerprint_ctx, libssh2_md5_final(fingerprint_ctx,
session->server_hostkey_md5); session->server_hostkey_md5)) {
session->server_hostkey_md5_valid = TRUE; session->server_hostkey_md5_valid = TRUE;
} }
else { else {
@@ -434,11 +451,11 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session,
{ {
libssh2_sha1_ctx fingerprint_ctx; libssh2_sha1_ctx fingerprint_ctx;
if(libssh2_sha1_init(&fingerprint_ctx)) { if(libssh2_sha1_init(&fingerprint_ctx) &&
libssh2_sha1_update(fingerprint_ctx, session->server_hostkey, libssh2_sha1_update(fingerprint_ctx, session->server_hostkey,
session->server_hostkey_len); session->server_hostkey_len) &&
libssh2_sha1_final(fingerprint_ctx, libssh2_sha1_final(fingerprint_ctx,
session->server_hostkey_sha1); session->server_hostkey_sha1)) {
session->server_hostkey_sha1_valid = TRUE; session->server_hostkey_sha1_valid = TRUE;
} }
else { else {
@@ -461,11 +478,11 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session,
{ {
libssh2_sha256_ctx fingerprint_ctx; libssh2_sha256_ctx fingerprint_ctx;
if(libssh2_sha256_init(&fingerprint_ctx)) { if(libssh2_sha256_init(&fingerprint_ctx) &&
libssh2_sha256_update(fingerprint_ctx, session->server_hostkey, libssh2_sha256_update(fingerprint_ctx, session->server_hostkey,
session->server_hostkey_len); session->server_hostkey_len) &&
libssh2_sha256_final(fingerprint_ctx, libssh2_sha256_final(fingerprint_ctx,
session->server_hostkey_sha256); session->server_hostkey_sha256)) {
session->server_hostkey_sha256_valid = TRUE; session->server_hostkey_sha256_valid = TRUE;
} }
else { else {
@@ -546,55 +563,59 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session,
"Unable to initialize hash context"); "Unable to initialize hash context");
goto clean_exit; goto clean_exit;
} }
hok = 1;
if(session->local.banner) { if(session->local.banner) {
_libssh2_htonu32(exchange_state->h_sig_comp, _libssh2_htonu32(exchange_state->h_sig_comp,
(uint32_t)(strlen((char *) session->local.banner) - 2)); (uint32_t)(strlen((char *) session->local.banner) - 2));
_libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, hok &= _libssh2_sha_algo_ctx_update(sha_algo_value,
exchange_hash_ctx,
exchange_state->h_sig_comp, 4); exchange_state->h_sig_comp, 4);
_libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, hok &= _libssh2_sha_algo_ctx_update(sha_algo_value,
exchange_hash_ctx,
session->local.banner, session->local.banner,
strlen((char *) session->local.banner) - 2); strlen((char *) session->local.banner) - 2);
} }
else { else {
_libssh2_htonu32(exchange_state->h_sig_comp, _libssh2_htonu32(exchange_state->h_sig_comp,
sizeof(LIBSSH2_SSH_DEFAULT_BANNER) - 1); sizeof(LIBSSH2_SSH_DEFAULT_BANNER) - 1);
_libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, hok &= _libssh2_sha_algo_ctx_update(sha_algo_value,
exchange_hash_ctx,
exchange_state->h_sig_comp, 4); exchange_state->h_sig_comp, 4);
_libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, hok &= _libssh2_sha_algo_ctx_update(sha_algo_value,
(unsigned char *) exchange_hash_ctx,
LIBSSH2_SSH_DEFAULT_BANNER, (unsigned char *)LIBSSH2_SSH_DEFAULT_BANNER,
sizeof(LIBSSH2_SSH_DEFAULT_BANNER) - 1); sizeof(LIBSSH2_SSH_DEFAULT_BANNER) - 1);
} }
_libssh2_htonu32(exchange_state->h_sig_comp, _libssh2_htonu32(exchange_state->h_sig_comp,
(uint32_t)strlen((char *) session->remote.banner)); (uint32_t)strlen((char *) session->remote.banner));
_libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, hok &= _libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx,
exchange_state->h_sig_comp, 4); exchange_state->h_sig_comp, 4);
_libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, hok &= _libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx,
session->remote.banner, session->remote.banner,
strlen((char *)session->remote.banner)); strlen((char *)session->remote.banner));
_libssh2_htonu32(exchange_state->h_sig_comp, _libssh2_htonu32(exchange_state->h_sig_comp,
(uint32_t)session->local.kexinit_len); (uint32_t)session->local.kexinit_len);
_libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, hok &= _libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx,
exchange_state->h_sig_comp, 4); exchange_state->h_sig_comp, 4);
_libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, hok &= _libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx,
session->local.kexinit, session->local.kexinit,
session->local.kexinit_len); session->local.kexinit_len);
_libssh2_htonu32(exchange_state->h_sig_comp, _libssh2_htonu32(exchange_state->h_sig_comp,
(uint32_t)session->remote.kexinit_len); (uint32_t)session->remote.kexinit_len);
_libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, hok &= _libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx,
exchange_state->h_sig_comp, 4); exchange_state->h_sig_comp, 4);
_libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, hok &= _libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx,
session->remote.kexinit, session->remote.kexinit,
session->remote.kexinit_len); session->remote.kexinit_len);
_libssh2_htonu32(exchange_state->h_sig_comp, _libssh2_htonu32(exchange_state->h_sig_comp,
session->server_hostkey_len); session->server_hostkey_len);
_libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, hok &= _libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx,
exchange_state->h_sig_comp, 4); exchange_state->h_sig_comp, 4);
_libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, hok &= _libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx,
session->server_hostkey, session->server_hostkey,
session->server_hostkey_len); session->server_hostkey_len);
@@ -606,33 +627,41 @@ static int diffie_hellman_sha_algo(LIBSSH2_SESSION *session,
LIBSSH2_DH_GEX_OPTGROUP); LIBSSH2_DH_GEX_OPTGROUP);
_libssh2_htonu32(exchange_state->h_sig_comp + 8, _libssh2_htonu32(exchange_state->h_sig_comp + 8,
LIBSSH2_DH_GEX_MAXGROUP); LIBSSH2_DH_GEX_MAXGROUP);
_libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, hok &= _libssh2_sha_algo_ctx_update(sha_algo_value,
exchange_state->h_sig_comp, 12); exchange_hash_ctx,
exchange_state->h_sig_comp,
12);
} }
if(midhash) { if(midhash) {
_libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, hok &= _libssh2_sha_algo_ctx_update(sha_algo_value,
exchange_hash_ctx,
midhash, midhash_len); midhash, midhash_len);
} }
_libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, hok &= _libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx,
exchange_state->e_packet + 1, exchange_state->e_packet + 1,
exchange_state->e_packet_len - 1); exchange_state->e_packet_len - 1);
_libssh2_htonu32(exchange_state->h_sig_comp, _libssh2_htonu32(exchange_state->h_sig_comp,
(uint32_t)exchange_state->f_value_len); (uint32_t)exchange_state->f_value_len);
_libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, hok &= _libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx,
exchange_state->h_sig_comp, 4); exchange_state->h_sig_comp, 4);
_libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, hok &= _libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx,
exchange_state->f_value, exchange_state->f_value,
exchange_state->f_value_len); exchange_state->f_value_len);
_libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx, hok &= _libssh2_sha_algo_ctx_update(sha_algo_value, exchange_hash_ctx,
exchange_state->k_value, exchange_state->k_value,
exchange_state->k_value_len); exchange_state->k_value_len);
_libssh2_sha_algo_ctx_final(sha_algo_value, exchange_hash_ctx, if(!hok ||
exchange_state->h_sig_comp); !_libssh2_sha_algo_ctx_final(sha_algo_value, exchange_hash_ctx,
exchange_state->h_sig_comp)) {
ret = _libssh2_error(session, LIBSSH2_ERROR_HASH_CALC,
"kex: failed to calculate hash");
goto clean_exit;
}
err = session->hostkey->sig_verify(session, err = session->hostkey->sig_verify(session,
exchange_state->h_sig, exchange_state->h_sig,
@@ -1601,28 +1630,30 @@ dh_gex_clean_exit:
#define LIBSSH2_KEX_METHOD_EC_SHA_HASH_CREATE_VERIFY(digest_type) \ #define LIBSSH2_KEX_METHOD_EC_SHA_HASH_CREATE_VERIFY(digest_type) \
do { \ do { \
libssh2_sha##digest_type##_ctx ctx; \ libssh2_sha##digest_type##_ctx ctx; \
int hok; \
if(!libssh2_sha##digest_type##_init(&ctx)) { \ if(!libssh2_sha##digest_type##_init(&ctx)) { \
rc = -1; \ rc = -1; \
break; \ break; \
} \ } \
exchange_state->exchange_hash = (void *)&ctx; \ exchange_state->exchange_hash = (void *)&ctx; \
hok = 1; \
if(session->local.banner) { \ if(session->local.banner) { \
_libssh2_htonu32(exchange_state->h_sig_comp, \ _libssh2_htonu32(exchange_state->h_sig_comp, \
(uint32_t)(strlen((char *) session->local.banner) - 2)); \ (uint32_t)(strlen((char *) session->local.banner) - 2)); \
libssh2_sha##digest_type##_update(ctx, \ hok &= libssh2_sha##digest_type##_update(ctx, \
exchange_state->h_sig_comp, 4); \ exchange_state->h_sig_comp, \
libssh2_sha##digest_type##_update(ctx, \ 4); \
hok &= libssh2_sha##digest_type##_update(ctx, \
(char *)session->local.banner, \ (char *)session->local.banner, \
strlen((char *) \ strlen((char *)session->local.banner) \
session->local.banner) \
- 2); \ - 2); \
} \ } \
else { \ else { \
_libssh2_htonu32(exchange_state->h_sig_comp, \ _libssh2_htonu32(exchange_state->h_sig_comp, \
sizeof(LIBSSH2_SSH_DEFAULT_BANNER) - 1); \ sizeof(LIBSSH2_SSH_DEFAULT_BANNER) - 1); \
libssh2_sha##digest_type##_update(ctx, \ hok &= libssh2_sha##digest_type##_update(ctx, \
exchange_state->h_sig_comp, 4); \ exchange_state->h_sig_comp, 4); \
libssh2_sha##digest_type##_update(ctx, \ hok &= libssh2_sha##digest_type##_update(ctx, \
LIBSSH2_SSH_DEFAULT_BANNER, \ LIBSSH2_SSH_DEFAULT_BANNER, \
sizeof(LIBSSH2_SSH_DEFAULT_BANNER) \ sizeof(LIBSSH2_SSH_DEFAULT_BANNER) \
- 1); \ - 1); \
@@ -1630,58 +1661,60 @@ do { \
\ \
_libssh2_htonu32(exchange_state->h_sig_comp, \ _libssh2_htonu32(exchange_state->h_sig_comp, \
(uint32_t)strlen((char *) session->remote.banner)); \ (uint32_t)strlen((char *) session->remote.banner)); \
libssh2_sha##digest_type##_update(ctx, \ hok &= libssh2_sha##digest_type##_update(ctx, \
exchange_state->h_sig_comp, 4); \ exchange_state->h_sig_comp, 4); \
libssh2_sha##digest_type##_update(ctx, \ hok &= libssh2_sha##digest_type##_update(ctx, session->remote.banner, \
session->remote.banner, \ strlen((char *)session->remote.banner)); \
strlen((char *) \
session->remote.banner)); \
\ \
_libssh2_htonu32(exchange_state->h_sig_comp, \ _libssh2_htonu32(exchange_state->h_sig_comp, \
(uint32_t)session->local.kexinit_len); \ (uint32_t)session->local.kexinit_len); \
libssh2_sha##digest_type##_update(ctx, \ hok &= libssh2_sha##digest_type##_update(ctx, \
exchange_state->h_sig_comp, 4); \ exchange_state->h_sig_comp, 4); \
libssh2_sha##digest_type##_update(ctx, \ hok &= libssh2_sha##digest_type##_update(ctx, \
session->local.kexinit, \ session->local.kexinit, \
session->local.kexinit_len); \ session->local.kexinit_len); \
\ \
_libssh2_htonu32(exchange_state->h_sig_comp, \ _libssh2_htonu32(exchange_state->h_sig_comp, \
(uint32_t)session->remote.kexinit_len); \ (uint32_t)session->remote.kexinit_len); \
libssh2_sha##digest_type##_update(ctx, \ hok &= libssh2_sha##digest_type##_update(ctx, \
exchange_state->h_sig_comp, 4); \ exchange_state->h_sig_comp, 4); \
libssh2_sha##digest_type##_update(ctx, \ hok &= libssh2_sha##digest_type##_update(ctx, \
session->remote.kexinit, \ session->remote.kexinit, \
session->remote.kexinit_len); \ session->remote.kexinit_len); \
\ \
_libssh2_htonu32(exchange_state->h_sig_comp, \ _libssh2_htonu32(exchange_state->h_sig_comp, \
session->server_hostkey_len); \ session->server_hostkey_len); \
libssh2_sha##digest_type##_update(ctx, \ hok &= libssh2_sha##digest_type##_update(ctx, \
exchange_state->h_sig_comp, 4); \ exchange_state->h_sig_comp, 4); \
libssh2_sha##digest_type##_update(ctx, \ hok &= libssh2_sha##digest_type##_update(ctx, \
session->server_hostkey, \ session->server_hostkey, \
session->server_hostkey_len); \ session->server_hostkey_len); \
\ \
_libssh2_htonu32(exchange_state->h_sig_comp, \ _libssh2_htonu32(exchange_state->h_sig_comp, \
(uint32_t)public_key_len); \ (uint32_t)public_key_len); \
libssh2_sha##digest_type##_update(ctx, \ hok &= libssh2_sha##digest_type##_update(ctx, \
exchange_state->h_sig_comp, 4); \ exchange_state->h_sig_comp, 4); \
libssh2_sha##digest_type##_update(ctx, \ hok &= libssh2_sha##digest_type##_update(ctx, \
public_key, \ public_key, \
public_key_len); \ public_key_len); \
\ \
_libssh2_htonu32(exchange_state->h_sig_comp, \ _libssh2_htonu32(exchange_state->h_sig_comp, \
(uint32_t)server_public_key_len); \ (uint32_t)server_public_key_len); \
libssh2_sha##digest_type##_update(ctx, \ hok &= libssh2_sha##digest_type##_update(ctx, \
exchange_state->h_sig_comp, 4); \ exchange_state->h_sig_comp, 4); \
libssh2_sha##digest_type##_update(ctx, \ hok &= libssh2_sha##digest_type##_update(ctx, \
server_public_key, \ server_public_key, \
server_public_key_len); \ server_public_key_len); \
\ \
libssh2_sha##digest_type##_update(ctx, \ hok &= libssh2_sha##digest_type##_update(ctx, \
exchange_state->k_value, \ exchange_state->k_value, \
exchange_state->k_value_len); \ exchange_state->k_value_len); \
\ \
libssh2_sha##digest_type##_final(ctx, exchange_state->h_sig_comp); \ if(!hok || \
!libssh2_sha##digest_type##_final(ctx, exchange_state->h_sig_comp)) { \
rc = -1; \
break; \
} \
\ \
if(session->hostkey-> \ if(session->hostkey-> \
sig_verify(session, exchange_state->h_sig, \ sig_verify(session, exchange_state->h_sig, \
@@ -1776,11 +1809,11 @@ static int ecdh_sha2_nistp(LIBSSH2_SESSION *session, libssh2_curve_type type,
{ {
libssh2_md5_ctx fingerprint_ctx; libssh2_md5_ctx fingerprint_ctx;
if(libssh2_md5_init(&fingerprint_ctx)) { if(libssh2_md5_init(&fingerprint_ctx) &&
libssh2_md5_update(fingerprint_ctx, session->server_hostkey, libssh2_md5_update(fingerprint_ctx, session->server_hostkey,
session->server_hostkey_len); session->server_hostkey_len) &&
libssh2_md5_final(fingerprint_ctx, libssh2_md5_final(fingerprint_ctx,
session->server_hostkey_md5); session->server_hostkey_md5)) {
session->server_hostkey_md5_valid = TRUE; session->server_hostkey_md5_valid = TRUE;
} }
else { else {
@@ -1804,11 +1837,11 @@ static int ecdh_sha2_nistp(LIBSSH2_SESSION *session, libssh2_curve_type type,
{ {
libssh2_sha1_ctx fingerprint_ctx; libssh2_sha1_ctx fingerprint_ctx;
if(libssh2_sha1_init(&fingerprint_ctx)) { if(libssh2_sha1_init(&fingerprint_ctx) &&
libssh2_sha1_update(fingerprint_ctx, session->server_hostkey, libssh2_sha1_update(fingerprint_ctx, session->server_hostkey,
session->server_hostkey_len); session->server_hostkey_len) &&
libssh2_sha1_final(fingerprint_ctx, libssh2_sha1_final(fingerprint_ctx,
session->server_hostkey_sha1); session->server_hostkey_sha1)) {
session->server_hostkey_sha1_valid = TRUE; session->server_hostkey_sha1_valid = TRUE;
} }
else { else {
@@ -1832,11 +1865,11 @@ static int ecdh_sha2_nistp(LIBSSH2_SESSION *session, libssh2_curve_type type,
{ {
libssh2_sha256_ctx fingerprint_ctx; libssh2_sha256_ctx fingerprint_ctx;
if(libssh2_sha256_init(&fingerprint_ctx)) { if(libssh2_sha256_init(&fingerprint_ctx) &&
libssh2_sha256_update(fingerprint_ctx, session->server_hostkey, libssh2_sha256_update(fingerprint_ctx, session->server_hostkey,
session->server_hostkey_len); session->server_hostkey_len) &&
libssh2_sha256_final(fingerprint_ctx, libssh2_sha256_final(fingerprint_ctx,
session->server_hostkey_sha256); session->server_hostkey_sha256)) {
session->server_hostkey_sha256_valid = TRUE; session->server_hostkey_sha256_valid = TRUE;
} }
else { else {
@@ -2407,11 +2440,11 @@ curve25519_sha256(LIBSSH2_SESSION *session, unsigned char *data,
{ {
libssh2_md5_ctx fingerprint_ctx; libssh2_md5_ctx fingerprint_ctx;
if(libssh2_md5_init(&fingerprint_ctx)) { if(libssh2_md5_init(&fingerprint_ctx) &&
libssh2_md5_update(fingerprint_ctx, session->server_hostkey, libssh2_md5_update(fingerprint_ctx, session->server_hostkey,
session->server_hostkey_len); session->server_hostkey_len) &&
libssh2_md5_final(fingerprint_ctx, libssh2_md5_final(fingerprint_ctx,
session->server_hostkey_md5); session->server_hostkey_md5)) {
session->server_hostkey_md5_valid = TRUE; session->server_hostkey_md5_valid = TRUE;
} }
else { else {
@@ -2435,11 +2468,11 @@ curve25519_sha256(LIBSSH2_SESSION *session, unsigned char *data,
{ {
libssh2_sha1_ctx fingerprint_ctx; libssh2_sha1_ctx fingerprint_ctx;
if(libssh2_sha1_init(&fingerprint_ctx)) { if(libssh2_sha1_init(&fingerprint_ctx) &&
libssh2_sha1_update(fingerprint_ctx, session->server_hostkey, libssh2_sha1_update(fingerprint_ctx, session->server_hostkey,
session->server_hostkey_len); session->server_hostkey_len) &&
libssh2_sha1_final(fingerprint_ctx, libssh2_sha1_final(fingerprint_ctx,
session->server_hostkey_sha1); session->server_hostkey_sha1)) {
session->server_hostkey_sha1_valid = TRUE; session->server_hostkey_sha1_valid = TRUE;
} }
else { else {
@@ -2463,11 +2496,11 @@ curve25519_sha256(LIBSSH2_SESSION *session, unsigned char *data,
{ {
libssh2_sha256_ctx fingerprint_ctx; libssh2_sha256_ctx fingerprint_ctx;
if(libssh2_sha256_init(&fingerprint_ctx)) { if(libssh2_sha256_init(&fingerprint_ctx) &&
libssh2_sha256_update(fingerprint_ctx, session->server_hostkey, libssh2_sha256_update(fingerprint_ctx, session->server_hostkey,
session->server_hostkey_len); session->server_hostkey_len) &&
libssh2_sha256_final(fingerprint_ctx, libssh2_sha256_final(fingerprint_ctx,
session->server_hostkey_sha256); session->server_hostkey_sha256)) {
session->server_hostkey_sha256_valid = TRUE; session->server_hostkey_sha256_valid = TRUE;
} }
else { else {

8
src/libgcrypt.c
View File

@@ -194,7 +194,9 @@ _libssh2_rsa_sha1_verify(libssh2_rsa_ctx * rsa,
gcry_sexp_t s_sig, s_hash; gcry_sexp_t s_sig, s_hash;
int rc = -1; int rc = -1;
libssh2_sha1(m, m_len, hash); if(libssh2_sha1(m, m_len, hash)) {
return -1;
}
rc = gcry_sexp_build(&s_hash, NULL, rc = gcry_sexp_build(&s_hash, NULL,
"(data (flags pkcs1) (hash sha1 %b))", "(data (flags pkcs1) (hash sha1 %b))",
@@ -643,7 +645,9 @@ _libssh2_dsa_sha1_verify(libssh2_dsa_ctx * dsactx,
gcry_sexp_t s_sig, s_hash; gcry_sexp_t s_sig, s_hash;
int rc = -1; int rc = -1;
libssh2_sha1(m, m_len, hash + 1); if(libssh2_sha1(m, m_len, hash + 1)) {
return -1;
}
hash[0] = 0; hash[0] = 0;
if(gcry_sexp_build(&s_hash, NULL, "(data(flags raw)(value %b))", if(gcry_sexp_build(&s_hash, NULL, "(data(flags raw)(value %b))",

42
src/libgcrypt.h
View File

@@ -84,63 +84,59 @@
#define libssh2_prepare_iovec(vec, len) /* Empty. */ #define libssh2_prepare_iovec(vec, len) /* Empty. */
#define libssh2_sha1_ctx gcry_md_hd_t #define libssh2_sha1_ctx gcry_md_hd_t
/* returns 0 in case of failure */ /* returns 0 in case of failure */
#define libssh2_sha1_init(ctx) \ #define libssh2_sha1_init(ctx) \
(GPG_ERR_NO_ERROR == gcry_md_open(ctx, GCRY_MD_SHA1, 0)) (GPG_ERR_NO_ERROR == gcry_md_open(ctx, GCRY_MD_SHA1, 0))
#define libssh2_sha1_update(ctx, data, len) \ #define libssh2_sha1_update(ctx, data, len) \
gcry_md_write(ctx, (unsigned char *) data, len) (gcry_md_write(ctx, (unsigned char *) data, len), 1)
#define libssh2_sha1_final(ctx, out) \ #define libssh2_sha1_final(ctx, out) \
memcpy(out, gcry_md_read(ctx, 0), SHA_DIGEST_LENGTH), gcry_md_close(ctx) (memcpy(out, gcry_md_read(ctx, 0), SHA_DIGEST_LENGTH), \
gcry_md_close(ctx), 1)
#define libssh2_sha1(message, len, out) \ #define libssh2_sha1(message, len, out) \
gcry_md_hash_buffer(GCRY_MD_SHA1, out, message, len) (gcry_md_hash_buffer(GCRY_MD_SHA1, out, message, len), 0)
#define libssh2_sha256_ctx gcry_md_hd_t #define libssh2_sha256_ctx gcry_md_hd_t
#define libssh2_sha256_init(ctx) \ #define libssh2_sha256_init(ctx) \
(GPG_ERR_NO_ERROR == gcry_md_open(ctx, GCRY_MD_SHA256, 0)) (GPG_ERR_NO_ERROR == gcry_md_open(ctx, GCRY_MD_SHA256, 0))
#define libssh2_sha256_update(ctx, data, len) \ #define libssh2_sha256_update(ctx, data, len) \
gcry_md_write(ctx, (unsigned char *) data, len) (gcry_md_write(ctx, (unsigned char *) data, len), 1)
#define libssh2_sha256_final(ctx, out) \ #define libssh2_sha256_final(ctx, out) \
memcpy(out, gcry_md_read(ctx, 0), SHA256_DIGEST_LENGTH), gcry_md_close(ctx) (memcpy(out, gcry_md_read(ctx, 0), SHA256_DIGEST_LENGTH), \
gcry_md_close(ctx), 1)
#define libssh2_sha256(message, len, out) \ #define libssh2_sha256(message, len, out) \
gcry_md_hash_buffer(GCRY_MD_SHA256, out, message, len) (gcry_md_hash_buffer(GCRY_MD_SHA256, out, message, len), 0)
#define libssh2_sha384_ctx gcry_md_hd_t #define libssh2_sha384_ctx gcry_md_hd_t
#define libssh2_sha384_init(ctx) \ #define libssh2_sha384_init(ctx) \
(GPG_ERR_NO_ERROR == gcry_md_open(ctx, GCRY_MD_SHA384, 0)) (GPG_ERR_NO_ERROR == gcry_md_open(ctx, GCRY_MD_SHA384, 0))
#define libssh2_sha384_update(ctx, data, len) \ #define libssh2_sha384_update(ctx, data, len) \
gcry_md_write(ctx, (unsigned char *) data, len) (gcry_md_write(ctx, (unsigned char *) data, len), 1)
#define libssh2_sha384_final(ctx, out) \ #define libssh2_sha384_final(ctx, out) \
memcpy(out, gcry_md_read(ctx, 0), SHA384_DIGEST_LENGTH), gcry_md_close(ctx) (memcpy(out, gcry_md_read(ctx, 0), SHA384_DIGEST_LENGTH), \
gcry_md_close(ctx), 1)
#define libssh2_sha384(message, len, out) \ #define libssh2_sha384(message, len, out) \
gcry_md_hash_buffer(GCRY_MD_SHA384, out, message, len) (gcry_md_hash_buffer(GCRY_MD_SHA384, out, message, len), 0)
#define libssh2_sha512_ctx gcry_md_hd_t #define libssh2_sha512_ctx gcry_md_hd_t
#define libssh2_sha512_init(ctx) \ #define libssh2_sha512_init(ctx) \
(GPG_ERR_NO_ERROR == gcry_md_open(ctx, GCRY_MD_SHA512, 0)) (GPG_ERR_NO_ERROR == gcry_md_open(ctx, GCRY_MD_SHA512, 0))
#define libssh2_sha512_update(ctx, data, len) \ #define libssh2_sha512_update(ctx, data, len) \
gcry_md_write(ctx, (unsigned char *) data, len) (gcry_md_write(ctx, (unsigned char *) data, len), 1)
#define libssh2_sha512_final(ctx, out) \ #define libssh2_sha512_final(ctx, out) \
memcpy(out, gcry_md_read(ctx, 0), SHA512_DIGEST_LENGTH), gcry_md_close(ctx) (memcpy(out, gcry_md_read(ctx, 0), SHA512_DIGEST_LENGTH), \
gcry_md_close(ctx), 1)
#define libssh2_sha512(message, len, out) \ #define libssh2_sha512(message, len, out) \
gcry_md_hash_buffer(GCRY_MD_SHA512, out, message, len) (gcry_md_hash_buffer(GCRY_MD_SHA512, out, message, len), 0)
#if LIBSSH2_MD5 || LIBSSH2_MD5_PEM #if LIBSSH2_MD5 || LIBSSH2_MD5_PEM
#define libssh2_md5_ctx gcry_md_hd_t #define libssh2_md5_ctx gcry_md_hd_t
/* returns 0 in case of failure */
#define libssh2_md5_init(ctx) \ #define libssh2_md5_init(ctx) \
(GPG_ERR_NO_ERROR == gcry_md_open(ctx, GCRY_MD_MD5, 0)) (GPG_ERR_NO_ERROR == gcry_md_open(ctx, GCRY_MD_MD5, 0))
#define libssh2_md5_update(ctx, data, len) \ #define libssh2_md5_update(ctx, data, len) \
gcry_md_write(ctx, (unsigned char *) data, len) (gcry_md_write(ctx, (unsigned char *) data, len), 1)
#define libssh2_md5_final(ctx, out) \ #define libssh2_md5_final(ctx, out) \
memcpy(out, gcry_md_read(ctx, 0), MD5_DIGEST_LENGTH), gcry_md_close(ctx) (memcpy(out, gcry_md_read(ctx, 0), MD5_DIGEST_LENGTH), \
#define libssh2_md5(message, len, out) \ gcry_md_close(ctx), 1)
gcry_md_hash_buffer(GCRY_MD_MD5, out, message, len)
#endif #endif
#define libssh2_hmac_ctx gcry_md_hd_t #define libssh2_hmac_ctx gcry_md_hd_t

2
src/mbedtls.c
View File

@@ -219,7 +219,7 @@ _libssh2_mbedtls_hash_final(mbedtls_md_context_t *ctx, unsigned char *hash)
ret = mbedtls_md_finish(ctx, hash); ret = mbedtls_md_finish(ctx, hash);
mbedtls_md_free(ctx); mbedtls_md_free(ctx);
return ret == 0 ? 0 : -1; return ret == 0 ? 1 : 0;
} }
int int

12
src/mbedtls.h
View File

@@ -158,7 +158,7 @@
#define libssh2_sha1_init(pctx) \ #define libssh2_sha1_init(pctx) \
_libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA1, NULL, 0) _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA1, NULL, 0)
#define libssh2_sha1_update(ctx, data, datalen) \ #define libssh2_sha1_update(ctx, data, datalen) \
mbedtls_md_update(&ctx, (const unsigned char *) data, datalen) (mbedtls_md_update(&ctx, (const unsigned char *) data, datalen) == 0)
#define libssh2_sha1_final(ctx, hash) \ #define libssh2_sha1_final(ctx, hash) \
_libssh2_mbedtls_hash_final(&ctx, hash) _libssh2_mbedtls_hash_final(&ctx, hash)
#define libssh2_sha1(data, datalen, hash) \ #define libssh2_sha1(data, datalen, hash) \
@@ -175,7 +175,7 @@
#define libssh2_sha256_init(pctx) \ #define libssh2_sha256_init(pctx) \
_libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA256, NULL, 0) _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA256, NULL, 0)
#define libssh2_sha256_update(ctx, data, datalen) \ #define libssh2_sha256_update(ctx, data, datalen) \
mbedtls_md_update(&ctx, (const unsigned char *) data, datalen) (mbedtls_md_update(&ctx, (const unsigned char *) data, datalen) == 0)
#define libssh2_sha256_final(ctx, hash) \ #define libssh2_sha256_final(ctx, hash) \
_libssh2_mbedtls_hash_final(&ctx, hash) _libssh2_mbedtls_hash_final(&ctx, hash)
#define libssh2_sha256(data, datalen, hash) \ #define libssh2_sha256(data, datalen, hash) \
@@ -192,7 +192,7 @@
#define libssh2_sha384_init(pctx) \ #define libssh2_sha384_init(pctx) \
_libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA384, NULL, 0) _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA384, NULL, 0)
#define libssh2_sha384_update(ctx, data, datalen) \ #define libssh2_sha384_update(ctx, data, datalen) \
mbedtls_md_update(&ctx, (const unsigned char *) data, datalen) (mbedtls_md_update(&ctx, (const unsigned char *) data, datalen) == 0)
#define libssh2_sha384_final(ctx, hash) \ #define libssh2_sha384_final(ctx, hash) \
_libssh2_mbedtls_hash_final(&ctx, hash) _libssh2_mbedtls_hash_final(&ctx, hash)
#define libssh2_sha384(data, datalen, hash) \ #define libssh2_sha384(data, datalen, hash) \
@@ -209,7 +209,7 @@
#define libssh2_sha512_init(pctx) \ #define libssh2_sha512_init(pctx) \
_libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA512, NULL, 0) _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA512, NULL, 0)
#define libssh2_sha512_update(ctx, data, datalen) \ #define libssh2_sha512_update(ctx, data, datalen) \
mbedtls_md_update(&ctx, (const unsigned char *) data, datalen) (mbedtls_md_update(&ctx, (const unsigned char *) data, datalen) == 0)
#define libssh2_sha512_final(ctx, hash) \ #define libssh2_sha512_final(ctx, hash) \
_libssh2_mbedtls_hash_final(&ctx, hash) _libssh2_mbedtls_hash_final(&ctx, hash)
#define libssh2_sha512(data, datalen, hash) \ #define libssh2_sha512(data, datalen, hash) \
@@ -227,11 +227,9 @@
#define libssh2_md5_init(pctx) \ #define libssh2_md5_init(pctx) \
_libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_MD5, NULL, 0) _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_MD5, NULL, 0)
#define libssh2_md5_update(ctx, data, datalen) \ #define libssh2_md5_update(ctx, data, datalen) \
mbedtls_md_update(&ctx, (const unsigned char *) data, datalen) (mbedtls_md_update(&ctx, (const unsigned char *) data, datalen) == 0)
#define libssh2_md5_final(ctx, hash) \ #define libssh2_md5_final(ctx, hash) \
_libssh2_mbedtls_hash_final(&ctx, hash) _libssh2_mbedtls_hash_final(&ctx, hash)
#define libssh2_md5(data, datalen, hash) \
_libssh2_mbedtls_hash(data, datalen, MBEDTLS_MD_MD5, hash)
#endif #endif
/*******************************************************************/ /*******************************************************************/

129
src/openssl.c
View File

@@ -860,20 +860,23 @@ _libssh2_ecdsa_curve_name_with_octal_new(libssh2_ecdsa_ctx ** ec_ctx,
#define LIBSSH2_ECDSA_VERIFY(digest_type) \ #define LIBSSH2_ECDSA_VERIFY(digest_type) \
do { \ do { \
unsigned char hash[SHA##digest_type##_DIGEST_LENGTH]; \ unsigned char hash[SHA##digest_type##_DIGEST_LENGTH]; \
libssh2_sha##digest_type(m, m_len, hash); \ if(libssh2_sha##digest_type(m, m_len, hash) == 0) { \
ret = EVP_PKEY_verify_init(ctx); \ ret = EVP_PKEY_verify_init(ctx); \
if(ret > 0) { \ if(ret > 0) { \
ret = EVP_PKEY_verify(ctx, der, der_len, hash, \ ret = EVP_PKEY_verify(ctx, der, der_len, hash, \
SHA##digest_type##_DIGEST_LENGTH); \ SHA##digest_type##_DIGEST_LENGTH); \
} \ } \
} \
} while(0) } while(0)
#else #else
#define LIBSSH2_ECDSA_VERIFY(digest_type) \ #define LIBSSH2_ECDSA_VERIFY(digest_type) \
do { \ do { \
unsigned char hash[SHA##digest_type##_DIGEST_LENGTH]; \ unsigned char hash[SHA##digest_type##_DIGEST_LENGTH]; \
libssh2_sha##digest_type(m, m_len, hash); \ if(libssh2_sha##digest_type(m, m_len, hash) == 0) { \
ret = ECDSA_do_verify(hash, SHA##digest_type##_DIGEST_LENGTH, \ ret = ECDSA_do_verify(hash, \
SHA##digest_type##_DIGEST_LENGTH, \
ecdsa_sig, ec_key); \ ecdsa_sig, ec_key); \
} \
} while(0) } while(0)
#endif #endif
@@ -2993,6 +2996,30 @@ _libssh2_sha1_init(libssh2_sha1_ctx *ctx)
#endif #endif
} }
int
_libssh2_sha1_update(libssh2_sha1_ctx *ctx,
const void *data, size_t len)
{
#ifdef HAVE_OPAQUE_STRUCTS
return EVP_DigestUpdate(*ctx, data, len);
#else
return EVP_DigestUpdate(ctx, data, len);
#endif
}
int
_libssh2_sha1_final(libssh2_sha1_ctx *ctx,
unsigned char *out)
{
#ifdef HAVE_OPAQUE_STRUCTS
int ret = EVP_DigestFinal(*ctx, out, NULL);
EVP_MD_CTX_free(*ctx);
return ret;
#else
return EVP_DigestFinal(ctx, out, NULL);
#endif
}
int int
_libssh2_sha1(const unsigned char *message, size_t len, _libssh2_sha1(const unsigned char *message, size_t len,
unsigned char *out) unsigned char *out)
@@ -3045,6 +3072,30 @@ _libssh2_sha256_init(libssh2_sha256_ctx *ctx)
#endif #endif
} }
int
_libssh2_sha256_update(libssh2_sha256_ctx *ctx,
const void *data, size_t len)
{
#ifdef HAVE_OPAQUE_STRUCTS
return EVP_DigestUpdate(*ctx, data, len);
#else
return EVP_DigestUpdate(ctx, data, len);
#endif
}
int
_libssh2_sha256_final(libssh2_sha256_ctx *ctx,
unsigned char *out)
{
#ifdef HAVE_OPAQUE_STRUCTS
int ret = EVP_DigestFinal(*ctx, out, NULL);
EVP_MD_CTX_free(*ctx);
return ret;
#else
return EVP_DigestFinal(ctx, out, NULL);
#endif
}
int int
_libssh2_sha256(const unsigned char *message, size_t len, _libssh2_sha256(const unsigned char *message, size_t len,
unsigned char *out) unsigned char *out)
@@ -3097,6 +3148,30 @@ _libssh2_sha384_init(libssh2_sha384_ctx *ctx)
#endif #endif
} }
int
_libssh2_sha384_update(libssh2_sha384_ctx *ctx,
const void *data, size_t len)
{
#ifdef HAVE_OPAQUE_STRUCTS
return EVP_DigestUpdate(*ctx, data, len);
#else
return EVP_DigestUpdate(ctx, data, len);
#endif
}
int
_libssh2_sha384_final(libssh2_sha384_ctx *ctx,
unsigned char *out)
{
#ifdef HAVE_OPAQUE_STRUCTS
int ret = EVP_DigestFinal(*ctx, out, NULL);
EVP_MD_CTX_free(*ctx);
return ret;
#else
return EVP_DigestFinal(ctx, out, NULL);
#endif
}
int int
_libssh2_sha384(const unsigned char *message, size_t len, _libssh2_sha384(const unsigned char *message, size_t len,
unsigned char *out) unsigned char *out)
@@ -3149,6 +3224,30 @@ _libssh2_sha512_init(libssh2_sha512_ctx *ctx)
#endif #endif
} }
int
_libssh2_sha512_update(libssh2_sha512_ctx *ctx,
const void *data, size_t len)
{
#ifdef HAVE_OPAQUE_STRUCTS
return EVP_DigestUpdate(*ctx, data, len);
#else
return EVP_DigestUpdate(ctx, data, len);
#endif
}
int
_libssh2_sha512_final(libssh2_sha512_ctx *ctx,
unsigned char *out)
{
#ifdef HAVE_OPAQUE_STRUCTS
int ret = EVP_DigestFinal(*ctx, out, NULL);
EVP_MD_CTX_free(*ctx);
return ret;
#else
return EVP_DigestFinal(ctx, out, NULL);
#endif
}
int int
_libssh2_sha512(const unsigned char *message, size_t len, _libssh2_sha512(const unsigned char *message, size_t len,
unsigned char *out) unsigned char *out)
@@ -3214,6 +3313,30 @@ _libssh2_md5_init(libssh2_md5_ctx *ctx)
return EVP_DigestInit(ctx, EVP_get_digestbyname("md5")); return EVP_DigestInit(ctx, EVP_get_digestbyname("md5"));
#endif #endif
} }
int
_libssh2_md5_update(libssh2_md5_ctx *ctx,
const void *data, size_t len)
{
#ifdef HAVE_OPAQUE_STRUCTS
return EVP_DigestUpdate(*ctx, data, len);
#else
return EVP_DigestUpdate(ctx, data, len);
#endif
}
int
_libssh2_md5_final(libssh2_md5_ctx *ctx,
unsigned char *out)
{
#ifdef HAVE_OPAQUE_STRUCTS
int ret = EVP_DigestFinal(*ctx, out, NULL);
EVP_MD_CTX_free(*ctx);
return ret;
#else
return EVP_DigestFinal(ctx, out, NULL);
#endif
}
#endif #endif
#if LIBSSH2_ECDSA #if LIBSSH2_ECDSA

91
src/openssl.h
View File

@@ -216,19 +216,15 @@
/* returns 0 in case of failure */ /* returns 0 in case of failure */
int _libssh2_sha1_init(libssh2_sha1_ctx *ctx); int _libssh2_sha1_init(libssh2_sha1_ctx *ctx);
#define libssh2_sha1_init(x) _libssh2_sha1_init(x) int _libssh2_sha1_update(libssh2_sha1_ctx *ctx,
#ifdef HAVE_OPAQUE_STRUCTS const void *data, size_t len);
#define libssh2_sha1_update(ctx, data, len) EVP_DigestUpdate(ctx, data, len) int _libssh2_sha1_final(libssh2_sha1_ctx *ctx, unsigned char *out);
#define libssh2_sha1_final(ctx, out) do { \
EVP_DigestFinal(ctx, out, NULL); \
EVP_MD_CTX_free(ctx); \
} while(0)
#else /* !HAVE_OPAQUE_STRUCTS */
#define libssh2_sha1_update(ctx, data, len) EVP_DigestUpdate(&(ctx), data, len)
#define libssh2_sha1_final(ctx, out) EVP_DigestFinal(&(ctx), out, NULL)
#endif /* HAVE_OPAQUE_STRUCTS */
int _libssh2_sha1(const unsigned char *message, size_t len, int _libssh2_sha1(const unsigned char *message, size_t len,
unsigned char *out); unsigned char *out);
#define libssh2_sha1_init(x) _libssh2_sha1_init(x)
#define libssh2_sha1_update(ctx, data, len) \
_libssh2_sha1_update(&(ctx), data, len)
#define libssh2_sha1_final(ctx, out) _libssh2_sha1_final(&(ctx), out)
#define libssh2_sha1(x,y,z) _libssh2_sha1(x,y,z) #define libssh2_sha1(x,y,z) _libssh2_sha1(x,y,z)
#ifdef HAVE_OPAQUE_STRUCTS #ifdef HAVE_OPAQUE_STRUCTS
@@ -239,20 +235,15 @@ int _libssh2_sha1(const unsigned char *message, size_t len,
/* returns 0 in case of failure */ /* returns 0 in case of failure */
int _libssh2_sha256_init(libssh2_sha256_ctx *ctx); int _libssh2_sha256_init(libssh2_sha256_ctx *ctx);
#define libssh2_sha256_init(x) _libssh2_sha256_init(x) int _libssh2_sha256_update(libssh2_sha256_ctx *ctx,
#ifdef HAVE_OPAQUE_STRUCTS const void *data, size_t len);
#define libssh2_sha256_update(ctx, data, len) EVP_DigestUpdate(ctx, data, len) int _libssh2_sha256_final(libssh2_sha256_ctx *ctx, unsigned char *out);
#define libssh2_sha256_final(ctx, out) do { \
EVP_DigestFinal(ctx, out, NULL); \
EVP_MD_CTX_free(ctx); \
} while(0)
#else /* !HAVE_OPAQUE_STRUCTS */
#define libssh2_sha256_update(ctx, data, len) \
EVP_DigestUpdate(&(ctx), data, len)
#define libssh2_sha256_final(ctx, out) EVP_DigestFinal(&(ctx), out, NULL)
#endif /* HAVE_OPAQUE_STRUCTS */
int _libssh2_sha256(const unsigned char *message, size_t len, int _libssh2_sha256(const unsigned char *message, size_t len,
unsigned char *out); unsigned char *out);
#define libssh2_sha256_init(x) _libssh2_sha256_init(x)
#define libssh2_sha256_update(ctx, data, len) \
_libssh2_sha256_update(&(ctx), data, len)
#define libssh2_sha256_final(ctx, out) _libssh2_sha256_final(&(ctx), out)
#define libssh2_sha256(x,y,z) _libssh2_sha256(x,y,z) #define libssh2_sha256(x,y,z) _libssh2_sha256(x,y,z)
#ifdef HAVE_OPAQUE_STRUCTS #ifdef HAVE_OPAQUE_STRUCTS
@@ -263,20 +254,15 @@ int _libssh2_sha256(const unsigned char *message, size_t len,
/* returns 0 in case of failure */ /* returns 0 in case of failure */
int _libssh2_sha384_init(libssh2_sha384_ctx *ctx); int _libssh2_sha384_init(libssh2_sha384_ctx *ctx);
#define libssh2_sha384_init(x) _libssh2_sha384_init(x) int _libssh2_sha384_update(libssh2_sha384_ctx *ctx,
#ifdef HAVE_OPAQUE_STRUCTS const void *data, size_t len);
#define libssh2_sha384_update(ctx, data, len) EVP_DigestUpdate(ctx, data, len) int _libssh2_sha384_final(libssh2_sha384_ctx *ctx, unsigned char *out);
#define libssh2_sha384_final(ctx, out) do { \
EVP_DigestFinal(ctx, out, NULL); \
EVP_MD_CTX_free(ctx); \
} while(0)
#else /* !HAVE_OPAQUE_STRUCTS */
#define libssh2_sha384_update(ctx, data, len) \
EVP_DigestUpdate(&(ctx), data, len)
#define libssh2_sha384_final(ctx, out) EVP_DigestFinal(&(ctx), out, NULL)
#endif /* HAVE_OPAQUE_STRUCTS */
int _libssh2_sha384(const unsigned char *message, size_t len, int _libssh2_sha384(const unsigned char *message, size_t len,
unsigned char *out); unsigned char *out);
#define libssh2_sha384_init(x) _libssh2_sha384_init(x)
#define libssh2_sha384_update(ctx, data, len) \
_libssh2_sha384_update(&(ctx), data, len)
#define libssh2_sha384_final(ctx, out) _libssh2_sha384_final(&(ctx), out)
#define libssh2_sha384(x,y,z) _libssh2_sha384(x,y,z) #define libssh2_sha384(x,y,z) _libssh2_sha384(x,y,z)
#ifdef HAVE_OPAQUE_STRUCTS #ifdef HAVE_OPAQUE_STRUCTS
@@ -287,20 +273,15 @@ int _libssh2_sha384(const unsigned char *message, size_t len,
/* returns 0 in case of failure */ /* returns 0 in case of failure */
int _libssh2_sha512_init(libssh2_sha512_ctx *ctx); int _libssh2_sha512_init(libssh2_sha512_ctx *ctx);
#define libssh2_sha512_init(x) _libssh2_sha512_init(x) int _libssh2_sha512_update(libssh2_sha512_ctx *ctx,
#ifdef HAVE_OPAQUE_STRUCTS const void *data, size_t len);
#define libssh2_sha512_update(ctx, data, len) EVP_DigestUpdate(ctx, data, len) int _libssh2_sha512_final(libssh2_sha512_ctx *ctx, unsigned char *out);
#define libssh2_sha512_final(ctx, out) do { \
EVP_DigestFinal(ctx, out, NULL); \
EVP_MD_CTX_free(ctx); \
} while(0)
#else /* !HAVE_OPAQUE_STRUCTS */
#define libssh2_sha512_update(ctx, data, len) \
EVP_DigestUpdate(&(ctx), data, len)
#define libssh2_sha512_final(ctx, out) EVP_DigestFinal(&(ctx), out, NULL)
#endif /* HAVE_OPAQUE_STRUCTS */
int _libssh2_sha512(const unsigned char *message, size_t len, int _libssh2_sha512(const unsigned char *message, size_t len,
unsigned char *out); unsigned char *out);
#define libssh2_sha512_init(x) _libssh2_sha512_init(x)
#define libssh2_sha512_update(ctx, data, len) \
_libssh2_sha512_update(&(ctx), data, len)
#define libssh2_sha512_final(ctx, out) _libssh2_sha512_final(&(ctx), out)
#define libssh2_sha512(x,y,z) _libssh2_sha512(x,y,z) #define libssh2_sha512(x,y,z) _libssh2_sha512(x,y,z)
#if LIBSSH2_MD5 || LIBSSH2_MD5_PEM #if LIBSSH2_MD5 || LIBSSH2_MD5_PEM
@@ -312,17 +293,13 @@ int _libssh2_sha512(const unsigned char *message, size_t len,
/* returns 0 in case of failure */ /* returns 0 in case of failure */
int _libssh2_md5_init(libssh2_md5_ctx *ctx); int _libssh2_md5_init(libssh2_md5_ctx *ctx);
int _libssh2_md5_update(libssh2_md5_ctx *ctx,
const void *data, size_t len);
int _libssh2_md5_final(libssh2_md5_ctx *ctx, unsigned char *out);
#define libssh2_md5_init(x) _libssh2_md5_init(x) #define libssh2_md5_init(x) _libssh2_md5_init(x)
#ifdef HAVE_OPAQUE_STRUCTS #define libssh2_md5_update(ctx, data, len) \
#define libssh2_md5_update(ctx, data, len) EVP_DigestUpdate(ctx, data, len) _libssh2_md5_update(&(ctx), data, len)
#define libssh2_md5_final(ctx, out) do { \ #define libssh2_md5_final(ctx, out) _libssh2_md5_final(&(ctx), out)
EVP_DigestFinal(ctx, out, NULL); \
EVP_MD_CTX_free(ctx); \
} while(0)
#else /* !HAVE_OPAQUE_STRUCTS */
#define libssh2_md5_update(ctx, data, len) EVP_DigestUpdate(&(ctx), data, len)
#define libssh2_md5_final(ctx, out) EVP_DigestFinal(&(ctx), out, NULL)
#endif /* HAVE_OPAQUE_STRUCTS */
#endif /* LIBSSH2_MD5 || LIBSSH2_MD5_PEM */ #endif /* LIBSSH2_MD5 || LIBSSH2_MD5_PEM */
#ifdef USE_OPENSSL_3 #ifdef USE_OPENSSL_3

56
src/os400qc3.c
View File

@@ -949,7 +949,7 @@ _libssh2_os400qc3_crypto_dtor(_libssh2_os400qc3_crypto_ctx *x)
*******************************************************************/ *******************************************************************/
int int
libssh2_os400qc3_hash_init(Qc3_Format_ALGD0100_T *x, unsigned int algorithm) _libssh2_os400qc3_hash_init(Qc3_Format_ALGD0100_T *x, unsigned int algorithm)
{ {
Qc3_Format_ALGD0500_T algd; Qc3_Format_ALGD0500_T algd;
Qus_EC_t errcode; Qus_EC_t errcode;
@@ -966,40 +966,46 @@ libssh2_os400qc3_hash_init(Qc3_Format_ALGD0100_T *x, unsigned int algorithm)
return errcode.Bytes_Available? 0: 1; return errcode.Bytes_Available? 0: 1;
} }
void int
libssh2_os400qc3_hash_update(Qc3_Format_ALGD0100_T *ctx, _libssh2_os400qc3_hash_update(Qc3_Format_ALGD0100_T *ctx,
const unsigned char *data, int len) const unsigned char *data, int len)
{ {
char dummy[64]; char dummy[64];
Qus_EC_t errcode;
ctx->Final_Op_Flag = Qc3_Continue; ctx->Final_Op_Flag = Qc3_Continue;
set_EC_length(errcode, sizeof(errcode));
Qc3CalculateHash((char *) data, &len, Qc3_Data, (char *) ctx, Qc3CalculateHash((char *) data, &len, Qc3_Data, (char *) ctx,
Qc3_Alg_Token, anycsp, NULL, dummy, (char *) &ecnull); Qc3_Alg_Token, anycsp, NULL, dummy, &errcode);
} return errcode.Bytes_Available? 0: 1;
void
libssh2_os400qc3_hash_final(Qc3_Format_ALGD0100_T *ctx, unsigned char *out)
{
char data;
ctx->Final_Op_Flag = Qc3_Final;
Qc3CalculateHash(&data, &zero, Qc3_Data, (char *) ctx, Qc3_Alg_Token,
anycsp, NULL, (char *) out, (char *) &ecnull);
Qc3DestroyAlgorithmContext(ctx->Alg_Context_Token, (char *) &ecnull);
memset(ctx->Alg_Context_Token, 0, sizeof(ctx->Alg_Context_Token));
} }
int int
libssh2_os400qc3_hash(const unsigned char *message, unsigned long len, _libssh2_os400qc3_hash_final(Qc3_Format_ALGD0100_T *ctx, unsigned char *out)
{
char data;
Qus_EC_t errcode;
ctx->Final_Op_Flag = Qc3_Final;
set_EC_length(errcode, sizeof(errcode));
Qc3CalculateHash(&data, &zero, Qc3_Data, (char *) ctx, Qc3_Alg_Token,
anycsp, NULL, (char *) out, &errcode);
Qc3DestroyAlgorithmContext(ctx->Alg_Context_Token, (char *) &ecnull);
memset(ctx->Alg_Context_Token, 0, sizeof(ctx->Alg_Context_Token));
return errcode.Bytes_Available? 0: 1;
}
int
_libssh2_os400qc3_hash(const unsigned char *message, unsigned long len,
unsigned char *out, unsigned int algo) unsigned char *out, unsigned int algo)
{ {
Qc3_Format_ALGD0100_T ctx; Qc3_Format_ALGD0100_T ctx;
if(!libssh2_os400qc3_hash_init(&ctx, algo)) if(!_libssh2_os400qc3_hash_init(&ctx, algo) ||
!_libssh2_os400qc3_hash_update(&ctx, message, len) ||
!_libssh2_os400qc3_hash_final(&ctx, out))
return 1; return 1;
libssh2_os400qc3_hash_update(&ctx, message, len);
libssh2_os400qc3_hash_final(&ctx, out);
return 0; return 0;
} }
@@ -1020,7 +1026,7 @@ libssh2_os400qc3_hmac_init(_libssh2_os400qc3_crypto_ctx *ctx,
key = (void *) lkey; key = (void *) lkey;
keylen = minkeylen; keylen = minkeylen;
} }
if(!libssh2_os400qc3_hash_init(&ctx->hash, algo)) if(!_libssh2_os400qc3_hash_init(&ctx->hash, algo))
return 0; return 0;
set_EC_length(errcode, sizeof(errcode)); set_EC_length(errcode, sizeof(errcode));
Qc3CreateKeyContext((char *) key, &keylen, binstring, &algo, qc3clear, Qc3CreateKeyContext((char *) key, &keylen, binstring, &algo, qc3clear,
@@ -1432,15 +1438,19 @@ pbkdf1(LIBSSH2_SESSION *session, char **dk, const unsigned char *passphrase,
return -1; return -1;
/* Initial hash. */ /* Initial hash. */
libssh2_os400qc3_hash_init(&hctx, pkcs5->hash); /* FIXME: check result */
libssh2_os400qc3_hash_update(&hctx, passphrase, strlen(passphrase)); _libssh2_os400qc3_hash_init(&hctx, pkcs5->hash);
/* FIXME: check result */
_libssh2_os400qc3_hash_update(&hctx, passphrase, strlen(passphrase));
hctx.Final_Op_Flag = Qc3_Final; hctx.Final_Op_Flag = Qc3_Final;
/* FIXME: check result */
Qc3CalculateHash((char *) pkcs5->salt, &len, Qc3_Data, (char *) &hctx, Qc3CalculateHash((char *) pkcs5->salt, &len, Qc3_Data, (char *) &hctx,
Qc3_Alg_Token, anycsp, NULL, *dk, (char *) &ecnull); Qc3_Alg_Token, anycsp, NULL, *dk, (char *) &ecnull);
/* Iterate. */ /* Iterate. */
len = pkcs5->hashlen; len = pkcs5->hashlen;
for(i = 1; i < pkcs5->itercount; i++) for(i = 1; i < pkcs5->itercount; i++)
/* FIXME: check result */
Qc3CalculateHash((char *) *dk, &len, Qc3_Data, (char *) &hctx, Qc3CalculateHash((char *) *dk, &len, Qc3_Data, (char *) &hctx,
Qc3_Alg_Token, anycsp, NULL, *dk, (char *) &ecnull); Qc3_Alg_Token, anycsp, NULL, *dk, (char *) &ecnull);

44
src/os400qc3.h
View File

@@ -251,40 +251,40 @@ typedef struct { /* Diffie-Hellman context. */
#define libssh2_hmac_ctx _libssh2_os400qc3_crypto_ctx #define libssh2_hmac_ctx _libssh2_os400qc3_crypto_ctx
#define _libssh2_cipher_ctx _libssh2_os400qc3_crypto_ctx #define _libssh2_cipher_ctx _libssh2_os400qc3_crypto_ctx
#define libssh2_sha1_init(x) libssh2_os400qc3_hash_init(x, Qc3_SHA1) #define libssh2_sha1_init(x) _libssh2_os400qc3_hash_init(x, Qc3_SHA1)
#define libssh2_sha1_update(ctx, data, len) \ #define libssh2_sha1_update(ctx, data, len) \
libssh2_os400qc3_hash_update(&(ctx), data, len) _libssh2_os400qc3_hash_update(&(ctx), data, len)
#define libssh2_sha1_final(ctx, out) \ #define libssh2_sha1_final(ctx, out) \
libssh2_os400qc3_hash_final(&(ctx), out) _libssh2_os400qc3_hash_final(&(ctx), out)
#define libssh2_sha256_init(x) libssh2_os400qc3_hash_init(x, Qc3_SHA256) #define libssh2_sha256_init(x) _libssh2_os400qc3_hash_init(x, Qc3_SHA256)
#define libssh2_sha256_update(ctx, data, len) \ #define libssh2_sha256_update(ctx, data, len) \
libssh2_os400qc3_hash_update(&(ctx), data, len) _libssh2_os400qc3_hash_update(&(ctx), data, len)
#define libssh2_sha256_final(ctx, out) \ #define libssh2_sha256_final(ctx, out) \
libssh2_os400qc3_hash_final(&(ctx), out) _libssh2_os400qc3_hash_final(&(ctx), out)
#define libssh2_sha256(message, len, out) \ #define libssh2_sha256(message, len, out) \
libssh2_os400qc3_hash(message, len, out, \ _libssh2_os400qc3_hash(message, len, out, \
Qc3_SHA256) Qc3_SHA256)
#define libssh2_sha384_init(x) libssh2_os400qc3_hash_init(x, Qc3_SHA384) #define libssh2_sha384_init(x) _libssh2_os400qc3_hash_init(x, Qc3_SHA384)
#define libssh2_sha384_update(ctx, data, len) \ #define libssh2_sha384_update(ctx, data, len) \
libssh2_os400qc3_hash_update(&(ctx), data, len) _libssh2_os400qc3_hash_update(&(ctx), data, len)
#define libssh2_sha384_final(ctx, out) \ #define libssh2_sha384_final(ctx, out) \
libssh2_os400qc3_hash_final(&(ctx), out) _libssh2_os400qc3_hash_final(&(ctx), out)
#define libssh2_sha384(message, len, out) \ #define libssh2_sha384(message, len, out) \
libssh2_os400qc3_hash(message, len, out, \ _libssh2_os400qc3_hash(message, len, out, \
Qc3_SHA384) Qc3_SHA384)
#define libssh2_sha512_init(x) libssh2_os400qc3_hash_init(x, Qc3_SHA512) #define libssh2_sha512_init(x) _libssh2_os400qc3_hash_init(x, Qc3_SHA512)
#define libssh2_sha512_update(ctx, data, len) \ #define libssh2_sha512_update(ctx, data, len) \
libssh2_os400qc3_hash_update(&(ctx), data, len) _libssh2_os400qc3_hash_update(&(ctx), data, len)
#define libssh2_sha512_final(ctx, out) \ #define libssh2_sha512_final(ctx, out) \
libssh2_os400qc3_hash_final(&(ctx), out) _libssh2_os400qc3_hash_final(&(ctx), out)
#define libssh2_sha512(message, len, out) \ #define libssh2_sha512(message, len, out) \
libssh2_os400qc3_hash(message, len, out, \ _libssh2_os400qc3_hash(message, len, out, \
Qc3_SHA512) Qc3_SHA512)
#define libssh2_md5_init(x) libssh2_os400qc3_hash_init(x, Qc3_MD5) #define libssh2_md5_init(x) _libssh2_os400qc3_hash_init(x, Qc3_MD5)
#define libssh2_md5_update(ctx, data, len) \ #define libssh2_md5_update(ctx, data, len) \
libssh2_os400qc3_hash_update(&(ctx), data, len) _libssh2_os400qc3_hash_update(&(ctx), data, len)
#define libssh2_md5_final(ctx, out) \ #define libssh2_md5_final(ctx, out) \
libssh2_os400qc3_hash_final(&(ctx), out) _libssh2_os400qc3_hash_final(&(ctx), out)
#define _libssh2_bn_ctx int /* Not used. */ #define _libssh2_bn_ctx int /* Not used. */
@@ -360,14 +360,14 @@ extern int _libssh2_bn_set_word(_libssh2_bn *bn, unsigned long val);
extern int _libssh2_bn_to_bin(_libssh2_bn *bn, unsigned char *val); extern int _libssh2_bn_to_bin(_libssh2_bn *bn, unsigned char *val);
extern int _libssh2_random(unsigned char *buf, size_t len); extern int _libssh2_random(unsigned char *buf, size_t len);
extern void _libssh2_os400qc3_crypto_dtor(_libssh2_os400qc3_crypto_ctx *x); extern void _libssh2_os400qc3_crypto_dtor(_libssh2_os400qc3_crypto_ctx *x);
extern int libssh2_os400qc3_hash_init(Qc3_Format_ALGD0100_T *x, extern int _libssh2_os400qc3_hash_init(Qc3_Format_ALGD0100_T *x,
unsigned int algo); unsigned int algo);
extern void libssh2_os400qc3_hash_update(Qc3_Format_ALGD0100_T *ctx, extern int _libssh2_os400qc3_hash_update(Qc3_Format_ALGD0100_T *ctx,
const unsigned char *data, const unsigned char *data,
int len); int len);
extern void libssh2_os400qc3_hash_final(Qc3_Format_ALGD0100_T *ctx, extern int _libssh2_os400qc3_hash_final(Qc3_Format_ALGD0100_T *ctx,
unsigned char *out); unsigned char *out);
extern int libssh2_os400qc3_hash(const unsigned char *message, extern int _libssh2_os400qc3_hash(const unsigned char *message,
unsigned long len, unsigned char *out, unsigned long len, unsigned char *out,
unsigned int algo); unsigned int algo);
extern int _libssh2_os400qc3_rsa_signv(LIBSSH2_SESSION *session, int algo, extern int _libssh2_os400qc3_rsa_signv(LIBSSH2_SESSION *session, int algo,

24
src/pem.c
View File

@@ -218,24 +218,26 @@ _libssh2_pem_parse(LIBSSH2_SESSION * session,
libssh2_md5_ctx fingerprint_ctx; libssh2_md5_ctx fingerprint_ctx;
/* Perform key derivation (PBKDF1/MD5) */ /* Perform key derivation (PBKDF1/MD5) */
if(!libssh2_md5_init(&fingerprint_ctx)) { if(!libssh2_md5_init(&fingerprint_ctx) ||
!libssh2_md5_update(fingerprint_ctx, passphrase,
strlen((char *)passphrase)) ||
!libssh2_md5_update(fingerprint_ctx, iv, 8) ||
!libssh2_md5_final(fingerprint_ctx, secret)) {
ret = -1; ret = -1;
goto out; goto out;
} }
libssh2_md5_update(fingerprint_ctx, passphrase,
strlen((char *)passphrase));
libssh2_md5_update(fingerprint_ctx, iv, 8);
libssh2_md5_final(fingerprint_ctx, secret);
if(method->secret_len > MD5_DIGEST_LENGTH) { if(method->secret_len > MD5_DIGEST_LENGTH) {
if(!libssh2_md5_init(&fingerprint_ctx)) { if(!libssh2_md5_init(&fingerprint_ctx) ||
!libssh2_md5_update(fingerprint_ctx,
secret, MD5_DIGEST_LENGTH) ||
!libssh2_md5_update(fingerprint_ctx,
passphrase, strlen((char *)passphrase)) ||
!libssh2_md5_update(fingerprint_ctx, iv, 8) ||
!libssh2_md5_final(fingerprint_ctx,
secret + MD5_DIGEST_LENGTH)) {
ret = -1; ret = -1;
goto out; goto out;
} }
libssh2_md5_update(fingerprint_ctx, secret, MD5_DIGEST_LENGTH);
libssh2_md5_update(fingerprint_ctx, passphrase,
strlen((char *)passphrase));
libssh2_md5_update(fingerprint_ctx, iv, 8);
libssh2_md5_final(fingerprint_ctx, secret + MD5_DIGEST_LENGTH);
} }
/* Initialize the decryption */ /* Initialize the decryption */

23
src/wincng.h
View File

@@ -158,9 +158,9 @@ typedef struct __libssh2_wincng_hash_ctx {
(_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHashSHA1, \ (_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHashSHA1, \
SHA_DIGEST_LENGTH, NULL, 0) == 0) SHA_DIGEST_LENGTH, NULL, 0) == 0)
#define libssh2_sha1_update(ctx, data, datalen) \ #define libssh2_sha1_update(ctx, data, datalen) \
_libssh2_wincng_hash_update(&ctx, data, (ULONG) datalen) (_libssh2_wincng_hash_update(&ctx, data, (ULONG) datalen) == 0)
#define libssh2_sha1_final(ctx, hash) \ #define libssh2_sha1_final(ctx, hash) \
_libssh2_wincng_hash_final(&ctx, hash) (_libssh2_wincng_hash_final(&ctx, hash) == 0)
#define libssh2_sha1(data, datalen, hash) \ #define libssh2_sha1(data, datalen, hash) \
_libssh2_wincng_hash(data, datalen, _libssh2_wincng.hAlgHashSHA1, \ _libssh2_wincng_hash(data, datalen, _libssh2_wincng.hAlgHashSHA1, \
hash, SHA_DIGEST_LENGTH) hash, SHA_DIGEST_LENGTH)
@@ -170,9 +170,9 @@ typedef struct __libssh2_wincng_hash_ctx {
(_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHashSHA256, \ (_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHashSHA256, \
SHA256_DIGEST_LENGTH, NULL, 0) == 0) SHA256_DIGEST_LENGTH, NULL, 0) == 0)
#define libssh2_sha256_update(ctx, data, datalen) \ #define libssh2_sha256_update(ctx, data, datalen) \
_libssh2_wincng_hash_update(&ctx, data, (ULONG) datalen) (_libssh2_wincng_hash_update(&ctx, data, (ULONG) datalen) == 0)
#define libssh2_sha256_final(ctx, hash) \ #define libssh2_sha256_final(ctx, hash) \
_libssh2_wincng_hash_final(&ctx, hash) (_libssh2_wincng_hash_final(&ctx, hash) == 0)
#define libssh2_sha256(data, datalen, hash) \ #define libssh2_sha256(data, datalen, hash) \
_libssh2_wincng_hash(data, datalen, _libssh2_wincng.hAlgHashSHA256, \ _libssh2_wincng_hash(data, datalen, _libssh2_wincng.hAlgHashSHA256, \
hash, SHA256_DIGEST_LENGTH) hash, SHA256_DIGEST_LENGTH)
@@ -182,9 +182,9 @@ typedef struct __libssh2_wincng_hash_ctx {
(_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHashSHA384, \ (_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHashSHA384, \
SHA384_DIGEST_LENGTH, NULL, 0) == 0) SHA384_DIGEST_LENGTH, NULL, 0) == 0)
#define libssh2_sha384_update(ctx, data, datalen) \ #define libssh2_sha384_update(ctx, data, datalen) \
_libssh2_wincng_hash_update(&ctx, data, (ULONG) datalen) (_libssh2_wincng_hash_update(&ctx, data, (ULONG) datalen) == 0)
#define libssh2_sha384_final(ctx, hash) \ #define libssh2_sha384_final(ctx, hash) \
_libssh2_wincng_hash_final(&ctx, hash) (_libssh2_wincng_hash_final(&ctx, hash) == 0)
#define libssh2_sha384(data, datalen, hash) \ #define libssh2_sha384(data, datalen, hash) \
_libssh2_wincng_hash(data, datalen, _libssh2_wincng.hAlgHashSHA384, \ _libssh2_wincng_hash(data, datalen, _libssh2_wincng.hAlgHashSHA384, \
hash, SHA384_DIGEST_LENGTH) hash, SHA384_DIGEST_LENGTH)
@@ -194,9 +194,9 @@ typedef struct __libssh2_wincng_hash_ctx {
(_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHashSHA512, \ (_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHashSHA512, \
SHA512_DIGEST_LENGTH, NULL, 0) == 0) SHA512_DIGEST_LENGTH, NULL, 0) == 0)
#define libssh2_sha512_update(ctx, data, datalen) \ #define libssh2_sha512_update(ctx, data, datalen) \
_libssh2_wincng_hash_update(&ctx, data, (ULONG) datalen) (_libssh2_wincng_hash_update(&ctx, data, (ULONG) datalen) == 0)
#define libssh2_sha512_final(ctx, hash) \ #define libssh2_sha512_final(ctx, hash) \
_libssh2_wincng_hash_final(&ctx, hash) (_libssh2_wincng_hash_final(&ctx, hash) == 0)
#define libssh2_sha512(data, datalen, hash) \ #define libssh2_sha512(data, datalen, hash) \
_libssh2_wincng_hash(data, datalen, _libssh2_wincng.hAlgHashSHA512, \ _libssh2_wincng_hash(data, datalen, _libssh2_wincng.hAlgHashSHA512, \
hash, SHA512_DIGEST_LENGTH) hash, SHA512_DIGEST_LENGTH)
@@ -207,12 +207,9 @@ typedef struct __libssh2_wincng_hash_ctx {
(_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHashMD5, \ (_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHashMD5, \
MD5_DIGEST_LENGTH, NULL, 0) == 0) MD5_DIGEST_LENGTH, NULL, 0) == 0)
#define libssh2_md5_update(ctx, data, datalen) \ #define libssh2_md5_update(ctx, data, datalen) \
_libssh2_wincng_hash_update(&ctx, data, (ULONG) datalen) (_libssh2_wincng_hash_update(&ctx, data, (ULONG) datalen) == 0)
#define libssh2_md5_final(ctx, hash) \ #define libssh2_md5_final(ctx, hash) \
_libssh2_wincng_hash_final(&ctx, hash) (_libssh2_wincng_hash_final(&ctx, hash) == 0)
#define libssh2_md5(data, datalen, hash) \
_libssh2_wincng_hash(data, datalen, _libssh2_wincng.hAlgHashMD5, \
hash, MD5_DIGEST_LENGTH)
#endif #endif
/* /*