| mac.c (226046) | mac.c (240075) |
|---|---|
| 1/* $OpenBSD: mac.c,v 1.16 2011/08/02 01:22:11 djm Exp $ */ | 1/* $OpenBSD: mac.c,v 1.18 2012/06/28 05:07:45 dtucker Exp $ */ |
| 2/* 3 * Copyright (c) 2001 Markus Friedl. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. --- 29 unchanged lines hidden (view full) --- 39#include "buffer.h" 40#include "key.h" 41#include "kex.h" 42#include "mac.h" 43#include "misc.h" 44 45#include "umac.h" 46 | 2/* 3 * Copyright (c) 2001 Markus Friedl. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. --- 29 unchanged lines hidden (view full) --- 39#include "buffer.h" 40#include "key.h" 41#include "kex.h" 42#include "mac.h" 43#include "misc.h" 44 45#include "umac.h" 46 |
| 47#include "openbsd-compat/openssl-compat.h" 48 |
|
| 47#define SSH_EVP 1 /* OpenSSL EVP-based MAC */ 48#define SSH_UMAC 2 /* UMAC (not integrated with OpenSSL) */ 49 50struct { 51 char *name; 52 int type; 53 const EVP_MD * (*mdfunc)(void); 54 int truncatebits; /* truncate digest if != 0 */ 55 int key_len; /* just for UMAC */ 56 int len; /* just for UMAC */ 57} macs[] = { 58 { "hmac-sha1", SSH_EVP, EVP_sha1, 0, -1, -1 }, 59 { "hmac-sha1-96", SSH_EVP, EVP_sha1, 96, -1, -1 }, 60#ifdef HAVE_EVP_SHA256 61 { "hmac-sha2-256", SSH_EVP, EVP_sha256, 0, -1, -1 }, | 49#define SSH_EVP 1 /* OpenSSL EVP-based MAC */ 50#define SSH_UMAC 2 /* UMAC (not integrated with OpenSSL) */ 51 52struct { 53 char *name; 54 int type; 55 const EVP_MD * (*mdfunc)(void); 56 int truncatebits; /* truncate digest if != 0 */ 57 int key_len; /* just for UMAC */ 58 int len; /* just for UMAC */ 59} macs[] = { 60 { "hmac-sha1", SSH_EVP, EVP_sha1, 0, -1, -1 }, 61 { "hmac-sha1-96", SSH_EVP, EVP_sha1, 96, -1, -1 }, 62#ifdef HAVE_EVP_SHA256 63 { "hmac-sha2-256", SSH_EVP, EVP_sha256, 0, -1, -1 }, |
| 62 { "hmac-sha2-256-96", SSH_EVP, EVP_sha256, 96, -1, -1 }, | |
| 63 { "hmac-sha2-512", SSH_EVP, EVP_sha512, 0, -1, -1 }, | 64 { "hmac-sha2-512", SSH_EVP, EVP_sha512, 0, -1, -1 }, |
| 64 { "hmac-sha2-512-96", SSH_EVP, EVP_sha512, 96, -1, -1 }, | |
| 65#endif 66 { "hmac-md5", SSH_EVP, EVP_md5, 0, -1, -1 }, 67 { "hmac-md5-96", SSH_EVP, EVP_md5, 96, -1, -1 }, 68 { "hmac-ripemd160", SSH_EVP, EVP_ripemd160, 0, -1, -1 }, 69 { "hmac-ripemd160@openssh.com", SSH_EVP, EVP_ripemd160, 0, -1, -1 }, 70 { "umac-64@openssh.com", SSH_UMAC, NULL, 0, 128, 64 }, 71 { NULL, 0, NULL, 0, -1, -1 } 72}; --- 38 unchanged lines hidden (view full) --- 111mac_init(Mac *mac) 112{ 113 if (mac->key == NULL) 114 fatal("mac_init: no key"); 115 switch (mac->type) { 116 case SSH_EVP: 117 if (mac->evp_md == NULL) 118 return -1; | 65#endif 66 { "hmac-md5", SSH_EVP, EVP_md5, 0, -1, -1 }, 67 { "hmac-md5-96", SSH_EVP, EVP_md5, 96, -1, -1 }, 68 { "hmac-ripemd160", SSH_EVP, EVP_ripemd160, 0, -1, -1 }, 69 { "hmac-ripemd160@openssh.com", SSH_EVP, EVP_ripemd160, 0, -1, -1 }, 70 { "umac-64@openssh.com", SSH_UMAC, NULL, 0, 128, 64 }, 71 { NULL, 0, NULL, 0, -1, -1 } 72}; --- 38 unchanged lines hidden (view full) --- 111mac_init(Mac *mac) 112{ 113 if (mac->key == NULL) 114 fatal("mac_init: no key"); 115 switch (mac->type) { 116 case SSH_EVP: 117 if (mac->evp_md == NULL) 118 return -1; |
| 119 HMAC_CTX_init(&mac->evp_ctx); |
|
| 119 HMAC_Init(&mac->evp_ctx, mac->key, mac->key_len, mac->evp_md); 120 return 0; 121 case SSH_UMAC: 122 mac->umac_ctx = umac_new(mac->key); 123 return 0; 124 default: 125 return -1; 126 } --- 68 unchanged lines hidden --- | 120 HMAC_Init(&mac->evp_ctx, mac->key, mac->key_len, mac->evp_md); 121 return 0; 122 case SSH_UMAC: 123 mac->umac_ctx = umac_new(mac->key); 124 return 0; 125 default: 126 return -1; 127 } --- 68 unchanged lines hidden --- |