Mercurial > dropbear
comparison common-kex.c @ 679:03073a27abb3 sha2
- Add hmac-sha2-256 and hmac-sha2-512. Needs debugging, seems to be
getting keyed incorrectly
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Thu, 10 May 2012 08:38:37 +0800 |
parents | 4222a1039b06 |
children | a4b7627b3157 |
comparison
equal
deleted
inserted
replaced
678:6e0899b56ac4 | 679:03073a27abb3 |
---|---|
246 | 246 |
247 /* Helper function for gen_new_keys, creates a hash. It makes a copy of the | 247 /* Helper function for gen_new_keys, creates a hash. It makes a copy of the |
248 * already initialised hash_state hs, which should already have processed | 248 * already initialised hash_state hs, which should already have processed |
249 * the dh_K and hash, since these are common. X is the letter 'A', 'B' etc. | 249 * the dh_K and hash, since these are common. X is the letter 'A', 'B' etc. |
250 * out must have at least min(SHA1_HASH_SIZE, outlen) bytes allocated. | 250 * out must have at least min(SHA1_HASH_SIZE, outlen) bytes allocated. |
251 * The output will only be expanded once, as we are assured that | |
252 * outlen <= 2*SHA1_HASH_SIZE for all known hashes. | |
253 * | 251 * |
254 * See Section 7.2 of rfc4253 (ssh transport) for details */ | 252 * See Section 7.2 of rfc4253 (ssh transport) for details */ |
255 static void hashkeys(unsigned char *out, int outlen, | 253 static void hashkeys(unsigned char *out, int outlen, |
256 const hash_state * hs, const unsigned char X) { | 254 const hash_state * hs, const unsigned char X) { |
257 | 255 |
258 hash_state hs2; | 256 hash_state hs2; |
259 unsigned char k2[SHA1_HASH_SIZE]; /* used to extending */ | 257 int offset; |
260 | 258 |
261 memcpy(&hs2, hs, sizeof(hash_state)); | 259 memcpy(&hs2, hs, sizeof(hash_state)); |
262 sha1_process(&hs2, &X, 1); | 260 sha1_process(&hs2, &X, 1); |
263 sha1_process(&hs2, ses.session_id, SHA1_HASH_SIZE); | 261 sha1_process(&hs2, ses.session_id, SHA1_HASH_SIZE); |
264 sha1_done(&hs2, out); | 262 sha1_done(&hs2, out); |
265 if (SHA1_HASH_SIZE < outlen) { | 263 for (offset = SHA1_HASH_SIZE; |
264 offset < outlen; | |
265 offset += SHA1_HASH_SIZE) | |
266 { | |
266 /* need to extend */ | 267 /* need to extend */ |
268 unsigned char k2[SHA1_HASH_SIZE]; | |
267 memcpy(&hs2, hs, sizeof(hash_state)); | 269 memcpy(&hs2, hs, sizeof(hash_state)); |
268 sha1_process(&hs2, out, SHA1_HASH_SIZE); | 270 sha1_process(&hs2, out, offset); |
269 sha1_done(&hs2, k2); | 271 sha1_done(&hs2, k2); |
270 memcpy(&out[SHA1_HASH_SIZE], k2, outlen - SHA1_HASH_SIZE); | 272 memcpy(&out[offset], k2, MIN(outlen - offset, SHA1_HASH_SIZE)); |
271 } | 273 } |
272 } | 274 } |
273 | 275 |
274 /* Generate the actual encryption/integrity keys, using the results of the | 276 /* Generate the actual encryption/integrity keys, using the results of the |
275 * key exchange, as specified in section 7.2 of the transport rfc 4253. | 277 * key exchange, as specified in section 7.2 of the transport rfc 4253. |