Mercurial > dropbear
comparison common-kex.c @ 1916:3f4cdf839a1a
Make SHA1 optional, implement SHA256 fingerprints
SHA256 is always compiled and only enable SHA1 when needed. Fingerprints
are always SHA256: base64 format, md5 and sha1 are removed. dbrandom now
uses sha256 its hash function.
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Wed, 30 Mar 2022 11:44:04 +0800 |
| parents | 8b4274d34fe8 |
| children |
comparison
equal
deleted
inserted
replaced
| 1915:13cb8cc1b0e4 | 1916:3f4cdf839a1a |
|---|---|
| 247 } | 247 } |
| 248 | 248 |
| 249 /* Helper function for gen_new_keys, creates a hash. It makes a copy of the | 249 /* Helper function for gen_new_keys, creates a hash. It makes a copy of the |
| 250 * already initialised hash_state hs, which should already have processed | 250 * already initialised hash_state hs, which should already have processed |
| 251 * the dh_K and hash, since these are common. X is the letter 'A', 'B' etc. | 251 * the dh_K and hash, since these are common. X is the letter 'A', 'B' etc. |
| 252 * out must have at least min(SHA1_HASH_SIZE, outlen) bytes allocated. | 252 * out must have at least min(hash_size, outlen) bytes allocated. |
| 253 * | 253 * |
| 254 * See Section 7.2 of rfc4253 (ssh transport) for details */ | 254 * See Section 7.2 of rfc4253 (ssh transport) for details */ |
| 255 static void hashkeys(unsigned char *out, unsigned int outlen, | 255 static void hashkeys(unsigned char *out, unsigned int outlen, |
| 256 const hash_state * hs, const unsigned char X) { | 256 const hash_state * hs, const unsigned char X) { |
| 257 | 257 |