Mercurial > dropbear
comparison packet.c @ 228:5e4110bb753a
- Fixed twofish algorithm naming so it actually works.
- Added support for aes256, twofish256 and sha1-96
- Fixed some debugging statements
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Tue, 30 Aug 2005 16:58:57 +0000 |
| parents | e972be139cb5 |
| children | cbf1165d9386 |
comparison
equal
deleted
inserted
replaced
| 227:ad1b24e39bf3 | 228:5e4110bb753a |
|---|---|
| 213 | 213 |
| 214 /* check packet length */ | 214 /* check packet length */ |
| 215 if ((len > MAX_PACKET_LEN) || | 215 if ((len > MAX_PACKET_LEN) || |
| 216 (len < MIN_PACKET_LEN + macsize) || | 216 (len < MIN_PACKET_LEN + macsize) || |
| 217 ((len - macsize) % blocksize != 0)) { | 217 ((len - macsize) % blocksize != 0)) { |
| 218 dropbear_exit("bad packet size"); | 218 dropbear_exit("bad packet size %d", len); |
| 219 } | 219 } |
| 220 | 220 |
| 221 buf_resize(ses.readbuf, len); | 221 buf_resize(ses.readbuf, len); |
| 222 buf_setlen(ses.readbuf, len); | 222 buf_setlen(ses.readbuf, len); |
| 223 | 223 |
| 312 | 312 |
| 313 /* Checks the mac in hashbuf, for the data in readbuf. | 313 /* Checks the mac in hashbuf, for the data in readbuf. |
| 314 * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ | 314 * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ |
| 315 static int checkmac(buffer* macbuf, buffer* sourcebuf) { | 315 static int checkmac(buffer* macbuf, buffer* sourcebuf) { |
| 316 | 316 |
| 317 unsigned char macsize; | 317 unsigned int macsize; |
| 318 hmac_state hmac; | 318 hmac_state hmac; |
| 319 unsigned char tempbuf[MAX_MAC_LEN]; | 319 unsigned char tempbuf[MAX_MAC_LEN]; |
| 320 unsigned long hashsize; | 320 unsigned long bufsize; |
| 321 int len; | 321 unsigned int len; |
| 322 | 322 |
| 323 macsize = ses.keys->recv_algo_mac->hashsize; | 323 macsize = ses.keys->recv_algo_mac->hashsize; |
| 324 | |
| 325 if (macsize == 0) { | 324 if (macsize == 0) { |
| 326 return DROPBEAR_SUCCESS; | 325 return DROPBEAR_SUCCESS; |
| 327 } | 326 } |
| 328 | 327 |
| 329 /* calculate the mac */ | 328 /* calculate the mac */ |
| 345 len = sourcebuf->len; | 344 len = sourcebuf->len; |
| 346 if (hmac_process(&hmac, buf_getptr(sourcebuf, len), len) != CRYPT_OK) { | 345 if (hmac_process(&hmac, buf_getptr(sourcebuf, len), len) != CRYPT_OK) { |
| 347 dropbear_exit("HMAC error"); | 346 dropbear_exit("HMAC error"); |
| 348 } | 347 } |
| 349 | 348 |
| 350 hashsize = sizeof(tempbuf); | 349 bufsize = sizeof(tempbuf); |
| 351 if (hmac_done(&hmac, tempbuf, &hashsize) != CRYPT_OK) { | 350 if (hmac_done(&hmac, tempbuf, &bufsize) != CRYPT_OK) { |
| 352 dropbear_exit("HMAC error"); | 351 dropbear_exit("HMAC error"); |
| 353 } | 352 } |
| 354 | 353 |
| 355 /* compare the hash */ | 354 /* compare the hash */ |
| 356 if (memcmp(tempbuf, buf_getptr(macbuf, macsize), macsize) != 0) { | 355 if (memcmp(tempbuf, buf_getptr(macbuf, macsize), macsize) != 0) { |
| 522 | 521 |
| 523 | 522 |
| 524 /* Create the packet mac, and append H(seqno|clearbuf) to the output */ | 523 /* Create the packet mac, and append H(seqno|clearbuf) to the output */ |
| 525 static void writemac(buffer * outputbuffer, buffer * clearwritebuf) { | 524 static void writemac(buffer * outputbuffer, buffer * clearwritebuf) { |
| 526 | 525 |
| 527 int macsize; | 526 unsigned int macsize; |
| 528 unsigned char seqbuf[4]; | 527 unsigned char seqbuf[4]; |
| 529 unsigned long hashsize; | 528 unsigned char tempbuf[MAX_MAC_LEN]; |
| 529 unsigned long bufsize; | |
| 530 hmac_state hmac; | 530 hmac_state hmac; |
| 531 | 531 |
| 532 TRACE(("enter writemac")) | 532 TRACE(("enter writemac")) |
| 533 | 533 |
| 534 macsize = ses.keys->trans_algo_mac->hashsize; | 534 macsize = ses.keys->recv_algo_mac->hashsize; |
| 535 | |
| 536 if (macsize > 0) { | 535 if (macsize > 0) { |
| 537 /* calculate the mac */ | 536 /* calculate the mac */ |
| 538 if (hmac_init(&hmac, | 537 if (hmac_init(&hmac, |
| 539 find_hash(ses.keys->trans_algo_mac->hashdesc->name), | 538 find_hash(ses.keys->trans_algo_mac->hashdesc->name), |
| 540 ses.keys->transmackey, | 539 ses.keys->transmackey, |
| 555 clearwritebuf->len), | 554 clearwritebuf->len), |
| 556 clearwritebuf->len) != CRYPT_OK) { | 555 clearwritebuf->len) != CRYPT_OK) { |
| 557 dropbear_exit("HMAC error"); | 556 dropbear_exit("HMAC error"); |
| 558 } | 557 } |
| 559 | 558 |
| 560 hashsize = macsize; | 559 bufsize = sizeof(tempbuf); |
| 561 if (hmac_done(&hmac, buf_getwriteptr(outputbuffer, macsize), &hashsize) | 560 if (hmac_done(&hmac, tempbuf, &bufsize) |
| 562 != CRYPT_OK) { | 561 != CRYPT_OK) { |
| 563 dropbear_exit("HMAC error"); | 562 dropbear_exit("HMAC error"); |
| 564 } | 563 } |
| 565 buf_incrwritepos(outputbuffer, macsize); | 564 buf_putbytes(outputbuffer, tempbuf, macsize); |
| 566 } | 565 } |
| 567 TRACE(("leave writemac")) | 566 TRACE(("leave writemac")) |
| 568 } | 567 } |
| 569 | 568 |
| 570 #ifndef DISABLE_ZLIB | 569 #ifndef DISABLE_ZLIB |