Mercurial > dropbear
diff common-kex.c @ 409:0e69e948caba
Add comments about requiring keysize <= 2*SHA1_HASH_SIZE
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Sun, 04 Feb 2007 10:31:48 +0000 |
parents | 63601217f5ab |
children | b895f91c2ee6 |
line wrap: on
line diff
--- a/common-kex.c Sat Feb 03 13:57:35 2007 +0000 +++ b/common-kex.c Sun Feb 04 10:31:48 2007 +0000 @@ -217,12 +217,10 @@ * already initialised hash_state hs, which should already have processed * the dh_K and hash, since these are common. X is the letter 'A', 'B' etc. * out must have at least min(SHA1_HASH_SIZE, outlen) bytes allocated. - * The output will only be expanded once, since that is all that is required - * (for 3DES and SHA, with 24 and 20 bytes respectively). + * The output will only be expanded once, as we are assured that + * outlen <= 2*SHA1_HASH_SIZE for all known hashes. * - * See Section 5.2 of the IETF secsh Transport Draft for details */ - -/* Duplicated verbatim from kex.c --mihnea */ + * See Section 7.2 of rfc4253 (ssh transport) for details */ static void hashkeys(unsigned char *out, int outlen, const hash_state * hs, const unsigned char X) {