Mercurial > dropbear
view libtomcrypt/src/mac/xcbc/xcbc_done.c @ 1921:284c3837891c
Allow user space file locations (rootless support)
Why:
Running dropbear as a user (rootless) is aided if
files and programs can be saved/removed without
needing sudo.
What:
Use the same convention as DROPBEAR_DEFAULT_CLI_AUTHKEY;
if not starting with '/', then is relative to hedge's /home/hedge:
*_PRIV_FILENAME
DROPBEAR_PIDFILE
SFTPSERVER_PATH
default_options.h commentary added.
Changes kept to a minimum, so log entry in svr_kex.c#163
is refactored.
From:
Generated hostkey is <path> ... <finger-print>
to:
Generated hostkey path is <path>
Generated hostkey fingerprint is <fp>
Otherwise the unexpanded path was reported.
Patch modified by Matt Johnston
Signed-off-by: Begley Brothers Inc <[email protected]>
author | Begley Brothers Inc <begleybrothers@gmail.com> |
---|---|
date | Thu, 09 Jul 2020 17:47:58 +1000 |
parents | 6dba84798cd5 |
children |
line wrap: on
line source
/* LibTomCrypt, modular cryptographic library -- Tom St Denis * * LibTomCrypt is a library that provides various cryptographic * algorithms in a highly modular and flexible manner. * * The library is free for all purposes without any express * guarantee it works. */ #include "tomcrypt.h" /** @file xcbc_done.c XCBC Support, terminate the state */ #ifdef LTC_XCBC /** Terminate the XCBC-MAC state @param xcbc XCBC state to terminate @param out [out] Destination for the MAC tag @param outlen [in/out] Destination size and final tag size Return CRYPT_OK on success */ int xcbc_done(xcbc_state *xcbc, unsigned char *out, unsigned long *outlen) { int err, x; LTC_ARGCHK(xcbc != NULL); LTC_ARGCHK(out != NULL); /* check structure */ if ((err = cipher_is_valid(xcbc->cipher)) != CRYPT_OK) { return err; } if ((xcbc->blocksize > cipher_descriptor[xcbc->cipher].block_length) || (xcbc->blocksize < 0) || (xcbc->buflen > xcbc->blocksize) || (xcbc->buflen < 0)) { return CRYPT_INVALID_ARG; } /* which key do we use? */ if (xcbc->buflen == xcbc->blocksize) { /* k2 */ for (x = 0; x < xcbc->blocksize; x++) { xcbc->IV[x] ^= xcbc->K[1][x]; } } else { xcbc->IV[xcbc->buflen] ^= 0x80; /* k3 */ for (x = 0; x < xcbc->blocksize; x++) { xcbc->IV[x] ^= xcbc->K[2][x]; } } /* encrypt */ cipher_descriptor[xcbc->cipher].ecb_encrypt(xcbc->IV, xcbc->IV, &xcbc->key); cipher_descriptor[xcbc->cipher].done(&xcbc->key); /* extract tag */ for (x = 0; x < xcbc->blocksize && (unsigned long)x < *outlen; x++) { out[x] = xcbc->IV[x]; } *outlen = x; #ifdef LTC_CLEAN_STACK zeromem(xcbc, sizeof(*xcbc)); #endif return CRYPT_OK; } #endif /* ref: $Format:%D$ */ /* git commit: $Format:%H$ */ /* commit time: $Format:%ai$ */