# HG changeset patch # User Matt Johnston # Date 1363877712 -28800 # Node ID cd3d3c63d18987a4433719020f5367a93036df61 # Parent 84157e435c5298e2bc1e44ad3aa2eb9a31f9113a Make hmac-sha2-256 and hmac-sha2-512 work diff -r 84157e435c52 -r cd3d3c63d189 common-algo.c --- a/common-algo.c Thu Mar 21 21:23:34 2013 +0800 +++ b/common-algo.c Thu Mar 21 22:55:12 2013 +0800 @@ -45,8 +45,8 @@ /* Mappings for ciphers, parameters are {&cipher_desc, keysize, blocksize} */ -/* NOTE: if keysize > 2*SHA1_HASH_SIZE, code such as hashkeys() - needs revisiting */ + +/* Remember to add new ciphers/hashes to regciphers/reghashes too */ #ifdef DROPBEAR_AES256 static const struct dropbear_cipher dropbear_aes256 = @@ -168,10 +168,10 @@ algo_type sshhashes[] = { #ifdef DROPBEAR_SHA2_256_HMAC -// {"hmac-sha2-256", 0, &dropbear_sha2_256, 1, NULL}, + {"hmac-sha2-256", 0, &dropbear_sha2_256, 1, NULL}, #endif #ifdef DROPBEAR_SHA2_512_HMAC -// {"hmac-sha2-512", 0, &dropbear_sha2_512, 1, NULL}, + {"hmac-sha2-512", 0, &dropbear_sha2_512, 1, NULL}, #endif #ifdef DROPBEAR_SHA1_96_HMAC {"hmac-sha1-96", 0, &dropbear_sha1_96, 1, NULL}, @@ -245,6 +245,12 @@ #ifdef DROPBEAR_MD5_HMAC &md5_desc, #endif +#ifdef DROPBEAR_SHA2_256_HMAC + &sha256_desc, +#endif +#ifdef DROPBEAR_SHA2_512_HMAC + &sha512_desc, +#endif NULL }; int i; diff -r 84157e435c52 -r cd3d3c63d189 session.h --- a/session.h Thu Mar 21 21:23:34 2013 +0800 +++ b/session.h Thu Mar 21 22:55:12 2013 +0800 @@ -78,7 +78,7 @@ symmetric_CTR ctr; #endif } cipher_state; - unsigned char mackey[MAX_MAC_KEY]; + unsigned char mackey[MAX_MAC_LEN]; }; struct key_context { diff -r 84157e435c52 -r cd3d3c63d189 sysoptions.h --- a/sysoptions.h Thu Mar 21 21:23:34 2013 +0800 +++ b/sysoptions.h Thu Mar 21 22:55:12 2013 +0800 @@ -76,26 +76,19 @@ #define DROPBEAR_SIGNKEY_VERIFY #endif -/* SHA1 is 20 bytes == 160 bits */ #define SHA1_HASH_SIZE 20 -/* SHA512 is 64 bytes == 512 bits */ -#define SHA512_HASH_SIZE 64 -/* MD5 is 16 bytes = 128 bits */ #define MD5_HASH_SIZE 16 -/* largest of MD5 and SHA1 */ -#define MAX_MAC_LEN SHA1_HASH_SIZE - - #define MAX_KEY_LEN 32 /* 256 bits for aes256 etc */ #define MAX_IV_LEN 20 /* must be same as max blocksize, and >= SHA1_HASH_SIZE */ + #if defined(DROPBEAR_SHA2_512_HMAC) -#define MAX_MAC_KEY 64 +#define MAX_MAC_LEN 64 #elif defined(DROPBEAR_SHA2_256_HMAC) -#define MAX_MAC_KEY 32 +#define MAX_MAC_LEN 32 #else -#define MAX_MAC_KEY 20 +#define MAX_MAC_LEN 20 #endif #define MAX_NAME_LEN 64 /* maximum length of a protocol name, isn't