changeset 715:cd3d3c63d189

Make hmac-sha2-256 and hmac-sha2-512 work
author Matt Johnston <matt@ucc.asn.au>
date Thu, 21 Mar 2013 22:55:12 +0800
parents 84157e435c52
children af4ef98b8591
files common-algo.c session.h sysoptions.h
diffstat 3 files changed, 15 insertions(+), 16 deletions(-) [+]
line wrap: on
line diff
--- a/common-algo.c	Thu Mar 21 21:23:34 2013 +0800
+++ b/common-algo.c	Thu Mar 21 22:55:12 2013 +0800
@@ -45,8 +45,8 @@
 
 /* Mappings for ciphers, parameters are
    {&cipher_desc, keysize, blocksize} */
-/* NOTE: if keysize > 2*SHA1_HASH_SIZE, code such as hashkeys()
-   needs revisiting */
+
+/* Remember to add new ciphers/hashes to regciphers/reghashes too */
 
 #ifdef DROPBEAR_AES256
 static const struct dropbear_cipher dropbear_aes256 = 
@@ -168,10 +168,10 @@
 
 algo_type sshhashes[] = {
 #ifdef DROPBEAR_SHA2_256_HMAC
-//	{"hmac-sha2-256", 0, &dropbear_sha2_256, 1, NULL},
+	{"hmac-sha2-256", 0, &dropbear_sha2_256, 1, NULL},
 #endif
 #ifdef DROPBEAR_SHA2_512_HMAC
-//	{"hmac-sha2-512", 0, &dropbear_sha2_512, 1, NULL},
+	{"hmac-sha2-512", 0, &dropbear_sha2_512, 1, NULL},
 #endif
 #ifdef DROPBEAR_SHA1_96_HMAC
 	{"hmac-sha1-96", 0, &dropbear_sha1_96, 1, NULL},
@@ -245,6 +245,12 @@
 #ifdef DROPBEAR_MD5_HMAC
 		&md5_desc,
 #endif
+#ifdef DROPBEAR_SHA2_256_HMAC
+		&sha256_desc,
+#endif
+#ifdef DROPBEAR_SHA2_512_HMAC
+		&sha512_desc,
+#endif
 		NULL
 	};	
 	int i;
--- a/session.h	Thu Mar 21 21:23:34 2013 +0800
+++ b/session.h	Thu Mar 21 22:55:12 2013 +0800
@@ -78,7 +78,7 @@
 		symmetric_CTR ctr;
 #endif
 	} cipher_state;
-	unsigned char mackey[MAX_MAC_KEY];
+	unsigned char mackey[MAX_MAC_LEN];
 };
 
 struct key_context {
--- a/sysoptions.h	Thu Mar 21 21:23:34 2013 +0800
+++ b/sysoptions.h	Thu Mar 21 22:55:12 2013 +0800
@@ -76,26 +76,19 @@
 #define DROPBEAR_SIGNKEY_VERIFY
 #endif
 
-/* SHA1 is 20 bytes == 160 bits */
 #define SHA1_HASH_SIZE 20
-/* SHA512 is 64 bytes == 512 bits */
-#define SHA512_HASH_SIZE 64
-/* MD5 is 16 bytes = 128 bits */
 #define MD5_HASH_SIZE 16
 
-/* largest of MD5 and SHA1 */
-#define MAX_MAC_LEN SHA1_HASH_SIZE
-
-
 #define MAX_KEY_LEN 32 /* 256 bits for aes256 etc */
 #define MAX_IV_LEN 20 /* must be same as max blocksize, 
 						 and >= SHA1_HASH_SIZE */
+
 #if defined(DROPBEAR_SHA2_512_HMAC)
-#define MAX_MAC_KEY 64
+#define MAX_MAC_LEN 64
 #elif defined(DROPBEAR_SHA2_256_HMAC)
-#define MAX_MAC_KEY 32
+#define MAX_MAC_LEN 32
 #else
-#define MAX_MAC_KEY 20
+#define MAX_MAC_LEN 20
 #endif
 
 #define MAX_NAME_LEN 64 /* maximum length of a protocol name, isn't