diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2012-10-05 11:02:39 +1000 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2012-10-05 11:02:39 +1000 |
| commit | 427e409e99d465118fbc2f7c1ca2c5d44365f5a8 (patch) | |
| tree | 13b60a8b85469f596ffef7f57f086b24ec1f4551 /mac.c | |
| parent | 0dc283b13acdd4926dec1289b94badc3bbc7f321 (diff) | |
- markus@cvs.openbsd.org 2012/10/04 13:21:50
[myproposal.h ssh_config.5 umac.h sshd_config.5 ssh.1 sshd.8 mac.c]
add umac128 variant; ok djm@ at n2k12
(note: further Makefile work is required)
Diffstat (limited to 'mac.c')
| -rw-r--r-- | mac.c | 15 |
1 files changed, 14 insertions, 1 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: mac.c,v 1.18 2012/06/28 05:07:45 dtucker Exp $ */ | 1 | /* $OpenBSD: mac.c,v 1.19 2012/10/04 13:21:50 markus Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
| 4 | * | 4 | * |
| @@ -48,6 +48,7 @@ | |||
| 48 | 48 | ||
| 49 | #define SSH_EVP 1 /* OpenSSL EVP-based MAC */ | 49 | #define SSH_EVP 1 /* OpenSSL EVP-based MAC */ |
| 50 | #define SSH_UMAC 2 /* UMAC (not integrated with OpenSSL) */ | 50 | #define SSH_UMAC 2 /* UMAC (not integrated with OpenSSL) */ |
| 51 | #define SSH_UMAC128 3 | ||
| 51 | 52 | ||
| 52 | struct { | 53 | struct { |
| 53 | char *name; | 54 | char *name; |
| @@ -68,6 +69,7 @@ struct { | |||
| 68 | { "hmac-ripemd160", SSH_EVP, EVP_ripemd160, 0, -1, -1 }, | 69 | { "hmac-ripemd160", SSH_EVP, EVP_ripemd160, 0, -1, -1 }, |
| 69 | { "hmac-ripemd160@openssh.com", SSH_EVP, EVP_ripemd160, 0, -1, -1 }, | 70 | { "hmac-ripemd160@openssh.com", SSH_EVP, EVP_ripemd160, 0, -1, -1 }, |
| 70 | { "umac-64@openssh.com", SSH_UMAC, NULL, 0, 128, 64 }, | 71 | { "umac-64@openssh.com", SSH_UMAC, NULL, 0, 128, 64 }, |
| 72 | { "umac-128@openssh.com", SSH_UMAC128, NULL, 0, 128, 128 }, | ||
| 71 | { NULL, 0, NULL, 0, -1, -1 } | 73 | { NULL, 0, NULL, 0, -1, -1 } |
| 72 | }; | 74 | }; |
| 73 | 75 | ||
| @@ -122,6 +124,9 @@ mac_init(Mac *mac) | |||
| 122 | case SSH_UMAC: | 124 | case SSH_UMAC: |
| 123 | mac->umac_ctx = umac_new(mac->key); | 125 | mac->umac_ctx = umac_new(mac->key); |
| 124 | return 0; | 126 | return 0; |
| 127 | case SSH_UMAC128: | ||
| 128 | mac->umac_ctx = umac128_new(mac->key); | ||
| 129 | return 0; | ||
| 125 | default: | 130 | default: |
| 126 | return -1; | 131 | return -1; |
| 127 | } | 132 | } |
| @@ -151,6 +156,11 @@ mac_compute(Mac *mac, u_int32_t seqno, u_char *data, int datalen) | |||
| 151 | umac_update(mac->umac_ctx, data, datalen); | 156 | umac_update(mac->umac_ctx, data, datalen); |
| 152 | umac_final(mac->umac_ctx, m, nonce); | 157 | umac_final(mac->umac_ctx, m, nonce); |
| 153 | break; | 158 | break; |
| 159 | case SSH_UMAC128: | ||
| 160 | put_u64(nonce, seqno); | ||
| 161 | umac128_update(mac->umac_ctx, data, datalen); | ||
| 162 | umac128_final(mac->umac_ctx, m, nonce); | ||
| 163 | break; | ||
| 154 | default: | 164 | default: |
| 155 | fatal("mac_compute: unknown MAC type"); | 165 | fatal("mac_compute: unknown MAC type"); |
| 156 | } | 166 | } |
| @@ -163,6 +173,9 @@ mac_clear(Mac *mac) | |||
| 163 | if (mac->type == SSH_UMAC) { | 173 | if (mac->type == SSH_UMAC) { |
| 164 | if (mac->umac_ctx != NULL) | 174 | if (mac->umac_ctx != NULL) |
| 165 | umac_delete(mac->umac_ctx); | 175 | umac_delete(mac->umac_ctx); |
| 176 | } else if (mac->type == SSH_UMAC128) { | ||
| 177 | if (mac->umac_ctx != NULL) | ||
| 178 | umac128_delete(mac->umac_ctx); | ||
| 166 | } else if (mac->evp_md != NULL) | 179 | } else if (mac->evp_md != NULL) |
| 167 | HMAC_cleanup(&mac->evp_ctx); | 180 | HMAC_cleanup(&mac->evp_ctx); |
| 168 | mac->evp_md = NULL; | 181 | mac->evp_md = NULL; |