diff options
author | Darren Tucker <dtucker@zip.com.au> | 2012-10-05 11:02:39 +1000 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2012-10-05 11:02:39 +1000 |
commit | 427e409e99d465118fbc2f7c1ca2c5d44365f5a8 (patch) | |
tree | 13b60a8b85469f596ffef7f57f086b24ec1f4551 /mac.c | |
parent | 0dc283b13acdd4926dec1289b94badc3bbc7f321 (diff) |
- markus@cvs.openbsd.org 2012/10/04 13:21:50
[myproposal.h ssh_config.5 umac.h sshd_config.5 ssh.1 sshd.8 mac.c]
add umac128 variant; ok djm@ at n2k12
(note: further Makefile work is required)
Diffstat (limited to 'mac.c')
-rw-r--r-- | mac.c | 15 |
1 files changed, 14 insertions, 1 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: mac.c,v 1.18 2012/06/28 05:07:45 dtucker Exp $ */ | 1 | /* $OpenBSD: mac.c,v 1.19 2012/10/04 13:21:50 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -48,6 +48,7 @@ | |||
48 | 48 | ||
49 | #define SSH_EVP 1 /* OpenSSL EVP-based MAC */ | 49 | #define SSH_EVP 1 /* OpenSSL EVP-based MAC */ |
50 | #define SSH_UMAC 2 /* UMAC (not integrated with OpenSSL) */ | 50 | #define SSH_UMAC 2 /* UMAC (not integrated with OpenSSL) */ |
51 | #define SSH_UMAC128 3 | ||
51 | 52 | ||
52 | struct { | 53 | struct { |
53 | char *name; | 54 | char *name; |
@@ -68,6 +69,7 @@ struct { | |||
68 | { "hmac-ripemd160", SSH_EVP, EVP_ripemd160, 0, -1, -1 }, | 69 | { "hmac-ripemd160", SSH_EVP, EVP_ripemd160, 0, -1, -1 }, |
69 | { "hmac-ripemd160@openssh.com", SSH_EVP, EVP_ripemd160, 0, -1, -1 }, | 70 | { "hmac-ripemd160@openssh.com", SSH_EVP, EVP_ripemd160, 0, -1, -1 }, |
70 | { "umac-64@openssh.com", SSH_UMAC, NULL, 0, 128, 64 }, | 71 | { "umac-64@openssh.com", SSH_UMAC, NULL, 0, 128, 64 }, |
72 | { "umac-128@openssh.com", SSH_UMAC128, NULL, 0, 128, 128 }, | ||
71 | { NULL, 0, NULL, 0, -1, -1 } | 73 | { NULL, 0, NULL, 0, -1, -1 } |
72 | }; | 74 | }; |
73 | 75 | ||
@@ -122,6 +124,9 @@ mac_init(Mac *mac) | |||
122 | case SSH_UMAC: | 124 | case SSH_UMAC: |
123 | mac->umac_ctx = umac_new(mac->key); | 125 | mac->umac_ctx = umac_new(mac->key); |
124 | return 0; | 126 | return 0; |
127 | case SSH_UMAC128: | ||
128 | mac->umac_ctx = umac128_new(mac->key); | ||
129 | return 0; | ||
125 | default: | 130 | default: |
126 | return -1; | 131 | return -1; |
127 | } | 132 | } |
@@ -151,6 +156,11 @@ mac_compute(Mac *mac, u_int32_t seqno, u_char *data, int datalen) | |||
151 | umac_update(mac->umac_ctx, data, datalen); | 156 | umac_update(mac->umac_ctx, data, datalen); |
152 | umac_final(mac->umac_ctx, m, nonce); | 157 | umac_final(mac->umac_ctx, m, nonce); |
153 | break; | 158 | break; |
159 | case SSH_UMAC128: | ||
160 | put_u64(nonce, seqno); | ||
161 | umac128_update(mac->umac_ctx, data, datalen); | ||
162 | umac128_final(mac->umac_ctx, m, nonce); | ||
163 | break; | ||
154 | default: | 164 | default: |
155 | fatal("mac_compute: unknown MAC type"); | 165 | fatal("mac_compute: unknown MAC type"); |
156 | } | 166 | } |
@@ -163,6 +173,9 @@ mac_clear(Mac *mac) | |||
163 | if (mac->type == SSH_UMAC) { | 173 | if (mac->type == SSH_UMAC) { |
164 | if (mac->umac_ctx != NULL) | 174 | if (mac->umac_ctx != NULL) |
165 | umac_delete(mac->umac_ctx); | 175 | umac_delete(mac->umac_ctx); |
176 | } else if (mac->type == SSH_UMAC128) { | ||
177 | if (mac->umac_ctx != NULL) | ||
178 | umac128_delete(mac->umac_ctx); | ||
166 | } else if (mac->evp_md != NULL) | 179 | } else if (mac->evp_md != NULL) |
167 | HMAC_cleanup(&mac->evp_ctx); | 180 | HMAC_cleanup(&mac->evp_ctx); |
168 | mac->evp_md = NULL; | 181 | mac->evp_md = NULL; |