diff options
| author | Damien Miller <djm@mindrot.org> | 2014-05-15 14:24:09 +1000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2014-05-15 14:24:09 +1000 |
| commit | 1f0311c7c7d10c94ff7f823de9c5b2ed79368b14 (patch) | |
| tree | ae708c2a25f84a04bcb04f2dbf3e8039e0f692bc /mac.c | |
| parent | c5893785564498cea73cb60d2cf199490483e080 (diff) | |
- markus@cvs.openbsd.org 2014/04/29 18:01:49
[auth.c authfd.c authfile.c bufaux.c cipher.c cipher.h hostfile.c]
[kex.c key.c mac.c monitor.c monitor_wrap.c myproposal.h packet.c]
[roaming_client.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
[ssh-pkcs11.h ssh.c sshconnect.c sshconnect2.c sshd.c]
make compiling against OpenSSL optional (make OPENSSL=no);
reduces algorithms to curve25519, aes-ctr, chacha, ed25519;
allows us to explore further options; with and ok djm
Diffstat (limited to 'mac.c')
| -rw-r--r-- | mac.c | 19 |
1 files changed, 17 insertions, 2 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: mac.c,v 1.28 2014/02/07 06:55:54 djm Exp $ */ | 1 | /* $OpenBSD: mac.c,v 1.29 2014/04/29 18:01:49 markus Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
| 4 | * | 4 | * |
| @@ -72,8 +72,10 @@ static const struct macalg macs[] = { | |||
| 72 | { "hmac-md5-96", SSH_DIGEST, SSH_DIGEST_MD5, 96, 0, 0, 0 }, | 72 | { "hmac-md5-96", SSH_DIGEST, SSH_DIGEST_MD5, 96, 0, 0, 0 }, |
| 73 | { "hmac-ripemd160", SSH_DIGEST, SSH_DIGEST_RIPEMD160, 0, 0, 0, 0 }, | 73 | { "hmac-ripemd160", SSH_DIGEST, SSH_DIGEST_RIPEMD160, 0, 0, 0, 0 }, |
| 74 | { "hmac-ripemd160@openssh.com", SSH_DIGEST, SSH_DIGEST_RIPEMD160, 0, 0, 0, 0 }, | 74 | { "hmac-ripemd160@openssh.com", SSH_DIGEST, SSH_DIGEST_RIPEMD160, 0, 0, 0, 0 }, |
| 75 | #ifdef WITH_OPENSSL | ||
| 75 | { "umac-64@openssh.com", SSH_UMAC, 0, 0, 128, 64, 0 }, | 76 | { "umac-64@openssh.com", SSH_UMAC, 0, 0, 128, 64, 0 }, |
| 76 | { "umac-128@openssh.com", SSH_UMAC128, 0, 0, 128, 128, 0 }, | 77 | { "umac-128@openssh.com", SSH_UMAC128, 0, 0, 128, 128, 0 }, |
| 78 | #endif | ||
| 77 | 79 | ||
| 78 | /* Encrypt-then-MAC variants */ | 80 | /* Encrypt-then-MAC variants */ |
| 79 | { "hmac-sha1-etm@openssh.com", SSH_DIGEST, SSH_DIGEST_SHA1, 0, 0, 0, 1 }, | 81 | { "hmac-sha1-etm@openssh.com", SSH_DIGEST, SSH_DIGEST_SHA1, 0, 0, 0, 1 }, |
| @@ -85,8 +87,10 @@ static const struct macalg macs[] = { | |||
| 85 | { "hmac-md5-etm@openssh.com", SSH_DIGEST, SSH_DIGEST_MD5, 0, 0, 0, 1 }, | 87 | { "hmac-md5-etm@openssh.com", SSH_DIGEST, SSH_DIGEST_MD5, 0, 0, 0, 1 }, |
| 86 | { "hmac-md5-96-etm@openssh.com", SSH_DIGEST, SSH_DIGEST_MD5, 96, 0, 0, 1 }, | 88 | { "hmac-md5-96-etm@openssh.com", SSH_DIGEST, SSH_DIGEST_MD5, 96, 0, 0, 1 }, |
| 87 | { "hmac-ripemd160-etm@openssh.com", SSH_DIGEST, SSH_DIGEST_RIPEMD160, 0, 0, 0, 1 }, | 89 | { "hmac-ripemd160-etm@openssh.com", SSH_DIGEST, SSH_DIGEST_RIPEMD160, 0, 0, 0, 1 }, |
| 90 | #ifdef WITH_OPENSSL | ||
| 88 | { "umac-64-etm@openssh.com", SSH_UMAC, 0, 0, 128, 64, 1 }, | 91 | { "umac-64-etm@openssh.com", SSH_UMAC, 0, 0, 128, 64, 1 }, |
| 89 | { "umac-128-etm@openssh.com", SSH_UMAC128, 0, 0, 128, 128, 1 }, | 92 | { "umac-128-etm@openssh.com", SSH_UMAC128, 0, 0, 128, 128, 1 }, |
| 93 | #endif | ||
| 90 | 94 | ||
| 91 | { NULL, 0, 0, 0, 0, 0, 0 } | 95 | { NULL, 0, 0, 0, 0, 0, 0 } |
| 92 | }; | 96 | }; |
| @@ -119,9 +123,11 @@ mac_setup_by_alg(Mac *mac, const struct macalg *macalg) | |||
| 119 | fatal("ssh_hmac_start(alg=%d) failed", macalg->alg); | 123 | fatal("ssh_hmac_start(alg=%d) failed", macalg->alg); |
| 120 | mac->key_len = mac->mac_len = ssh_hmac_bytes(macalg->alg); | 124 | mac->key_len = mac->mac_len = ssh_hmac_bytes(macalg->alg); |
| 121 | } else { | 125 | } else { |
| 126 | #ifdef WITH_OPENSSL | ||
| 122 | mac->mac_len = macalg->len / 8; | 127 | mac->mac_len = macalg->len / 8; |
| 123 | mac->key_len = macalg->key_len / 8; | 128 | mac->key_len = macalg->key_len / 8; |
| 124 | mac->umac_ctx = NULL; | 129 | mac->umac_ctx = NULL; |
| 130 | #endif | ||
| 125 | } | 131 | } |
| 126 | if (macalg->truncatebits != 0) | 132 | if (macalg->truncatebits != 0) |
| 127 | mac->mac_len = macalg->truncatebits / 8; | 133 | mac->mac_len = macalg->truncatebits / 8; |
| @@ -157,12 +163,14 @@ mac_init(Mac *mac) | |||
| 157 | ssh_hmac_init(mac->hmac_ctx, mac->key, mac->key_len) < 0) | 163 | ssh_hmac_init(mac->hmac_ctx, mac->key, mac->key_len) < 0) |
| 158 | return -1; | 164 | return -1; |
| 159 | return 0; | 165 | return 0; |
| 166 | #ifdef WITH_OPENSSL | ||
| 160 | case SSH_UMAC: | 167 | case SSH_UMAC: |
| 161 | mac->umac_ctx = umac_new(mac->key); | 168 | mac->umac_ctx = umac_new(mac->key); |
| 162 | return 0; | 169 | return 0; |
| 163 | case SSH_UMAC128: | 170 | case SSH_UMAC128: |
| 164 | mac->umac_ctx = umac128_new(mac->key); | 171 | mac->umac_ctx = umac128_new(mac->key); |
| 165 | return 0; | 172 | return 0; |
| 173 | #endif | ||
| 166 | default: | 174 | default: |
| 167 | return -1; | 175 | return -1; |
| 168 | } | 176 | } |
| @@ -175,7 +183,10 @@ mac_compute(Mac *mac, u_int32_t seqno, u_char *data, int datalen) | |||
| 175 | u_char m[EVP_MAX_MD_SIZE]; | 183 | u_char m[EVP_MAX_MD_SIZE]; |
| 176 | u_int64_t for_align; | 184 | u_int64_t for_align; |
| 177 | } u; | 185 | } u; |
| 178 | u_char b[4], nonce[8]; | 186 | u_char b[4]; |
| 187 | #ifdef WITH_OPENSSL | ||
| 188 | u_char nonce[8]; | ||
| 189 | #endif | ||
| 179 | 190 | ||
| 180 | if (mac->mac_len > sizeof(u)) | 191 | if (mac->mac_len > sizeof(u)) |
| 181 | fatal("mac_compute: mac too long %u %zu", | 192 | fatal("mac_compute: mac too long %u %zu", |
| @@ -191,6 +202,7 @@ mac_compute(Mac *mac, u_int32_t seqno, u_char *data, int datalen) | |||
| 191 | ssh_hmac_final(mac->hmac_ctx, u.m, sizeof(u.m)) < 0) | 202 | ssh_hmac_final(mac->hmac_ctx, u.m, sizeof(u.m)) < 0) |
| 192 | fatal("ssh_hmac failed"); | 203 | fatal("ssh_hmac failed"); |
| 193 | break; | 204 | break; |
| 205 | #ifdef WITH_OPENSSL | ||
| 194 | case SSH_UMAC: | 206 | case SSH_UMAC: |
| 195 | put_u64(nonce, seqno); | 207 | put_u64(nonce, seqno); |
| 196 | umac_update(mac->umac_ctx, data, datalen); | 208 | umac_update(mac->umac_ctx, data, datalen); |
| @@ -201,6 +213,7 @@ mac_compute(Mac *mac, u_int32_t seqno, u_char *data, int datalen) | |||
| 201 | umac128_update(mac->umac_ctx, data, datalen); | 213 | umac128_update(mac->umac_ctx, data, datalen); |
| 202 | umac128_final(mac->umac_ctx, u.m, nonce); | 214 | umac128_final(mac->umac_ctx, u.m, nonce); |
| 203 | break; | 215 | break; |
| 216 | #endif | ||
| 204 | default: | 217 | default: |
| 205 | fatal("mac_compute: unknown MAC type"); | 218 | fatal("mac_compute: unknown MAC type"); |
| 206 | } | 219 | } |
| @@ -210,6 +223,7 @@ mac_compute(Mac *mac, u_int32_t seqno, u_char *data, int datalen) | |||
| 210 | void | 223 | void |
| 211 | mac_clear(Mac *mac) | 224 | mac_clear(Mac *mac) |
| 212 | { | 225 | { |
| 226 | #ifdef WITH_OPENSSL | ||
| 213 | if (mac->type == SSH_UMAC) { | 227 | if (mac->type == SSH_UMAC) { |
| 214 | if (mac->umac_ctx != NULL) | 228 | if (mac->umac_ctx != NULL) |
| 215 | umac_delete(mac->umac_ctx); | 229 | umac_delete(mac->umac_ctx); |
| @@ -217,6 +231,7 @@ mac_clear(Mac *mac) | |||
| 217 | if (mac->umac_ctx != NULL) | 231 | if (mac->umac_ctx != NULL) |
| 218 | umac128_delete(mac->umac_ctx); | 232 | umac128_delete(mac->umac_ctx); |
| 219 | } else if (mac->hmac_ctx != NULL) | 233 | } else if (mac->hmac_ctx != NULL) |
| 234 | #endif | ||
| 220 | ssh_hmac_free(mac->hmac_ctx); | 235 | ssh_hmac_free(mac->hmac_ctx); |
| 221 | mac->hmac_ctx = NULL; | 236 | mac->hmac_ctx = NULL; |
| 222 | mac->umac_ctx = NULL; | 237 | mac->umac_ctx = NULL; |