summaryrefslogtreecommitdiff
path: root/mac.c
diff options
context:
space:
mode:
Diffstat (limited to 'mac.c')
-rw-r--r--mac.c23
1 files changed, 21 insertions, 2 deletions
diff --git a/mac.c b/mac.c
index f63fbff09..6b12cd197 100644
--- a/mac.c
+++ b/mac.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: mac.c,v 1.32 2015/01/15 18:32:54 naddy Exp $ */ 1/* $OpenBSD: mac.c,v 1.33 2016/07/08 03:44:42 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2001 Markus Friedl. All rights reserved.
4 * 4 *
@@ -167,7 +167,8 @@ mac_init(struct sshmac *mac)
167} 167}
168 168
169int 169int
170mac_compute(struct sshmac *mac, u_int32_t seqno, const u_char *data, int datalen, 170mac_compute(struct sshmac *mac, u_int32_t seqno,
171 const u_char *data, int datalen,
171 u_char *digest, size_t dlen) 172 u_char *digest, size_t dlen)
172{ 173{
173 static union { 174 static union {
@@ -211,6 +212,24 @@ mac_compute(struct sshmac *mac, u_int32_t seqno, const u_char *data, int datalen
211 return 0; 212 return 0;
212} 213}
213 214
215int
216mac_check(struct sshmac *mac, u_int32_t seqno,
217 const u_char *data, size_t dlen,
218 const u_char *theirmac, size_t mlen)
219{
220 u_char ourmac[SSH_DIGEST_MAX_LENGTH];
221 int r;
222
223 if (mac->mac_len > mlen)
224 return SSH_ERR_INVALID_ARGUMENT;
225 if ((r = mac_compute(mac, seqno, data, dlen,
226 ourmac, sizeof(ourmac))) != 0)
227 return r;
228 if (timingsafe_bcmp(ourmac, theirmac, mac->mac_len) != 0)
229 return SSH_ERR_MAC_INVALID;
230 return 0;
231}
232
214void 233void
215mac_clear(struct sshmac *mac) 234mac_clear(struct sshmac *mac)
216{ 235{