SHA_Init(&s);
SHA_Bytes(&s, p, len);
SHA_Final(&s, output);
+ smemclr(&s, sizeof(s));
}
/*
SHA_State *s = handle;
SHA_Final(s, output);
+ smemclr(s, sizeof(*s));
sfree(s);
}
static void sha1_free_context(void *handle)
{
+ smemclr(handle, 3 * sizeof(SHA_State));
sfree(handle);
}
{
unsigned char correct[20];
hmacsha1_genresult(handle, correct);
- return !memcmp(correct, hmac, 20);
+ return smemeq(correct, hmac, 20);
}
static int sha1_verify(void *handle, unsigned char *blk, int len,
{
unsigned char correct[20];
sha1_do_hmac(handle, blk, len, seq, correct);
- return !memcmp(correct, blk + len, 20);
+ return smemeq(correct, blk + len, 20);
}
static void hmacsha1_96_genresult(void *handle, unsigned char *hmac)
{
unsigned char correct[20];
hmacsha1_genresult(handle, correct);
- return !memcmp(correct, hmac, 12);
+ return smemeq(correct, hmac, 12);
}
static int sha1_96_verify(void *handle, unsigned char *blk, int len,
{
unsigned char correct[20];
sha1_do_hmac(handle, blk, len, seq, correct);
- return !memcmp(correct, blk + len, 12);
+ return smemeq(correct, blk + len, 12);
}
void hmac_sha1_simple(void *key, int keylen, void *data, int datalen,
sha1_make_context, sha1_free_context, sha1_key,
sha1_generate, sha1_verify,
hmacsha1_start, hmacsha1_bytes, hmacsha1_genresult, hmacsha1_verresult,
- "hmac-sha1",
+ "hmac-sha1", "hmac-sha1-etm@openssh.com",
20,
"HMAC-SHA1"
};
sha1_96_generate, sha1_96_verify,
hmacsha1_start, hmacsha1_bytes,
hmacsha1_96_genresult, hmacsha1_96_verresult,
- "hmac-sha1-96",
+ "hmac-sha1-96", "hmac-sha1-96-etm@openssh.com",
12,
"HMAC-SHA1-96"
};
sha1_make_context, sha1_free_context, sha1_key_buggy,
sha1_generate, sha1_verify,
hmacsha1_start, hmacsha1_bytes, hmacsha1_genresult, hmacsha1_verresult,
- "hmac-sha1",
+ "hmac-sha1", NULL,
20,
"bug-compatible HMAC-SHA1"
};
sha1_96_generate, sha1_96_verify,
hmacsha1_start, hmacsha1_bytes,
hmacsha1_96_genresult, hmacsha1_96_verresult,
- "hmac-sha1-96",
+ "hmac-sha1-96", NULL,
12,
"bug-compatible HMAC-SHA1-96"
};