word32 a, b, c, d, e;
int t;
+#ifdef RANDOM_DIAGNOSTICS
+ {
+ extern int random_diagnostics;
+ if (random_diagnostics) {
+ int i;
+ printf("SHATransform:");
+ for (i = 0; i < 5; i++)
+ printf(" %08x", digest[i]);
+ printf(" +");
+ for (i = 0; i < 16; i++)
+ printf(" %08x", block[i]);
+ }
+ }
+#endif
+
for (t = 0; t < 16; t++)
w[t] = block[t];
digest[2] += c;
digest[3] += d;
digest[4] += e;
+
+#ifdef RANDOM_DIAGNOSTICS
+ {
+ extern int random_diagnostics;
+ if (random_diagnostics) {
+ int i;
+ printf(" =");
+ for (i = 0; i < 5; i++)
+ printf(" %08x", digest[i]);
+ printf("\n");
+ }
+ }
+#endif
}
/* ----------------------------------------------------------------------
s->lenhi = s->lenlo = 0;
}
-void SHA_Bytes(SHA_State * s, void *p, int len)
+void SHA_Bytes(SHA_State * s, const void *p, int len)
{
- unsigned char *q = (unsigned char *) p;
+ const unsigned char *q = (const unsigned char *) p;
uint32 wordblock[16];
uint32 lenw = len;
int i;
}
}
-void SHA_Simple(void *p, int len, unsigned char *output)
+void SHA_Simple(const void *p, int len, unsigned char *output)
{
SHA_State s;
SHA_Init(&s);
SHA_Bytes(&s, p, len);
SHA_Final(&s, output);
+ smemclr(&s, sizeof(s));
}
/*
return s;
}
-static void sha1_bytes(void *handle, void *p, int len)
+static void *sha1_copy(const void *vold)
+{
+ const SHA_State *old = (const SHA_State *)vold;
+ SHA_State *s;
+
+ s = snew(SHA_State);
+ *s = *old;
+ return s;
+}
+
+static void sha1_free(void *handle)
+{
+ SHA_State *s = handle;
+
+ smemclr(s, sizeof(*s));
+ sfree(s);
+}
+
+static void sha1_bytes(void *handle, const void *p, int len)
{
SHA_State *s = handle;
SHA_State *s = handle;
SHA_Final(s, output);
- sfree(s);
+ sha1_free(s);
}
const struct ssh_hash ssh_sha1 = {
- sha1_init, sha1_bytes, sha1_final, 20, "SHA-1"
+ sha1_init, sha1_copy, sha1_bytes, sha1_final, sha1_free, 20, "SHA-1"
};
/* ----------------------------------------------------------------------
* HMAC wrapper on it.
*/
-static void *sha1_make_context(void)
+static void *sha1_make_context(void *cipher_ctx)
{
return snewn(3, SHA_State);
}
static void sha1_free_context(void *handle)
{
+ smemclr(handle, 3 * sizeof(SHA_State));
sfree(handle);
}
{
unsigned char correct[20];
hmacsha1_genresult(handle, correct);
- return !memcmp(correct, hmac, 20);
+ return smemeq(correct, hmac, 20);
}
static int sha1_verify(void *handle, unsigned char *blk, int len,
{
unsigned char correct[20];
sha1_do_hmac(handle, blk, len, seq, correct);
- return !memcmp(correct, blk + len, 20);
+ return smemeq(correct, blk + len, 20);
}
static void hmacsha1_96_genresult(void *handle, unsigned char *hmac)
{
unsigned char correct[20];
hmacsha1_genresult(handle, correct);
- return !memcmp(correct, hmac, 12);
+ return smemeq(correct, hmac, 12);
}
static int sha1_96_verify(void *handle, unsigned char *blk, int len,
{
unsigned char correct[20];
sha1_do_hmac(handle, blk, len, seq, correct);
- return !memcmp(correct, blk + len, 12);
+ return smemeq(correct, blk + len, 12);
}
void hmac_sha1_simple(void *key, int keylen, void *data, int datalen,
sha1_make_context, sha1_free_context, sha1_key,
sha1_generate, sha1_verify,
hmacsha1_start, hmacsha1_bytes, hmacsha1_genresult, hmacsha1_verresult,
- "hmac-sha1",
- 20,
+ "hmac-sha1", "hmac-sha1-etm@openssh.com",
+ 20, 20,
"HMAC-SHA1"
};
sha1_96_generate, sha1_96_verify,
hmacsha1_start, hmacsha1_bytes,
hmacsha1_96_genresult, hmacsha1_96_verresult,
- "hmac-sha1-96",
- 12,
+ "hmac-sha1-96", "hmac-sha1-96-etm@openssh.com",
+ 12, 20,
"HMAC-SHA1-96"
};
sha1_make_context, sha1_free_context, sha1_key_buggy,
sha1_generate, sha1_verify,
hmacsha1_start, hmacsha1_bytes, hmacsha1_genresult, hmacsha1_verresult,
- "hmac-sha1",
- 20,
+ "hmac-sha1", NULL,
+ 20, 16,
"bug-compatible HMAC-SHA1"
};
sha1_96_generate, sha1_96_verify,
hmacsha1_start, hmacsha1_bytes,
hmacsha1_96_genresult, hmacsha1_96_verresult,
- "hmac-sha1-96",
- 12,
+ "hmac-sha1-96", NULL,
+ 12, 16,
"bug-compatible HMAC-SHA1-96"
};