X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/cd332296749e690ab32b786cc4e74ea6b20fb377..a03acb8f71abe2c1128ab91b53922238a2d6042e:/mac.c diff --git a/mac.c b/mac.c index e8b4267c..e5d5bfa8 100644 --- a/mac.c +++ b/mac.c @@ -1,3 +1,4 @@ +/* $OpenBSD: mac.c,v 1.12 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -23,20 +24,27 @@ */ #include "includes.h" -RCSID("$OpenBSD: mac.c,v 1.2 2001/04/05 10:42:51 markus Exp $"); + +#include #include +#include +#include +#include + #include "xmalloc.h" -#include "getput.h" #include "log.h" #include "cipher.h" +#include "buffer.h" +#include "key.h" #include "kex.h" #include "mac.h" +#include "misc.h" struct { char *name; - EVP_MD * (*mdfunc)(void); + const EVP_MD * (*mdfunc)(void); int truncatebits; /* truncate digest if != 0 */ } macs[] = { { "hmac-sha1", EVP_sha1, 0, }, @@ -51,12 +59,15 @@ struct { int mac_init(Mac *mac, char *name) { - int i; + int i, evp_len; + for (i = 0; macs[i].name; i++) { if (strcmp(name, macs[i].name) == 0) { if (mac != NULL) { mac->md = (*macs[i].mdfunc)(); - mac->key_len = mac->mac_len = mac->md->md_size; + if ((evp_len = EVP_MD_size(mac->md)) <= 0) + fatal("mac %s len %d", name, evp_len); + mac->key_len = mac->mac_len = (u_int)evp_len; if (macs[i].truncatebits != 0) mac->mac_len = macs[i].truncatebits/8; } @@ -80,7 +91,7 @@ mac_compute(Mac *mac, u_int32_t seqno, u_char *data, int datalen) if (mac->mac_len > sizeof(m)) fatal("mac_compute: mac too long"); HMAC_Init(&c, mac->key, mac->key_len, mac->md); - PUT_32BIT(b, seqno); + put_u32(b, seqno); HMAC_Update(&c, b, sizeof(b)); HMAC_Update(&c, data, datalen); HMAC_Final(&c, m, NULL); @@ -99,7 +110,7 @@ mac_valid(const char *names) return (0); maclist = cp = xstrdup(names); for ((p = strsep(&cp, MAC_SEP)); p && *p != '\0'; - (p = strsep(&cp, MAC_SEP))) { + (p = strsep(&cp, MAC_SEP))) { if (mac_init(NULL, p) < 0) { debug("bad mac %s [%s]", p, names); xfree(maclist);