From 164b8e99cce70c83d2ef3e2c2b832a514a0ac908 Mon Sep 17 00:00:00 2001
From: Dirkjan Bussink <d.bussink@gmail.com>
Date: Sun, 20 Apr 2014 10:04:21 +0000
Subject: Add logic to support SHA2 HMAC algorithms

BUG: https://red.libssh.org/issues/91

Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
---
 include/libssh/crypto.h  | 6 +++++-
 include/libssh/packet.h  | 4 +++-
 include/libssh/wrapper.h | 1 +
 3 files changed, 9 insertions(+), 2 deletions(-)

(limited to 'include/libssh')

diff --git a/include/libssh/crypto.h b/include/libssh/crypto.h
index eaff2ffd..56561805 100644
--- a/include/libssh/crypto.h
+++ b/include/libssh/crypto.h
@@ -46,6 +46,8 @@
 #include "libssh/kex.h"
 #include "libssh/curve25519.h"
 
+#define DIGEST_MAX_LEN 64
+
 enum ssh_key_exchange_e {
   /* diffie-hellman-group1-sha1 */
   SSH_KEX_DH_GROUP1_SHA1=1,
@@ -79,8 +81,10 @@ struct ssh_crypto_struct {
     unsigned char *encryptkey;
     unsigned char *encryptMAC;
     unsigned char *decryptMAC;
-    unsigned char hmacbuf[EVP_MAX_MD_SIZE];
+    unsigned char hmacbuf[DIGEST_MAX_LEN];
     struct ssh_cipher_struct *in_cipher, *out_cipher; /* the cipher structures/objects */
+    enum ssh_hmac_e in_hmac, out_hmac; /* the MAC algorithms used */
+
     ssh_string server_pubkey;
     const char *server_pubkey_type;
     int do_compress_out; /* idem */
diff --git a/include/libssh/packet.h b/include/libssh/packet.h
index 513eaa81..d8ef35bb 100644
--- a/include/libssh/packet.h
+++ b/include/libssh/packet.h
@@ -21,6 +21,8 @@
 #ifndef PACKET_H_
 #define PACKET_H_
 
+#include "libssh/wrapper.h"
+
 struct ssh_socket_struct;
 
 /* this structure should go someday */
@@ -82,6 +84,6 @@ unsigned char *packet_encrypt(ssh_session session,
                               void *packet,
                               unsigned int len);
 int packet_hmac_verify(ssh_session session,ssh_buffer buffer,
-                       unsigned char *mac);
+                       unsigned char *mac, enum ssh_hmac_e type);
 
 #endif /* PACKET_H_ */
diff --git a/include/libssh/wrapper.h b/include/libssh/wrapper.h
index 41f1e3e6..44141b78 100644
--- a/include/libssh/wrapper.h
+++ b/include/libssh/wrapper.h
@@ -82,6 +82,7 @@ void ssh_mac_final(unsigned char *md, ssh_mac_ctx ctx);
 HMACCTX hmac_init(const void *key,int len, enum ssh_hmac_e type);
 void hmac_update(HMACCTX c, const void *data, unsigned long len);
 void hmac_final(HMACCTX ctx,unsigned char *hashmacbuf,unsigned int *len);
+size_t hmac_digest_len(enum ssh_hmac_e type);
 
 int crypt_set_algorithms(ssh_session session, enum ssh_des_e des_type);
 int crypt_set_algorithms_server(ssh_session session);
-- 
cgit