]>
Commit | Line | Data |
---|---|---|
bae9f6d2 JC |
1 | // Copyright 2012 The Go Authors. All rights reserved. |
2 | // Use of this source code is governed by a BSD-style | |
3 | // license that can be found in the LICENSE file. | |
4 | ||
5 | package ssh | |
6 | ||
7 | // Message authentication support | |
8 | ||
9 | import ( | |
10 | "crypto/hmac" | |
11 | "crypto/sha1" | |
12 | "crypto/sha256" | |
13 | "hash" | |
14 | ) | |
15 | ||
16 | type macMode struct { | |
17 | keySize int | |
18 | etm bool | |
19 | new func(key []byte) hash.Hash | |
20 | } | |
21 | ||
22 | // truncatingMAC wraps around a hash.Hash and truncates the output digest to | |
23 | // a given size. | |
24 | type truncatingMAC struct { | |
25 | length int | |
26 | hmac hash.Hash | |
27 | } | |
28 | ||
29 | func (t truncatingMAC) Write(data []byte) (int, error) { | |
30 | return t.hmac.Write(data) | |
31 | } | |
32 | ||
33 | func (t truncatingMAC) Sum(in []byte) []byte { | |
34 | out := t.hmac.Sum(in) | |
35 | return out[:len(in)+t.length] | |
36 | } | |
37 | ||
38 | func (t truncatingMAC) Reset() { | |
39 | t.hmac.Reset() | |
40 | } | |
41 | ||
42 | func (t truncatingMAC) Size() int { | |
43 | return t.length | |
44 | } | |
45 | ||
46 | func (t truncatingMAC) BlockSize() int { return t.hmac.BlockSize() } | |
47 | ||
48 | var macModes = map[string]*macMode{ | |
49 | "hmac-sha2-256-etm@openssh.com": {32, true, func(key []byte) hash.Hash { | |
50 | return hmac.New(sha256.New, key) | |
51 | }}, | |
52 | "hmac-sha2-256": {32, false, func(key []byte) hash.Hash { | |
53 | return hmac.New(sha256.New, key) | |
54 | }}, | |
55 | "hmac-sha1": {20, false, func(key []byte) hash.Hash { | |
56 | return hmac.New(sha1.New, key) | |
57 | }}, | |
58 | "hmac-sha1-96": {20, false, func(key []byte) hash.Hash { | |
59 | return truncatingMAC{12, hmac.New(sha1.New, key)} | |
60 | }}, | |
61 | } |