version 1.53, 2014/01/09 23:20:00 |
version 1.54, 2014/01/27 18:58:14 |
|
|
|
|
#include <netinet/in.h> |
#include <netinet/in.h> |
|
|
#include <openssl/hmac.h> |
|
#include <openssl/sha.h> |
|
|
|
#include <resolv.h> |
#include <resolv.h> |
#include <stdio.h> |
#include <stdio.h> |
#include <stdlib.h> |
#include <stdlib.h> |
|
|
#include "log.h" |
#include "log.h" |
#include "misc.h" |
#include "misc.h" |
#include "digest.h" |
#include "digest.h" |
|
#include "hmac.h" |
|
|
struct hostkeys { |
struct hostkeys { |
struct hostkey_entry *entries; |
struct hostkey_entry *entries; |
|
|
debug2("extract_salt: salt decode error"); |
debug2("extract_salt: salt decode error"); |
return (-1); |
return (-1); |
} |
} |
if (ret != SHA_DIGEST_LENGTH) { |
if (ret != (int)ssh_hmac_bytes(SSH_DIGEST_SHA1)) { |
debug2("extract_salt: expected salt len %d, got %d", |
debug2("extract_salt: expected salt len %zd, got %d", |
SHA_DIGEST_LENGTH, ret); |
ssh_hmac_bytes(SSH_DIGEST_SHA1), ret); |
return (-1); |
return (-1); |
} |
} |
|
|
|
|
char * |
char * |
host_hash(const char *host, const char *name_from_hostfile, u_int src_len) |
host_hash(const char *host, const char *name_from_hostfile, u_int src_len) |
{ |
{ |
const EVP_MD *md = EVP_sha1(); |
struct ssh_hmac_ctx *ctx; |
HMAC_CTX mac_ctx; |
|
u_char salt[256], result[256]; |
u_char salt[256], result[256]; |
char uu_salt[512], uu_result[512]; |
char uu_salt[512], uu_result[512]; |
static char encoded[1024]; |
static char encoded[1024]; |
u_int i, len; |
u_int i, len; |
|
|
len = EVP_MD_size(md); |
len = ssh_digest_bytes(SSH_DIGEST_SHA1); |
|
|
if (name_from_hostfile == NULL) { |
if (name_from_hostfile == NULL) { |
/* Create new salt */ |
/* Create new salt */ |
|
|
return (NULL); |
return (NULL); |
} |
} |
|
|
HMAC_Init(&mac_ctx, salt, len, md); |
if ((ctx = ssh_hmac_start(SSH_DIGEST_SHA1)) == NULL || |
HMAC_Update(&mac_ctx, (u_char *)host, strlen(host)); |
ssh_hmac_init(ctx, salt, len) < 0 || |
HMAC_Final(&mac_ctx, result, NULL); |
ssh_hmac_update(ctx, host, strlen(host)) < 0 || |
HMAC_cleanup(&mac_ctx); |
ssh_hmac_final(ctx, result, sizeof(result))) |
|
fatal("%s: ssh_hmac failed", __func__); |
|
ssh_hmac_free(ctx); |
|
|
if (__b64_ntop(salt, len, uu_salt, sizeof(uu_salt)) == -1 || |
if (__b64_ntop(salt, len, uu_salt, sizeof(uu_salt)) == -1 || |
__b64_ntop(result, len, uu_result, sizeof(uu_result)) == -1) |
__b64_ntop(result, len, uu_result, sizeof(uu_result)) == -1) |
fatal("host_hash: __b64_ntop failed"); |
fatal("%s: __b64_ntop failed", __func__); |
|
|
snprintf(encoded, sizeof(encoded), "%s%s%c%s", HASH_MAGIC, uu_salt, |
snprintf(encoded, sizeof(encoded), "%s%s%c%s", HASH_MAGIC, uu_salt, |
HASH_DELIM, uu_result); |
HASH_DELIM, uu_result); |