mac.go 1.3 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162
  1. // Copyright 2012 The Go Authors. All rights reserved.
  2. // Use of this source code is governed by a BSD-style
  3. // license that can be found in the LICENSE file.
  4. package ssh
  5. // Message authentication support
  6. import (
  7. "crypto/hmac"
  8. "crypto/sha1"
  9. "crypto/sha256"
  10. "hash"
  11. )
  12. type macMode struct {
  13. keySize int
  14. etm bool
  15. new func(key []byte) hash.Hash
  16. }
  17. // truncatingMAC wraps around a hash.Hash and truncates the output digest to
  18. // a given size.
  19. type truncatingMAC struct {
  20. length int
  21. hmac hash.Hash
  22. }
  23. func (t truncatingMAC) Write(data []byte) (int, error) {
  24. return t.hmac.Write(data)
  25. }
  26. func (t truncatingMAC) Sum(in []byte) []byte {
  27. out := t.hmac.Sum(in)
  28. return out[:len(in)+t.length]
  29. }
  30. func (t truncatingMAC) Reset() {
  31. t.hmac.Reset()
  32. }
  33. func (t truncatingMAC) Size() int {
  34. return t.length
  35. }
  36. func (t truncatingMAC) BlockSize() int { return t.hmac.BlockSize() }
  37. var macModes = map[string]*macMode{
  38. "hmac-sha2-256-etm@openssh.com": {32, true, func(key []byte) hash.Hash {
  39. return hmac.New(sha256.New, key)
  40. }},
  41. "hmac-sha2-256": {32, false, func(key []byte) hash.Hash {
  42. return hmac.New(sha256.New, key)
  43. }},
  44. "hmac-sha1": {20, false, func(key []byte) hash.Hash {
  45. return hmac.New(sha1.New, key)
  46. }},
  47. "hmac-sha1-96": {20, false, func(key []byte) hash.Hash {
  48. return truncatingMAC{12, hmac.New(sha1.New, key)}
  49. }},
  50. }