Merge pull request #429 from bantu/ssh-hmac-sha2-256

SSH2: Add hmac-sha2-256 MAC support

* bantu/ssh-hmac-sha2-256:
  ssh-hmac-sha2-256: Remove whitespace at end of line.
  Added RFC6668
  Add hmac-sha2-256 MAC support
This commit is contained in:
Andreas Fischer 2014-07-26 13:11:23 +02:00
commit ee5ddb025c

View File

@ -1163,6 +1163,9 @@ class Net_SSH2
} }
$mac_algorithms = array( $mac_algorithms = array(
// from <http://www.ietf.org/rfc/rfc6668.txt>:
'hmac-sha2-256',// RECOMMENDED HMAC-SHA256 (digest length = key length = 32)
'hmac-sha1-96', // RECOMMENDED first 96 bits of HMAC-SHA1 (digest length = 12, key length = 20) 'hmac-sha1-96', // RECOMMENDED first 96 bits of HMAC-SHA1 (digest length = 12, key length = 20)
'hmac-sha1', // REQUIRED HMAC-SHA1 (digest length = key length = 20) 'hmac-sha1', // REQUIRED HMAC-SHA1 (digest length = key length = 20)
'hmac-md5-96', // OPTIONAL first 96 bits of HMAC-MD5 (digest length = 12, key length = 16) 'hmac-md5-96', // OPTIONAL first 96 bits of HMAC-MD5 (digest length = 12, key length = 16)
@ -1692,6 +1695,10 @@ class Net_SSH2
$createKeyLength = 0; // ie. $mac_algorithms[$i] == 'none' $createKeyLength = 0; // ie. $mac_algorithms[$i] == 'none'
switch ($mac_algorithms[$i]) { switch ($mac_algorithms[$i]) {
case 'hmac-sha2-256':
$this->hmac_create = new Crypt_Hash('sha256');
$createKeyLength = 32;
break;
case 'hmac-sha1': case 'hmac-sha1':
$this->hmac_create = new Crypt_Hash('sha1'); $this->hmac_create = new Crypt_Hash('sha1');
$createKeyLength = 20; $createKeyLength = 20;
@ -1718,6 +1725,11 @@ class Net_SSH2
$checkKeyLength = 0; $checkKeyLength = 0;
$this->hmac_size = 0; $this->hmac_size = 0;
switch ($mac_algorithms[$i]) { switch ($mac_algorithms[$i]) {
case 'hmac-sha2-256':
$this->hmac_check = new Crypt_Hash('sha256');
$checkKeyLength = 32;
$this->hmac_size = 32;
break;
case 'hmac-sha1': case 'hmac-sha1':
$this->hmac_check = new Crypt_Hash('sha1'); $this->hmac_check = new Crypt_Hash('sha1');
$checkKeyLength = 20; $checkKeyLength = 20;