aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDirkjan Bussink <d.bussink@gmail.com>2019-02-21 16:29:21 +0000
committerAndreas Schneider <asn@cryptomilk.org>2019-02-22 18:21:25 +0100
commitc842bc2e8beac1e0af5c37e04ae570c3c62620ac (patch)
tree0ac25633e66d2175bcc5425c21e25043f666c8c3
parent8892577296dba23fdd531d222e66b208b60f12c4 (diff)
downloadlibssh-c842bc2e8beac1e0af5c37e04ae570c3c62620ac.tar.gz
libssh-c842bc2e8beac1e0af5c37e04ae570c3c62620ac.tar.xz
libssh-c842bc2e8beac1e0af5c37e04ae570c3c62620ac.zip
Remove SHA384 HMAC
This is not supported by OpenSSH and not recommended to be implemented either. Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> (cherry picked from commit 369051a5b4fbe9a5ace7930509cbe57b3478190d)
-rw-r--r--doc/mainpage.dox2
-rw-r--r--include/libssh/wrapper.h1
-rw-r--r--src/libcrypto.c3
-rw-r--r--src/libgcrypt.c3
-rw-r--r--src/libmbedcrypto.c3
-rw-r--r--src/wrapper.c3
6 files changed, 1 insertions, 14 deletions
diff --git a/doc/mainpage.dox b/doc/mainpage.dox
index 61f1f7c4..d319385c 100644
--- a/doc/mainpage.dox
+++ b/doc/mainpage.dox
@@ -23,7 +23,7 @@ The libssh library provides:
- <strong>Public Key Algorithms</strong>: ssh-ed25519, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521, ssh-rsa, rsa-sha2-512, rsa-sha2-256,ssh-dss
- <strong>Ciphers</strong>: <i>aes256-ctr, aes192-ctr, aes128-ctr</i>, aes256-cbc (rijndael-cbc@lysator.liu.se), aes192-cbc, aes128-cbc, 3des-cbc, blowfish-cbc, none
- <strong>Compression Schemes</strong>: zlib, <i>zlib@openssh.com</i>, none
- - <strong>MAC hashes</strong>: hmac-sha1, hmac-sha2-256, hmac-sha2-384, hmac-sha2-512, hmac-md5, none
+ - <strong>MAC hashes</strong>: hmac-sha1, hmac-sha2-256, hmac-sha2-512, hmac-md5, none
- <strong>Authentication</strong>: none, password, public-key, keyboard-interactive, <i>gssapi-with-mic</i>
- <strong>Channels</strong>: shell, exec (incl. SCP wrapper), direct-tcpip, subsystem, <i>auth-agent-req@openssh.com</i>
- <strong>Global Requests</strong>: tcpip-forward, forwarded-tcpip
diff --git a/include/libssh/wrapper.h b/include/libssh/wrapper.h
index 23d98afc..87972c64 100644
--- a/include/libssh/wrapper.h
+++ b/include/libssh/wrapper.h
@@ -44,7 +44,6 @@ enum ssh_mac_e {
enum ssh_hmac_e {
SSH_HMAC_SHA1 = 1,
SSH_HMAC_SHA256,
- SSH_HMAC_SHA384,
SSH_HMAC_SHA512,
SSH_HMAC_MD5,
SSH_HMAC_AEAD_POLY1305
diff --git a/src/libcrypto.c b/src/libcrypto.c
index c0a186e2..340a3e64 100644
--- a/src/libcrypto.c
+++ b/src/libcrypto.c
@@ -427,9 +427,6 @@ HMACCTX hmac_init(const void *key, int len, enum ssh_hmac_e type) {
case SSH_HMAC_SHA256:
HMAC_Init_ex(ctx, key, len, EVP_sha256(), NULL);
break;
- case SSH_HMAC_SHA384:
- HMAC_Init_ex(ctx, key, len, EVP_sha384(), NULL);
- break;
case SSH_HMAC_SHA512:
HMAC_Init_ex(ctx, key, len, EVP_sha512(), NULL);
break;
diff --git a/src/libgcrypt.c b/src/libgcrypt.c
index f004ffe2..8284270d 100644
--- a/src/libgcrypt.c
+++ b/src/libgcrypt.c
@@ -282,9 +282,6 @@ HMACCTX hmac_init(const void *key, int len, enum ssh_hmac_e type) {
case SSH_HMAC_SHA256:
gcry_md_open(&c, GCRY_MD_SHA256, GCRY_MD_FLAG_HMAC);
break;
- case SSH_HMAC_SHA384:
- gcry_md_open(&c, GCRY_MD_SHA384, GCRY_MD_FLAG_HMAC);
- break;
case SSH_HMAC_SHA512:
gcry_md_open(&c, GCRY_MD_SHA512, GCRY_MD_FLAG_HMAC);
break;
diff --git a/src/libmbedcrypto.c b/src/libmbedcrypto.c
index 85c50797..117d2371 100644
--- a/src/libmbedcrypto.c
+++ b/src/libmbedcrypto.c
@@ -462,9 +462,6 @@ HMACCTX hmac_init(const void *key, int len, enum ssh_hmac_e type)
case SSH_HMAC_SHA256:
md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256);
break;
- case SSH_HMAC_SHA384:
- md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA384);
- break;
case SSH_HMAC_SHA512:
md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA512);
break;
diff --git a/src/wrapper.c b/src/wrapper.c
index 354bc0de..e580e1cc 100644
--- a/src/wrapper.c
+++ b/src/wrapper.c
@@ -52,7 +52,6 @@
static struct ssh_hmac_struct ssh_hmac_tab[] = {
{ "hmac-sha1", SSH_HMAC_SHA1 },
{ "hmac-sha2-256", SSH_HMAC_SHA256 },
- { "hmac-sha2-384", SSH_HMAC_SHA384 },
{ "hmac-sha2-512", SSH_HMAC_SHA512 },
{ "hmac-md5", SSH_HMAC_MD5 },
{ "aead-poly1305", SSH_HMAC_AEAD_POLY1305 },
@@ -69,8 +68,6 @@ size_t hmac_digest_len(enum ssh_hmac_e type) {
return SHA_DIGEST_LEN;
case SSH_HMAC_SHA256:
return SHA256_DIGEST_LEN;
- case SSH_HMAC_SHA384:
- return SHA384_DIGEST_LEN;
case SSH_HMAC_SHA512:
return SHA512_DIGEST_LEN;
case SSH_HMAC_MD5: