github.com/glycerine/xcryptossh@v7.0.4+incompatible/mac.go (about) 1 // Copyright 2012 The Go Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 package ssh 6 7 // Message authentication support 8 9 import ( 10 "crypto/hmac" 11 "crypto/sha1" 12 "crypto/sha256" 13 "hash" 14 ) 15 16 type macMode struct { 17 keySize int 18 etm bool 19 new func(key []byte) hash.Hash 20 } 21 22 // truncatingMAC wraps around a hash.Hash and truncates the output digest to 23 // a given size. 24 type truncatingMAC struct { 25 length int 26 hmac hash.Hash 27 } 28 29 func (t truncatingMAC) Write(data []byte) (int, error) { 30 return t.hmac.Write(data) 31 } 32 33 func (t truncatingMAC) Sum(in []byte) []byte { 34 out := t.hmac.Sum(in) 35 return out[:len(in)+t.length] 36 } 37 38 func (t truncatingMAC) Reset() { 39 t.hmac.Reset() 40 } 41 42 func (t truncatingMAC) Size() int { 43 return t.length 44 } 45 46 func (t truncatingMAC) BlockSize() int { return t.hmac.BlockSize() } 47 48 var macModes = map[string]*macMode{ 49 "hmac-sha2-256-etm@openssh.com": {32, true, func(key []byte) hash.Hash { 50 return hmac.New(sha256.New, key) 51 }}, 52 "hmac-sha2-256": {32, false, func(key []byte) hash.Hash { 53 return hmac.New(sha256.New, key) 54 }}, 55 "hmac-sha1": {20, false, func(key []byte) hash.Hash { 56 return hmac.New(sha1.New, key) 57 }}, 58 "hmac-sha1-96": {20, false, func(key []byte) hash.Hash { 59 return truncatingMAC{12, hmac.New(sha1.New, key)} 60 }}, 61 }