what does BUG_SSH2_HMAC do? - SSH

This is a discussion on what does BUG_SSH2_HMAC do? - SSH ; I'm trying to figure out what BUG_SSH2_HMAC does in PuTTy's SSH.c and... well, I can't. All that I seem to be able to find is this: /* * Be prepared to work around the buggy MAC problem. */ if (ssh->remote_bugs ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: what does BUG_SSH2_HMAC do?

  1. what does BUG_SSH2_HMAC do?

    I'm trying to figure out what BUG_SSH2_HMAC does in PuTTy's SSH.c
    and... well, I can't. All that I seem to be able to find is this:

    /*
    * Be prepared to work around the buggy MAC problem.
    */
    if (ssh->remote_bugs & BUG_SSH2_HMAC)
    s->maclist = buggymacs, s->nmacs = lenof(buggymacs);
    else
    s->maclist = macs, s->nmacs = lenof(macs);

    Doing a search for buggymacs reveals this:

    const static struct ssh_mac *macs[] = {
    &ssh_sha1, &ssh_md5, &ssh_mac_none
    };
    const static struct ssh_mac *buggymacs[] = {
    &ssh_sha1_buggy, &ssh_md5, &ssh_mac_none
    };

    Beyond that, there don't appear to be any references of importance to
    ssh_sha1_buggy, buggymacs, or BUG_SSH2_MACs. As such, I'm not really
    sure what the buggy SSH2 HMAC thing is supposed to do... any ideas?


  2. Re: what does BUG_SSH2_HMAC do?

    yawnmoth wrote:
    > I'm trying to figure out what BUG_SSH2_HMAC does in PuTTy's SSH.c
    > and... well, I can't.

    [...]
    > const static struct ssh_mac *macs[] = {
    > &ssh_sha1, &ssh_md5, &ssh_mac_none
    > };
    > const static struct ssh_mac *buggymacs[] = {
    > &ssh_sha1_buggy, &ssh_md5, &ssh_mac_none
    > };


    `macs' is the usual list of MAC algorithms supported by PuTTY, and
    offered to the server in the KEXINIT list.

    `buggymacs' is a replacement for it, used on particular servers
    which mis-implement hmac-sha1 and hmac-sha1-96. If you look in
    sshsha.c, you'll find that the buggy versions are exactly the same
    as the normal hmac-sha1 algorithms, but call sha1_key_buggy instead
    of sha1_key, which uses only 16 bytes of key material.
    --
    Simon Tatham "The voices in my head are trying to ignore me.
    But if I keep talking, I can drive them insane."

  3. Re: what does BUG_SSH2_HMAC do?

    On Jul 21, 11:36 am, Simon Tatham wrote:
    > yawnmoth wrote:
    > > I'm trying to figure out what BUG_SSH2_HMAC does in PuTTy's SSH.c
    > > and... well, I can't.

    > [...]
    > > const static struct ssh_mac *macs[] = {
    > > &ssh_sha1, &ssh_md5, &ssh_mac_none
    > > };
    > > const static struct ssh_mac *buggymacs[] = {
    > > &ssh_sha1_buggy, &ssh_md5, &ssh_mac_none
    > > };

    >
    > `macs' is the usual list of MAC algorithms supported by PuTTY, and
    > offered to the server in the KEXINIT list.
    >
    > `buggymacs' is a replacement for it, used on particular servers
    > which mis-implement hmac-sha1 and hmac-sha1-96. If you look in
    > sshsha.c, you'll find that the buggy versions are exactly the same
    > as the normal hmac-sha1 algorithms, but call sha1_key_buggy instead
    > of sha1_key, which uses only 16 bytes of key material.


    Thanks!


+ Reply to Thread