Update cipher/hmac descriptions as well as the algorithms themselves.
This commit is contained in:
parent
2de68a7ec0
commit
526d3b9afe
|
@ -688,35 +688,33 @@
|
|||
(define enc (if c2s c2s-enc s2c-enc))
|
||||
(define mac (if c2s c2s-mac s2c-mac))
|
||||
(define zip (if c2s c2s-zip s2c-zip))
|
||||
|
||||
(define cipher-description
|
||||
(cond
|
||||
((assq enc supported-crypto-algorithms) => cadr)
|
||||
(else (disconnect-with-error SSH_DISCONNECT_KEY_EXCHANGE_FAILED
|
||||
"Could not find driver for encryption algorithm ~v"
|
||||
enc))))
|
||||
(define cipher ((supported-cipher-factory cipher-description)
|
||||
is-outbound?
|
||||
(derive-key (if c2s #"C" #"D") (supported-cipher-key-length cipher-description))
|
||||
(derive-key (if c2s #"A" #"B") (supported-cipher-iv-length cipher-description))))
|
||||
|
||||
(define hmac-description
|
||||
(cond
|
||||
((assq mac supported-hmac-algorithms) => cadr)
|
||||
(else (disconnect-with-error SSH_DISCONNECT_KEY_EXCHANGE_FAILED
|
||||
"Could not find driver for HMAC algorithm ~v"
|
||||
mac))))
|
||||
(define hmac ((supported-hmac-factory hmac-description)
|
||||
(derive-key (if c2s #"E" #"F") (supported-hmac-key-length hmac-description))))
|
||||
|
||||
(pretty-print `(,is-server? ,(if c2s 'c2s 's2c) ,enc ,mac))
|
||||
(struct-copy stream-state state
|
||||
[cipher (cond
|
||||
((assq enc supported-crypto-algorithms) =>
|
||||
(lambda (entry)
|
||||
(define c (cadr entry))
|
||||
(define key (derive-key (if c2s #"C" #"D")
|
||||
(supported-cipher-key-length c)))
|
||||
(define iv (derive-key (if c2s #"A" #"B")
|
||||
(supported-cipher-iv-length c)))
|
||||
(define factory (supported-cipher-factory c))
|
||||
;; (pretty-print `(,is-server? ,(if c2s 'c2s 's2c) ,enc
|
||||
;; (key ,(hex key)) (iv ,(hex iv))))
|
||||
(factory is-outbound? key iv)))
|
||||
(else (disconnect-with-error SSH_DISCONNECT_KEY_EXCHANGE_FAILED
|
||||
"Could not find driver for encryption algorithm ~v"
|
||||
enc)))]
|
||||
[hmac (cond
|
||||
((assq mac supported-hmac-algorithms) =>
|
||||
(lambda (entry)
|
||||
(define h (cadr entry))
|
||||
(define factory (supported-hmac-factory h))
|
||||
(define key (derive-key (if c2s #"E" #"F")
|
||||
(supported-hmac-key-length h)))
|
||||
;; (pretty-print `(,is-server? ,(if c2s 'c2s 's2c) ,mac
|
||||
;; (key ,(hex key))))
|
||||
(factory key)))
|
||||
(else (disconnect-with-error SSH_DISCONNECT_KEY_EXCHANGE_FAILED
|
||||
"Could not find driver for HMAC algorithm ~v"
|
||||
mac)))]))
|
||||
[cipher cipher]
|
||||
[cipher-description cipher-description]
|
||||
[hmac hmac]
|
||||
[hmac-description hmac-description]))
|
||||
|
||||
;; PacketHandler for handling SSH_MSG_KEXINIT.
|
||||
(define (handle-msg-kexinit packet message conn)
|
||||
|
|
Loading…
Reference in New Issue