Update cipher/hmac descriptions as well as the algorithms themselves.
This commit is contained in:
parent
2de68a7ec0
commit
526d3b9afe
|
@ -688,35 +688,33 @@
|
||||||
(define enc (if c2s c2s-enc s2c-enc))
|
(define enc (if c2s c2s-enc s2c-enc))
|
||||||
(define mac (if c2s c2s-mac s2c-mac))
|
(define mac (if c2s c2s-mac s2c-mac))
|
||||||
(define zip (if c2s c2s-zip s2c-zip))
|
(define zip (if c2s c2s-zip s2c-zip))
|
||||||
|
|
||||||
|
(define cipher-description
|
||||||
|
(cond
|
||||||
|
((assq enc supported-crypto-algorithms) => cadr)
|
||||||
|
(else (disconnect-with-error SSH_DISCONNECT_KEY_EXCHANGE_FAILED
|
||||||
|
"Could not find driver for encryption algorithm ~v"
|
||||||
|
enc))))
|
||||||
|
(define cipher ((supported-cipher-factory cipher-description)
|
||||||
|
is-outbound?
|
||||||
|
(derive-key (if c2s #"C" #"D") (supported-cipher-key-length cipher-description))
|
||||||
|
(derive-key (if c2s #"A" #"B") (supported-cipher-iv-length cipher-description))))
|
||||||
|
|
||||||
|
(define hmac-description
|
||||||
|
(cond
|
||||||
|
((assq mac supported-hmac-algorithms) => cadr)
|
||||||
|
(else (disconnect-with-error SSH_DISCONNECT_KEY_EXCHANGE_FAILED
|
||||||
|
"Could not find driver for HMAC algorithm ~v"
|
||||||
|
mac))))
|
||||||
|
(define hmac ((supported-hmac-factory hmac-description)
|
||||||
|
(derive-key (if c2s #"E" #"F") (supported-hmac-key-length hmac-description))))
|
||||||
|
|
||||||
|
(pretty-print `(,is-server? ,(if c2s 'c2s 's2c) ,enc ,mac))
|
||||||
(struct-copy stream-state state
|
(struct-copy stream-state state
|
||||||
[cipher (cond
|
[cipher cipher]
|
||||||
((assq enc supported-crypto-algorithms) =>
|
[cipher-description cipher-description]
|
||||||
(lambda (entry)
|
[hmac hmac]
|
||||||
(define c (cadr entry))
|
[hmac-description hmac-description]))
|
||||||
(define key (derive-key (if c2s #"C" #"D")
|
|
||||||
(supported-cipher-key-length c)))
|
|
||||||
(define iv (derive-key (if c2s #"A" #"B")
|
|
||||||
(supported-cipher-iv-length c)))
|
|
||||||
(define factory (supported-cipher-factory c))
|
|
||||||
;; (pretty-print `(,is-server? ,(if c2s 'c2s 's2c) ,enc
|
|
||||||
;; (key ,(hex key)) (iv ,(hex iv))))
|
|
||||||
(factory is-outbound? key iv)))
|
|
||||||
(else (disconnect-with-error SSH_DISCONNECT_KEY_EXCHANGE_FAILED
|
|
||||||
"Could not find driver for encryption algorithm ~v"
|
|
||||||
enc)))]
|
|
||||||
[hmac (cond
|
|
||||||
((assq mac supported-hmac-algorithms) =>
|
|
||||||
(lambda (entry)
|
|
||||||
(define h (cadr entry))
|
|
||||||
(define factory (supported-hmac-factory h))
|
|
||||||
(define key (derive-key (if c2s #"E" #"F")
|
|
||||||
(supported-hmac-key-length h)))
|
|
||||||
;; (pretty-print `(,is-server? ,(if c2s 'c2s 's2c) ,mac
|
|
||||||
;; (key ,(hex key))))
|
|
||||||
(factory key)))
|
|
||||||
(else (disconnect-with-error SSH_DISCONNECT_KEY_EXCHANGE_FAILED
|
|
||||||
"Could not find driver for HMAC algorithm ~v"
|
|
||||||
mac)))]))
|
|
||||||
|
|
||||||
;; PacketHandler for handling SSH_MSG_KEXINIT.
|
;; PacketHandler for handling SSH_MSG_KEXINIT.
|
||||||
(define (handle-msg-kexinit packet message conn)
|
(define (handle-msg-kexinit packet message conn)
|
||||||
|
|
Loading…
Reference in New Issue