ssh/mac.go - crypto - Git at Google

 // Copyright 2012 The Go Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.

 package ssh

 // Message authentication support

 import (
 	"crypto/fips140"
 	"crypto/hmac"
 	"crypto/sha1"
 	"crypto/sha256"
 	"crypto/sha512"
 	"hash"
 	"slices"
 )

 type macMode struct {
 	keySize int
 	etm     bool
 	new     func(key []byte) hash.Hash
 }

 // truncatingMAC wraps around a hash.Hash and truncates the output digest to
 // a given size.
 type truncatingMAC struct {
 	length int
 	hmac   hash.Hash
 }

 func (t truncatingMAC) Write(data []byte) (int, error) {
 	return t.hmac.Write(data)
 }

 func (t truncatingMAC) Sum(in []byte) []byte {
 	out := t.hmac.Sum(in)
 	return out[:len(in)+t.length]
 }

 func (t truncatingMAC) Reset() {
 	t.hmac.Reset()
 }

 func (t truncatingMAC) Size() int {
 	return t.length
 }

 func (t truncatingMAC) BlockSize() int { return t.hmac.BlockSize() }

 // macModes defines the supported MACs. MACs not included are not supported
 // and will not be negotiated, even if explicitly configured. When FIPS mode is
 // enabled, only FIPS-approved algorithms are included.
 var macModes = map[string]*macMode{}

 func init() {
 	macModes[HMACSHA512ETM] = &macMode{64, true, func(key []byte) hash.Hash {
 		return hmac.New(sha512.New, key)
 	}}
 	macModes[HMACSHA256ETM] = &macMode{32, true, func(key []byte) hash.Hash {
 		return hmac.New(sha256.New, key)
 	}}
 	macModes[HMACSHA512] = &macMode{64, false, func(key []byte) hash.Hash {
 		return hmac.New(sha512.New, key)
 	}}
 	macModes[HMACSHA256] = &macMode{32, false, func(key []byte) hash.Hash {
 		return hmac.New(sha256.New, key)
 	}}

 	if fips140.Enabled() {
 		defaultMACs = slices.DeleteFunc(defaultMACs, func(algo string) bool {
 			_, ok := macModes[algo]
 			return !ok
 		})
 		return
 	}

 	macModes[HMACSHA1] = &macMode{20, false, func(key []byte) hash.Hash {
 		return hmac.New(sha1.New, key)
 	}}
 	macModes[InsecureHMACSHA196] = &macMode{20, false, func(key []byte) hash.Hash {
 		return truncatingMAC{12, hmac.New(sha1.New, key)}
 	}}
 }
	// Copyright 2012 The Go Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style
	// license that can be found in the LICENSE file.

	package ssh

	// Message authentication support

	import (
	"crypto/fips140"
	"crypto/hmac"
	"crypto/sha1"
	"crypto/sha256"
	"crypto/sha512"
	"hash"
	"slices"
	)

	type macMode struct {
	keySize int
	etm bool
	new func(key []byte) hash.Hash
	}

	// truncatingMAC wraps around a hash.Hash and truncates the output digest to
	// a given size.
	type truncatingMAC struct {
	length int
	hmac hash.Hash
	}

	func (t truncatingMAC) Write(data []byte) (int, error) {
	return t.hmac.Write(data)
	}

	func (t truncatingMAC) Sum(in []byte) []byte {
	out := t.hmac.Sum(in)
	return out[:len(in)+t.length]
	}

	func (t truncatingMAC) Reset() {
	t.hmac.Reset()
	}

	func (t truncatingMAC) Size() int {
	return t.length
	}

	func (t truncatingMAC) BlockSize() int { return t.hmac.BlockSize() }

	// macModes defines the supported MACs. MACs not included are not supported
	// and will not be negotiated, even if explicitly configured. When FIPS mode is
	// enabled, only FIPS-approved algorithms are included.
	var macModes = map[string]*macMode{}

	func init() {
	macModes[HMACSHA512ETM] = &macMode{64, true, func(key []byte) hash.Hash {
	return hmac.New(sha512.New, key)
	}}
	macModes[HMACSHA256ETM] = &macMode{32, true, func(key []byte) hash.Hash {
	return hmac.New(sha256.New, key)
	}}
	macModes[HMACSHA512] = &macMode{64, false, func(key []byte) hash.Hash {
	return hmac.New(sha512.New, key)
	}}
	macModes[HMACSHA256] = &macMode{32, false, func(key []byte) hash.Hash {
	return hmac.New(sha256.New, key)
	}}

	if fips140.Enabled() {
	defaultMACs = slices.DeleteFunc(defaultMACs, func(algo string) bool {
	_, ok := macModes[algo]
	return !ok
	})
	return
	}

	macModes[HMACSHA1] = &macMode{20, false, func(key []byte) hash.Hash {
	return hmac.New(sha1.New, key)
	}}
	macModes[InsecureHMACSHA196] = &macMode{20, false, func(key []byte) hash.Hash {
	return truncatingMAC{12, hmac.New(sha1.New, key)}
	}}
	}