Re: Support for SHA2 HMAC algorithms

[Andreas Schneider <asn@xxxxxxxxxxxxxx>]

On Monday 14 April 2014 10:06:24 Dirkjan Bussink wrote:
> On 13 Apr 2014, at 17:08, Aris Adamantiadis <aris@xxxxxxxxxxxx> wrote:
> > Thanks a lot for your contribution, that's going to be very useful. Just
> > a little remark:
> > +unsigned char *packet_encrypt(ssh_session session, void *data, uint32_t
> > len, enum ssh_hmac_e type) {
> > Would it be possible to remove the "type" parameter and have
> > packet_encrypt() function figure out by itself the type of hmac to use ?
> 
> I’ve updated the patch with this change.
> 
> > I also think the hmac code could win at being a little more OO-styled
> > like we do for the ciphers (with function pointers instead of switch
> > statements). If we could get rid of our horrible
> > MD5()/SHA1()/SHA256()/... wrappers by using only EVP functions, it would
> > help (but probably out of scope of your patch).
> 
> I think refactoring all this is out of scope for this patch. I’d rather not
> do a major restructuring like this as part of a first contribution, I’d
> prefer that this would be done in a separate step then.

The patch looks great now. Thanks for adding the tests. Could you split up the 
patch into several patches?

Especially the implementation and tests. At least those two would be great. 
More smaller patches would be nice ...


And you need to add to the commit message(es):

BUG: https://red.libssh.org/issues/91


which you fix :)


Cheers,


	-- andreas

-- 
Andreas Schneider                   GPG-ID: CC014E3D
www.cryptomilk.org                asn@xxxxxxxxxxxxxx