0
@@ -1,5 +1,7 @@
0
 === *unreleased*
0
 
0
+* Fixed key truncation bug that caused hmacs other than SHA1 to fail with "corrupt hmac" errors [Jamis Buck]
0
+
0
 * Fix detection and loading of public keys when the keys don't actually exist [David Dollar]
0
 
0
 

0
@@ -31,11 +31,17 @@
0
       define_method(attribute) { self.class.send(attribute) }
0
     end
0
 
0
-    # The key to use for this instance.
0
-    attr_accessor :key
0
+    # The key in use for this instance.
0
+    attr_reader :key
0
 
0
     def initialize(key=nil)
0
       self.key = key
0
+    end
0
+
0
+    # Sets the key to the given value, truncating it so that it is the correct
0
+    # length.
0
+    def key=(value)
0
+      @key = value ? value.to_s[0,key_length] : nil
0
     end
0
 
0
     # Compute the HMAC digest for the given data string.

0
@@ -24,6 +24,11 @@
0
       assert_equal "\275\345\006\307y~Oi\035<.\341\031\250<\257", hmac.digest("hello world")
0
     end
0
 
0
+    def test_key_should_be_truncated_to_required_length
0
+      hmac = subject.new("12345678901234567890")
0
+      assert_equal "1234567890123456", hmac.key
0
+    end
0
+
0
     private
0
 
0
       def subject

0
@@ -7,7 +7,7 @@
0
     Net::SSH::Transport::HMAC::MAP.each do |name, value|
0
       method = name.tr("-", "_")
0
       define_method("test_get_with_#{method}_returns_new_hmac_instance") do
0
-        key = "abcdefghijklmnopqrstuvwxyz"[0..Net::SSH::Transport::HMAC::MAP[name].key_length]
0
+        key = "abcdefghijklmnopqrstuvwxyz"[0,Net::SSH::Transport::HMAC::MAP[name].key_length]
0
         hmac = Net::SSH::Transport::HMAC.get(name, key)
0
         assert_instance_of Net::SSH::Transport::HMAC::MAP[name], hmac
0
         assert_equal key, hmac.key