Damien Miller
2025-Oct-29 22:34 UTC
Proposed patch to use openssl for ed25519 crypto (patch now inline)
On Wed, 29 Oct 2025, Jeremy Allison via openssh-unix-dev wrote:> (Sigh. Trying again with patch inline. Sorry, didn't realize text > attachments got stripped.)They don't though, e.g. the attachment is available on the 3rd-party archive at marc.info: https://marc.info/?l=openssh-unix-dev&m=176176508612432&w=2 OTOH your mailer messed up this patch. Anyway, I'll take a look. First impression is that the code seems fine but the underflow checks are probably not necessary; the size of ED25519 public and private keys are constants that will never be adjusted... -d
Jeremy Allison
2025-Oct-30 19:40 UTC
Proposed patch to use openssl for ed25519 crypto (patch now inline)
On Wed, Oct 29, 2025 at 3:34?PM Damien Miller <djm at mindrot.org> wrote:> They don't though, e.g. the attachment is available on the 3rd-party > archive at marc.info:Thanks for pointing that out. I only realized after gmail mangled the whitespace on the "inline" patch :-).> OTOH your mailer messed up this patch.Working on getting a better mailer than the browser interface for work stuff. I could always send from my jra at samba.org email if it becomes a problem.> Anyway, I'll take a look. First impression is that the code seems > fine but the underflow checks are probably not necessary; the size > of ED25519 public and private keys are constants that will never > be adjusted...Thanks. Here's a new version with those checks removed (as an attachment). Jeremy. -------------- next part -------------- A non-text attachment was scrubbed... Name: openssh-ed25519-use-openssl1.patch Type: text/x-patch Size: 7290 bytes Desc: not available URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20251030/7712d0d8/attachment-0001.bin>