search for: kexc25519

...05fa718ca813a06527a238294c148dfc91287 Mon Sep 17 00:00:00 2001 From: Aris Adamantiadis <aris at 0xbadc0de.be> Date: Tue, 24 Sep 2013 21:59:36 +0200 Subject: [PATCH] kex: implement curve25519-sha256 at libssh.org --- Makefile.in | 4 +- kex.c | 1 + kex.h | 9 ++++ kexc25519.c | 96 +++++++++++++++++++++++++++++++++++++ kexc25519c.c | 149 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ kexc25519s.c | 144 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ myproposal.h | 1 + ssh-keyscan.c | 1 + sshconnect2.c | 1 + sshd.c |...

...ive users a secure alternative to >> classical Diffie-Hellman (with fixed groups or group exchanges) and >> NIST-approved elliptic curves. > > ... > > I just had a quick look at the patch. Overall it's good; some preliminary > comments below. > > diff --git a/kexc25519.c b/kexc25519.c > new file mode 100644 > index 0000000..8260fad > --- /dev/null > +++ b/kexc25519.c > ... > +#include <nacl/crypto_scalarmult_curve25519.h> > +#define CURVE25519_PUBKEY_SIZE crypto_scalarmult_curve25519_BYTES > > For OpenSSH, I think we could just i...

On 8 June 2018 at 11:21, PGNet Dev <pgnet.dev at gmail.com> wrote: > fyi > > add'l -- and looks unrelated -- issue > /usr/include/pthread.h:251:12: note: previous declaration of ?pthread_join? was here > extern int pthread_join (pthread_t __th, void **__thread_return); What included pthread.h? That's explicitly not supported by sshd: $ grep THREAD

Hello, I have question about buffer_put_bignum2_from_string function used in kexc25519.c in (OpenSSH >= 6.5) Is it 1:1 replacement for formating bignums from OpenSSL? If yes, then buffer_put_bignum2_from_string has different results for numbers starting with zeros. How to reproduce: shared_key[CURVE25519_SIZE] = "\0\0\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\...

In sshconnect.c there are two global variables for server_version_string client_version_string. These are used just in a few functions and can easily be passed as parameters. Also, there is a strange construct, where their memory is allocated to the global pointers, then copies of these pointers are assigned to the kex structure. The kex_free finally frees them via cleanup of the kex

...o msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o ssh-pkcs11.o smult_curve25519_ref.o poly1305.o chacha.o cipher-chachapoly.o ssh-ed25519.o digest-openssl.o digest-libc.o hmac.o sc25519.o ge25519.o fe25519.o ed25519.o verify.o hash.o blocks.o kex.o kexdh.o kexgex.o kexecdh.o kexc25519.o kexdhc.o kexgexc.o kexecdhc.o kexc25519c.o kexdhs.o kexgexs.o kexecdhs.o kexc25519s.o r - ssh_api.o r - ssherr.o r - sshbuf.o r - sshkey.o r - sshbuf-getput-basic.o r - sshbuf-misc.o r - sshbuf-getput-crypto.o r - krl.o r - bitmap.o r - authfd.o r - authfile.o r - bufaux.o r - bufbn.o r - bufec...

...28.o \ ssh-pkcs11.o smult_curve25519_ref.o \ poly1305.o chacha.o cipher-chachapoly.o cipher-chachapoly-libcrypto.o \ - ssh-ed25519.o digest-openssl.o digest-libc.o \ + ssh-ed25519.o digest-openssl.o digest-libc.o sm3.o \ hmac.o ed25519.o hash.o \ kex.o kex-names.o kexdh.o kexgex.o kexecdh.o kexc25519.o \ kexgexc.o kexgexs.o \ diff --git a/configure.ac b/configure.ac index 016c96472d15..00bb4132adb7 100644 --- a/configure.ac +++ b/configure.ac @@ -3067,7 +3067,7 @@ if test "x$openssl" = "xyes" ; then ) # Check for various EVP support in OpenSSL - AC_CHECK_FUNCS([EVP_s...

...lt_curve25519_ref.o \ > poly1305.o chacha.o cipher-chachapoly.o cipher-chachapoly-libcrypto.o \ > - ssh-ed25519.o digest-openssl.o digest-libc.o \ > + ssh-ed25519.o digest-openssl.o digest-libc.o sm3.o \ > hmac.o ed25519.o hash.o \ > kex.o kex-names.o kexdh.o kexgex.o kexecdh.o kexc25519.o \ > kexgexc.o kexgexs.o \ > diff --git a/configure.ac b/configure.ac > index 016c96472d15..00bb4132adb7 100644 > --- a/configure.ac > +++ b/configure.ac > @@ -3067,7 +3067,7 @@ if test "x$openssl" = "xyes" ; then > ) > > # Check for various E...

If I am trying to build OpenSSH 6.6 with Kerberos GSSAPI support, do I still need to get Simon Wilkinson's patches? --- Scott Neugroschl | XYPRO Technology Corporation 4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 583-2874|Fax 805 583-0124 |