From 23572715fdfb854a1d4f463a407c2eacda6c690c Mon Sep 17 00:00:00 2001 From: Jacob Nevins Date: Sat, 9 Nov 2024 23:55:57 +0000 Subject: [PATCH] Add IANA kex name sntrup761x25519-sha512. draft-ietf-sshm-ntruprime-ssh-00 asserts that it's identical to the @openssh.com version we already implement: '[sntrup761x25519-sha512@openssh.com] became the default key exchange algorithm in OpenSSH during 2022. That is identical to the "sntrup761x25519-sha512" mechanism described in this document.' --- crypto/ntru.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/crypto/ntru.c b/crypto/ntru.c index 6a02d80d..60c37e2e 100644 --- a/crypto/ntru.c +++ b/crypto/ntru.c @@ -1869,15 +1869,25 @@ static const ecdh_keyalg ssh_ntru_selector_vt = { .description = ssh_ntru_description, }; -static const ssh_kex ssh_ntru_curve25519 = { +static const ssh_kex ssh_ntru_curve25519_openssh = { .name = "sntrup761x25519-sha512@openssh.com", .main_type = KEXTYPE_ECDH, .hash = &ssh_sha512, .ecdh_vt = &ssh_ntru_selector_vt, }; +static const ssh_kex ssh_ntru_curve25519 = { + /* Same as sntrup761x25519-sha512@openssh.com but with an + * IANA-assigned name */ + .name = "sntrup761x25519-sha512", + .main_type = KEXTYPE_ECDH, + .hash = &ssh_sha512, + .ecdh_vt = &ssh_ntru_selector_vt, +}; + static const ssh_kex *const hybrid_list[] = { &ssh_ntru_curve25519, + &ssh_ntru_curve25519_openssh, }; const ssh_kexes ssh_ntru_hybrid_kex = { lenof(hybrid_list), hybrid_list };