nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-07-02 03:52:49 -05:00
Code Issues Projects Releases Wiki Activity

Use the new 'HYBRID' names for the hybrid KEX packets.

Browse Source 
draft-kampanakis-curdle-ssh-pq-ke defines the packet names
SSH_MSG_KEX_HYBRID_INIT and SSH_MSG_KEX_HYBRID_REPLY. They have the
same numbers as ECDH_INIT and ECDH_REPLY, and don't change anything
else, so this is just a naming change. But I think it's a good one,
because the post-quantum KEMs are less symmetric than ECDH (they're
much more like Ben's RSA kex in concept, though very different in
detail), and shouldn't try to pretend they're the same kind of thing.
Also this enables logparse.pl to give a warning about the fact that
one string in each packet contains two separate keys glomphed together.

For the latter reason (and also because it's easier in my code
structure) I've also switched to using the HYBRID naming for the
existing NTRU + Curve25519 hybrid method, even though the
Internet-Draft for that one still uses the ECDH names. Sorry, but I
think it's clearer!
This commit is contained in:
Simon Tatham
2024-12-08 10:34:10 +00:00
parent e98615f0ba
commit a3f22a2cf9
5 changed files with 55 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
crypto/ecc-ssh.c
View File

@ -1615,6 +1615,7 @@ static const ecdh_keyalg ssh_ecdhkex_m_alg = {
.getpublic = ssh_ecdhkex_m_getpublic,
.getkey = ssh_ecdhkex_m_getkey,
.description = ssh_ecdhkex_description,
.packet_naming_ctx = SSH2_PKTCTX_ECDHKEX,
};
const ssh_kex ssh_ec_kex_curve25519 = {
.name = "curve25519-sha256",
@ -1655,6 +1656,7 @@ static const ecdh_keyalg ssh_ecdhkex_w_alg = {
.getpublic = ssh_ecdhkex_w_getpublic,
.getkey = ssh_ecdhkex_w_getkey,
.description = ssh_ecdhkex_description,
.packet_naming_ctx = SSH2_PKTCTX_ECDHKEX,
};
static const struct eckex_extra kex_extra_nistp256 = { ec_p256 };
const ssh_kex ssh_ec_kex_nistp256 = {

3
crypto/kex-hybrid.c
View File

@ -169,6 +169,7 @@ static const ecdh_keyalg hybrid_client_vt = {
.getpublic = hybrid_client_getpublic,
.getkey = hybrid_client_getkey,
.description = hybrid_description,
.packet_naming_ctx = SSH2_PKTCTX_HYBRIDKEX,
};
/* ----------------------------------------------------------------------
@ -267,6 +268,7 @@ static const ecdh_keyalg hybrid_server_vt = {
.getkey = hybrid_server_getkey,
.getpublic = hybrid_server_getpublic,
.description = hybrid_description,
.packet_naming_ctx = SSH2_PKTCTX_HYBRIDKEX,
};
/* ----------------------------------------------------------------------
@ -287,6 +289,7 @@ static const ecdh_keyalg hybrid_selector_vt = {
* functions that don't require an instance. */
.new = hybrid_selector_new,
.description = hybrid_description,
.packet_naming_ctx = SSH2_PKTCTX_HYBRIDKEX,
};
/* ----------------------------------------------------------------------