summaryrefslogtreecommitdiffstats
path: root/usr.bin/ssh/kexc25519.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* rename kex->kem_client_pub -> kex->client_pub now that KEM has been renameddjm2019-01-211-2/+2
| | | | | | to kexgen from markus@ ok djm@
* merge kexkem[cs] into kexgendjm2019-01-211-52/+1
| | | | from markus@ ok djm@
* pass values used in KEX hash computation as sshbuf rather thandjm2019-01-211-17/+21
| | | | | | pointer+len suggested by me; implemented by markus@ ok me
* use KEM API for vanilla c25519 KEXdjm2019-01-211-10/+112
|
* Add support for a PQC KEX/KEM: sntrup4591761x25519-sha512@tinyssh.orgdjm2019-01-211-19/+28
| | | | | | | | | using the Streamlined NTRU Prime 4591^761 implementation from SUPERCOP coupled with X25519 as a stop-loss. Not enabled by default. introduce KEM API; a simplified framework for DH-ish KEX methods. from markus@ feedback & ok djm@
* fix all-zero check in kexc25519_shared_keydjm2019-01-211-5/+7
| | | | from markus@ ok djm@
* move client/server SSH-* banners to buffers under ssh->kex and factordjm2018-12-271-5/+5
| | | | | | | | | | | out the banner exchange. This eliminates some common code from the client and server. Also be more strict about handling \r characters - these should only be accepted immediately before \n (pointed out by Jann Horn). Inspired by a patch from Markus Schmidt. (lots of) feedback and ok markus@
* fix signed/unsigned errors reported by clang-3.7; adddjm2016-05-021-3/+3
| | | | | | sshbuf_dup_string() to replace a common idiom of strdup(sshbuf_ptr()) with better safety checking; feedback and ok markus@
* ban all-zero curve25519 keys as recommended by latestdjm2015-03-261-1/+6
| | | | CFRG curves draft; ok markus
* adapt kex to sshbuf and struct ssh; ok djm@markus2015-01-191-44/+50
|
* revert __bounded change; it causes way more problems for portable thandjm2014-05-021-4/+4
| | | | it solves; pointed out by dtucker@
* use __bounded(...) attribute recently added to sys/cdefs.h instead ofdjm2014-03-261-4/+4
| | | | | | longform __attribute__(__bounded(...)); for brevity and a warning free compilation with llvm/clan
* replace most bzero with explicit_bzero, except a few that cna be memsettedu2014-01-311-2/+2
| | | | ok djm dtucker
* avoid use of OpenSSL BIGNUM type and functions for KEX withdjm2014-01-121-11/+7
| | | | | | | Curve25519 by adding a buffer_put_bignum2_from_string() that stores a string using the bignum encoding rules. Will make it easier to build a reduced-feature OpenSSH without OpenSSL in the future; ok markus@
* Introduce digest API and use it to perform all hashing operationsdjm2014-01-091-9/+8
| | | | | | rather than calling OpenSSL EVP_Digest* directly. Will make it easier to build a reduced-feature OpenSSH without OpenSSL in future; feedback, ok markus@
* add missing $OpenBSD$ tagsmarkus2013-11-021-0/+1
|
* use curve25519 for default key exchange (curve25519-sha256@libssh.org);markus2013-11-021-0/+124
initial patch from Aris Adamantiadis; ok djm@
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.