From 599c4b856e29949bcf9fb8539beb0383ced6fdd2 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Mon, 10 Mar 2025 14:11:45 -0700 Subject: [PATCH] Curve25519 Compat with LibSSH 1. Add curve25519-sha256@libssh.org back to the list of key exchange algorithms. 2. Treat curve25519-sha256@libssh.org as an alias for curve25519-sha256. 3. Remove the reference to ID_ECDH_SHA2_ED25519 from the list of algo IDs. It isn't actually a thing. --- src/internal.c | 6 ++++++ src/ssh.c | 3 +-- wolfssh/internal.h | 3 +-- 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/src/internal.c b/src/internal.c index da0425861..c48d11b02 100644 --- a/src/internal.c +++ b/src/internal.c @@ -684,6 +684,7 @@ static const char cannedKexAlgoNames[] = #endif #ifndef WOLFSSH_NO_CURVE25519_SHA256 "curve25519-sha256," + "curve25519-sha256@libssh.org," #endif #if !defined(WOLFSSH_NO_ECDH_SHA2_NISTP521) "ecdh-sha2-nistp521," @@ -2492,6 +2493,7 @@ static const NameIdPair NameIdMap[] = { #ifndef WOLFSSH_NO_CURVE25519_SHA256 /* See RFC 8731 */ { ID_CURVE25519_SHA256, TYPE_KEX, "curve25519-sha256" }, + { ID_CURVE25519_SHA256_LIBSSH, TYPE_KEX, "curve25519-sha256@libssh.org" }, #endif { ID_EXTINFO_S, TYPE_OTHER, "ext-info-s" }, { ID_EXTINFO_C, TYPE_OTHER, "ext-info-c" }, @@ -3750,6 +3752,7 @@ enum wc_HashType HashForId(byte id) #endif #ifndef WOLFSSH_NO_CURVE25519_SHA256 case ID_CURVE25519_SHA256: + case ID_CURVE25519_SHA256_LIBSSH: return WC_HASH_TYPE_SHA256; #endif #ifndef WOLFSSH_NO_RSA_SHA2_256 @@ -3827,6 +3830,7 @@ int wcPrimeForId(byte id) #endif #ifndef WOLFSSH_NO_CURVE25519_SHA256 case ID_CURVE25519_SHA256: + case ID_CURVE25519_SHA256_LIBSSH: return ECC_X25519; #endif #ifndef WOLFSSH_NO_ECDH_SHA2_NISTP521 @@ -11953,6 +11957,7 @@ int SendKexDhReply(WOLFSSH* ssh) #endif #ifndef WOLFSSH_NO_CURVE25519_SHA256 case ID_CURVE25519_SHA256: + case ID_CURVE25519_SHA256_LIBSSH: useCurve25519 = 1; msgId = MSGID_KEXDH_REPLY; break; @@ -12535,6 +12540,7 @@ int SendKexDhInit(WOLFSSH* ssh) #endif #ifndef WOLFSSH_NO_CURVE25519_SHA256 case ID_CURVE25519_SHA256: + case ID_CURVE25519_SHA256_LIBSSH: ssh->handshake->useCurve25519 = 1; msgId = MSGID_KEXECDH_INIT; break; diff --git a/src/ssh.c b/src/ssh.c index 38e07beba..83e29a88a 100644 --- a/src/ssh.c +++ b/src/ssh.c @@ -3027,10 +3027,9 @@ size_t wolfSSH_GetText(WOLFSSH *ssh, WS_Text id, char *str, size_t strSz) case ID_ECDH_SHA2_NISTP256: case ID_ECDH_SHA2_NISTP384: case ID_ECDH_SHA2_NISTP521: - case ID_ECDH_SHA2_ED25519: - case ID_ECDH_SHA2_ED25519_LIBSSH: #ifndef WOLFSSH_NO_CURVE25519_SHA256 case ID_CURVE25519_SHA256: + case ID_CURVE25519_SHA256_LIBSSH: #endif ret = WSNPRINTF(str, strSz, "%s", "ECDH"); break; diff --git a/wolfssh/internal.h b/wolfssh/internal.h index e29461f8a..8aaf65cce 100644 --- a/wolfssh/internal.h +++ b/wolfssh/internal.h @@ -335,13 +335,12 @@ enum { ID_ECDH_SHA2_NISTP256, ID_ECDH_SHA2_NISTP384, ID_ECDH_SHA2_NISTP521, - ID_ECDH_SHA2_ED25519, - ID_ECDH_SHA2_ED25519_LIBSSH, #ifndef WOLFSSH_NO_ECDH_NISTP256_KYBER_LEVEL1_SHA256 ID_ECDH_NISTP256_KYBER_LEVEL1_SHA256, #endif #ifndef WOLFSSH_NO_CURVE25519_SHA256 ID_CURVE25519_SHA256, + ID_CURVE25519_SHA256_LIBSSH, #endif ID_EXTINFO_S, /* Pseudo-KEX to indicate server extensions. */ ID_EXTINFO_C, /* Pseudo-KEX to indicate client extensions. */