-
Notifications
You must be signed in to change notification settings - Fork 345
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[SSHD-704] Fix DH KEX for curve25519 and enable curve25519 and curve448
Simplify MontgomeryCurve, take advantage of the fact that the key is always the last 32 or 56 bytes of the X.509 DER encoding. Add extensive comments about the "magic" constants. Be more strict about key data with an extra leading zero byte. Enable the new KEX algorithms in BaseBuilder. At that point, curve25519 KEX worked only if both the client's and the server's ephemeral public keys byte arrays did not have the most significant bit in the first byte set. This uncovered a bug in DHGClient and DHGServer: ECDH and XDH KEX encode Q_C and Q_S as plain byte arrays, not as multi-precision integers. I.e., they _do not_ prefix a zero byte if the high bit in the first byte of the value is set. Fix this by introducing AbstractDH.putE(Buffer) and putF(Buffer) methods, so that individual DH implementations can override as appropriate. Override them for ECDH and XDH to write byte arrays, not mpints. * RFC 4253, section 8:[1] encodes e and f as mpint. * RFC 5656, section 4:[2] Q_C and Q_S, which take the place of e and f, are written as "strings" (byte arrays). * RFC 8731, section 3:[3] Public ephemeral keys are written as strings. With these changes, KEX using curve25519 works, and KEX using one of the other already existing algorithms also still works. [1] https://tools.ietf.org/html/rfc4253#page-22 [2] https://tools.ietf.org/html/rfc5656#page-9 [3] https://tools.ietf.org/html/rfc8731#section-3
- Loading branch information
Showing
9 changed files
with
124 additions
and
46 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters