RT110379: Added Lance's AES support #11

Merged
merged 21 commits into from Feb 4, 2016

Conversation

Projects
None yet
3 participants
@choroba
Contributor

choroba commented Jan 23, 2016

I resolved all the conflicts. Please verify the changes.

choroba and others added some commits Jan 22, 2016

Add AES cipher support
aes128-ctr, aes192-ctr, aes256-ctr are all implemented
Requires Crypt::OpenSSL::AES module
Add Group 14 Diffie-Hellman Key Exchange
Add Group Exchange (RFC4523) Diffie-Hellman Key Exchange
(preferred DH method for security)
Default DH KEX order is now DHGEX256, DH14, DH1
Requires Digest::SHA2
Add hmac-sha2-256,hmac-sha2-512 MAC support
Default MAC order is now sha2-256, sha2-512, sha1, md5
Add Curve25519 (curve25519-sha256@libssh.org) Key Exchange support
  (Requires Crypt::Curve25519)
Add support for Ed25519 ssh/host keys (Requires Crypt::Ed25519)
Default KEX order is now Curve25519, DHGEXSHA256, DH14, DH1
Default MAC order is now sha2-512, sha2-256, sha1, md5
Now does not abort due to OpenSSH 6.8+ server SSH2_MSG_GLOBAL_REQUEST
  messages for host key rotation
Add hmac-sha2-256-etm@openssh.com, hmac-sha2-512-etm@openssh.com
  Encrypt-then-MAC (ETM) MAC support
Use BSD::arc4random for encrypted packet padding
Default MAC order is now hmac-sha2-512-etm@openssh.com,
  hmac-sha2-256-etm@openssh.com, sha2-512, sha2-256, sha1, md5
Fixes that allow test t/05-cipher.t to pass with AES CTR ciphers
Minor fixes for Ed25519 key
Update README
Add Chacha20-Poly1305 cipher support for best security
(Requires Crypt::OpenSSH::ChachaPoly, see README)
Default ciphers order is now chacha,aes,3des,blowfish,arcfour
Make Crypt::OpenBSD::Blowfish the preferred Blowfish cipher module
(Required for encrypted Ed25519 keys anyway)
Add diffie-hellman-group-exchange-sha1 Kex support
(RHEL5/OpenSSH 4.3 does not support diffie-hellman-group-exchange-sha256)
Change wanted bits from 2048 to 4096 in DH Group Exchange to match OpenSSH
Replace Digest::SHA1, Digest::SHA2, and Digest::HMAC_SHA1 with Digest::SHA
Merge Lances's changes to the latest master
Conflicts:
	Changes
	MANIFEST
	META.yml
	lib/Net/SSH/Perl.pm
	lib/Net/SSH/Perl/Buffer.pm
	lib/Net/SSH/Perl/Constants.pm
	lib/Net/SSH/Perl/Kex.pm
	lib/Net/SSH/Perl/Kex/DH.pm
	lib/Net/SSH/Perl/Kex/DH1.pm
	lib/Net/SSH/Perl/Kex/DH14.pm
@choroba

This comment has been minimized.

Show comment
Hide comment
@choroba

choroba Jan 23, 2016

Contributor

This also seems to fix RT99284.

Contributor

choroba commented Jan 23, 2016

This also seems to fix RT99284.

renormalist added a commit that referenced this pull request Feb 4, 2016

Merge pull request #11 from choroba/rt110379-aes
RT110379: Added Lance's AES support

@renormalist renormalist merged commit cefd9a9 into renormalist:master Feb 4, 2016

@renormalist

This comment has been minimized.

Show comment
Hide comment
@renormalist

renormalist Feb 4, 2016

Owner

Thank you very much. This is very much how I preferred it but didn't found the time to do it. I should get some spare cycles to do a cpan release from that.

Owner

renormalist commented Feb 4, 2016

Thank you very much. This is very much how I preferred it but didn't found the time to do it. I should get some spare cycles to do a cpan release from that.

@choroba choroba referenced this pull request in lkinley/Net-SSH-Perl Mar 15, 2016

Closed

rebase 1.42 #1

@lkinley

This comment has been minimized.

Show comment
Hide comment
@lkinley

lkinley Mar 15, 2016

Contributor

I've done quite a bit more work since the 1.42 rebase. I'm also very close to eliminating the need for Math::Pari.

Contributor

lkinley commented Mar 15, 2016

I've done quite a bit more work since the 1.42 rebase. I'm also very close to eliminating the need for Math::Pari.

@choroba

This comment has been minimized.

Show comment
Hide comment
@choroba

choroba Mar 15, 2016

Contributor

Sounds great. Maybe you can rebase your repo onto the merge commit here then to make future merges easier?

Contributor

choroba commented Mar 15, 2016

Sounds great. Maybe you can rebase your repo onto the merge commit here then to make future merges easier?

renormalist added a commit that referenced this pull request Mar 12, 2017

fix master merge mess
Sorry all, that I messed up the master branch
with merges I tested too late and pushed too
fast to github.

This commit here is in fact a simple reverse
patch of the differences that piled up
between the v2 and the broken master so that
the v2 can become master again.

Later I can retry to resolve the pull requests
(PR #11 and #12) that I actually wanted to have
in here.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment