diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2016-05-02 10:26:04 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2016-05-02 20:39:32 +1000 |
| commit | 0e8eeec8e75f6d0eaf33317376f773160018a9c7 (patch) | |
| tree | 1fe3e4d977c9df10597c2a5dec1b6b0a8ab8afbe /myproposal.h | |
| parent | 57464e3934ba53ad8590ee3ccd840f693407fc1e (diff) | |
upstream commit
add support for additional fixed DH groups from
draft-ietf-curdle-ssh-kex-sha2-03
diffie-hellman-group14-sha256 (2K group)
diffie-hellman-group16-sha512 (4K group)
diffie-hellman-group18-sha512 (8K group)
based on patch from Mark D. Baushke and Darren Tucker
ok markus@
Upstream-ID: ac00406ada4f0dfec41585ca0839f039545bc46f
Diffstat (limited to 'myproposal.h')
| -rw-r--r-- | myproposal.h | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/myproposal.h b/myproposal.h index bdd05966..59709016 100644 --- a/myproposal.h +++ b/myproposal.h @@ -67,13 +67,18 @@ #endif #ifdef HAVE_EVP_SHA256 -# define KEX_SHA256_METHODS \ - "diffie-hellman-group-exchange-sha256," +# define KEX_SHA2_METHODS \ + "diffie-hellman-group-exchange-sha256," \ + "diffie-hellman-group16-sha512," \ + "diffie-hellman-group18-sha512," +# define KEX_SHA2_GROUP14 \ + "diffie-hellman-group14-sha256," #define SHA2_HMAC_MODES \ "hmac-sha2-256," \ "hmac-sha2-512," #else -# define KEX_SHA256_METHODS +# define KEX_SHA2_METHODS +# define KEX_SHA2_GROUP14 # define SHA2_HMAC_MODES #endif @@ -86,13 +91,15 @@ #define KEX_COMMON_KEX \ KEX_CURVE25519_METHODS \ KEX_ECDH_METHODS \ - KEX_SHA256_METHODS + KEX_SHA2_METHODS #define KEX_SERVER_KEX KEX_COMMON_KEX \ + KEX_SHA2_GROUP14 \ "diffie-hellman-group14-sha1" \ #define KEX_CLIENT_KEX KEX_COMMON_KEX \ "diffie-hellman-group-exchange-sha1," \ + KEX_SHA2_GROUP14 \ "diffie-hellman-group14-sha1" #define KEX_DEFAULT_PK_ALG \ |