support sntrup761x25519-sha512 alias

OpenSSH 9.4 supports the sntrup761x25519-sha512@openssh.com
key agreement algorithm. As part of standardisation, this algorithm
has been assigned the name sntrup761x25519-sha512.

This commit enables the existing algorithm under this new name.

diff --git a/kex.c b/kex.c
index fd04bb0b5c10a9ce6f0758a4b31cf2462fa5a502..34e66de6300a8df608872a7c366e4ac5cbc6a9b7 100644 (file)
--- a/kex.c
+++ b/kex.c
@@ -113,6 +113,8 @@ static const struct kexalg kexalgs[] = {
        { KEX_CURVE25519_SHA256, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256 },
        { KEX_CURVE25519_SHA256_OLD, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256 },
 #ifdef USE_SNTRUP761X25519
+       { KEX_SNTRUP761X25519_SHA512_IANA, KEX_KEM_SNTRUP761X25519_SHA512, 0,
+           SSH_DIGEST_SHA512 },
        { KEX_SNTRUP761X25519_SHA512, KEX_KEM_SNTRUP761X25519_SHA512, 0,
            SSH_DIGEST_SHA512 },
 #endif

diff --git a/kex.h b/kex.h
index 8b54e3f4b9120ecc52a40a243c88980a847b3553..185910bd96ad33bc7d9746807b287a70e4f8702c 100644 (file)
--- a/kex.h
+++ b/kex.h
@@ -63,6 +63,7 @@
 #define        KEX_CURVE25519_SHA256           "curve25519-sha256"
 #define        KEX_CURVE25519_SHA256_OLD       "curve25519-sha256@libssh.org"
 #define        KEX_SNTRUP761X25519_SHA512      "sntrup761x25519-sha512@openssh.com"
+#define        KEX_SNTRUP761X25519_SHA512_IANA "sntrup761x25519-sha512"
 
 #define COMP_NONE      0
 /* pre-auth compression (COMP_ZLIB) is only supported in the client */

diff --git a/myproposal.h b/myproposal.h
index ee6e9f7415261c9e7a9d6ad64a2eccf26ec1d45a..0528cd783fa2cda9a076a55f948c2ddb637f4587 100644 (file)
--- a/myproposal.h
+++ b/myproposal.h
@@ -25,6 +25,7 @@
  */
 
 #define KEX_SERVER_KEX \
+       "sntrup761x25519-sha512," \
        "sntrup761x25519-sha512@openssh.com," \
        "curve25519-sha256," \
        "curve25519-sha256@libssh.org," \