sntrup761x25519-sha512 is now an official IANA name

It got assigned a IANA "codepoint".[1] The former "@openssh.com" name is now a legacy name. [1] https://www.iana.org/assignments/ssh-parameters/ssh-parameters.xhtml#ssh-parameters-16
tomaswolf · Sep 5, 2024 · ff9fc91 · ff9fc91
1 parent 980d94b
commit ff9fc91
Showing 1 changed file with 32 additions and 1 deletion.
diff --git a/sshd-core/src/main/java/org/apache/sshd/common/kex/BuiltinDHFactories.java b/sshd-core/src/main/java/org/apache/sshd/common/kex/BuiltinDHFactories.java
@@ -336,6 +336,36 @@ public Digest getHash() throws Exception {
             };
         }
 
+        @Override
+        public boolean isSupported() {
+            return MontgomeryCurve.x25519.isSupported() && BuiltinDigests.sha512.isSupported()
+                    && BuiltinKEM.sntrup761.isSupported();
+        }
+    },
+    /**
+     * @see <a href=
+     *      "https://www.ietf.org/archive/id/draft-josefsson-ntruprime-ssh-02.html">draft-josefsson-ntruprime-ssh-02.html</a>
+     */
+    sntrup761x25519_openssh(Constants.SNTRUP761_25519_SHA512_OPENSSH) {
+        @Override
+        public XDH create(Object... params) throws Exception {
+            if (!GenericUtils.isEmpty(params)) {
+                throw new IllegalArgumentException("No accepted parameters for " + getName());
+            }
+            return new XDH(MontgomeryCurve.x25519, true) {
+
+                @Override
+                public KeyEncapsulationMethod getKeyEncapsulation() {
+                    return BuiltinKEM.sntrup761;
+                }
+
+                @Override
+                public Digest getHash() throws Exception {
+                    return BuiltinDigests.sha512.create();
+                }
+            };
+        }
+
         @Override
         public boolean isSupported() {
             return MontgomeryCurve.x25519.isSupported() && BuiltinDigests.sha512.isSupported()
@@ -519,7 +549,8 @@ public static final class Constants {
         public static final String CURVE25519_SHA256 = "curve25519-sha256";
         public static final String CURVE25519_SHA256_LIBSSH = "curve25519-sha256@libssh.org";
         public static final String CURVE448_SHA512 = "curve448-sha512";
-        public static final String SNTRUP761_25519_SHA512 = "sntrup761x25519-sha512@openssh.com";
+        public static final String SNTRUP761_25519_SHA512 = "sntrup761x25519-sha512";
+        public static final String SNTRUP761_25519_SHA512_OPENSSH = "sntrup761x25519-sha512@openssh.com";
 
         private Constants() {
             throw new UnsupportedOperationException("No instance allowed");