kex: Add support for diffie-hellman-group14-sha256

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2026-02-09 09:54:25 +09:00 · 2020-04-03 12:49:19 +02:00
parent d2f0d3270a
commit 9eb1ce88ae
11 changed files with 44 additions and 2 deletions
--- a/tests/unittests/torture_options.c
+++ b/tests/unittests/torture_options.c
@@ -110,18 +110,21 @@ static void torture_options_set_key_exchange(void **state)
                         "curve25519-sha256,curve25519-sha256@libssh.org,"
                         "ecdh-sha2-nistp256,diffie-hellman-group16-sha512,"
                         "diffie-hellman-group18-sha512,"
+                         "diffie-hellman-group14-sha256,"
                         "diffie-hellman-group14-sha1");
    assert_true(rc == 0);
    assert_non_null(session->opts.wanted_methods[SSH_KEX]);
    if (ssh_fips_mode()) {
        assert_string_equal(session->opts.wanted_methods[SSH_KEX],
                            "ecdh-sha2-nistp256,diffie-hellman-group16-sha512,"
-                            "diffie-hellman-group18-sha512");
+                            "diffie-hellman-group18-sha512,"
+                            "diffie-hellman-group14-sha256");
    } else {
        assert_string_equal(session->opts.wanted_methods[SSH_KEX],
                            "curve25519-sha256,curve25519-sha256@libssh.org,"
                            "ecdh-sha2-nistp256,diffie-hellman-group16-sha512,"
                            "diffie-hellman-group18-sha512,"
+                            "diffie-hellman-group14-sha256,"
                            "diffie-hellman-group14-sha1");
    }

@@ -1387,18 +1390,21 @@ static void torture_bind_options_set_key_exchange(void **state)
                              "curve25519-sha256,curve25519-sha256@libssh.org,"
                              "ecdh-sha2-nistp256,diffie-hellman-group16-sha512,"
                              "diffie-hellman-group18-sha512,"
+                              "diffie-hellman-group14-sha256,"
                              "diffie-hellman-group14-sha1");
    assert_int_equal(rc, 0);
    assert_non_null(bind->wanted_methods[SSH_KEX]);
    if (ssh_fips_mode()) {
        assert_string_equal(bind->wanted_methods[SSH_KEX],
                            "ecdh-sha2-nistp256,diffie-hellman-group16-sha512,"
-                            "diffie-hellman-group18-sha512");
+                            "diffie-hellman-group18-sha512,"
+                            "diffie-hellman-group14-sha256");
    } else {
        assert_string_equal(bind->wanted_methods[SSH_KEX],
                            "curve25519-sha256,curve25519-sha256@libssh.org,"
                            "ecdh-sha2-nistp256,diffie-hellman-group16-sha512,"
                            "diffie-hellman-group18-sha512,"
+                            "diffie-hellman-group14-sha256,"
                            "diffie-hellman-group14-sha1");
    }