[Bug 2995] New: Use SSH KDF from OpenSSL

bugzilla-daemon Wed, 17 Apr 2019 02:31:22 -0700

https://bugzilla.mindrot.org/show_bug.cgi?id=2995


            Bug ID: 2995
           Summary: Use SSH KDF from OpenSSL
           Product: Portable OpenSSH
           Version: 7.9p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: ssh
          Assignee: [email protected]
          Reporter: [email protected]

Created attachment 3264
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3264&action=edit
Use SSH KDF from OpenSSL

The new OpenSSL 1.1.1b implements the SSH KDF [1], which should be
preferably used in (portable) OpenSSH instead of the internal
implementation.

The attached patch implements alternative derive_key() function inside
of kex.c, which is compiled in when the new KDF API in OpenSSL is
detected during build time.

[1] https://www.openssl.org/docs/manmaster/man7/EVP_KDF_SSHKDF.html

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
[email protected]
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 2995] New: Use SSH KDF from OpenSSL

Reply via email to