19261079b7
Some notable changes, from upstream's release notes: - sshd(8): Remove support for obsolete "host/port" syntax. - ssh(1): When prompting whether to record a new host key, accept the key fingerprint as a synonym for "yes". - ssh-keygen(1): when acting as a CA and signing certificates with an RSA key, default to using the rsa-sha2-512 signature algorithm. - ssh(1), sshd(8), ssh-keygen(1): this release removes the "ssh-rsa" (RSA/SHA1) algorithm from those accepted for certificate signatures. - ssh-sk-helper(8): this is a new binary. It is used by the FIDO/U2F support to provide address-space isolation for token middleware libraries (including the internal one). - ssh(1): this release enables UpdateHostkeys by default subject to some conservative preconditions. - scp(1): this release changes the behaviour of remote to remote copies (e.g. "scp host-a:/path host-b:") to transfer through the local host by default. - scp(1): experimental support for transfers using the SFTP protocol as a replacement for the venerable SCP/RCP protocol that it has traditionally used. Additional integration work is needed to support FIDO/U2F in the base system. Deprecation Notice ------------------ OpenSSH will disable the ssh-rsa signature scheme by default in the next release. Reviewed by: imp MFC after: 1 month Relnotes: Yes Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D29985
37 lines
994 B
C
37 lines
994 B
C
/* $OpenBSD: chacha.h,v 1.5 2021/04/03 05:54:14 djm Exp $ */
|
|
|
|
/*
|
|
chacha-merged.c version 20080118
|
|
D. J. Bernstein
|
|
Public domain.
|
|
*/
|
|
|
|
#ifndef CHACHA_H
|
|
#define CHACHA_H
|
|
|
|
#include <sys/types.h>
|
|
#include <stdlib.h>
|
|
|
|
struct chacha_ctx {
|
|
u_int input[16];
|
|
};
|
|
|
|
#define CHACHA_MINKEYLEN 16
|
|
#define CHACHA_NONCELEN 8
|
|
#define CHACHA_CTRLEN 8
|
|
#define CHACHA_STATELEN (CHACHA_NONCELEN+CHACHA_CTRLEN)
|
|
#define CHACHA_BLOCKLEN 64
|
|
|
|
void chacha_keysetup(struct chacha_ctx *x, const u_char *k, u_int kbits)
|
|
__attribute__((__bounded__(__minbytes__, 2, CHACHA_MINKEYLEN)));
|
|
void chacha_ivsetup(struct chacha_ctx *x, const u_char *iv, const u_char *ctr)
|
|
__attribute__((__bounded__(__minbytes__, 2, CHACHA_NONCELEN)))
|
|
__attribute__((__bounded__(__minbytes__, 3, CHACHA_CTRLEN)));
|
|
void chacha_encrypt_bytes(struct chacha_ctx *x, const u_char *m,
|
|
u_char *c, u_int bytes)
|
|
__attribute__((__bounded__(__buffer__, 2, 4)))
|
|
__attribute__((__bounded__(__buffer__, 3, 4)));
|
|
|
|
#endif /* CHACHA_H */
|
|
|