- markus@cvs.openbsd.org 2013/01/08 18:49:04

[PROTOCOL authfile.c cipher.c cipher.h kex.c kex.h monitor_wrap.c] [myproposal.h packet.c ssh_config.5 sshd_config.5] support AES-GCM as defined in RFC 5647 (but with simpler KEX handling) ok and feedback djm@
author: Damien Miller <djm@mindrot.org> 2013-01-09 16:12:19 +1100
committer: Damien Miller <djm@mindrot.org> 2013-01-09 16:12:19 +1100
commit: 1d75abfe23cadf8cdba0bd2cfd54f3bc1ca80dc5 (patch)
tree: b717aa08dcc3c018d6fdae575017b3cb5fd92767 /PROTOCOL
parent: aa7ad3039c671c157bb99217d60674dad8154a22 (diff)
1 files changed, 13 insertions, 1 deletions
diff --git a/PROTOCOL b/PROTOCOL
index eb5d0889c..48b3a4400 100644
--- a/PROTOCOL
+++ b/PROTOCOL
@@ -79,6 +79,18 @@ contains:
      byte[n1]  payload; n1 = packet_length - padding_length - 1
      byte[n2]  random padding; n2 = padding_length
+1.6 transport: AES-GCM
+OpenSSH supports the AES-GCM algorithm as specified in RFC 5647.
+Because of problems with the specification of the key exchange
+the behaviour of OpenSSH differs from the RFC as follows:
+AES-GCM is only negotiated as the cipher algorithms
+"aes128-gcm@openssh.com" or "aes256-gcm@openssh.com" and never as
+an MAC algorithm. Additionally, if AES-GCM is selected as the cipher
+the exchanged MAC algorithms are ignored and there doesn't have to be
+a matching MAC.
 2. Connection protocol changes
 2.1. connection: Channel write close extension "eow@openssh.com"
@@ -319,4 +331,4 @@ link(oldpath, newpath) and will respond with a SSH_FXP_STATUS message.
 This extension is advertised in the SSH_FXP_VERSION hello with version
 "1".
-$OpenBSD: PROTOCOL,v 1.19 2013/01/03 12:49:01 djm Exp $
+$OpenBSD: PROTOCOL,v 1.20 2013/01/08 18:49:04 markus Exp $
author	Damien Miller <djm@mindrot.org>	2013-01-09 16:12:19 +1100
committer	Damien Miller <djm@mindrot.org>	2013-01-09 16:12:19 +1100
commit	1d75abfe23cadf8cdba0bd2cfd54f3bc1ca80dc5 (patch)
tree	b717aa08dcc3c018d6fdae575017b3cb5fd92767 /PROTOCOL
parent	aa7ad3039c671c157bb99217d60674dad8154a22 (diff)

diff --git a/PROTOCOL b/PROTOCOL index eb5d0889c..48b3a4400 100644 --- a/PROTOCOL +++ b/PROTOCOL
@@ -79,6 +79,18 @@ contains:
79	byte[n1] payload; n1 = packet_length - padding_length - 1	79	byte[n1] payload; n1 = packet_length - padding_length - 1
80	byte[n2] random padding; n2 = padding_length	80	byte[n2] random padding; n2 = padding_length
81		81
		82	1.6 transport: AES-GCM
		83
		84	OpenSSH supports the AES-GCM algorithm as specified in RFC 5647.
		85	Because of problems with the specification of the key exchange
		86	the behaviour of OpenSSH differs from the RFC as follows:
		87
		88	AES-GCM is only negotiated as the cipher algorithms
		89	"aes128-gcm@openssh.com" or "aes256-gcm@openssh.com" and never as
		90	an MAC algorithm. Additionally, if AES-GCM is selected as the cipher
		91	the exchanged MAC algorithms are ignored and there doesn't have to be
		92	a matching MAC.
		93
82	2. Connection protocol changes	94	2. Connection protocol changes
83		95
84	2.1. connection: Channel write close extension "eow@openssh.com"	96	2.1. connection: Channel write close extension "eow@openssh.com"
@@ -319,4 +331,4 @@ link(oldpath, newpath) and will respond with a SSH_FXP_STATUS message.
319	This extension is advertised in the SSH_FXP_VERSION hello with version	331	This extension is advertised in the SSH_FXP_VERSION hello with version
320	"1".	332	"1".
321		333
322	$OpenBSD: PROTOCOL,v 1.19 2013/01/03 12:49:01 djm Exp $	334	$OpenBSD: PROTOCOL,v 1.20 2013/01/08 18:49:04 markus Exp $