Proposed patch to use openssl for ed25519 crypto (patch now inline)
Damien Miller
djm at mindrot.org
Fri Oct 31 08:05:40 AEDT 2025
On Thu, 30 Oct 2025, Jeremy Allison via openssh-unix-dev wrote:
> On Wed, Oct 29, 2025 at 3:34 PM Damien Miller <djm at mindrot.org> wrote:
>
> > They don't though, e.g. the attachment is available on the 3rd-party
> > archive at marc.info:
>
> Thanks for pointing that out. I only realized after gmail mangled the
> whitespace on the "inline" patch :-).
>
> > OTOH your mailer messed up this patch.
>
> Working on getting a better mailer than the browser interface
> for work stuff. I could always send from my jra at samba.org
> email if it becomes a problem.
>
> > Anyway, I'll take a look. First impression is that the code seems
> > fine but the underflow checks are probably not necessary; the size
> > of ED25519 public and private keys are constants that will never
> > be adjusted...
>
> Thanks. Here's a new version with those checks removed
> (as an attachment).
It's committed now, with a few minor tweaks:
commit 266647c5f2075d397bd5ed5316450183eda73388 (HEAD -> master, origin/master, origin/HEAD)
Author: djm at openbsd.org <djm at openbsd.org>
Date: Thu Oct 30 20:49:10 2025 +0000
upstream: support ed25519 signatures via libcrypto. Mostly by Jeremy
Allison Feedback tb@, ok tb@ markus@
OpenBSD-Commit-ID: e8edf8adffd5975d05769dde897df882d7933526
More information about the openssh-unix-dev
mailing list