support sntrup761x25519-sha512 alias

djmdjm · djmdjm · commit 16d6a715a691 · 2025-08-11T15:54:35.000+10:00
OpenSSH 9.1 supports the sntrup761x25519-sha512@openssh.com
key agreement algorithm. As part of standardisation, this algorithm
has been assigned the name sntrup761x25519-sha512.

This commit enables the existing algorithm under this new name.
diff --git a/kex.c b/kex.c
@@ -111,6 +111,8 @@ static const struct kexalg kexalgs[] = {
 	{ KEX_CURVE25519_SHA256, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256 },
 	{ KEX_CURVE25519_SHA256_OLD, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256 },
 #ifdef USE_SNTRUP761X25519
+	{ KEX_SNTRUP761X25519_SHA512_IANA, KEX_KEM_SNTRUP761X25519_SHA512, 0,
+	    SSH_DIGEST_SHA512 },
 	{ KEX_SNTRUP761X25519_SHA512, KEX_KEM_SNTRUP761X25519_SHA512, 0,
 	    SSH_DIGEST_SHA512 },
 #endif
diff --git a/kex.h b/kex.h
@@ -63,6 +63,7 @@
 #define	KEX_CURVE25519_SHA256		"curve25519-sha256"
 #define	KEX_CURVE25519_SHA256_OLD	"curve25519-sha256@libssh.org"
 #define	KEX_SNTRUP761X25519_SHA512	"sntrup761x25519-sha512@openssh.com"
+#define	KEX_SNTRUP761X25519_SHA512_IANA	"sntrup761x25519-sha512"
 
 #define COMP_NONE	0
 /* pre-auth compression (COMP_ZLIB) is only supported in the client */
diff --git a/myproposal.h b/myproposal.h
@@ -25,6 +25,7 @@
  */
 
 #define KEX_SERVER_KEX	\
+	"sntrup761x25519-sha512," \
 	"sntrup761x25519-sha512@openssh.com," \
 	"curve25519-sha256," \
 	"curve25519-sha256@libssh.org," \
