Added 'ssh-dss-sha256@ssh.com' host key type, 'crypticore128@ssh.com' and 'seed-cbc@ssh.com' ciphers, and 'crypticore-mac@ssh.com' MAC.

2025-10-31 05:25:28 +01:00 · 2020-07-01 14:32:55 -04:00
parent 01ec6b0b37
commit 282770e698
2 changed files with 9 additions and 3 deletions
--- a/README.md
+++ b/README.md
@@ -78,10 +78,10 @@ $ brew install ssh-audit
 - 1024-bit moduli upgraded from warnings to failures.
 - Many Python 2 code clean-ups, testing framework improvements, pylint & flake8 fixes, and mypy type comments; credit [Jürgen Gmach](https://github.com/jugmac00)).
 - Suppress recommendation of token host key types.
- - Added 1 new host key type: `ssh-rsa1`.
+ - Added 2 new host key types: `ssh-rsa1`, `ssh-dss-sha256@ssh.com`.
 - Added 1 new key exchange: `diffie-hellman-group1-sha256`.
- - Added 3 new ciphers: `blowfish`, `AEAD_AES_128_GCM`, `AEAD_AES_256_GCM`.
- - Added 2 new MACs: `chacha20-poly1305@openssh.com`, `hmac-sha3-224`.
+ - Added 5 new ciphers: `blowfish`, `AEAD_AES_128_GCM`, `AEAD_AES_256_GCM`, `crypticore128@ssh.com`, `seed-cbc@ssh.com`.
+ - Added 3 new MACs: `chacha20-poly1305@openssh.com`, `hmac-sha3-224`, `crypticore-mac@ssh.com`.

 ### v2.2.0 (2020-03-11)
 - Marked host key type `ssh-rsa` as weak due to [practical SHA-1 collisions](https://eprint.iacr.org/2020/014.pdf).
--- a/ssh-audit.py
+++ b/ssh-audit.py
@@ -624,6 +624,7 @@ class SSH2:  # pylint: disable=too-few-public-methods
        FAIL_PLAINTEXT = 'no encryption/integrity'
        FAIL_DEPRECATED_MAC = 'deprecated MAC'
        FAIL_1024BIT_MODULUS = 'using small 1024-bit modulus'
+        FAIL_UNPROVEN = 'using unproven algorithm'
        WARN_CURVES_WEAK = 'using weak elliptic curves'
        WARN_RNDSIG_KEY = 'using weak random number generator could reveal the key'
        WARN_HASH_WEAK = 'using weak hashing algorithm'
@@ -634,6 +635,7 @@ class SSH2:  # pylint: disable=too-few-public-methods
        WARN_TAG_SIZE = 'using small 64-bit tag size'
        WARN_TAG_SIZE_96 = 'using small 96-bit tag size'
        WARN_EXPERIMENTAL = 'using experimental algorithm'
+        WARN_OBSOLETE = 'using obsolete algorithm'

        ALGORITHMS = {
            # Format: 'algorithm_name': [['version_first_appeared_in'], [reason_for_failure1, reason_for_failure2, ...], [warning1, warning2, ...]]
@@ -717,6 +719,7 @@ class SSH2:  # pylint: disable=too-few-public-methods
                'rsa-sha2-256-cert-v01@openssh.com': [['7.8']],
                'rsa-sha2-512-cert-v01@openssh.com': [['7.8']],
                'ssh-rsa-sha256@ssh.com': [[]],
+                'ssh-dss-sha256@ssh.com': [[], [FAIL_1024BIT_MODULUS]],
                'sk-ecdsa-sha2-nistp256-cert-v01@openssh.com': [['8.2'], [WARN_CURVES_WEAK], [WARN_RNDSIG_KEY]],
                'sk-ecdsa-sha2-nistp256@openssh.com': [['8.2'], [WARN_CURVES_WEAK], [WARN_RNDSIG_KEY]],
                'sk-ssh-ed25519-cert-v01@openssh.com': [['8.2']],
@@ -778,6 +781,8 @@ class SSH2:  # pylint: disable=too-few-public-methods
                'camellia192-ctr': [[]],
                'camellia256-cbc': [[], [], [WARN_CIPHER_MODE]],
                'camellia256-ctr': [[]],
+                'crypticore128@ssh.com': [[], [FAIL_UNPROVEN]],
+                'seed-cbc@ssh.com': [[], [], [WARN_OBSOLETE, WARN_CIPHER_MODE]],
            },
            'mac': {
                'none': [['d2013.56'], [FAIL_PLAINTEXT]],
@@ -822,6 +827,7 @@ class SSH2:  # pylint: disable=too-few-public-methods
                'aes128-gcm': [[]],
                'aes256-gcm': [[]],
                'chacha20-poly1305@openssh.com': [[]],  # Despite the @openssh.com tag, this was never shipped as a MAC in OpenSSH (only as a cipher); it is only implemented as a MAC in Syncplify.
+                'crypticore-mac@ssh.com': [[], [FAIL_UNPROVEN]],
            }
        }  # type: Dict[str, Dict[str, List[List[Optional[str]]]]]