Git
/
ssh-audit
mirror of https://github.com/jtesta/ssh-audit.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: Git:5884625162e0372fde726914f04a37ec8583139f
Branches Tags
Git:master
Git:v3.2.0
Git:v3.1.0
Git:v3.0.0
Git:v2.9.0
Git:v2.5.0
Git:v2.4.0
Git:v2.3.1
Git:v2.3.0
Git:v2.2.0
Git:v2.1.1
Git:v2.1.0
Git:v2.0.0
Git:v1.7.0
Git:v1.6.0
Git:v1.5.0
...
compare: Git:0816d1fe48a93bd81b771f0cbd40d1a58249341a
Branches Tags
Git:master
Git:v3.2.0
Git:v3.1.0
Git:v3.0.0
Git:v2.9.0
Git:v2.5.0
Git:v2.4.0
Git:v2.3.1
Git:v2.3.0
Git:v2.2.0
Git:v2.1.1
Git:v2.1.0
Git:v2.0.0
Git:v1.7.0
Git:v1.6.0
Git:v1.5.0

4 Commits
5884625162 ... 0816d1fe48

Author SHA1 Message Date
oam7575 0816d1fe48
Merge 5fbe94c4dd into 9fae870260 2024-03-19 14:48:05 -04:00
Joe Testa 9fae870260 Added allow_larger_keys flag to custom policies to control whether targets can have larger keys, and added Docker tests to complete work started in PR #242. 2024-03-19 14:45:19 -04:00
Damian Szuberski 20873db596
use less-than instead of not-equal when comparing key sizes (#242) 
When evaluating policy compliance, use less-than operator so keys bigger
than expected (and hence very often better) don't fail policy
evaulation. This change reduces the amount of false-positives and allows
for more flexibility when hardening SSH installations.

Signed-off-by: szubersk <szuberskidamian@gmail.com>
 2024-03-19 14:38:27 -04:00
OAM7575 5fbe94c4dd DRAFT 1 - Attempt to implement never suggest weaker ciphers, with the exception of always suggesting a _second_ option. 
https://github.com/jtesta/ssh-audit/issues/166
 2024-03-18 22:27:38 +11:00
9 changed files with 486 additions and 370 deletions
Show Stats Expand all files Collapse all files

1
README.md
View File

@ -191,6 +191,7 @@ For convenience, a web front-end on top of the command-line tool is available at
- Snap builds are now architecture-independent.
- Changed Docker base image from `python:3-slim` to `python:3-alpine`, resulting in a 59% reduction in image size; credit [Daniel Thamdrup](https://github.com/dallemon).
- Custom policies now support the `allow_algorithm_subset_and_reordering` directive to allow targets to pass with a subset and/or re-ordered list of host keys, kex, ciphers, and MACs. This allows for the creation of a baseline policy where targets can optionally implement stricter controls; partial credit [yannik1015](https://github.com/yannik1015).
- Custom policies now support the `allow_larger_keys` directive to allow targets to pass with larger host keys, CA keys, and Diffie-Hellman keys. This allows for the creation of a baseline policy where targets can optionally implement stricter controls; partial credit [Damian Szuberski](https://github.com/szubersk).
- Added 1 new key exchange algorithm: `gss-nistp384-sha384-*`.
### v3.1.0 (2023-12-20)

3
docker_test.sh
View File

@ -790,6 +790,9 @@ run_custom_policy_test "config2" "test15" "${PROGRAM_RETVAL_GOOD}"
# Failing test with algorithm subset matching.
run_custom_policy_test "config2" "test16" "${PROGRAM_RETVAL_FAILURE}"
# Passing test with larger key matching.
run_custom_policy_test "config2" "test17" "${PROGRAM_RETVAL_GOOD}"
# Failing test for built-in OpenSSH 8.0p1 server policy (RSA host key size is 3072 instead of 4096).
run_builtin_policy_test "Hardened OpenSSH Server v8.0 (version 4)" "8.0p1" "test1" "-o HostKeyAlgorithms=rsa-sha2-512,rsa-sha2-256,ssh-ed25519 -o KexAlgorithms=curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha256 -o Ciphers=chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr -o MACs=hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com" "${PROGRAM_RETVAL_FAILURE}"

58
src/ssh_audit/algorithms.py
View File

@ -137,13 +137,45 @@ class Algorithms:
for alg_pair in self.values:
sshv, alg_db = alg_pair.sshv, alg_pair.db
rec[sshv] = {}
for alg_type, alg_list in alg_pair.items():
list_of_weights = []
if alg_type == 'aut':
continue
# For each alg that is already enabled. Look up its assigned weighting.
# If it has a higher preference than current max or something more than current min
# add it to the list.
# Sort the list as we go to ensure largest numbers are furst
for alg_name_lst in alg_list:
for alg_name_look, alg_desc_look in alg_db[alg_type].items():
if str.lower(alg_name_look) == str.lower(alg_name_lst):
lst_weight = alg_desc_look[4]
lst_weight = int(lst_weight[0])
if not list_of_weights:
list_of_weights.insert(1, int(lst_weight))
elif lst_weight > max(list_of_weights):
list_of_weights.insert(1, int(lst_weight))
list_of_weights.sort(key=int, reverse=True)
elif lst_weight < max(list_of_weights) and lst_weight > min(list_of_weights):
list_of_weights.insert(2, int(lst_weight))
list_of_weights.sort(key=int, reverse=True)
# Keep the two largest weights per ALG TYPE
# Discard all others.
# Used below.
while len(list_of_weights) > 2:
del list_of_weights[-1]
rec[sshv][alg_type] = {'add': {}, 'del': {}, 'chg': {}}
for n, alg_desc in alg_db[alg_type].items():
for alg_name, alg_desc in alg_db[alg_type].items():
versions = alg_desc[0]
empty_version = False
sugg_weight = alg_desc[4]
sugg_weight = int(sugg_weight[0])
if len(versions) == 0 or versions[0] is None:
empty_version = True
else:
@ -161,9 +193,11 @@ class Algorithms:
if (software is not None) and (software.compare_version(ssh_version) < 0):
continue
matches = True
break
if not matches:
continue
adl, faults = len(alg_desc), 0
for i in range(1, 3):
if not adl > i:
@ -171,18 +205,28 @@ class Algorithms:
fc = len(alg_desc[i])
if fc > 0:
faults += pow(10, 2 - i) * fc
if n not in alg_list:
if alg_name not in alg_list:
# Don't recommend certificate or token types; these will only appear in the server's list if they are fully configured & functional on the server.
if faults > 0 or (alg_type == 'key' and (('-cert-' in n) or (n.startswith('sk-')))) or empty_version:
# Never suggest an algorithm with a weight of less than 200
MIN_SUGGEST_WEIGHT = 200
if faults > 0 or (alg_type == 'key' and (('-cert-' in alg_name) or (alg_name.startswith('sk-')))) or empty_version or sugg_weight < MIN_SUGGEST_WEIGHT:
continue
rec[sshv][alg_type]['add'][n] = 0
# Always suggest a new algorithm if it has more weight than the strongest already enabled
# or more weight than the second strongest alread enabled.
# This can be changed to "if sugg_weight > max(list_of_weights):" - to only suggest stronger weights
# However this will preclude the possabilty of suggesting a new "second best" for those that have more than 1 algorithm enabled.
if sugg_weight > max(list_of_weights) or (sugg_weight < max(list_of_weights) and sugg_weight > min(list_of_weights)):
rec[sshv][alg_type]['add'][alg_name] = 0
else:
if faults == 0:
continue
if n in ['diffie-hellman-group-exchange-sha256', 'rsa-sha2-256', 'rsa-sha2-512', 'rsa-sha2-256-cert-v01@openssh.com', 'rsa-sha2-512-cert-v01@openssh.com']:
rec[sshv][alg_type]['chg'][n] = faults
if alg_name in ['diffie-hellman-group-exchange-sha256', 'rsa-sha2-256', 'rsa-sha2-512', 'rsa-sha2-256-cert-v01@openssh.com', 'rsa-sha2-512-cert-v01@openssh.com']:
rec[sshv][alg_type]['chg'][alg_name] = faults
else:
rec[sshv][alg_type]['del'][n] = faults
rec[sshv][alg_type]['del'][alg_name] = faults
list_of_weights = []
# If we are working with unknown software, drop all add recommendations, because we don't know if they're valid.
if unknown_software:
rec[sshv][alg_type]['add'] = {}

23
src/ssh_audit/policy.py
View File

@ -55,6 +55,7 @@ class Policy:
self._dh_modulus_sizes: Optional[Dict[str, int]] = None
self._server_policy = True
self._allow_algorithm_subset_and_reordering = False
self._allow_larger_keys = False
self._errors: List[Any] = []
self._name_and_version: str = ''
@ -114,7 +115,7 @@ class Policy:
key = key.strip()
val = val.strip()
if key not in ['name', 'version', 'banner', 'compressions', 'host keys', 'optional host keys', 'key exchanges', 'ciphers', 'macs', 'client policy', 'host_key_sizes', 'dh_modulus_sizes', 'allow_algorithm_subset_and_reordering'] and not key.startswith('hostkey_size_') and not key.startswith('cakey_size_') and not key.startswith('dh_modulus_size_'):
if key not in ['name', 'version', 'banner', 'compressions', 'host keys', 'optional host keys', 'key exchanges', 'ciphers', 'macs', 'client policy', 'host_key_sizes', 'dh_modulus_sizes', 'allow_algorithm_subset_and_reordering', 'allow_larger_keys'] and not key.startswith('hostkey_size_') and not key.startswith('cakey_size_') and not key.startswith('dh_modulus_size_'):
raise ValueError("invalid field found in policy: %s" % line)
if key in ['name', 'banner']:
@ -209,6 +210,8 @@ class Policy:
self._server_policy = False
elif key == 'allow_algorithm_subset_and_reordering' and val.lower() == 'true':
self._allow_algorithm_subset_and_reordering = True
elif key == 'allow_larger_keys' and val.lower() == 'true':
self._allow_larger_keys = True
if self._name is None:
raise ValueError('The policy does not have a name field.')
@ -296,9 +299,12 @@ name = "Custom Policy (based on %s on %s)"
# The version of this policy (displayed in the output during scans). Not parsed, and may be any value, including strings.
version = 1
# When false, host keys, kex, ciphers, and MAC lists must match exactly. When true, the target host may support a subset of the specified algorithms and/or algorithms may appear in a different order; this is useful for specifying a baseline and allowing some hosts the option to implement stricter controls.
# When false, host keys, kex, ciphers, and MAC lists must match exactly. When true, the target host may support a subset of the specified algorithms and/or algorithms may appear in a different order; this feature is useful for specifying a baseline and allowing some hosts the option to implement stricter controls.
allow_algorithm_subset_and_reordering = false
# When false, host keys, CA keys, and Diffie-Hellman key sizes must exactly match what's specified in this policy. When true, target systems are allowed to have larger keys; this feature is useful for specifying a baseline and allowing some hosts the option to implement stricter controls.
allow_larger_keys = false
# The banner that must match exactly. Commented out to ignore banners, since minor variability in the banner is sometimes normal.
# banner = "%s"
@ -367,11 +373,12 @@ macs = %s
hostkey_types = list(self._hostkey_sizes.keys())
hostkey_types.sort() # Sorted to make testing output repeatable.
for hostkey_type in hostkey_types:
expected_hostkey_size = self._hostkey_sizes[hostkey_type]['hostkey_size']
expected_hostkey_size = cast(int, self._hostkey_sizes[hostkey_type]['hostkey_size'])
server_host_keys = kex.host_keys()
if hostkey_type in server_host_keys:
actual_hostkey_size = server_host_keys[hostkey_type]['hostkey_size']
if actual_hostkey_size != expected_hostkey_size:
actual_hostkey_size = cast(int, server_host_keys[hostkey_type]['hostkey_size'])
if (self._allow_larger_keys and actual_hostkey_size < expected_hostkey_size) or \
(not self._allow_larger_keys and actual_hostkey_size != expected_hostkey_size):
ret = False
self._append_error('Host key (%s) sizes' % hostkey_type, [str(expected_hostkey_size)], None, [str(actual_hostkey_size)])
@ -387,7 +394,8 @@ macs = %s
ret = False
self._append_error('CA signature type', [expected_ca_key_type], None, [actual_ca_key_type])
# Ensure that the actual and expected signature sizes match.
elif actual_ca_key_size != expected_ca_key_size:
elif (self._allow_larger_keys and actual_ca_key_size < expected_ca_key_size) or \
(not self._allow_larger_keys and actual_ca_key_size != expected_ca_key_size):
ret = False
self._append_error('CA signature size (%s)' % actual_ca_key_type, [str(expected_ca_key_size)], None, [str(actual_ca_key_size)])
@ -446,7 +454,8 @@ macs = %s
expected_dh_modulus_size = self._dh_modulus_sizes[dh_modulus_type]
if dh_modulus_type in kex.dh_modulus_sizes():
actual_dh_modulus_size = kex.dh_modulus_sizes()[dh_modulus_type]
if expected_dh_modulus_size != actual_dh_modulus_size:
if (self._allow_larger_keys and actual_dh_modulus_size < expected_dh_modulus_size) or \
(not self._allow_larger_keys and actual_dh_modulus_size != expected_dh_modulus_size):
ret = False
self._append_error('Group exchange (%s) modulus sizes' % dh_modulus_type, [str(expected_dh_modulus_size)], None, [str(actual_dh_modulus_size)])

745
src/ssh_audit/ssh2_kexdb.py
View File

@ -75,376 +75,411 @@ class SSH2_KexDB: # pylint: disable=too-few-public-methods
INFO_EXTENSION_NEGOTIATION = 'pseudo-algorithm that denotes the peer supports RFC8308 extensions'
INFO_STRICT_KEX = 'pseudo-algorithm that denotes the peer supports a stricter key exchange method as a counter-measure to the Terrapin attack (CVE-2023-48795)'
WEIGHT_FAIL = 1
WEIGHT_EAM = 100
WEIGHT_NEVER_OSSH = 200
WEIGHT_128 = 1000
WEIGHT_192 = 1500
WEIGHT_384 = 1500
WEIGHT_CURVE_256 = 5000
WEIGHT_DH_G14_256 = 2000
WEIGHT_DH_G15_256 = 2500
WEIGHT_DH_G15_384 = 2550
WEIGHT_DH_G15_512 = 2575
WEIGHT_DH_G16_256 = 2600
WEIGHT_DH_G16_384 = 2650
WEIGHT_DH_G16_512 = 2675
WEIGHT_DH_G16_256 = 2700
WEIGHT_DH_G16_384 = 2750
WEIGHT_DH_G16_512 = 2775
WEIGHT_DH_G17_512 = 2875
WEIGHT_DH_G18_512 = 2975
WEIGHT_DH_256 = 2000
WEIGHT_DH_384 = 2200
WEIGHT_DH_512 = 2300
WEIGHT_DISABLED = 1300
WEIGHT_SSH_NOT_IMP_OR_DISABLED = 250
DESIRED_WEIGHT = 9000
WEIGHT_CHACHA = 1200 # until patch
STRONG_CURVE = 9000
GOOD_CURVE = 8500
NEVER_SUGGEST_ALG = 1
WEIGHT_STRICT_KEX = 5000
# Maintains a dictionary per calling thread that yields its own copy of MASTER_DB. This prevents results from one thread polluting the results of another thread.
DB_PER_THREAD: Dict[int, Dict[str, Dict[str, List[List[Optional[str]]]]]] = {}
MASTER_DB: Dict[str, Dict[str, List[List[Optional[str]]]]] = {
# Format: 'algorithm_name': [['version_first_appeared_in'], [reason_for_failure1, reason_for_failure2, ...], [warning1, warning2, ...], [info1, info2, ...]]
# Format: 'algorithm_name': [['version_first_appeared_in'], [reason_for_failure1, reason_for_failure2, ...], [warning1, warning2, ...], [info1, info2, ...], [preference_weight]]
'kex': {
'Curve25519SHA256': [[]],
'curve25519-sha256': [['7.4,d2018.76'], [], [], [INFO_DEFAULT_OPENSSH_KEX_64_TO_89]],
'curve25519-sha256@libssh.org': [['6.4,d2013.62,l10.6.0'], [], [], [INFO_DEFAULT_OPENSSH_KEX_64_TO_89]],
'curve448-sha512': [[]],
'curve448-sha512@libssh.org': [[]],
'diffie-hellman-group14-sha1': [['3.9,d0.53,l10.6.0'], [FAIL_SHA1], [WARN_2048BIT_MODULUS]],
'diffie-hellman-group14-sha224@ssh.com': [[]],
'diffie-hellman-group14-sha256': [['7.3,d2016.73'], [], [WARN_2048BIT_MODULUS]],
'diffie-hellman-group14-sha256@ssh.com': [[], [], [WARN_2048BIT_MODULUS]],
'diffie-hellman-group15-sha256': [[]],
'diffie-hellman-group15-sha256@ssh.com': [[]],
'diffie-hellman-group15-sha384@ssh.com': [[]],
'diffie-hellman-group15-sha512': [[]],
'diffie-hellman-group16-sha256': [[]],
'diffie-hellman-group16-sha384@ssh.com': [[]],
'diffie-hellman-group16-sha512': [['7.3,d2016.73']],
'diffie-hellman-group16-sha512@ssh.com': [[]],
'diffie-hellman-group17-sha512': [[]],
'diffie-hellman_group17-sha512': [[]],
'diffie-hellman-group18-sha512': [['7.3']],
'diffie-hellman-group18-sha512@ssh.com': [[]],
'diffie-hellman-group1-sha1': [['2.3.0,d0.28,l10.2', '6.6', '6.9'], [FAIL_1024BIT_MODULUS, FAIL_LOGJAM_ATTACK, FAIL_SHA1], [], [INFO_REMOVED_IN_OPENSSH69]],
'diffie-hellman-group1-sha256': [[], [FAIL_1024BIT_MODULUS]],
'diffie-hellman-group-exchange-sha1': [['2.3.0', '6.6', None], [FAIL_SHA1]],
'diffie-hellman-group-exchange-sha224@ssh.com': [[]],
'diffie-hellman-group-exchange-sha256': [['4.4']],
'diffie-hellman-group-exchange-sha256@ssh.com': [[]],
'diffie-hellman-group-exchange-sha384@ssh.com': [[]],
'diffie-hellman-group-exchange-sha512@ssh.com': [[]],
'ecdh-nistp256-kyber-512r3-sha256-d00@openquantumsafe.org': [[], [FAIL_NSA_BACKDOORED_CURVE]],
'ecdh-nistp384-kyber-768r3-sha384-d00@openquantumsafe.org': [[], [FAIL_NSA_BACKDOORED_CURVE]],
'ecdh-nistp521-kyber-1024r3-sha512-d00@openquantumsafe.org': [[], [FAIL_NSA_BACKDOORED_CURVE]],
'ecdh-sha2-1.2.840.10045.3.1.1': [[], [FAIL_SMALL_ECC_MODULUS, FAIL_NSA_BACKDOORED_CURVE]], # NIST P-192 / secp192r1
'ecdh-sha2-1.2.840.10045.3.1.7': [[], [FAIL_NSA_BACKDOORED_CURVE]], # NIST P-256 / secp256r1
'ecdh-sha2-1.3.132.0.10': [[]], # ECDH over secp256k1 (i.e.: the Bitcoin curve)
'ecdh-sha2-1.3.132.0.16': [[], [FAIL_UNPROVEN]], # sect283k1
'ecdh-sha2-1.3.132.0.1': [[], [FAIL_UNPROVEN, FAIL_SMALL_ECC_MODULUS]], # sect163k1
'ecdh-sha2-1.3.132.0.26': [[], [FAIL_UNPROVEN, FAIL_SMALL_ECC_MODULUS]], # sect233k1
'ecdh-sha2-1.3.132.0.27': [[], [FAIL_SMALL_ECC_MODULUS, FAIL_NSA_BACKDOORED_CURVE]], # sect233r1
'ecdh-sha2-1.3.132.0.33': [[], [FAIL_SMALL_ECC_MODULUS, FAIL_NSA_BACKDOORED_CURVE]], # NIST P-224 / secp224r1
'ecdh-sha2-1.3.132.0.34': [[], [FAIL_NSA_BACKDOORED_CURVE]], # NIST P-384 / secp384r1
'ecdh-sha2-1.3.132.0.35': [[], [FAIL_NSA_BACKDOORED_CURVE]], # NIST P-521 / secp521r1
'ecdh-sha2-1.3.132.0.36': [[], [FAIL_UNPROVEN]], # sect409k1
'ecdh-sha2-1.3.132.0.37': [[], [FAIL_NSA_BACKDOORED_CURVE]], # sect409r1
'ecdh-sha2-1.3.132.0.38': [[], [FAIL_UNPROVEN]], # sect571k1
'Curve25519SHA256': [[], [], [], [], [STRONG_CURVE]],
'curve25519-sha256': [['7.4,d2018.76'], [], [], [INFO_DEFAULT_OPENSSH_KEX_64_TO_89], [STRONG_CURVE]],
'curve25519-sha256@libssh.org': [['6.4,d2013.62,l10.6.0'], [], [], [INFO_DEFAULT_OPENSSH_KEX_64_TO_89], [STRONG_CURVE]],
'curve448-sha512': [[], [], [], [], [GOOD_CURVE]],
'curve448-sha512@libssh.org': [[], [], [], [], [GOOD_CURVE]],
'diffie-hellman-group14-sha1': [['3.9,d0.53,l10.6.0'], [FAIL_SHA1], [WARN_2048BIT_MODULUS], [], [WEIGHT_FAIL]],
'diffie-hellman-group14-sha224@ssh.com': [[], [], [], [], [WEIGHT_DH_G14_256]],
'diffie-hellman-group14-sha256': [['7.3,d2016.73'], [], [WARN_2048BIT_MODULUS], [], [WEIGHT_DH_G14_256]],
'diffie-hellman-group14-sha256@ssh.com': [[], [], [WARN_2048BIT_MODULUS], [], [WEIGHT_DH_G14_256]],
'diffie-hellman-group15-sha256': [[], [], [], [], [WEIGHT_DH_G15_256]],
'diffie-hellman-group15-sha256@ssh.com': [[], [], [], [], [WEIGHT_DH_G15_256]],
'diffie-hellman-group15-sha384@ssh.com': [[], [], [], [], [WEIGHT_DH_G15_384]],
'diffie-hellman-group15-sha512': [[], [], [], [], [WEIGHT_DH_G15_512]],
'diffie-hellman-group16-sha256': [[], [], [], [], [WEIGHT_DH_G16_256]],
'diffie-hellman-group16-sha384@ssh.com': [[], [], [], [], [WEIGHT_DH_G16_384]],
'diffie-hellman-group16-sha512': [['7.3,d2016.73'], [], [], [], [WEIGHT_DH_G16_512]],
'diffie-hellman-group16-sha512@ssh.com': [[], [], [], [], [WEIGHT_DH_G16_512]],
'diffie-hellman-group17-sha512': [[], [], [], [], [WEIGHT_DH_G17_512]],
'diffie-hellman_group17-sha512': [[], [], [], [], [WEIGHT_DH_G17_512]],
'diffie-hellman-group18-sha512': [['7.3'], [], [], [], [WEIGHT_DH_G18_512]],
'diffie-hellman-group18-sha512@ssh.com': [[], [], [], [], [WEIGHT_DH_G18_512]],
'diffie-hellman-group1-sha1': [['2.3.0,d0.28,l10.2', '6.6', '6.9'], [FAIL_1024BIT_MODULUS, FAIL_LOGJAM_ATTACK, FAIL_SHA1], [], [INFO_REMOVED_IN_OPENSSH69], [WEIGHT_FAIL]],
'diffie-hellman-group1-sha256': [[], [FAIL_1024BIT_MODULUS], [], [], [WEIGHT_FAIL]],
'diffie-hellman-group-exchange-sha1': [['2.3.0', '6.6', None], [FAIL_SHA1], [], [], [WEIGHT_FAIL]],
'diffie-hellman-group-exchange-sha224@ssh.com': [[], [], [], [], [WEIGHT_FAIL]],
'diffie-hellman-group-exchange-sha256': [['4.4'], [], [], [], [WEIGHT_DH_256]],
'diffie-hellman-group-exchange-sha256@ssh.com': [[], [], [], [], [WEIGHT_DH_256]],
'diffie-hellman-group-exchange-sha384@ssh.com': [[], [], [], [], [WEIGHT_DH_384]],
'diffie-hellman-group-exchange-sha512@ssh.com': [[], [], [], [], [WEIGHT_DH_512]],
'ecdh-nistp256-kyber-512r3-sha256-d00@openquantumsafe.org': [[], [FAIL_NSA_BACKDOORED_CURVE], [], [], [WEIGHT_FAIL]],
'ecdh-nistp384-kyber-768r3-sha384-d00@openquantumsafe.org': [[], [FAIL_NSA_BACKDOORED_CURVE], [], [], [WEIGHT_FAIL]],
'ecdh-nistp521-kyber-1024r3-sha512-d00@openquantumsafe.org': [[], [FAIL_NSA_BACKDOORED_CURVE], [], [], [WEIGHT_FAIL]],
'ecdh-sha2-1.2.840.10045.3.1.1': [[], [FAIL_SMALL_ECC_MODULUS, FAIL_NSA_BACKDOORED_CURVE], [], [], [WEIGHT_FAIL]], # NIST P-192 / secp192r1
'ecdh-sha2-1.2.840.10045.3.1.7': [[], [FAIL_NSA_BACKDOORED_CURVE], [], [], [WEIGHT_FAIL]], # NIST P-256 / secp256r1
'ecdh-sha2-1.3.132.0.10': [[], [], [], [], [WEIGHT_FAIL]], # ECDH over secp256k1 (i.e.: the Bitcoin curve)
'ecdh-sha2-1.3.132.0.16': [[], [FAIL_UNPROVEN], [], [], [WEIGHT_FAIL]], # sect283k1
'ecdh-sha2-1.3.132.0.1': [[], [FAIL_UNPROVEN, FAIL_SMALL_ECC_MODULUS], [], [], [WEIGHT_FAIL]], # sect163k1
'ecdh-sha2-1.3.132.0.26': [[], [FAIL_UNPROVEN, FAIL_SMALL_ECC_MODULUS], [], [], [WEIGHT_FAIL]], # sect233k1
'ecdh-sha2-1.3.132.0.27': [[], [FAIL_SMALL_ECC_MODULUS, FAIL_NSA_BACKDOORED_CURVE], [], [], [WEIGHT_FAIL]], # sect233r1
'ecdh-sha2-1.3.132.0.33': [[], [FAIL_SMALL_ECC_MODULUS, FAIL_NSA_BACKDOORED_CURVE], [], [], [WEIGHT_FAIL]], # NIST P-224 / secp224r1
'ecdh-sha2-1.3.132.0.34': [[], [FAIL_NSA_BACKDOORED_CURVE], [], [], [WEIGHT_FAIL]], # NIST P-384 / secp384r1
'ecdh-sha2-1.3.132.0.35': [[], [FAIL_NSA_BACKDOORED_CURVE], [], [], [WEIGHT_FAIL]], # NIST P-521 / secp521r1
'ecdh-sha2-1.3.132.0.36': [[], [FAIL_UNPROVEN], [], [], [WEIGHT_FAIL]], # sect409k1
'ecdh-sha2-1.3.132.0.37': [[], [FAIL_NSA_BACKDOORED_CURVE], [], [], [WEIGHT_FAIL]], # sect409r1
'ecdh-sha2-1.3.132.0.38': [[], [FAIL_UNPROVEN], [], [], [WEIGHT_FAIL]], # sect571k1
# Note: the base64 strings, according to draft 6 of RFC5656, is Base64(MD5(DER(OID))). The final RFC5656 dropped the base64 strings in favor of plain OID concatenation, but apparently some SSH servers implement them anyway. See: https://datatracker.ietf.org/doc/html/draft-green-secsh-ecc-06#section-9.2
'ecdh-sha2-4MHB+NBt3AlaSRQ7MnB4cg==': [[], [FAIL_UNPROVEN, FAIL_SMALL_ECC_MODULUS]], # sect163k1
'ecdh-sha2-5pPrSUQtIaTjUSt5VZNBjg==': [[], [FAIL_SMALL_ECC_MODULUS, FAIL_NSA_BACKDOORED_CURVE]], # NIST P-192 / secp192r1
'ecdh-sha2-9UzNcgwTlEnSCECZa7V1mw==': [[], [FAIL_NSA_BACKDOORED_CURVE]], # NIST P-256 / secp256r1
'ecdh-sha2-brainpoolp256r1@genua.de': [[], [FAIL_UNPROVEN]],
'ecdh-sha2-brainpoolp384r1@genua.de': [[], [FAIL_UNPROVEN]],
'ecdh-sha2-brainpoolp521r1@genua.de': [[], [FAIL_UNPROVEN]],
'ecdh-sha2-curve25519': [[], []],
'ecdh-sha2-D3FefCjYoJ/kfXgAyLddYA==': [[], [FAIL_NSA_BACKDOORED_CURVE]], # sect409r1
'ecdh-sha2-h/SsxnLCtRBh7I9ATyeB3A==': [[], [FAIL_NSA_BACKDOORED_CURVE]], # NIST P-521 / secp521r1
'ecdh-sha2-m/FtSAmrV4j/Wy6RVUaK7A==': [[], [FAIL_UNPROVEN]], # sect409k1
'ecdh-sha2-mNVwCXAoS1HGmHpLvBC94w==': [[], [FAIL_UNPROVEN]], # sect571k1
'ecdh-sha2-nistb233': [[], [FAIL_UNPROVEN, FAIL_SMALL_ECC_MODULUS]],
'ecdh-sha2-nistb409': [[], [FAIL_UNPROVEN]],
'ecdh-sha2-nistk163': [[], [FAIL_UNPROVEN, FAIL_SMALL_ECC_MODULUS]],
'ecdh-sha2-nistk233': [[], [FAIL_UNPROVEN, FAIL_SMALL_ECC_MODULUS]],
'ecdh-sha2-nistk283': [[], [FAIL_UNPROVEN]],
'ecdh-sha2-nistk409': [[], [FAIL_UNPROVEN]],
'ecdh-sha2-nistp192': [[], [FAIL_NSA_BACKDOORED_CURVE]],
'ecdh-sha2-nistp224': [[], [FAIL_NSA_BACKDOORED_CURVE]],
'ecdh-sha2-nistp256': [['5.7,d2013.62,l10.6.0'], [FAIL_NSA_BACKDOORED_CURVE]],
'ecdh-sha2-nistp384': [['5.7,d2013.62'], [FAIL_NSA_BACKDOORED_CURVE]],
'ecdh-sha2-nistp521': [['5.7,d2013.62'], [FAIL_NSA_BACKDOORED_CURVE]],
'ecdh-sha2-nistt571': [[], [FAIL_UNPROVEN]],
'ecdh-sha2-qCbG5Cn/jjsZ7nBeR7EnOA==': [[FAIL_SMALL_ECC_MODULUS, FAIL_NSA_BACKDOORED_CURVE]], # sect233r1
'ecdh-sha2-qcFQaMAMGhTziMT0z+Tuzw==': [[], [FAIL_NSA_BACKDOORED_CURVE]], # NIST P-384 / secp384r1
'ecdh-sha2-VqBg4QRPjxx1EXZdV0GdWQ==': [[], [FAIL_NSA_BACKDOORED_CURVE, FAIL_SMALL_ECC_MODULUS]], # NIST P-224 / secp224r1
'ecdh-sha2-wiRIU8TKjMZ418sMqlqtvQ==': [[], [FAIL_UNPROVEN]], # sect283k1
'ecdh-sha2-zD/b3hu/71952ArpUG4OjQ==': [[], [FAIL_UNPROVEN, FAIL_SMALL_ECC_MODULUS]], # sect233k1
'ecmqv-sha2': [[], [FAIL_UNPROVEN]],
'ext-info-c': [[], [], [], [INFO_EXTENSION_NEGOTIATION]], # Extension negotiation (RFC 8308)
'ext-info-s': [[], [], [], [INFO_EXTENSION_NEGOTIATION]], # Extension negotiation (RFC 8308)
'kex-strict-c-v00@openssh.com': [[], [], [], [INFO_STRICT_KEX]], # Strict KEX marker (countermeasure for CVE-2023-48795).
'kex-strict-s-v00@openssh.com': [[], [], [], [INFO_STRICT_KEX]], # Strict KEX marker (countermeasure for CVE-2023-48795).
'ecdh-sha2-4MHB+NBt3AlaSRQ7MnB4cg==': [[], [FAIL_UNPROVEN, FAIL_SMALL_ECC_MODULUS], [], [], [WEIGHT_FAIL]], # sect163k1
'ecdh-sha2-5pPrSUQtIaTjUSt5VZNBjg==': [[], [FAIL_SMALL_ECC_MODULUS, FAIL_NSA_BACKDOORED_CURVE], [], [], [WEIGHT_FAIL]], # NIST P-192 / secp192r1
'ecdh-sha2-9UzNcgwTlEnSCECZa7V1mw==': [[], [FAIL_NSA_BACKDOORED_CURVE], [], [], [WEIGHT_FAIL]], # NIST P-256 / secp256r1
'ecdh-sha2-brainpoolp256r1@genua.de': [[], [FAIL_UNPROVEN], [], [], [WEIGHT_FAIL]],
'ecdh-sha2-brainpoolp384r1@genua.de': [[], [FAIL_UNPROVEN], [], [], [WEIGHT_FAIL]],
'ecdh-sha2-brainpoolp521r1@genua.de': [[], [FAIL_UNPROVEN], [], [], [WEIGHT_FAIL]],
'ecdh-sha2-curve25519': [[], [], [], [], [2200]],
'ecdh-sha2-D3FefCjYoJ/kfXgAyLddYA==': [[], [FAIL_NSA_BACKDOORED_CURVE], [], [], [WEIGHT_FAIL]], # sect409r1
'ecdh-sha2-h/SsxnLCtRBh7I9ATyeB3A==': [[], [FAIL_NSA_BACKDOORED_CURVE], [], [], [WEIGHT_FAIL]], # NIST P-521 / secp521r1
'ecdh-sha2-m/FtSAmrV4j/Wy6RVUaK7A==': [[], [FAIL_UNPROVEN], [], [], [WEIGHT_FAIL]], # sect409k1
'ecdh-sha2-mNVwCXAoS1HGmHpLvBC94w==': [[], [FAIL_UNPROVEN], [], [], [WEIGHT_FAIL]], # sect571k1
'ecdh-sha2-nistb233': [[], [FAIL_UNPROVEN, FAIL_SMALL_ECC_MODULUS], [], [], [WEIGHT_FAIL]],
'ecdh-sha2-nistb409': [[], [FAIL_UNPROVEN], [], [], [WEIGHT_FAIL]],
'ecdh-sha2-nistk163': [[], [FAIL_UNPROVEN, FAIL_SMALL_ECC_MODULUS], [], [], [WEIGHT_FAIL]],
'ecdh-sha2-nistk233': [[], [FAIL_UNPROVEN, FAIL_SMALL_ECC_MODULUS], [], [], [WEIGHT_FAIL]],
'ecdh-sha2-nistk283': [[], [FAIL_UNPROVEN], [], [], [WEIGHT_FAIL]],
'ecdh-sha2-nistk409': [[], [FAIL_UNPROVEN], [], [], [WEIGHT_FAIL]],
'ecdh-sha2-nistp192': [[], [FAIL_NSA_BACKDOORED_CURVE], [], [], [WEIGHT_FAIL]],
'ecdh-sha2-nistp224': [[], [FAIL_NSA_BACKDOORED_CURVE], [], [], [WEIGHT_FAIL]],
'ecdh-sha2-nistp256': [['5.7,d2013.62,l10.6.0'], [FAIL_NSA_BACKDOORED_CURVE], [], [], [WEIGHT_FAIL]],
'ecdh-sha2-nistp384': [['5.7,d2013.62'], [FAIL_NSA_BACKDOORED_CURVE], [], [], [WEIGHT_FAIL]],
'ecdh-sha2-nistp521': [['5.7,d2013.62'], [FAIL_NSA_BACKDOORED_CURVE], [], [], [WEIGHT_FAIL]],
'ecdh-sha2-nistt571': [[], [FAIL_UNPROVEN], [], [], [WEIGHT_FAIL]],
'ecdh-sha2-qCbG5Cn/jjsZ7nBeR7EnOA==': [[], [FAIL_SMALL_ECC_MODULUS, FAIL_NSA_BACKDOORED_CURVE], [], [], [WEIGHT_FAIL]], # sect233r1
'ecdh-sha2-qcFQaMAMGhTziMT0z+Tuzw==': [[], [FAIL_NSA_BACKDOORED_CURVE], [], [], [WEIGHT_FAIL]], # NIST P-384 / secp384r1
'ecdh-sha2-VqBg4QRPjxx1EXZdV0GdWQ==': [[], [FAIL_NSA_BACKDOORED_CURVE, FAIL_SMALL_ECC_MODULUS], [], [], [WEIGHT_FAIL]], # NIST P-224 / secp224r1
'ecdh-sha2-wiRIU8TKjMZ418sMqlqtvQ==': [[], [FAIL_UNPROVEN], [], [], [WEIGHT_FAIL]], # sect283k1
'ecdh-sha2-zD/b3hu/71952ArpUG4OjQ==': [[], [FAIL_UNPROVEN, FAIL_SMALL_ECC_MODULUS], [], [], [WEIGHT_FAIL]], # sect233k1
'ecmqv-sha2': [[], [FAIL_UNPROVEN], [], [], [WEIGHT_FAIL]],
'ext-info-c': [[], [], [], [INFO_EXTENSION_NEGOTIATION], [100]], # Extension negotiation (RFC 8308)
'ext-info-s': [[], [], [], [INFO_EXTENSION_NEGOTIATION], [100]], # Extension negotiation (RFC 8308)
'kex-strict-c-v00@openssh.com': [[], [], [], [INFO_STRICT_KEX], [WEIGHT_STRICT_KEX]], # Strict KEX marker (countermeasure for CVE-2023-48795).
'kex-strict-s-v00@openssh.com': [[], [], [], [INFO_STRICT_KEX], [WEIGHT_STRICT_KEX]], # Strict KEX marker (countermeasure for CVE-2023-48795).
# The GSS kex algorithms get special wildcard handling, since they include variable base64 data after their standard prefixes.
'gss-13.3.132.0.10-sha256-*': [[], [FAIL_UNKNOWN]],
'gss-curve25519-sha256-*': [[]],
'gss-curve448-sha512-*': [[]],
'gss-gex-sha1-*': [[], [FAIL_SHA1]],
'gss-gex-sha256-*': [[]],
'gss-group14-sha1-*': [[], [FAIL_SHA1], [WARN_2048BIT_MODULUS]],
'gss-group14-sha256-*': [[], [], [WARN_2048BIT_MODULUS]],
'gss-group15-sha512-*': [[]],
'gss-group16-sha512-*': [[]],
'gss-group17-sha512-*': [[]],
'gss-group18-sha512-*': [[]],
'gss-group1-sha1-*': [[], [FAIL_1024BIT_MODULUS, FAIL_LOGJAM_ATTACK, FAIL_SHA1]],
'gss-nistp256-sha256-*': [[], [FAIL_NSA_BACKDOORED_CURVE]],
'gss-nistp384-sha256-*': [[], [FAIL_NSA_BACKDOORED_CURVE]],
'gss-nistp384-sha384-*': [[], [FAIL_NSA_BACKDOORED_CURVE]],
'gss-nistp521-sha512-*': [[], [FAIL_NSA_BACKDOORED_CURVE]],
'kexAlgoCurve25519SHA256': [[]],
'kexAlgoDH14SHA1': [[], [FAIL_SHA1], [WARN_2048BIT_MODULUS]],
'kexAlgoDH1SHA1': [[], [FAIL_1024BIT_MODULUS, FAIL_LOGJAM_ATTACK, FAIL_SHA1]],
'kexAlgoECDH256': [[], [FAIL_NSA_BACKDOORED_CURVE]],
'kexAlgoECDH384': [[], [FAIL_NSA_BACKDOORED_CURVE]],
'kexAlgoECDH521': [[], [FAIL_NSA_BACKDOORED_CURVE]],
'kexguess2@matt.ucc.asn.au': [['d2013.57']],
'm383-sha384@libassh.org': [[], [FAIL_UNPROVEN]],
'm511-sha512@libassh.org': [[], [FAIL_UNPROVEN]],
'rsa1024-sha1': [[], [FAIL_1024BIT_MODULUS, FAIL_SHA1]],
'rsa2048-sha256': [[], [], [WARN_2048BIT_MODULUS]],
'sm2kep-sha2-nistp256': [[], [FAIL_NSA_BACKDOORED_CURVE, FAIL_UNTRUSTED]],
'sntrup4591761x25519-sha512@tinyssh.org': [['8.0', '8.4'], [], [WARN_EXPERIMENTAL], [INFO_WITHDRAWN_PQ_ALG]],
'sntrup761x25519-sha512@openssh.com': [['8.5'], [], [], [INFO_DEFAULT_OPENSSH_KEX_90]],
'x25519-kyber-512r3-sha256-d00@amazon.com': [[]],
'x25519-kyber512-sha512@aws.amazon.com': [[]],
'gss-13.3.132.0.10-sha256-*': [[], [FAIL_UNKNOWN], [], [] ,[WEIGHT_FAIL]],
'gss-curve25519-sha256-*': [[], [], [], [], [2000]],
'gss-curve448-sha512-*': [[], [], [], [], [2000]],
'gss-gex-sha1-*': [[], [FAIL_SHA1], [], [], [WEIGHT_FAIL]],
'gss-gex-sha256-*': [[], [], [], [], [2000]],
'gss-group14-sha1-*': [[], [FAIL_SHA1], [WARN_2048BIT_MODULUS], [], [WEIGHT_FAIL]],
'gss-group14-sha256-*': [[], [], [WARN_2048BIT_MODULUS], [], [100]],
'gss-group15-sha512-*': [[], [], [], [], [2000]],
'gss-group16-sha512-*': [[], [], [], [], [2200]],
'gss-group17-sha512-*': [[], [], [], [], [2200]],
'gss-group18-sha512-*': [[], [], [], [], [2300]],
'gss-group1-sha1-*': [[], [FAIL_1024BIT_MODULUS, FAIL_LOGJAM_ATTACK, FAIL_SHA1], [], [], [WEIGHT_FAIL]],
'gss-nistp256-sha256-*': [[], [FAIL_NSA_BACKDOORED_CURVE], [], [], [WEIGHT_FAIL]],
'gss-nistp384-sha256-*': [[], [FAIL_NSA_BACKDOORED_CURVE], [], [], [WEIGHT_FAIL]],
'gss-nistp384-sha384-*': [[], [FAIL_NSA_BACKDOORED_CURVE], [], [], [WEIGHT_FAIL]],
'gss-nistp521-sha512-*': [[], [FAIL_NSA_BACKDOORED_CURVE], [], [], [WEIGHT_FAIL]],
'kexAlgoCurve25519SHA256': [[], [], [], [], [2000]],
'kexAlgoDH14SHA1': [[], [FAIL_SHA1], [WARN_2048BIT_MODULUS], [], [WEIGHT_FAIL]],
'kexAlgoDH1SHA1': [[], [FAIL_1024BIT_MODULUS, FAIL_LOGJAM_ATTACK, FAIL_SHA1], [], [], [WEIGHT_FAIL]],
'kexAlgoECDH256': [[], [FAIL_NSA_BACKDOORED_CURVE], [], [], [WEIGHT_FAIL]],
'kexAlgoECDH384': [[], [FAIL_NSA_BACKDOORED_CURVE], [], [], [WEIGHT_FAIL]],
'kexAlgoECDH521': [[], [FAIL_NSA_BACKDOORED_CURVE], [], [], [WEIGHT_FAIL]],
'kexguess2@matt.ucc.asn.au': [['d2013.57'], [], [], [], [200]],
'm383-sha384@libassh.org': [[], [FAIL_UNPROVEN], [], [], [WEIGHT_FAIL]],
'm511-sha512@libassh.org': [[], [FAIL_UNPROVEN], [], [], [WEIGHT_FAIL]],
'rsa1024-sha1': [[], [FAIL_1024BIT_MODULUS, FAIL_SHA1], [], [], [WEIGHT_FAIL]],
'rsa2048-sha256': [[], [], [WARN_2048BIT_MODULUS], [], [100]],
'sm2kep-sha2-nistp256': [[], [FAIL_NSA_BACKDOORED_CURVE, FAIL_UNTRUSTED], [], [], [WEIGHT_FAIL]],
'sntrup4591761x25519-sha512@tinyssh.org': [['8.0', '8.4'], [], [WARN_EXPERIMENTAL], [INFO_WITHDRAWN_PQ_ALG], [1]],
'sntrup761x25519-sha512@openssh.com': [['8.5'], [], [], [INFO_DEFAULT_OPENSSH_KEX_90], [1]],
'x25519-kyber-512r3-sha256-d00@amazon.com': [[], [], [], [], [2000]],
'x25519-kyber512-sha512@aws.amazon.com': [[], [], [], [], [2000]],
},
'key': {
'dsa2048-sha224@libassh.org': [[], [FAIL_UNPROVEN], [WARN_2048BIT_MODULUS]],
'dsa2048-sha256@libassh.org': [[], [FAIL_UNPROVEN], [WARN_2048BIT_MODULUS]],
'dsa3072-sha256@libassh.org': [[], [FAIL_UNPROVEN]],
'ecdsa-sha2-1.3.132.0.10-cert-v01@openssh.com': [[], [FAIL_UNKNOWN]],
'ecdsa-sha2-1.3.132.0.10': [[], [], [WARN_RNDSIG_KEY]], # ECDSA over secp256k1 (i.e.: the Bitcoin curve)
'ecdsa-sha2-curve25519': [[], [], [WARN_RNDSIG_KEY]], # ECDSA with Curve25519? Bizarre...
'ecdsa-sha2-nistb233': [[], [FAIL_UNPROVEN, FAIL_SMALL_ECC_MODULUS], [WARN_RNDSIG_KEY]],
'ecdsa-sha2-nistb409': [[], [FAIL_UNPROVEN], [WARN_RNDSIG_KEY]],
'ecdsa-sha2-nistk163': [[], [FAIL_UNPROVEN, FAIL_SMALL_ECC_MODULUS], [WARN_RNDSIG_KEY]],
'ecdsa-sha2-nistk233': [[], [FAIL_UNPROVEN, FAIL_SMALL_ECC_MODULUS], [WARN_RNDSIG_KEY]],
'ecdsa-sha2-nistk283': [[], [FAIL_UNPROVEN], [WARN_RNDSIG_KEY]],
'ecdsa-sha2-nistk409': [[], [FAIL_UNPROVEN], [WARN_RNDSIG_KEY]],
'ecdsa-sha2-nistp224': [[], [FAIL_NSA_BACKDOORED_CURVE, FAIL_SMALL_ECC_MODULUS], [WARN_RNDSIG_KEY]],
'ecdsa-sha2-nistp192': [[], [FAIL_NSA_BACKDOORED_CURVE, FAIL_SMALL_ECC_MODULUS], [WARN_RNDSIG_KEY]],
'ecdsa-sha2-nistp256': [['5.7,d2013.62,l10.6.4'], [FAIL_NSA_BACKDOORED_CURVE], [WARN_RNDSIG_KEY]],
'ecdsa-sha2-nistp256-cert-v01@openssh.com': [['5.7'], [FAIL_NSA_BACKDOORED_CURVE], [WARN_RNDSIG_KEY]],
'ecdsa-sha2-nistp384': [['5.7,d2013.62,l10.6.4'], [FAIL_NSA_BACKDOORED_CURVE], [WARN_RNDSIG_KEY]],
'ecdsa-sha2-nistp384-cert-v01@openssh.com': [['5.7'], [FAIL_NSA_BACKDOORED_CURVE], [WARN_RNDSIG_KEY]],
'ecdsa-sha2-nistp521': [['5.7,d2013.62,l10.6.4'], [FAIL_NSA_BACKDOORED_CURVE], [WARN_RNDSIG_KEY]],
'ecdsa-sha2-nistp521-cert-v01@openssh.com': [['5.7'], [FAIL_NSA_BACKDOORED_CURVE], [WARN_RNDSIG_KEY]],
'ecdsa-sha2-nistt571': [[], [FAIL_UNPROVEN], [WARN_RNDSIG_KEY]],
'eddsa-e382-shake256@libassh.org': [[], [FAIL_UNPROVEN]],
'eddsa-e521-shake256@libassh.org': [[], [FAIL_UNPROVEN]],
'null': [[], [FAIL_PLAINTEXT]],
'pgp-sign-dss': [[], [FAIL_1024BIT_MODULUS]],
'pgp-sign-rsa': [[], [FAIL_1024BIT_MODULUS]],
'rsa-sha2-256': [['7.2']],
'rsa-sha2-256-cert-v01@openssh.com': [['7.8']],
'rsa-sha2-512': [['7.2']],
'rsa-sha2-512-cert-v01@openssh.com': [['7.8']],
'sk-ecdsa-sha2-nistp256-cert-v01@openssh.com': [['8.2'], [FAIL_NSA_BACKDOORED_CURVE], [WARN_RNDSIG_KEY]],
'sk-ecdsa-sha2-nistp256@openssh.com': [['8.2'], [FAIL_NSA_BACKDOORED_CURVE], [WARN_RNDSIG_KEY]],
'sk-ssh-ed25519-cert-v01@openssh.com': [['8.2']],
'sk-ssh-ed25519@openssh.com': [['8.2']],
'spi-sign-rsa': [[]],
'spki-sign-dss': [[], [FAIL_1024BIT_MODULUS]],
'spki-sign-rsa': [[], [FAIL_1024BIT_MODULUS]],
'ssh-dsa': [[], [FAIL_1024BIT_MODULUS], [WARN_RNDSIG_KEY]],
'ssh-dss': [['2.1.0,d0.28,l10.2', '6.9'], [FAIL_1024BIT_MODULUS], [WARN_RNDSIG_KEY], [INFO_DISABLED_IN_OPENSSH70]],
'ssh-dss-cert-v00@openssh.com': [['5.4', '6.9'], [FAIL_1024BIT_MODULUS], [WARN_RNDSIG_KEY], [INFO_DISABLED_IN_OPENSSH70]],
'ssh-dss-cert-v01@openssh.com': [['5.6', '6.9'], [FAIL_1024BIT_MODULUS], [WARN_RNDSIG_KEY]],
'ssh-dss-sha224@ssh.com': [[], [FAIL_1024BIT_MODULUS]],
'ssh-dss-sha256@ssh.com': [[], [FAIL_1024BIT_MODULUS]],
'ssh-dss-sha384@ssh.com': [[], [FAIL_1024BIT_MODULUS]],
'ssh-dss-sha512@ssh.com': [[], [FAIL_1024BIT_MODULUS]],
'ssh-ed25519': [['6.5,l10.7.0']],
'ssh-ed25519-cert-v01@openssh.com': [['6.5']],
'ssh-ed448': [[]],
'ssh-ed448-cert-v01@openssh.com': [[], [], [], [INFO_NEVER_IMPLEMENTED_IN_OPENSSH]],
'ssh-gost2001': [[], [FAIL_UNTRUSTED]],
'ssh-gost2012-256': [[], [FAIL_UNTRUSTED]],
'ssh-gost2012-512': [[], [FAIL_UNTRUSTED]],
'ssh-rsa1': [[], [FAIL_SHA1]],
'ssh-rsa': [['2.5.0,d0.28,l10.2'], [FAIL_SHA1], [], [INFO_DEPRECATED_IN_OPENSSH88]],
'ssh-rsa-cert-v00@openssh.com': [['5.4', '6.9'], [FAIL_SHA1], [], [INFO_REMOVED_IN_OPENSSH70]],
'ssh-rsa-cert-v01@openssh.com': [['5.6'], [FAIL_SHA1], [], [INFO_DEPRECATED_IN_OPENSSH88]],
'ssh-rsa-sha224@ssh.com': [[]],
'ssh-rsa-sha2-256': [[]],
'ssh-rsa-sha2-512': [[]],
'ssh-rsa-sha256@ssh.com': [[]],
'ssh-rsa-sha384@ssh.com': [[]],
'ssh-rsa-sha512@ssh.com': [[]],
'ssh-xmss-cert-v01@openssh.com': [['7.7'], [WARN_EXPERIMENTAL]],
'ssh-xmss@openssh.com': [['7.7'], [WARN_EXPERIMENTAL]],
'webauthn-sk-ecdsa-sha2-nistp256@openssh.com': [['8.3'], [FAIL_NSA_BACKDOORED_CURVE]],
'x509v3-ecdsa-sha2-1.3.132.0.10': [[], [FAIL_UNKNOWN]],
'x509v3-ecdsa-sha2-nistp256': [[], [FAIL_NSA_BACKDOORED_CURVE]],
'x509v3-ecdsa-sha2-nistp384': [[], [FAIL_NSA_BACKDOORED_CURVE]],
'x509v3-ecdsa-sha2-nistp521': [[], [FAIL_NSA_BACKDOORED_CURVE]],
'x509v3-rsa2048-sha256': [[]],
'x509v3-sign-dss': [[], [FAIL_1024BIT_MODULUS], [WARN_RNDSIG_KEY]],
'x509v3-sign-dss-sha1': [[], [FAIL_1024BIT_MODULUS, FAIL_SHA1]],
'x509v3-sign-dss-sha224@ssh.com': [[], [FAIL_1024BIT_MODULUS]],
'x509v3-sign-dss-sha256@ssh.com': [[], [FAIL_1024BIT_MODULUS]],
'x509v3-sign-dss-sha384@ssh.com': [[], [FAIL_1024BIT_MODULUS]],
'x509v3-sign-dss-sha512@ssh.com': [[], [FAIL_1024BIT_MODULUS]],
'x509v3-sign-rsa': [[], [FAIL_SHA1]],
'x509v3-sign-rsa-sha1': [[], [FAIL_SHA1]],
'x509v3-sign-rsa-sha224@ssh.com': [[]],
'x509v3-sign-rsa-sha256': [[]],
'x509v3-sign-rsa-sha256@ssh.com': [[]],
'x509v3-sign-rsa-sha384@ssh.com': [[]],
'x509v3-sign-rsa-sha512@ssh.com': [[]],
'x509v3-ssh-dss': [[], [FAIL_1024BIT_MODULUS], [WARN_RNDSIG_KEY]],
'x509v3-ssh-rsa': [[], [FAIL_SHA1], [], [INFO_DEPRECATED_IN_OPENSSH88]],
'dsa2048-sha224@libassh.org': [[], [FAIL_UNPROVEN], [WARN_2048BIT_MODULUS], [], [WEIGHT_FAIL]],
'dsa2048-sha256@libassh.org': [[], [FAIL_UNPROVEN], [WARN_2048BIT_MODULUS], [], [WEIGHT_FAIL]],
'dsa3072-sha256@libassh.org': [[], [FAIL_UNPROVEN], [], [], [WEIGHT_FAIL]],
'ecdsa-sha2-1.3.132.0.10-cert-v01@openssh.com': [[], [FAIL_UNKNOWN], [], [], [WEIGHT_FAIL]],
'ecdsa-sha2-1.3.132.0.10': [[], [], [WARN_RNDSIG_KEY], [], [900]], # ECDSA over secp256k1 (i.e.: the Bitcoin curve)
'ecdsa-sha2-curve25519': [[], [], [WARN_RNDSIG_KEY], [], [900]], # ECDSA with Curve25519? Bizarre...
'ecdsa-sha2-nistb233': [[], [FAIL_UNPROVEN, FAIL_SMALL_ECC_MODULUS], [WARN_RNDSIG_KEY], [], [WEIGHT_FAIL]],
'ecdsa-sha2-nistb409': [[], [FAIL_UNPROVEN], [WARN_RNDSIG_KEY], [], [WEIGHT_FAIL]],
'ecdsa-sha2-nistk163': [[], [FAIL_UNPROVEN, FAIL_SMALL_ECC_MODULUS], [WARN_RNDSIG_KEY], [], [WEIGHT_FAIL]],
'ecdsa-sha2-nistk233': [[], [FAIL_UNPROVEN, FAIL_SMALL_ECC_MODULUS], [WARN_RNDSIG_KEY], [], [WEIGHT_FAIL]],
'ecdsa-sha2-nistk283': [[], [FAIL_UNPROVEN], [WARN_RNDSIG_KEY], [], [WEIGHT_FAIL]],
'ecdsa-sha2-nistk409': [[], [FAIL_UNPROVEN], [WARN_RNDSIG_KEY], [], [WEIGHT_FAIL]],
'ecdsa-sha2-nistp224': [[], [FAIL_NSA_BACKDOORED_CURVE, FAIL_SMALL_ECC_MODULUS], [WARN_RNDSIG_KEY], [], [WEIGHT_FAIL]],
'ecdsa-sha2-nistp192': [[], [FAIL_NSA_BACKDOORED_CURVE, FAIL_SMALL_ECC_MODULUS], [WARN_RNDSIG_KEY], [], [WEIGHT_FAIL]],
'ecdsa-sha2-nistp256': [['5.7,d2013.62,l10.6.4'], [FAIL_NSA_BACKDOORED_CURVE], [WARN_RNDSIG_KEY], [], [WEIGHT_FAIL]],
'ecdsa-sha2-nistp256-cert-v01@openssh.com': [['5.7'], [FAIL_NSA_BACKDOORED_CURVE], [WARN_RNDSIG_KEY], [], [WEIGHT_FAIL]],
'ecdsa-sha2-nistp384': [['5.7,d2013.62,l10.6.4'], [FAIL_NSA_BACKDOORED_CURVE], [WARN_RNDSIG_KEY], [], [WEIGHT_FAIL]],
'ecdsa-sha2-nistp384-cert-v01@openssh.com': [['5.7'], [FAIL_NSA_BACKDOORED_CURVE], [WARN_RNDSIG_KEY], [], [WEIGHT_FAIL]],
'ecdsa-sha2-nistp521': [['5.7,d2013.62,l10.6.4'], [FAIL_NSA_BACKDOORED_CURVE], [WARN_RNDSIG_KEY], [], [WEIGHT_FAIL]],
'ecdsa-sha2-nistp521-cert-v01@openssh.com': [['5.7'], [FAIL_NSA_BACKDOORED_CURVE], [WARN_RNDSIG_KEY], [], [WEIGHT_FAIL]],
'ecdsa-sha2-nistt571': [[], [FAIL_UNPROVEN], [WARN_RNDSIG_KEY], [], [WEIGHT_FAIL]],
'eddsa-e382-shake256@libassh.org': [[], [FAIL_UNPROVEN], [], [], [WEIGHT_FAIL]],
'eddsa-e521-shake256@libassh.org': [[], [FAIL_UNPROVEN], [], [], [WEIGHT_FAIL]],
'null': [[], [FAIL_PLAINTEXT], [], [], [WEIGHT_FAIL]],
'pgp-sign-dss': [[], [FAIL_1024BIT_MODULUS], [], [], [WEIGHT_FAIL]],
'pgp-sign-rsa': [[], [FAIL_1024BIT_MODULUS], [], [], [WEIGHT_FAIL]],
'rsa-sha2-256': [['7.2'], [], [], [], [2000]],
'rsa-sha2-256-cert-v01@openssh.com': [['7.8'], [], [], [], [NEVER_SUGGEST_ALG]],
'rsa-sha2-512': [['7.2'], [], [], [], [2200]],
'rsa-sha2-512-cert-v01@openssh.com': [['7.8'], [], [], [], [NEVER_SUGGEST_ALG]],
'sk-ecdsa-sha2-nistp256-cert-v01@openssh.com': [['8.2'], [FAIL_NSA_BACKDOORED_CURVE], [WARN_RNDSIG_KEY], [], [WEIGHT_FAIL]],
'sk-ecdsa-sha2-nistp256@openssh.com': [['8.2'], [FAIL_NSA_BACKDOORED_CURVE], [WARN_RNDSIG_KEY], [], [WEIGHT_FAIL]],
'sk-ssh-ed25519-cert-v01@openssh.com': [['8.2'], [], [], [], [NEVER_SUGGEST_ALG]],
'sk-ssh-ed25519@openssh.com': [['8.2'], [], [], [], [NEVER_SUGGEST_ALG]],
'spi-sign-rsa': [[], [], [], [], [200]],
'spki-sign-dss': [[], [FAIL_1024BIT_MODULUS], [], [], [WEIGHT_FAIL]],
'spki-sign-rsa': [[], [FAIL_1024BIT_MODULUS], [], [], [WEIGHT_FAIL]],
'ssh-dsa': [[], [FAIL_1024BIT_MODULUS], [WARN_RNDSIG_KEY], [], [WEIGHT_FAIL]],
'ssh-dss': [['2.1.0,d0.28,l10.2', '6.9'], [FAIL_1024BIT_MODULUS], [WARN_RNDSIG_KEY], [INFO_DISABLED_IN_OPENSSH70], [WEIGHT_FAIL]],
'ssh-dss-cert-v00@openssh.com': [['5.4', '6.9'], [FAIL_1024BIT_MODULUS], [WARN_RNDSIG_KEY], [INFO_DISABLED_IN_OPENSSH70], [WEIGHT_FAIL]],
'ssh-dss-cert-v01@openssh.com': [['5.6', '6.9'], [FAIL_1024BIT_MODULUS], [WARN_RNDSIG_KEY], [], [WEIGHT_FAIL]],
'ssh-dss-sha224@ssh.com': [[], [FAIL_1024BIT_MODULUS], [], [], [WEIGHT_FAIL]],
'ssh-dss-sha256@ssh.com': [[], [FAIL_1024BIT_MODULUS], [], [], [WEIGHT_FAIL]],
'ssh-dss-sha384@ssh.com': [[], [FAIL_1024BIT_MODULUS], [], [], [WEIGHT_FAIL]],
'ssh-dss-sha512@ssh.com': [[], [FAIL_1024BIT_MODULUS], [], [], [WEIGHT_FAIL]],
'ssh-ed25519': [['6.5,l10.7.0'], [], [], [], [2000]],
'ssh-ed25519-cert-v01@openssh.com': [['6.5'], [], [], [], [NEVER_SUGGEST_ALG]],
'ssh-ed448': [[], [], [], [], [1500]],
'ssh-ed448-cert-v01@openssh.com': [[], [], [], [INFO_NEVER_IMPLEMENTED_IN_OPENSSH], [NEVER_SUGGEST_ALG]],
'ssh-gost2001': [[], [FAIL_UNTRUSTED], [], [], [WEIGHT_FAIL]],
'ssh-gost2012-256': [[], [FAIL_UNTRUSTED], [], [], [WEIGHT_FAIL]],
'ssh-gost2012-512': [[], [FAIL_UNTRUSTED], [], [], [WEIGHT_FAIL]],
'ssh-rsa1': [[], [FAIL_SHA1], [], [], [WEIGHT_FAIL]],
'ssh-rsa': [['2.5.0,d0.28,l10.2'], [FAIL_SHA1], [], [INFO_DEPRECATED_IN_OPENSSH88], [WEIGHT_SSH_NOT_IMP_OR_DISABLED]],
'ssh-rsa-cert-v00@openssh.com': [['5.4', '6.9'], [FAIL_SHA1], [], [INFO_REMOVED_IN_OPENSSH70], [NEVER_SUGGEST_ALG]],
'ssh-rsa-cert-v01@openssh.com': [['5.6'], [FAIL_SHA1], [], [INFO_DEPRECATED_IN_OPENSSH88], [NEVER_SUGGEST_ALG]],
'ssh-rsa-sha224@ssh.com': [[], [], [], [], [200]],
'ssh-rsa-sha2-256': [[], [], [], [], [1000]],
'ssh-rsa-sha2-512': [[], [], [], [], [1010]],
'ssh-rsa-sha256@ssh.com': [[], [], [], [], [1020]],
'ssh-rsa-sha384@ssh.com': [[], [], [], [], [1030]],
'ssh-rsa-sha512@ssh.com': [[], [], [], [], [1040]],
'ssh-xmss-cert-v01@openssh.com': [['7.7'], [], [WARN_EXPERIMENTAL], [], [NEVER_SUGGEST_ALG]],
'ssh-xmss@openssh.com': [['7.7'], [], [WARN_EXPERIMENTAL], [], [WEIGHT_FAIL]],
'webauthn-sk-ecdsa-sha2-nistp256@openssh.com': [['8.3'], [FAIL_NSA_BACKDOORED_CURVE], [], [], [WEIGHT_FAIL]],
'x509v3-ecdsa-sha2-1.3.132.0.10': [[], [FAIL_UNKNOWN], [], [], [WEIGHT_FAIL]],
'x509v3-ecdsa-sha2-nistp256': [[], [FAIL_NSA_BACKDOORED_CURVE], [], [], [WEIGHT_FAIL]],
'x509v3-ecdsa-sha2-nistp384': [[], [FAIL_NSA_BACKDOORED_CURVE], [], [], [WEIGHT_FAIL]],
'x509v3-ecdsa-sha2-nistp521': [[], [FAIL_NSA_BACKDOORED_CURVE], [], [], [WEIGHT_FAIL]],
'x509v3-rsa2048-sha256': [[], [], [], [], [1050]],
'x509v3-sign-dss': [[], [FAIL_1024BIT_MODULUS], [WARN_RNDSIG_KEY], [], [WEIGHT_FAIL]],
'x509v3-sign-dss-sha1': [[], [FAIL_1024BIT_MODULUS, FAIL_SHA1], [], [], [WEIGHT_FAIL]],
'x509v3-sign-dss-sha224@ssh.com': [[], [FAIL_1024BIT_MODULUS], [], [], [WEIGHT_FAIL]],
'x509v3-sign-dss-sha256@ssh.com': [[], [FAIL_1024BIT_MODULUS], [], [], [WEIGHT_FAIL]],
'x509v3-sign-dss-sha384@ssh.com': [[], [FAIL_1024BIT_MODULUS], [], [], [WEIGHT_FAIL]],
'x509v3-sign-dss-sha512@ssh.com': [[], [FAIL_1024BIT_MODULUS], [], [], [WEIGHT_FAIL]],
'x509v3-sign-rsa': [[], [FAIL_SHA1], [], [], [WEIGHT_FAIL]],
'x509v3-sign-rsa-sha1': [[], [FAIL_SHA1], [], [], [WEIGHT_FAIL]],
'x509v3-sign-rsa-sha224@ssh.com': [[], [], [], [], [1060]],
'x509v3-sign-rsa-sha256': [[], [], [], [], [1070]],
'x509v3-sign-rsa-sha256@ssh.com': [[], [], [], [], [1080]],
'x509v3-sign-rsa-sha384@ssh.com': [[], [], [], [], [1090]],
'x509v3-sign-rsa-sha512@ssh.com': [[], [], [], [], [2000]],
'x509v3-ssh-dss': [[], [FAIL_1024BIT_MODULUS], [WARN_RNDSIG_KEY], [], [WEIGHT_FAIL]],
'x509v3-ssh-rsa': [[], [FAIL_SHA1], [], [INFO_DEPRECATED_IN_OPENSSH88], [WEIGHT_FAIL]],
},
'enc': {
'3des-cbc': [['1.2.2,d0.28,l10.2', '6.6', None], [FAIL_3DES], [WARN_CIPHER_MODE, WARN_BLOCK_SIZE]],
'3des-cfb': [[], [FAIL_3DES], [WARN_CIPHER_MODE]],
'3des-ctr': [['d0.52'], [FAIL_3DES]],
'3des-ecb': [[], [FAIL_3DES], [WARN_CIPHER_MODE]],
'3des': [[], [FAIL_3DES], [WARN_CIPHER_MODE, WARN_BLOCK_SIZE]],
'3des-ofb': [[], [FAIL_3DES], [WARN_CIPHER_MODE]],
'AEAD_AES_128_GCM': [[]],
'AEAD_AES_256_GCM': [[]],
'aes128-cbc': [['2.3.0,d0.28,l10.2', '6.6', None], [], [WARN_CIPHER_MODE]],
'aes128-ctr': [['3.7,d0.52,l10.4.1']],
'aes128-gcm': [[]],
'aes128-gcm@openssh.com': [['6.2']],
'aes192-cbc': [['2.3.0,l10.2', '6.6', None], [], [WARN_CIPHER_MODE]],
'aes192-ctr': [['3.7,l10.4.1']],
'aes192-gcm@openssh.com': [[], [], [], [INFO_NEVER_IMPLEMENTED_IN_OPENSSH]],
'aes256-cbc': [['2.3.0,d0.47,l10.2', '6.6', None], [], [WARN_CIPHER_MODE]],
'aes256-ctr': [['3.7,d0.52,l10.4.1']],
'aes256-gcm': [[]],
'aes256-gcm@openssh.com': [['6.2']],
'arcfour128': [['4.2', '6.6', '7.1'], [FAIL_RC4]],
'arcfour': [['2.1.0', '6.6', '7.1'], [FAIL_RC4]],
'arcfour256': [['4.2', '6.6', '7.1'], [FAIL_RC4]],
'blowfish-cbc': [['1.2.2,d0.28,l10.2', '6.6,d0.52', '7.1,d0.52'], [FAIL_BLOWFISH], [WARN_CIPHER_MODE, WARN_BLOCK_SIZE]],
'blowfish-cfb': [[], [FAIL_BLOWFISH], [WARN_CIPHER_MODE]],
'blowfish-ctr': [[], [FAIL_BLOWFISH], [WARN_CIPHER_MODE, WARN_BLOCK_SIZE]],
'blowfish-ecb': [[], [FAIL_BLOWFISH], [WARN_CIPHER_MODE]],
'blowfish': [[], [FAIL_BLOWFISH], [WARN_BLOCK_SIZE]],
'blowfish-ofb': [[], [FAIL_BLOWFISH], [WARN_CIPHER_MODE]],
'camellia128-cbc@openssh.org': [[], [], [WARN_CIPHER_MODE]],
'camellia128-cbc': [[], [], [WARN_CIPHER_MODE]],
'camellia128-ctr': [[]],
'camellia128-ctr@openssh.org': [[]],
'camellia192-cbc@openssh.org': [[], [], [WARN_CIPHER_MODE]],
'camellia192-cbc': [[], [], [WARN_CIPHER_MODE]],
'camellia192-ctr': [[]],
'camellia192-ctr@openssh.org': [[]],
'camellia256-cbc@openssh.org': [[], [], [WARN_CIPHER_MODE]],
'camellia256-cbc': [[], [], [WARN_CIPHER_MODE]],
'camellia256-ctr': [[]],
'camellia256-ctr@openssh.org': [[]],
'cast128-12-cbc@ssh.com': [[], [FAIL_CAST], [WARN_CIPHER_MODE]],
'cast128-cbc': [['2.1.0', '6.6', '7.1'], [FAIL_CAST], [WARN_CIPHER_MODE, WARN_BLOCK_SIZE]],
'cast128-12-cbc': [[], [FAIL_CAST], [WARN_CIPHER_MODE]],
'cast128-12-cfb': [[], [FAIL_CAST], [WARN_CIPHER_MODE]],
'cast128-12-ecb': [[], [FAIL_CAST], [WARN_CIPHER_MODE]],
'cast128-12-ofb': [[], [FAIL_CAST], [WARN_CIPHER_MODE]],
'cast128-cfb': [[], [FAIL_CAST], [WARN_CIPHER_MODE]],
'cast128-ctr': [[], [FAIL_CAST]],
'cast128-ecb': [[], [FAIL_CAST], [WARN_CIPHER_MODE]],
'cast128-ofb': [[], [FAIL_CAST], [WARN_CIPHER_MODE]],
'chacha20-poly1305': [[], [], [], [INFO_DEFAULT_OPENSSH_CIPHER]],
'chacha20-poly1305@openssh.com': [['6.5'], [], [], [INFO_DEFAULT_OPENSSH_CIPHER]],
'crypticore128@ssh.com': [[], [FAIL_UNPROVEN]],
'des-cbc': [[], [FAIL_DES], [WARN_CIPHER_MODE, WARN_BLOCK_SIZE]],
'des-cfb': [[], [FAIL_DES], [WARN_CIPHER_MODE, WARN_BLOCK_SIZE]],
'des-ecb': [[], [FAIL_DES], [WARN_CIPHER_MODE, WARN_BLOCK_SIZE]],
'des-ofb': [[], [FAIL_DES], [WARN_CIPHER_MODE, WARN_BLOCK_SIZE]],
'des-cbc-ssh1': [[], [FAIL_DES], [WARN_CIPHER_MODE, WARN_BLOCK_SIZE]],
'des-cbc@ssh.com': [[], [FAIL_DES], [WARN_CIPHER_MODE, WARN_BLOCK_SIZE]],
'des': [[], [FAIL_DES], [WARN_CIPHER_MODE, WARN_BLOCK_SIZE]],
'idea-cbc': [[], [FAIL_IDEA], [WARN_CIPHER_MODE]],
'idea-cfb': [[], [FAIL_IDEA], [WARN_CIPHER_MODE]],
'idea-ctr': [[], [FAIL_IDEA]],
'idea-ecb': [[], [FAIL_IDEA], [WARN_CIPHER_MODE]],
'idea-ofb': [[], [FAIL_IDEA], [WARN_CIPHER_MODE]],
'none': [['1.2.2,d2013.56,l10.2'], [FAIL_PLAINTEXT]],
'rijndael128-cbc': [['2.3.0', '7.0'], [FAIL_RIJNDAEL], [WARN_CIPHER_MODE], [INFO_DISABLED_IN_OPENSSH70]],
'rijndael192-cbc': [['2.3.0', '7.0'], [FAIL_RIJNDAEL], [WARN_CIPHER_MODE], [INFO_DISABLED_IN_OPENSSH70]],
'rijndael256-cbc': [['2.3.0', '7.0'], [FAIL_RIJNDAEL], [WARN_CIPHER_MODE], [INFO_DISABLED_IN_OPENSSH70]],
'rijndael-cbc@lysator.liu.se': [['2.3.0', '6.6', '7.0'], [FAIL_RIJNDAEL], [WARN_CIPHER_MODE], [INFO_DISABLED_IN_OPENSSH70]],
'rijndael-cbc@ssh.com': [[], [FAIL_RIJNDAEL], [WARN_CIPHER_MODE]],
'seed-cbc@ssh.com': [[], [FAIL_SEED], [WARN_CIPHER_MODE]],
'seed-ctr@ssh.com': [[], [FAIL_SEED]],
'serpent128-cbc': [[], [FAIL_SERPENT], [WARN_CIPHER_MODE]],
'serpent128-ctr': [[], [FAIL_SERPENT]],
'serpent128-gcm@libassh.org': [[], [FAIL_SERPENT]],
'serpent192-cbc': [[], [FAIL_SERPENT], [WARN_CIPHER_MODE]],
'serpent192-ctr': [[], [FAIL_SERPENT]],
'serpent256-cbc': [[], [FAIL_SERPENT], [WARN_CIPHER_MODE]],
'serpent256-ctr': [[], [FAIL_SERPENT]],
'serpent256-gcm@libassh.org': [[], [FAIL_SERPENT]],
'twofish128-cbc': [['d0.47', 'd2014.66'], [], [WARN_CIPHER_MODE], [INFO_DISABLED_IN_DBEAR67]],
'twofish128-ctr': [['d2015.68']],
'twofish128-gcm@libassh.org': [[]],
'twofish192-cbc': [[], [], [WARN_CIPHER_MODE]],
'twofish192-ctr': [[]],
'twofish256-cbc': [['d0.47', 'd2014.66'], [], [WARN_CIPHER_MODE], [INFO_DISABLED_IN_DBEAR67]],
'twofish256-ctr': [['d2015.68']],
'twofish256-gcm@libassh.org': [[]],
'twofish-cbc': [['d0.28', 'd2014.66'], [], [WARN_CIPHER_MODE], [INFO_DISABLED_IN_DBEAR67]],
'twofish-cfb': [[], [], [WARN_CIPHER_MODE]],
'twofish-ctr': [[]],
'twofish-ecb': [[], [], [WARN_CIPHER_MODE]],
'twofish-ofb': [[], [], [WARN_CIPHER_MODE]],
'3des-cbc': [['1.2.2,d0.28,l10.2', '6.6', None], [FAIL_3DES], [WARN_CIPHER_MODE, WARN_BLOCK_SIZE], [], [WEIGHT_FAIL]],
'3des-cfb': [[], [FAIL_3DES], [WARN_CIPHER_MODE], [], [WEIGHT_FAIL]],
'3des-ctr': [['d0.52'], [FAIL_3DES], [], [], [WEIGHT_FAIL]],
'3des-ecb': [[], [FAIL_3DES], [WARN_CIPHER_MODE], [], [WEIGHT_FAIL]],
'3des': [[], [FAIL_3DES], [WARN_CIPHER_MODE, WARN_BLOCK_SIZE], [], [WEIGHT_FAIL]],
'3des-ofb': [[], [FAIL_3DES], [WARN_CIPHER_MODE], [], [WEIGHT_FAIL]],
'AEAD_AES_128_GCM': [[], [], [], [], [2010]],
'AEAD_AES_256_GCM': [[], [], [], [], [2020]],
'aes128-cbc': [['2.3.0,d0.28,l10.2', '6.6', None], [], [WARN_CIPHER_MODE], [], [1000]],
'aes128-ctr': [['3.7,d0.52,l10.4.1'], [], [], [], [1100]],
'aes128-gcm': [[], [], [], [], [500]],
'aes128-gcm@openssh.com': [['6.2'], [], [], [], [1600]],
'aes192-cbc': [['2.3.0,l10.2', '6.6', None], [], [WARN_CIPHER_MODE], [], [1900]],
'aes192-ctr': [['3.7,l10.4.1'], [], [], [], [2100]],
'aes192-gcm@openssh.com': [[], [], [], [INFO_NEVER_IMPLEMENTED_IN_OPENSSH], [WEIGHT_SSH_NOT_IMP_OR_DISABLED]],
'aes256-cbc': [['2.3.0,d0.47,l10.2', '6.6', None], [], [WARN_CIPHER_MODE], [], [2800]],
'aes256-ctr': [['3.7,d0.52,l10.4.1'], [], [], [], [2900]],
'aes256-gcm': [[], [], [], [], [3300]],
'aes256-gcm@openssh.com': [['6.2'], [], [], [], [3500]],
'arcfour128': [['4.2', '6.6', '7.1'], [FAIL_RC4], [], [], [WEIGHT_FAIL]],
'arcfour': [['2.1.0', '6.6', '7.1'], [FAIL_RC4], [], [], [WEIGHT_FAIL]],
'arcfour256': [['4.2', '6.6', '7.1'], [FAIL_RC4], [], [], [WEIGHT_FAIL]],
'blowfish-cbc': [['1.2.2,d0.28,l10.2', '6.6,d0.52', '7.1,d0.52'], [FAIL_BLOWFISH], [WARN_CIPHER_MODE, WARN_BLOCK_SIZE], [], [WEIGHT_FAIL]],
'blowfish-cfb': [[], [FAIL_BLOWFISH], [WARN_CIPHER_MODE], [], [WEIGHT_FAIL]],
'blowfish-ctr': [[], [FAIL_BLOWFISH], [WARN_CIPHER_MODE, WARN_BLOCK_SIZE], [], [WEIGHT_FAIL]],
'blowfish-ecb': [[], [FAIL_BLOWFISH], [WARN_CIPHER_MODE], [], [WEIGHT_FAIL]],
'blowfish': [[], [FAIL_BLOWFISH], [WARN_BLOCK_SIZE], [], [WEIGHT_FAIL]],
'blowfish-ofb': [[], [FAIL_BLOWFISH], [WARN_CIPHER_MODE], [], [WEIGHT_FAIL]],
'camellia128-cbc@openssh.org': [[], [], [WARN_CIPHER_MODE], [], [WEIGHT_FAIL]],
'camellia128-cbc': [[], [], [WARN_CIPHER_MODE], [], [1900]],
'camellia128-ctr': [[], [], [], [], [1925]],
'camellia128-ctr@openssh.org': [[], [], [], [], [1950]],
'camellia192-cbc@openssh.org': [[], [], [WARN_CIPHER_MODE], [], [1975]],
'camellia192-cbc': [[], [], [WARN_CIPHER_MODE], [], [2000]],
'camellia192-ctr': [[], [], [], [], [2025]],
'camellia192-ctr@openssh.org': [[], [], [], [], [2050]],
'camellia256-cbc@openssh.org': [[], [], [WARN_CIPHER_MODE], [], [2100]],
'camellia256-cbc': [[], [], [WARN_CIPHER_MODE], [], [2125]],
'camellia256-ctr': [[], [], [], [], [2200]],
'camellia256-ctr@openssh.org': [[], [], [], [], [2250]],
'cast128-12-cbc@ssh.com': [[], [FAIL_CAST], [WARN_CIPHER_MODE], [], [WEIGHT_FAIL]],
'cast128-cbc': [['2.1.0', '6.6', '7.1'], [FAIL_CAST], [WARN_CIPHER_MODE, WARN_BLOCK_SIZE], [], [WEIGHT_FAIL]],
'cast128-12-cbc': [[], [FAIL_CAST], [WARN_CIPHER_MODE], [], [WEIGHT_FAIL]],
'cast128-12-cfb': [[], [FAIL_CAST], [WARN_CIPHER_MODE], [], [WEIGHT_FAIL]],
'cast128-12-ecb': [[], [FAIL_CAST], [WARN_CIPHER_MODE], [], [WEIGHT_FAIL]],
'cast128-12-ofb': [[], [FAIL_CAST], [WARN_CIPHER_MODE], [], [WEIGHT_FAIL]],
'cast128-cfb': [[], [FAIL_CAST], [WARN_CIPHER_MODE], [], [WEIGHT_FAIL]],
'cast128-ctr': [[], [FAIL_CAST],[] ,[], [WEIGHT_FAIL]],
'cast128-ecb': [[], [FAIL_CAST], [WARN_CIPHER_MODE], [], [WEIGHT_FAIL]],
'cast128-ofb': [[], [FAIL_CAST], [WARN_CIPHER_MODE], [], [WEIGHT_FAIL]],
'chacha20-poly1305': [[], [], [], [INFO_DEFAULT_OPENSSH_CIPHER], [WEIGHT_CHACHA]],
'chacha20-poly1305@openssh.com': [['6.5'], [], [], [INFO_DEFAULT_OPENSSH_CIPHER], [WEIGHT_CHACHA]],
'crypticore128@ssh.com': [[], [FAIL_UNPROVEN], [], [], [WEIGHT_FAIL]],
'des-cbc': [[], [FAIL_DES], [WARN_CIPHER_MODE, WARN_BLOCK_SIZE], [], [WEIGHT_FAIL]],
'des-cfb': [[], [FAIL_DES], [WARN_CIPHER_MODE, WARN_BLOCK_SIZE], [], [WEIGHT_FAIL]],
'des-ecb': [[], [FAIL_DES], [WARN_CIPHER_MODE, WARN_BLOCK_SIZE], [], [WEIGHT_FAIL]],
'des-ofb': [[], [FAIL_DES], [WARN_CIPHER_MODE, WARN_BLOCK_SIZE], [], [WEIGHT_FAIL]],
'des-cbc-ssh1': [[], [FAIL_DES], [WARN_CIPHER_MODE, WARN_BLOCK_SIZE], [], [WEIGHT_FAIL]],
'des-cbc@ssh.com': [[], [FAIL_DES], [WARN_CIPHER_MODE, WARN_BLOCK_SIZE], [], [WEIGHT_FAIL]],
'des': [[], [FAIL_DES], [WARN_CIPHER_MODE, WARN_BLOCK_SIZE], [], [WEIGHT_FAIL]],
'idea-cbc': [[], [FAIL_IDEA], [WARN_CIPHER_MODE], [], [WEIGHT_FAIL]],
'idea-cfb': [[], [FAIL_IDEA], [WARN_CIPHER_MODE], [], [WEIGHT_FAIL]],
'idea-ctr': [[], [FAIL_IDEA], [], [], [WEIGHT_FAIL]],
'idea-ecb': [[], [FAIL_IDEA], [WARN_CIPHER_MODE], [], [WEIGHT_FAIL]],
'idea-ofb': [[], [FAIL_IDEA], [WARN_CIPHER_MODE], [], [WEIGHT_FAIL]],
'none': [['1.2.2,d2013.56,l10.2'], [FAIL_PLAINTEXT], [], [], [WEIGHT_FAIL]],
'rijndael128-cbc': [['2.3.0', '7.0'], [FAIL_RIJNDAEL], [WARN_CIPHER_MODE], [INFO_DISABLED_IN_OPENSSH70], [WEIGHT_FAIL]],
'rijndael192-cbc': [['2.3.0', '7.0'], [FAIL_RIJNDAEL], [WARN_CIPHER_MODE], [INFO_DISABLED_IN_OPENSSH70], [WEIGHT_FAIL]],
'rijndael256-cbc': [['2.3.0', '7.0'], [FAIL_RIJNDAEL], [WARN_CIPHER_MODE], [INFO_DISABLED_IN_OPENSSH70], [WEIGHT_FAIL]],
'rijndael-cbc@lysator.liu.se': [['2.3.0', '6.6', '7.0'], [FAIL_RIJNDAEL], [WARN_CIPHER_MODE], [INFO_DISABLED_IN_OPENSSH70], [WEIGHT_FAIL]],
'rijndael-cbc@ssh.com': [[], [FAIL_RIJNDAEL], [WARN_CIPHER_MODE], [], [WEIGHT_FAIL]],
'seed-cbc@ssh.com': [[], [FAIL_SEED], [WARN_CIPHER_MODE], [], [WEIGHT_FAIL]],
'seed-ctr@ssh.com': [[], [FAIL_SEED], [], [], [WEIGHT_FAIL]],
'serpent128-cbc': [[], [FAIL_SERPENT], [WARN_CIPHER_MODE], [], [WEIGHT_FAIL]],
'serpent128-ctr': [[], [FAIL_SERPENT], [], [], [WEIGHT_FAIL]],
'serpent128-gcm@libassh.org': [[], [FAIL_SERPENT], [], [], [WEIGHT_FAIL]],
'serpent192-cbc': [[], [FAIL_SERPENT], [WARN_CIPHER_MODE], [], [WEIGHT_FAIL]],
'serpent192-ctr': [[], [FAIL_SERPENT], [], [], [WEIGHT_FAIL]],
'serpent256-cbc': [[], [FAIL_SERPENT], [WARN_CIPHER_MODE], [], [WEIGHT_FAIL]],
'serpent256-ctr': [[], [FAIL_SERPENT], [], [], [WEIGHT_FAIL]],
'serpent256-gcm@libassh.org': [[], [FAIL_SERPENT], [], [], [WEIGHT_FAIL]],
'twofish128-cbc': [['d0.47', 'd2014.66'], [], [WARN_CIPHER_MODE], [INFO_DISABLED_IN_DBEAR67], [WEIGHT_DISABLED]],
'twofish128-ctr': [['d2015.68'], [], [], [], [1500]],
'twofish128-gcm@libassh.org': [[], [], [], [], [1550]],
'twofish192-cbc': [[], [], [WARN_CIPHER_MODE], [], [1600]],
'twofish192-ctr': [[], [], [], [], [1650]],
'twofish256-cbc': [['d0.47', 'd2014.66'], [], [WARN_CIPHER_MODE], [INFO_DISABLED_IN_DBEAR67], [WEIGHT_DISABLED]],
'twofish256-ctr': [['d2015.68'], [], [], [], [1700]],
'twofish256-gcm@libassh.org': [[], [], [], [], [1800]],
'twofish-cbc': [['d0.28', 'd2014.66'], [], [WARN_CIPHER_MODE], [INFO_DISABLED_IN_DBEAR67], [WEIGHT_DISABLED]],
'twofish-cfb': [[], [], [WARN_CIPHER_MODE], [], [1500]],
'twofish-ctr': [[], [], [], [], [1500]],
'twofish-ecb': [[], [], [WARN_CIPHER_MODE], [], [1500]],
'twofish-ofb': [[], [], [WARN_CIPHER_MODE], [], [1500]],
},
'mac': {
'AEAD_AES_128_GCM': [[]],
'AEAD_AES_256_GCM': [[]],
'aes128-gcm': [[]],
'aes256-gcm': [[]],
'cbcmac-3des': [[], [FAIL_UNPROVEN, FAIL_3DES]],
'cbcmac-aes': [[], [FAIL_UNPROVEN]],
'cbcmac-blowfish': [[], [FAIL_UNPROVEN, FAIL_BLOWFISH]],
'cbcmac-des': [[], [FAIL_UNPROVEN, FAIL_DES]],
'cbcmac-rijndael': [[], [FAIL_UNPROVEN, FAIL_RIJNDAEL]],
'cbcmac-twofish': [[], [FAIL_UNPROVEN]],
'chacha20-poly1305@openssh.com': [[], [], [], [INFO_NEVER_IMPLEMENTED_IN_OPENSSH]], # Despite the @openssh.com tag, this was never shipped as a MAC in OpenSSH (only as a cipher); it is only implemented as a MAC in Syncplify.
'crypticore-mac@ssh.com': [[], [FAIL_UNPROVEN]],
'hmac-md5': [['2.1.0,d0.28', '6.6', '7.1'], [FAIL_MD5], [WARN_ENCRYPT_AND_MAC]],
'hmac-md5-96': [['2.5.0', '6.6', '7.1'], [FAIL_MD5], [WARN_ENCRYPT_AND_MAC]],
'hmac-md5-96-etm@openssh.com': [['6.2', '6.6', '7.1'], [FAIL_MD5]],
'hmac-md5-etm@openssh.com': [['6.2', '6.6', '7.1'], [FAIL_MD5]],
'hmac-ripemd160': [['2.5.0', '6.6', '7.1'], [FAIL_RIPEMD], [WARN_ENCRYPT_AND_MAC]],
'hmac-ripemd160-96': [[], [FAIL_RIPEMD], [WARN_ENCRYPT_AND_MAC, WARN_TAG_SIZE]],
'hmac-ripemd160-etm@openssh.com': [['6.2', '6.6', '7.1'], [FAIL_RIPEMD]],
'hmac-ripemd160@openssh.com': [['2.1.0', '6.6', '7.1'], [FAIL_RIPEMD], [WARN_ENCRYPT_AND_MAC]],
'hmac-ripemd': [[], [FAIL_RIPEMD], [WARN_ENCRYPT_AND_MAC]],
'hmac-sha1': [['2.1.0,d0.28,l10.2'], [FAIL_SHA1], [WARN_ENCRYPT_AND_MAC]],
'hmac-sha1-96': [['2.5.0,d0.47', '6.6', '7.1'], [FAIL_SHA1], [WARN_ENCRYPT_AND_MAC]],
'hmac-sha1-96-etm@openssh.com': [['6.2', '6.6', None], [FAIL_SHA1]],
'hmac-sha1-96@openssh.com': [[], [FAIL_SHA1], [WARN_TAG_SIZE, WARN_ENCRYPT_AND_MAC], [INFO_NEVER_IMPLEMENTED_IN_OPENSSH]],
'hmac-sha1-etm@openssh.com': [['6.2'], [FAIL_SHA1]],
'hmac-sha2-224': [[], [], [WARN_TAG_SIZE, WARN_ENCRYPT_AND_MAC]],
'hmac-sha224@ssh.com': [[], [], [WARN_ENCRYPT_AND_MAC]],
'hmac-sha2-256': [['5.9,d2013.56,l10.7.0'], [], [WARN_ENCRYPT_AND_MAC]],
'hmac-sha2-256-96': [['5.9', '6.0'], [], [WARN_ENCRYPT_AND_MAC], [INFO_REMOVED_IN_OPENSSH61]],
'hmac-sha2-256-96-etm@openssh.com': [[], [], [WARN_TAG_SIZE_96], [INFO_NEVER_IMPLEMENTED_IN_OPENSSH]], # Only ever implemented in AsyncSSH (?).
'hmac-sha2-256-etm@openssh.com': [['6.2']],
'hmac-sha2-384': [[], [], [WARN_ENCRYPT_AND_MAC]],
'hmac-sha2-512': [['5.9,d2013.56,l10.7.0'], [], [WARN_ENCRYPT_AND_MAC]],
'hmac-sha2-512-96': [['5.9', '6.0'], [], [WARN_ENCRYPT_AND_MAC], [INFO_REMOVED_IN_OPENSSH61]],
'hmac-sha2-512-96-etm@openssh.com': [[], [], [WARN_TAG_SIZE_96], [INFO_NEVER_IMPLEMENTED_IN_OPENSSH]], # Only ever implemented in AsyncSSH (?).
'hmac-sha2-512-etm@openssh.com': [['6.2']],
'hmac-sha256-2@ssh.com': [[], [], [WARN_ENCRYPT_AND_MAC]],
'hmac-sha256-96@ssh.com': [[], [], [WARN_ENCRYPT_AND_MAC, WARN_TAG_SIZE]],
'hmac-sha256-96': [[], [], [WARN_ENCRYPT_AND_MAC, WARN_TAG_SIZE]],
'hmac-sha256@ssh.com': [[], [], [WARN_ENCRYPT_AND_MAC]],
'hmac-sha256': [[], [], [WARN_ENCRYPT_AND_MAC]],
'hmac-sha2-56': [[], [], [WARN_TAG_SIZE, WARN_ENCRYPT_AND_MAC]],
'hmac-sha3-224': [[], [], [WARN_ENCRYPT_AND_MAC]],
'hmac-sha3-256': [[], [], [WARN_ENCRYPT_AND_MAC]],
'hmac-sha3-384': [[], [], [WARN_ENCRYPT_AND_MAC]],
'hmac-sha3-512': [[], [], [WARN_ENCRYPT_AND_MAC]],
'hmac-sha384@ssh.com': [[], [], [WARN_ENCRYPT_AND_MAC]],
'hmac-sha512@ssh.com': [[], [], [WARN_ENCRYPT_AND_MAC]],
'hmac-sha512': [[], [], [WARN_ENCRYPT_AND_MAC]],
'hmac-whirlpool': [[], [], [WARN_ENCRYPT_AND_MAC]],
'md5': [[], [FAIL_PLAINTEXT]],
'md5-8': [[], [FAIL_PLAINTEXT]],
'none': [['d2013.56'], [FAIL_PLAINTEXT]],
'ripemd160': [[], [FAIL_PLAINTEXT]],
'ripemd160-8': [[], [FAIL_PLAINTEXT]],
'sha1': [[], [FAIL_PLAINTEXT]],
'sha1-8': [[], [FAIL_PLAINTEXT]],
'umac-128': [[], [], [WARN_ENCRYPT_AND_MAC]],
'umac-128-etm@openssh.com': [['6.2']],
'umac-128@openssh.com': [['6.2'], [], [WARN_ENCRYPT_AND_MAC]],
'umac-32@openssh.com': [[], [], [WARN_ENCRYPT_AND_MAC, WARN_TAG_SIZE], [INFO_NEVER_IMPLEMENTED_IN_OPENSSH]],
'umac-64-etm@openssh.com': [['6.2'], [], [WARN_TAG_SIZE]],
'umac-64@openssh.com': [['4.7'], [], [WARN_ENCRYPT_AND_MAC, WARN_TAG_SIZE]],
'umac-96@openssh.com': [[], [], [WARN_ENCRYPT_AND_MAC], [INFO_NEVER_IMPLEMENTED_IN_OPENSSH]],
'AEAD_AES_128_GCM': [[], [], [], [], [4000]],
'AEAD_AES_256_GCM': [[], [], [], [], [5100]],
'aes128-gcm': [[], [], [], [], [4000]],
'aes256-gcm': [[], [], [], [], [5200]],
'cbcmac-3des': [[], [FAIL_UNPROVEN, FAIL_3DES], [], [], [WEIGHT_FAIL]],
'cbcmac-aes': [[], [FAIL_UNPROVEN], [], [], [WEIGHT_FAIL]],
'cbcmac-blowfish': [[], [FAIL_UNPROVEN, FAIL_BLOWFISH], [], [], [WEIGHT_FAIL]],
'cbcmac-des': [[], [FAIL_UNPROVEN, FAIL_DES], [], [], [WEIGHT_FAIL]],
'cbcmac-rijndael': [[], [FAIL_UNPROVEN, FAIL_RIJNDAEL], [], [], [WEIGHT_FAIL]],
'cbcmac-twofish': [[], [FAIL_UNPROVEN], [], [], [WEIGHT_FAIL]],
'chacha20-poly1305@openssh.com': [[], [], [], [INFO_NEVER_IMPLEMENTED_IN_OPENSSH], [WEIGHT_SSH_NOT_IMP_OR_DISABLED]], # Despite the @openssh.com tag, this was never shipped as a MAC in OpenSSH (only as a cipher); it is only implemented as a MAC in Syncplify.
'crypticore-mac@ssh.com': [[], [FAIL_UNPROVEN], [], [], [WEIGHT_FAIL]],
'hmac-md5': [['2.1.0,d0.28', '6.6', '7.1'], [FAIL_MD5], [WARN_ENCRYPT_AND_MAC], [], [WEIGHT_FAIL]],
'hmac-md5-96': [['2.5.0', '6.6', '7.1'], [FAIL_MD5], [WARN_ENCRYPT_AND_MAC], [], [WEIGHT_FAIL]],
'hmac-md5-96-etm@openssh.com': [['6.2', '6.6', '7.1'], [FAIL_MD5], [], [], [WEIGHT_FAIL]],
'hmac-md5-etm@openssh.com': [['6.2', '6.6', '7.1'], [FAIL_MD5], [], [], [WEIGHT_FAIL]],
'hmac-ripemd160': [['2.5.0', '6.6', '7.1'], [FAIL_RIPEMD], [WARN_ENCRYPT_AND_MAC], [], [WEIGHT_FAIL]],
'hmac-ripemd160-96': [[], [FAIL_RIPEMD], [WARN_ENCRYPT_AND_MAC, WARN_TAG_SIZE], [], [WEIGHT_FAIL]],
'hmac-ripemd160-etm@openssh.com': [['6.2', '6.6', '7.1'], [FAIL_RIPEMD], [], [], [WEIGHT_FAIL]],
'hmac-ripemd160@openssh.com': [['2.1.0', '6.6', '7.1'], [FAIL_RIPEMD], [WARN_ENCRYPT_AND_MAC], [], [WEIGHT_FAIL]],
'hmac-ripemd': [[], [FAIL_RIPEMD], [WARN_ENCRYPT_AND_MAC], [], [WEIGHT_FAIL]],
'hmac-sha1': [['2.1.0,d0.28,l10.2'], [FAIL_SHA1], [WARN_ENCRYPT_AND_MAC], [], [WEIGHT_FAIL]],
'hmac-sha1-96': [['2.5.0,d0.47', '6.6', '7.1'], [FAIL_SHA1], [WARN_ENCRYPT_AND_MAC], [], [WEIGHT_FAIL]],
'hmac-sha1-96-etm@openssh.com': [['6.2', '6.6', None], [FAIL_SHA1], [], [], [WEIGHT_FAIL]],
'hmac-sha1-96@openssh.com': [[], [FAIL_SHA1], [WARN_TAG_SIZE, WARN_ENCRYPT_AND_MAC], [INFO_NEVER_IMPLEMENTED_IN_OPENSSH], [WEIGHT_FAIL]],
'hmac-sha1-etm@openssh.com': [['6.2'], [FAIL_SHA1], [], [], [WEIGHT_FAIL]],
'hmac-sha2-224': [[], [], [WARN_TAG_SIZE, WARN_ENCRYPT_AND_MAC], [], [WEIGHT_EAM]],
'hmac-sha224@ssh.com': [[], [], [WARN_ENCRYPT_AND_MAC], [], [WEIGHT_EAM]],
'hmac-sha2-256': [['5.9,d2013.56,l10.7.0'], [], [WARN_ENCRYPT_AND_MAC], [], [WEIGHT_EAM]],
'hmac-sha2-256-96': [['5.9', '6.0'], [], [WARN_ENCRYPT_AND_MAC], [INFO_REMOVED_IN_OPENSSH61], [WEIGHT_EAM]],
'hmac-sha2-256-96-etm@openssh.com': [[], [], [WARN_TAG_SIZE_96], [INFO_NEVER_IMPLEMENTED_IN_OPENSSH], [WEIGHT_EAM]], # Only ever implemented in AsyncSSH (?).
'hmac-sha2-256-etm@openssh.com': [['6.2'], [], [], [], [WEIGHT_FAIL]],
'hmac-sha2-384': [[], [], [WARN_ENCRYPT_AND_MAC], [], [WEIGHT_EAM]],
'hmac-sha2-512': [['5.9,d2013.56,l10.7.0'], [], [WARN_ENCRYPT_AND_MAC], [], [WEIGHT_EAM]],
'hmac-sha2-512-96': [['5.9', '6.0'], [], [WARN_ENCRYPT_AND_MAC], [INFO_REMOVED_IN_OPENSSH61], [WEIGHT_EAM]],
'hmac-sha2-512-96-etm@openssh.com': [[], [], [WARN_TAG_SIZE_96], [INFO_NEVER_IMPLEMENTED_IN_OPENSSH], [WEIGHT_EAM]], # Only ever implemented in AsyncSSH (?).
'hmac-sha2-512-etm@openssh.com': [['6.2'], [], [], [], [150]],
'hmac-sha256-2@ssh.com': [[], [], [WARN_ENCRYPT_AND_MAC], [], [WEIGHT_EAM]],
'hmac-sha256-96@ssh.com': [[], [], [WARN_ENCRYPT_AND_MAC, WARN_TAG_SIZE], [], [WEIGHT_EAM]],
'hmac-sha256-96': [[], [], [WARN_ENCRYPT_AND_MAC, WARN_TAG_SIZE], [], [WEIGHT_EAM]],
'hmac-sha256@ssh.com': [[], [], [WARN_ENCRYPT_AND_MAC], [], [WEIGHT_EAM]],
'hmac-sha256': [[], [], [WARN_ENCRYPT_AND_MAC], [], [WEIGHT_EAM]],
'hmac-sha2-56': [[], [], [WARN_TAG_SIZE, WARN_ENCRYPT_AND_MAC], [], [WEIGHT_EAM]],
'hmac-sha3-224': [[], [], [WARN_ENCRYPT_AND_MAC], [], [WEIGHT_EAM]],
'hmac-sha3-256': [[], [], [WARN_ENCRYPT_AND_MAC], [], [WEIGHT_EAM]],
'hmac-sha3-384': [[], [], [WARN_ENCRYPT_AND_MAC], [], [WEIGHT_EAM]],
'hmac-sha3-512': [[], [], [WARN_ENCRYPT_AND_MAC], [], [WEIGHT_EAM]],
'hmac-sha384@ssh.com': [[], [], [WARN_ENCRYPT_AND_MAC], [], [WEIGHT_EAM]],
'hmac-sha512@ssh.com': [[], [], [WARN_ENCRYPT_AND_MAC], [], [WEIGHT_EAM]],
'hmac-sha512': [[], [], [WARN_ENCRYPT_AND_MAC], [], [WEIGHT_EAM]],
'hmac-whirlpool': [[], [], [WARN_ENCRYPT_AND_MAC], [], [WEIGHT_EAM]],
'md5': [[], [FAIL_PLAINTEXT], [], [], [WEIGHT_FAIL]],
'md5-8': [[], [FAIL_PLAINTEXT], [], [], [WEIGHT_FAIL]],
'none': [['d2013.56'], [FAIL_PLAINTEXT], [], [], [WEIGHT_FAIL]],
'ripemd160': [[], [FAIL_PLAINTEXT], [], [], [WEIGHT_FAIL]],
'ripemd160-8': [[], [FAIL_PLAINTEXT], [], [], [WEIGHT_FAIL]],
'sha1': [[], [FAIL_PLAINTEXT], [], [], [WEIGHT_FAIL]],
'sha1-8': [[], [FAIL_PLAINTEXT], [], [], [WEIGHT_FAIL]],
'umac-128': [[], [], [WARN_ENCRYPT_AND_MAC], [], [WEIGHT_EAM]],
'umac-128-etm@openssh.com': [['6.2'], [], [], [], [1500]],
'umac-128@openssh.com': [['6.2'], [], [WARN_ENCRYPT_AND_MAC], [], [WEIGHT_EAM]],
'umac-32@openssh.com': [[], [], [WARN_ENCRYPT_AND_MAC, WARN_TAG_SIZE], [INFO_NEVER_IMPLEMENTED_IN_OPENSSH], [WEIGHT_EAM]],
'umac-64-etm@openssh.com': [['6.2'], [], [WARN_TAG_SIZE],[] ,[WEIGHT_EAM]],
'umac-64@openssh.com': [['4.7'], [], [WARN_ENCRYPT_AND_MAC, WARN_TAG_SIZE], [], [WEIGHT_EAM]],
'umac-96@openssh.com': [[], [], [WARN_ENCRYPT_AND_MAC], [INFO_NEVER_IMPLEMENTED_IN_OPENSSH],[WEIGHT_EAM]],
}
}

6
test/docker/expected_results/openssh_8.0p1_custom_policy_test17.json Normal file
View File

@ -0,0 +1,6 @@
{
"errors": [],
"host": "localhost",
"passed": true,
"policy": "Docker policy: test17 (version 1)"
}

3
test/docker/expected_results/openssh_8.0p1_custom_policy_test17.txt Normal file
View File

@ -0,0 +1,3 @@
Host: localhost:2222
Policy: Docker policy: test17 (version 1)
Result: ✔ Passed

15
test/docker/policies/policy_test17.txt Normal file
View File

@ -0,0 +1,15 @@
#
# Docker policy: test17
#
name = "Docker policy: test17"
version = 1
allow_larger_keys = true
banner = "SSH-2.0-OpenSSH_8.0"
compressions = none, zlib@openssh.com
host keys = rsa-sha2-512, rsa-sha2-256, ssh-rsa, ecdsa-sha2-nistp256, ssh-ed25519
key exchanges = curve25519-sha256, curve25519-sha256@libssh.org, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, diffie-hellman-group-exchange-sha256, diffie-hellman-group16-sha512, diffie-hellman-group18-sha512, diffie-hellman-group14-sha256, diffie-hellman-group14-sha1
ciphers = chacha20-poly1305@openssh.com, aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, aes256-gcm@openssh.com
macs = umac-64-etm@openssh.com, umac-128-etm@openssh.com, hmac-sha2-256-etm@openssh.com, hmac-sha2-512-etm@openssh.com, hmac-sha1-etm@openssh.com, umac-64@openssh.com, umac-128@openssh.com, hmac-sha2-256, hmac-sha2-512, hmac-sha1
host_key_sizes = {"ssh-rsa": {"hostkey_size": 2048}, "rsa-sha2-256": {"hostkey_size": 2048}, "rsa-sha2-512": {"hostkey_size": 2048}, "ssh-ed25519": {"hostkey_size": 256}}
dh_modulus_sizes = {"diffie-hellman-group-exchange-sha256": 2048}

2
test/test_policy.py
View File

@ -297,7 +297,7 @@ macs = mac_alg1, mac_alg2, mac_alg3'''
pol_data = pol_data.replace(date.today().strftime('%Y/%m/%d'), '[todays date]')
# Instead of writing out the entire expected policy--line by line--just check that it has the expected hash.
assert hashlib.sha256(pol_data.encode('ascii')).hexdigest() == '4b504b799f6b964a20ccbe8af7edd26c7b5f0e0b98070e754ea41dccdace33b4'
assert hashlib.sha256(pol_data.encode('ascii')).hexdigest() == 'fb84bce442cff2bce9bf653d6373a8a938e3bfcfbd1e876f51a08c1842df3cff'
def test_policy_evaluate_passing_1(self):