Added warnings to all key exchanges that do not provide protection against quantum attacks.

2025-06-24 11:34:32 +02:00 · 2024-11-25 15:56:51 -05:00
parent a01baadfa8
commit 28a1e23986
26 changed files with 475 additions and 162 deletions
--- a/test/test_ssh2_kexdb.py
+++ b/test/test_ssh2_kexdb.py
@ -8,6 +8,7 @@ class Test_SSH2_KexDB:
    @pytest.fixture(autouse=True)
    def init(self):
        self.db = SSH2_KexDB.get_db()
+        self.pq_warning = SSH2_KexDB.WARN_NOT_PQ_SAFE

    def test_ssh2_kexdb(self):
        '''Ensures that the SSH2_KexDB.ALGORITHMS dictionary is in the right format.'''
@ -33,3 +34,38 @@ class Test_SSH2_KexDB:
                # The first entry denotes the versions when this algorithm was added to OpenSSH, Dropbear, and/or libssh, followed by when it was deprecated, and finally when it was removed.  Hence it must have between 0 and 3 entries.
                added_entry = alg_data[0]
                assert 0 <= len(added_entry) <= 3
+
+
+    def test_kex_pq_unsafe(self):
+        '''Ensures that all key exchange algorithms are marked as post-quantum unsafe, unless they appear in a whitelist.'''
+
+        # These algorithms include protections against quantum attacks.
+        kex_pq_safe = [
+            "ecdh-nistp256-kyber-512r3-sha256-d00@openquantumsafe.org",
+            "ecdh-nistp384-kyber-768r3-sha384-d00@openquantumsafe.org",
+            "ecdh-nistp521-kyber-1024r3-sha512-d00@openquantumsafe.org",
+            "ext-info-c",
+            "ext-info-s",
+            "kex-strict-c-v00@openssh.com",
+            "kex-strict-s-v00@openssh.com",
+            "mlkem768x25519-sha256",
+            "sntrup4591761x25519-sha512@tinyssh.org",
+            "sntrup761x25519-sha512@openssh.com",
+            "sntrup761x25519-sha512",
+            "x25519-kyber-512r3-sha256-d00@amazon.com",
+            "x25519-kyber512-sha512@aws.amazon.com"
+        ]
+
+        failures = []
+        for kex_name in self.db['kex']:
+
+            # Skip key exchanges that are PQ safe.
+            if kex_name in kex_pq_safe:
+                continue
+
+            # Ensure all other kex exchanges have the proper PQ unsafe flag set in their warnings list.
+            alg_data = self.db['kex'][kex_name]
+            if len(alg_data) < 3 or self.pq_warning not in alg_data[2]:
+                failures.append(kex_name)
+
+        assert failures == []