Added two new key exchanges: 'kexAlgoCurve25519SHA256' and 'Curve25519SHA256'.

README.md

@@ -90,7 +90,7 @@ $ brew install ssh-audit
  - Suppress recommendation of token host key types.
  - Added check for use-after-free vulnerability in PuTTY v0.73.
  - Added 5 new host key types: `ssh-rsa1`, `ssh-dss-sha256@ssh.com`, `ssh-gost2001`, `ssh-gost2012-256`, `ssh-gost2012-512`.
- - Added 1 new key exchange: `diffie-hellman-group1-sha256`.
+ - Added 3 new key exchanges: `diffie-hellman-group1-sha256`, `kexAlgoCurve25519SHA256`, `Curve25519SHA256`.
  - Added 5 new ciphers: `blowfish`, `AEAD_AES_128_GCM`, `AEAD_AES_256_GCM`, `crypticore128@ssh.com`, `seed-cbc@ssh.com`.
  - Added 3 new MACs: `chacha20-poly1305@openssh.com`, `hmac-sha3-224`, `crypticore-mac@ssh.com`.
 

ssh-audit.py

@@ -753,6 +753,8 @@ class SSH2:  # pylint: disable=too-few-public-methods
                 'rsa1024-sha1': [[], [FAIL_1024BIT_MODULUS], [WARN_HASH_WEAK]],
                 'rsa2048-sha256': [[]],
                 'sntrup4591761x25519-sha512@tinyssh.org': [['8.0'], [], [WARN_EXPERIMENTAL]],
+                'kexAlgoCurve25519SHA256': [[]],
+                'Curve25519SHA256': [[]],
                 'ext-info-c': [[]],  # Extension negotiation (RFC 8308)
                 'ext-info-s': [[]],  # Extension negotiation (RFC 8308)
             },