Key exchange algorithms - WeOnlyDo Discussion board

Key exchange algorithms (wodFtpDLX / wodFtpDLX.NET)

by dfb, Thursday, September 05, 2024, 03:07 (77 days ago)

Hi there,

We've been asked to make an SFTP connection using ecdsa-sha2-nistp521, which doesn't seem to be working.

Does wodFtpDLX.Net currently support this? Is it likely to in the future?

Also, is it possible for enumerations to be added for all the supported algorithms? The existing enums such as EncryptionMethods are quite useful to have as a reference, even if we don't usually set/get them in our code.

Thanks.

Key exchange algorithms

by Jasmine, Thursday, September 05, 2024, 08:17 (77 days ago) @ dfb

Hi,

no we support ecdsa-sha2-nistp256 and ecdsa-sha2-nistp384 but not nistp521. Note that it is supported only in NET Core and NET Framework 4+ version, and support is partial - in rare cases exception is thrown for invalid signature so we put them at the end of client offer list.

We could add nistp521 if needed with same limitation - if connection fails with 'signature invalid', reconnect. Would that help?

Jasmine

Key exchange algorithms

by dfb, Thursday, September 05, 2024, 09:16 (77 days ago) @ Jasmine

Hi Jasmine, thanks for that. Yes it would be useful to have that nistp521 support, even if it is partial.

Key exchange algorithms

by Jasmine, Thursday, September 05, 2024, 23:55 (76 days ago) @ dfb

Hi,

done, please request update and get latest 1.9.6.286, you should find it supports ecdsa-sha2-nistp521

Regards,
Jasmine