Google Git
Sign in
go / crypto / master^! / .
commit8f580defa01dec23898d3cd27f6369cdcc62f71f[log] [tgz]
authorNicola Murino <nicola.murino@gmail.com>Sun Aug 24 10:53:36 2025 +0200
committerGopher Robot <gobot@golang.org>Tue Aug 26 00:42:33 2025 -0700
tree9206ee7b2359fbc0d2351bd3219d1e0b53e0596c
parenta4d1237429d6056ef197b0b911b8b9d7dca8ecf6 [diff]
ssh: remove Go 1.24 build tag for ML-KEM kex

Change-Id: Ia77ad1b6fef9919ab100fb10c42231725eb81c12
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/698775
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Nicola Murino <nicola.murino@gmail.com>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>

diff --git a/ssh/common.go b/ssh/common.go
index f2ec089..8bfad16 100644
--- a/ssh/common.go
+++ b/ssh/common.go

@@ -83,6 +83,7 @@
 	// supportedKexAlgos specifies key-exchange algorithms implemented by this
 	// package in preference order, excluding those with security issues.
 	supportedKexAlgos = []string{
+		KeyExchangeMLKEM768X25519,
 		KeyExchangeCurve25519,
 		KeyExchangeECDHP256,
 		KeyExchangeECDHP384,
@@ -94,6 +95,7 @@
 	// defaultKexAlgos specifies the default preference for key-exchange
 	// algorithms in preference order.
 	defaultKexAlgos = []string{
+		KeyExchangeMLKEM768X25519,
 		KeyExchangeCurve25519,
 		KeyExchangeECDHP256,
 		KeyExchangeECDHP384,

diff --git a/ssh/kex.go b/ssh/kex.go
index 3686247..78aaf03 100644
--- a/ssh/kex.go
+++ b/ssh/kex.go

@@ -438,6 +438,7 @@
 	kexAlgoMap[keyExchangeCurve25519LibSSH] = &curve25519sha256{}
 	kexAlgoMap[InsecureKeyExchangeDHGEXSHA1] = &dhGEXSHA{hashFunc: crypto.SHA1}
 	kexAlgoMap[KeyExchangeDHGEXSHA256] = &dhGEXSHA{hashFunc: crypto.SHA256}
+	kexAlgoMap[KeyExchangeMLKEM768X25519] = &mlkem768WithCurve25519sha256{}
 }
 
 // curve25519sha256 implements the curve25519-sha256 (formerly known as

diff --git a/ssh/mlkem.go b/ssh/mlkem.go
index 657e107..ddc0ed1 100644
--- a/ssh/mlkem.go
+++ b/ssh/mlkem.go

@@ -2,8 +2,6 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build go1.24
-
 package ssh
 
 import (
@@ -13,23 +11,10 @@
 	"errors"
 	"fmt"
 	"io"
-	"runtime"
-	"slices"
 
 	"golang.org/x/crypto/curve25519"
 )
 
-func init() {
-	// After Go 1.24rc1 mlkem swapped the order of return values of Encapsulate.
-	// See #70950.
-	if runtime.Version() == "go1.24rc1" {
-		return
-	}
-	supportedKexAlgos = slices.Insert(supportedKexAlgos, 0, KeyExchangeMLKEM768X25519)
-	defaultKexAlgos = slices.Insert(defaultKexAlgos, 0, KeyExchangeMLKEM768X25519)
-	kexAlgoMap[KeyExchangeMLKEM768X25519] = &mlkem768WithCurve25519sha256{}
-}
-
 // mlkem768WithCurve25519sha256 implements the hybrid ML-KEM768 with
 // curve25519-sha256 key exchange method, as described by
 // draft-kampanakis-curdle-ssh-pq-ke-05 section 2.3.3.