Mercurial > dropbear
comparison sysoptions.h @ 1916:3f4cdf839a1a
Make SHA1 optional, implement SHA256 fingerprints
SHA256 is always compiled and only enable SHA1 when needed. Fingerprints
are always SHA256: base64 format, md5 and sha1 are removed. dbrandom now
uses sha256 its hash function.
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Wed, 30 Mar 2022 11:44:04 +0800 |
| parents | 13cb8cc1b0e4 |
| children | 77bc00dcc19f |
comparison
equal
deleted
inserted
replaced
| 1915:13cb8cc1b0e4 | 1916:3f4cdf839a1a |
|---|---|
| 155 #ifndef DROPBEAR_RSA_SHA256 | 155 #ifndef DROPBEAR_RSA_SHA256 |
| 156 #define DROPBEAR_RSA_SHA256 DROPBEAR_RSA | 156 #define DROPBEAR_RSA_SHA256 DROPBEAR_RSA |
| 157 #endif | 157 #endif |
| 158 | 158 |
| 159 /* hashes which will be linked and registered */ | 159 /* hashes which will be linked and registered */ |
| 160 #define DROPBEAR_SHA256 ((DROPBEAR_SHA2_256_HMAC) || (DROPBEAR_ECC_256) \ | 160 #define DROPBEAR_SHA1 (DROPBEAR_RSA_SHA1 || DROPBEAR_DSS \ |
| 161 || (DROPBEAR_CURVE25519) || (DROPBEAR_DH_GROUP14_SHA256) \ | 161 || DROPBEAR_SHA1_HMAC || DROPBEAR_SHA1_96_HMAC \ |
| 162 || (DROPBEAR_RSA_SHA256)) | 162 || DROPBEAR_DH_GROUP1 || DROPBEAR_DH_GROUP14_SHA1 ) |
| 163 /* sha256 is always used for fingerprints and dbrandom */ | |
| 164 #define DROPBEAR_SHA256 1 | |
| 163 #define DROPBEAR_SHA384 (DROPBEAR_ECC_384) | 165 #define DROPBEAR_SHA384 (DROPBEAR_ECC_384) |
| 164 /* LTC SHA384 depends on SHA512 */ | 166 /* LTC SHA384 depends on SHA512 */ |
| 165 #define DROPBEAR_SHA512 ((DROPBEAR_SHA2_512_HMAC) || (DROPBEAR_ECC_521) \ | 167 #define DROPBEAR_SHA512 ((DROPBEAR_SHA2_512_HMAC) || (DROPBEAR_ECC_521) \ |
| 166 || (DROPBEAR_SHA384) || (DROPBEAR_DH_GROUP16) \ | 168 || (DROPBEAR_SHA384) || (DROPBEAR_DH_GROUP16) \ |
| 167 || (DROPBEAR_ED25519)) | 169 || (DROPBEAR_ED25519)) |