Mercurial > dropbear

comparison sysoptions.h @ 1683:41bf8f216644

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
merge rsa-sha256
author Matt Johnston <matt@ucc.asn.au>
date Tue, 26 May 2020 00:24:02 +0800
parents 3a97f14c0235 435cfb9ec96e
children 25b0ce1936c4
comparison
equal deleted inserted replaced
1673:e0871128e61f 1683:41bf8f216644
141 /* RSA can be vulnerable to timing attacks which use the time required for 141 /* RSA can be vulnerable to timing attacks which use the time required for
142 * signing to guess the private key. Blinding avoids this attack, though makes 142 * signing to guess the private key. Blinding avoids this attack, though makes
143 * signing operations slightly slower. */ 143 * signing operations slightly slower. */
144 #define DROPBEAR_RSA_BLINDING 1 144 #define DROPBEAR_RSA_BLINDING 1
145 145
146 #ifndef DROPBEAR_RSA_SHA1
147 #define DROPBEAR_RSA_SHA1 DROPBEAR_RSA
148 #endif
149 #ifndef DROPBEAR_RSA_SHA256
150 #define DROPBEAR_RSA_SHA256 DROPBEAR_RSA
151 #endif
152
146 /* hashes which will be linked and registered */ 153 /* hashes which will be linked and registered */
147 #define DROPBEAR_SHA256 ((DROPBEAR_SHA2_256_HMAC) || (DROPBEAR_ECC_256) \ 154 #define DROPBEAR_SHA256 ((DROPBEAR_SHA2_256_HMAC) || (DROPBEAR_ECC_256) \
148 || (DROPBEAR_CURVE25519) || (DROPBEAR_DH_GROUP14_SHA256)) 155 || (DROPBEAR_CURVE25519) || (DROPBEAR_DH_GROUP14_SHA256) \
156 || (DROPBEAR_RSA_SHA256))
149 #define DROPBEAR_SHA384 (DROPBEAR_ECC_384) 157 #define DROPBEAR_SHA384 (DROPBEAR_ECC_384)
150 /* LTC SHA384 depends on SHA512 */ 158 /* LTC SHA384 depends on SHA512 */
151 #define DROPBEAR_SHA512 ((DROPBEAR_SHA2_512_HMAC) || (DROPBEAR_ECC_521) \ 159 #define DROPBEAR_SHA512 ((DROPBEAR_SHA2_512_HMAC) || (DROPBEAR_ECC_521) \
152 || (DROPBEAR_SHA384) || (DROPBEAR_DH_GROUP16) \ 160 || (DROPBEAR_SHA384) || (DROPBEAR_DH_GROUP16) \
153 || (DROPBEAR_ED25519)) 161 || (DROPBEAR_ED25519))
155 163
156 #define DROPBEAR_DH_GROUP14 ((DROPBEAR_DH_GROUP14_SHA256) || (DROPBEAR_DH_GROUP14_SHA1)) 164 #define DROPBEAR_DH_GROUP14 ((DROPBEAR_DH_GROUP14_SHA256) || (DROPBEAR_DH_GROUP14_SHA1))
157 165
158 #define DROPBEAR_NORMAL_DH ((DROPBEAR_DH_GROUP1) || (DROPBEAR_DH_GROUP14) || (DROPBEAR_DH_GROUP16)) 166 #define DROPBEAR_NORMAL_DH ((DROPBEAR_DH_GROUP1) || (DROPBEAR_DH_GROUP14) || (DROPBEAR_DH_GROUP16))
159 167
168 /* Dropbear only uses server-sig-algs, only needed if we have rsa-sha256 pubkey auth */
169 #define DROPBEAR_EXT_INFO ((DROPBEAR_RSA_SHA256) \
170 && ((DROPBEAR_CLI_PUBKEY_AUTH) || (DROPBEAR_SVR_PUBKEY_AUTH)))
171
160 /* roughly 2x 521 bits */ 172 /* roughly 2x 521 bits */
161 #define MAX_ECC_SIZE 140 173 #define MAX_ECC_SIZE 140
162 174
163 #define MAX_NAME_LEN 64 /* maximum length of a protocol name, isn't 175 #define MAX_NAME_LEN 64 /* maximum length of a protocol name, isn't
164 explicitly specified for all protocols (just 176 explicitly specified for all protocols (just