Mercurial > dropbear
comparison sysoptions.h @ 1248:739b3909c499
Get rid of group15, move group16 to sha512.
New groups are disabled by default pending
draft-ietf-curdle-ssh-kex-sha2-02 being finalised
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Sat, 12 Mar 2016 16:21:13 +0800 |
| parents | 2c23d72e06b2 |
| children | 309e1c4a8768 |
comparison
equal
deleted
inserted
replaced
| 1247:428d83f2e5db | 1248:739b3909c499 |
|---|---|
| 111 * signing to guess the private key. Blinding avoids this attack, though makes | 111 * signing to guess the private key. Blinding avoids this attack, though makes |
| 112 * signing operations slightly slower. */ | 112 * signing operations slightly slower. */ |
| 113 #define RSA_BLINDING | 113 #define RSA_BLINDING |
| 114 | 114 |
| 115 /* hashes which will be linked and registered */ | 115 /* hashes which will be linked and registered */ |
| 116 #if defined(DROPBEAR_SHA2_256_HMAC) || defined(DROPBEAR_ECC_256) || defined(DROPBEAR_CURVE25519) | 116 #if defined(DROPBEAR_SHA2_256_HMAC) || defined(DROPBEAR_ECC_256) || defined(DROPBEAR_CURVE25519) || DROPBEAR_DH_GROUP14 |
| 117 #define DROPBEAR_SHA256 | 117 #define DROPBEAR_SHA256 |
| 118 #endif | 118 #endif |
| 119 #if defined(DROPBEAR_ECC_384) | 119 #if defined(DROPBEAR_ECC_384) |
| 120 #define DROPBEAR_SHA384 | 120 #define DROPBEAR_SHA384 |
| 121 #endif | 121 #endif |
| 122 /* LTC SHA384 depends on SHA512 */ | 122 /* LTC SHA384 depends on SHA512 */ |
| 123 #if defined(DROPBEAR_SHA2_512_HMAC) || defined(DROPBEAR_ECC_521) || defined(DROPBEAR_ECC_384) | 123 #if defined(DROPBEAR_SHA2_512_HMAC) || defined(DROPBEAR_ECC_521) || defined(DROPBEAR_ECC_384) || DROPBEAR_DH_GROUP16 |
| 124 #define DROPBEAR_SHA512 | 124 #define DROPBEAR_SHA512 |
| 125 #endif | 125 #endif |
| 126 #if defined(DROPBEAR_MD5_HMAC) | 126 #if defined(DROPBEAR_MD5_HMAC) |
| 127 #define DROPBEAR_MD5 | 127 #define DROPBEAR_MD5 |
| 128 #endif | 128 #endif |
| 129 | |
| 130 /* These are disabled in Dropbear 2016.73 by default since the spec | |
| 131 draft-ietf-curdle-ssh-kex-sha2-02 is under development. */ | |
| 132 #define DROPBEAR_DH_GROUP14_256 0 | |
| 133 #define DROPBEAR_DH_GROUP16 0 | |
| 129 | 134 |
| 130 /* roughly 2x 521 bits */ | 135 /* roughly 2x 521 bits */ |
| 131 #define MAX_ECC_SIZE 140 | 136 #define MAX_ECC_SIZE 140 |
| 132 | 137 |
| 133 #define MAX_NAME_LEN 64 /* maximum length of a protocol name, isn't | 138 #define MAX_NAME_LEN 64 /* maximum length of a protocol name, isn't |