Mercurial > dropbear
comparison sysoptions.h @ 1248:739b3909c499
Get rid of group15, move group16 to sha512.
New groups are disabled by default pending
draft-ietf-curdle-ssh-kex-sha2-02 being finalised
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Sat, 12 Mar 2016 16:21:13 +0800 |
parents | 2c23d72e06b2 |
children | 309e1c4a8768 |
comparison
equal
deleted
inserted
replaced
1247:428d83f2e5db | 1248:739b3909c499 |
---|---|
111 * signing to guess the private key. Blinding avoids this attack, though makes | 111 * signing to guess the private key. Blinding avoids this attack, though makes |
112 * signing operations slightly slower. */ | 112 * signing operations slightly slower. */ |
113 #define RSA_BLINDING | 113 #define RSA_BLINDING |
114 | 114 |
115 /* hashes which will be linked and registered */ | 115 /* hashes which will be linked and registered */ |
116 #if defined(DROPBEAR_SHA2_256_HMAC) || defined(DROPBEAR_ECC_256) || defined(DROPBEAR_CURVE25519) | 116 #if defined(DROPBEAR_SHA2_256_HMAC) || defined(DROPBEAR_ECC_256) || defined(DROPBEAR_CURVE25519) || DROPBEAR_DH_GROUP14 |
117 #define DROPBEAR_SHA256 | 117 #define DROPBEAR_SHA256 |
118 #endif | 118 #endif |
119 #if defined(DROPBEAR_ECC_384) | 119 #if defined(DROPBEAR_ECC_384) |
120 #define DROPBEAR_SHA384 | 120 #define DROPBEAR_SHA384 |
121 #endif | 121 #endif |
122 /* LTC SHA384 depends on SHA512 */ | 122 /* LTC SHA384 depends on SHA512 */ |
123 #if defined(DROPBEAR_SHA2_512_HMAC) || defined(DROPBEAR_ECC_521) || defined(DROPBEAR_ECC_384) | 123 #if defined(DROPBEAR_SHA2_512_HMAC) || defined(DROPBEAR_ECC_521) || defined(DROPBEAR_ECC_384) || DROPBEAR_DH_GROUP16 |
124 #define DROPBEAR_SHA512 | 124 #define DROPBEAR_SHA512 |
125 #endif | 125 #endif |
126 #if defined(DROPBEAR_MD5_HMAC) | 126 #if defined(DROPBEAR_MD5_HMAC) |
127 #define DROPBEAR_MD5 | 127 #define DROPBEAR_MD5 |
128 #endif | 128 #endif |
129 | |
130 /* These are disabled in Dropbear 2016.73 by default since the spec | |
131 draft-ietf-curdle-ssh-kex-sha2-02 is under development. */ | |
132 #define DROPBEAR_DH_GROUP14_256 0 | |
133 #define DROPBEAR_DH_GROUP16 0 | |
129 | 134 |
130 /* roughly 2x 521 bits */ | 135 /* roughly 2x 521 bits */ |
131 #define MAX_ECC_SIZE 140 | 136 #define MAX_ECC_SIZE 140 |
132 | 137 |
133 #define MAX_NAME_LEN 64 /* maximum length of a protocol name, isn't | 138 #define MAX_NAME_LEN 64 /* maximum length of a protocol name, isn't |