Mercurial > dropbear
comparison options.h @ 695:94aa1203be1e
DSS_PROTOK is not necessary now that private keys are included
in the random generation input
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Sat, 23 Feb 2013 17:55:46 +0800 |
| parents | c58a15983808 |
| children | 91dd8328a3ff |
comparison
equal
deleted
inserted
replaced
| 694:c85bb68e1db6 | 695:94aa1203be1e |
|---|---|
| 127 /* RSA can be vulnerable to timing attacks which use the time required for | 127 /* RSA can be vulnerable to timing attacks which use the time required for |
| 128 * signing to guess the private key. Blinding avoids this attack, though makes | 128 * signing to guess the private key. Blinding avoids this attack, though makes |
| 129 * signing operations slightly slower. */ | 129 * signing operations slightly slower. */ |
| 130 #define RSA_BLINDING | 130 #define RSA_BLINDING |
| 131 | 131 |
| 132 /* Define DSS_PROTOK to use PuTTY's method of generating the value k for dss, | |
| 133 * rather than just from the random byte source. Undefining this will save you | |
| 134 * ~4k in binary size with static uclibc, but your DSS hostkey could be exposed | |
| 135 * if the random number source isn't good. It happened to Sony. | |
| 136 * On systems with a decent random source this isn't required. */ | |
| 137 /* #define DSS_PROTOK */ | |
| 138 | |
| 139 /* Control the memory/performance/compression tradeoff for zlib. | 132 /* Control the memory/performance/compression tradeoff for zlib. |
| 140 * Set windowBits=8 for least memory usage, see your system's | 133 * Set windowBits=8 for least memory usage, see your system's |
| 141 * zlib.h for full details. | 134 * zlib.h for full details. |
| 142 * Default settings (windowBits=15) will use 256kB for compression | 135 * Default settings (windowBits=15) will use 256kB for compression |
| 143 * windowBits=8 will use 129kB for compression. | 136 * windowBits=8 will use 129kB for compression. |