Mercurial > dropbear
comparison options.h @ 695:94aa1203be1e
DSS_PROTOK is not necessary now that private keys are included
in the random generation input
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Sat, 23 Feb 2013 17:55:46 +0800 |
parents | c58a15983808 |
children | 91dd8328a3ff |
comparison
equal
deleted
inserted
replaced
694:c85bb68e1db6 | 695:94aa1203be1e |
---|---|
127 /* RSA can be vulnerable to timing attacks which use the time required for | 127 /* RSA can be vulnerable to timing attacks which use the time required for |
128 * signing to guess the private key. Blinding avoids this attack, though makes | 128 * signing to guess the private key. Blinding avoids this attack, though makes |
129 * signing operations slightly slower. */ | 129 * signing operations slightly slower. */ |
130 #define RSA_BLINDING | 130 #define RSA_BLINDING |
131 | 131 |
132 /* Define DSS_PROTOK to use PuTTY's method of generating the value k for dss, | |
133 * rather than just from the random byte source. Undefining this will save you | |
134 * ~4k in binary size with static uclibc, but your DSS hostkey could be exposed | |
135 * if the random number source isn't good. It happened to Sony. | |
136 * On systems with a decent random source this isn't required. */ | |
137 /* #define DSS_PROTOK */ | |
138 | |
139 /* Control the memory/performance/compression tradeoff for zlib. | 132 /* Control the memory/performance/compression tradeoff for zlib. |
140 * Set windowBits=8 for least memory usage, see your system's | 133 * Set windowBits=8 for least memory usage, see your system's |
141 * zlib.h for full details. | 134 * zlib.h for full details. |
142 * Default settings (windowBits=15) will use 256kB for compression | 135 * Default settings (windowBits=15) will use 256kB for compression |
143 * windowBits=8 will use 129kB for compression. | 136 * windowBits=8 will use 129kB for compression. |