comparison options.h @ 216:ea9277442ef2

* move RSA_BLINDING to options.h
author Matt Johnston <matt@ucc.asn.au>
date Fri, 08 Jul 2005 13:19:10 +0000
parents 0d56e4b80dfb
children 9089929fb2b7
comparison
equal deleted inserted replaced
208:1a52846ec11f 216:ea9277442ef2
88 * Removing either of these won't save very much space. 88 * Removing either of these won't save very much space.
89 * SSH2 RFC Draft requires dss, recommends rsa */ 89 * SSH2 RFC Draft requires dss, recommends rsa */
90 #define DROPBEAR_RSA 90 #define DROPBEAR_RSA
91 #define DROPBEAR_DSS 91 #define DROPBEAR_DSS
92 92
93 /* RSA can be vulnerable to timing attacks which use the time required for
94 * signing to guess the private key. Blinding avoids this attack, though makes
95 * signing operations slightly slower. */
96 #define RSA_BLINDING
97
93 /* Define DSS_PROTOK to use PuTTY's method of generating the value k for dss, 98 /* Define DSS_PROTOK to use PuTTY's method of generating the value k for dss,
94 * rather than just from the random byte source. Undefining this will save you 99 * rather than just from the random byte source. Undefining this will save you
95 * ~4k in binary size with static uclibc, but your DSS hostkey could be exposed 100 * ~4k in binary size with static uclibc, but your DSS hostkey could be exposed
96 * if the random number source isn't good. In general this isn't required */ 101 * if the random number source isn't good. In general this isn't required */
97 /* #define DSS_PROTOK */ 102 /* #define DSS_PROTOK */