Mercurial > dropbear
comparison options.h @ 216:ea9277442ef2
* move RSA_BLINDING to options.h
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Fri, 08 Jul 2005 13:19:10 +0000 |
| parents | 0d56e4b80dfb |
| children | 9089929fb2b7 |
comparison
equal
deleted
inserted
replaced
| 208:1a52846ec11f | 216:ea9277442ef2 |
|---|---|
| 88 * Removing either of these won't save very much space. | 88 * Removing either of these won't save very much space. |
| 89 * SSH2 RFC Draft requires dss, recommends rsa */ | 89 * SSH2 RFC Draft requires dss, recommends rsa */ |
| 90 #define DROPBEAR_RSA | 90 #define DROPBEAR_RSA |
| 91 #define DROPBEAR_DSS | 91 #define DROPBEAR_DSS |
| 92 | 92 |
| 93 /* RSA can be vulnerable to timing attacks which use the time required for | |
| 94 * signing to guess the private key. Blinding avoids this attack, though makes | |
| 95 * signing operations slightly slower. */ | |
| 96 #define RSA_BLINDING | |
| 97 | |
| 93 /* Define DSS_PROTOK to use PuTTY's method of generating the value k for dss, | 98 /* Define DSS_PROTOK to use PuTTY's method of generating the value k for dss, |
| 94 * rather than just from the random byte source. Undefining this will save you | 99 * rather than just from the random byte source. Undefining this will save you |
| 95 * ~4k in binary size with static uclibc, but your DSS hostkey could be exposed | 100 * ~4k in binary size with static uclibc, but your DSS hostkey could be exposed |
| 96 * if the random number source isn't good. In general this isn't required */ | 101 * if the random number source isn't good. In general this isn't required */ |
| 97 /* #define DSS_PROTOK */ | 102 /* #define DSS_PROTOK */ |