Mercurial > dropbear
diff default_options.h @ 1916:3f4cdf839a1a
Make SHA1 optional, implement SHA256 fingerprints
SHA256 is always compiled and only enable SHA1 when needed. Fingerprints
are always SHA256: base64 format, md5 and sha1 are removed. dbrandom now
uses sha256 its hash function.
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Wed, 30 Mar 2022 11:44:04 +0800 |
parents | 13cb8cc1b0e4 |
children | ff8a81386a2b |
line wrap: on
line diff
--- a/default_options.h Wed Mar 30 10:23:39 2022 +0800 +++ b/default_options.h Wed Mar 30 11:44:04 2022 +0800 @@ -116,7 +116,7 @@ * Compiling in will add ~6kB to binary size on x86-64 */ #define DROPBEAR_ENABLE_GCM_MODE 0 -/* Message integrity. sha2-256 is recommended as a default, +/* Message integrity. sha2-256 is recommended as a default, sha1 for compatibility */ #define DROPBEAR_SHA1_HMAC 1 #define DROPBEAR_SHA2_256_HMAC 1 @@ -172,7 +172,7 @@ * Small systems should generally include either curve25519 or ecdh for performance. * curve25519 is less widely supported but is faster - */ + */ #define DROPBEAR_DH_GROUP14_SHA1 1 #define DROPBEAR_DH_GROUP14_SHA256 1 #define DROPBEAR_DH_GROUP16 0