Mercurial > dropbear

diff sysoptions.h @ 1248:739b3909c499

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Get rid of group15, move group16 to sha512. New groups are disabled by default pending draft-ietf-curdle-ssh-kex-sha2-02 being finalised
author Matt Johnston <matt@ucc.asn.au>
date Sat, 12 Mar 2016 16:21:13 +0800
parents 2c23d72e06b2
children 309e1c4a8768
line wrap: on
line diff
--- a/sysoptions.h	Thu Mar 10 21:37:35 2016 +0800
+++ b/sysoptions.h	Sat Mar 12 16:21:13 2016 +0800
@@ -113,20 +113,25 @@
 #define RSA_BLINDING
 
 /* hashes which will be linked and registered */
-#if defined(DROPBEAR_SHA2_256_HMAC) || defined(DROPBEAR_ECC_256) || defined(DROPBEAR_CURVE25519)
+#if defined(DROPBEAR_SHA2_256_HMAC) || defined(DROPBEAR_ECC_256) || defined(DROPBEAR_CURVE25519) || DROPBEAR_DH_GROUP14
 #define DROPBEAR_SHA256
 #endif
 #if defined(DROPBEAR_ECC_384)
 #define DROPBEAR_SHA384
 #endif
 /* LTC SHA384 depends on SHA512 */
-#if defined(DROPBEAR_SHA2_512_HMAC) || defined(DROPBEAR_ECC_521) || defined(DROPBEAR_ECC_384)
+#if defined(DROPBEAR_SHA2_512_HMAC) || defined(DROPBEAR_ECC_521) || defined(DROPBEAR_ECC_384) || DROPBEAR_DH_GROUP16
 #define DROPBEAR_SHA512
 #endif
 #if defined(DROPBEAR_MD5_HMAC)
 #define DROPBEAR_MD5
 #endif
 
+/* These are disabled in Dropbear 2016.73 by default since the spec 
+   draft-ietf-curdle-ssh-kex-sha2-02 is under development. */
+#define DROPBEAR_DH_GROUP14_256 0
+#define DROPBEAR_DH_GROUP16 0
+
 /* roughly 2x 521 bits */
 #define MAX_ECC_SIZE 140