Mercurial > dropbear

view libtomcrypt/src/headers/tomcrypt_dropbear.h @ 1855:35d504d59c05

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Implement server-side support for sk-ecdsa U2F-backed keys (#142) * Implement server-side support for sk-ecdsa U2F-backed keys * Fix out-of-bounds read on normal ecdsa-sha2-[identifier] keys * Fix one more potential out-of-bounds read * Check if nistp256 curve is used in sk-ecdsa-sha2- key It's the only allowed curve per PROTOCOL.u2f specification * Implement server-side support for sk-ed25519 FIDO2-backed keys * Keys with type sk-* make no sense as host keys, so they should be disabled * fix typo * Make sk-ecdsa call buf_ecdsa_verify This reduces code duplication, the SK code just handles the different message format. * Reduce sk specific code The application id can be stored in signkey, then we don't need to call sk-specific functions from svr-authpubkey * Remove debugging output, which causes compilation errors with DEBUG_TRACE disabled * Proper cleanup of sk_app Co-authored-by: Matt Johnston <[email protected]>
author egor-duda <egor-duda@users.noreply.github.com>
date Sat, 22 Jan 2022 16:53:04 +0300
parents c2c0f43ff827
children 3f4cdf839a1a
line wrap: on
line source

/* compile options depend on Dropbear options.h */
#include "options.h"

/* Dropbear config */

#define LTC_NOTHING

/* Use small code where possible */
#if DROPBEAR_SMALL_CODE
#define LTC_SMALL_CODE
#endif

/* Fewer entries needed */
#define TAB_SIZE      5

#if DROPBEAR_AES
#define LTC_RIJNDAEL
#endif
/* _TABLES tells it to use tables during setup, _SMALL means to use the smaller scheduled key format
 * (saves 4KB of ram), _ALL_TABLES enables all tables during setup */
#if DROPBEAR_TWOFISH
#define LTC_TWOFISH
#define LTC_TWOFISH_SMALL
#endif

#if DROPBEAR_3DES
#define LTC_DES
#endif

#if DROPBEAR_ENABLE_CBC_MODE
#define LTC_CBC_MODE
#endif

#if DROPBEAR_ENABLE_CTR_MODE
#define LTC_CTR_MODE
#endif

#if DROPBEAR_ENABLE_GCM_MODE
#define LTC_GCM_MODE
#endif

#if DROPBEAR_CHACHA20POLY1305
#define LTC_CHACHA
#define LTC_POLY1305
#endif

#if DROPBEAR_SHA512
#define LTC_SHA512
#endif

#if DROPBEAR_SHA384
#define LTC_SHA384
#endif

#if DROPBEAR_SHA256
#define LTC_SHA256
#endif

#define LTC_SHA1

#if DROPBEAR_MD5
#define LTC_MD5
#endif

/* ECC */
#if DROPBEAR_ECC
#define LTC_MECC
#define LTM_DESC

/* use Shamir's trick for point mul (speeds up signature verification) */
#define LTC_ECC_SHAMIR

#if DROPBEAR_ECC_256
#define LTC_ECC256
#endif
#if DROPBEAR_ECC_384
#define LTC_ECC384
#endif
#if DROPBEAR_ECC_521
#define LTC_ECC521
#endif

#endif /* DROPBEAR_ECC */

#define LTC_HMAC
#define LTC_HASH_HELPERS

#define LTC_NO_TEST

#define LTC_BASE64

/* end Dropbear config */