* options.h, common-kex.c: fix support of 4096 byte host keys

--HG-- extra : convert_revision : 096f29c430c23f0140f0cf272942a13046483ec6
author: Matt Johnston <matt@ucc.asn.au> 2005-11-30 10:11:24 +0000
committer: Matt Johnston <matt@ucc.asn.au> 2005-11-30 10:11:24 +0000
commit: 736f370dce614b717193f45d084e9e009de723ce (patch)
tree: d0b9bd7f5b4a76b441b0b3be63a1d48976ff99ca /options.h
parent: 4a4e1b49ecd03caf4dd978b0cf24cd18fe0e0f73 (diff)
1 files changed, 8 insertions, 4 deletions
diff --git a/options.h b/options.h
index 6285756..baba472 100644
--- a/options.h
+++ b/options.h
@@ -306,10 +306,14 @@ etc) slower (perhaps by 50%). Recommended for most small systems. */
 #define MAX_STRING_LEN 1400 /* ~= MAX_PROPOSED_ALGO * MAX_NAME_LEN, also
 							   is the max length for a password etc */
 
-/* For a 4096 bit DSS key, empirically determined to be 1590 bytes */
-#define MAX_PUBKEY_SIZE 1600
-/* For a 4096 bit DSS key, empirically determined to be 1590 bytes */
-#define MAX_PRIVKEY_SIZE 1600
+/* For a 4096 bit DSS key, empirically determined */
+#define MAX_PUBKEY_SIZE 1700
+/* For a 4096 bit DSS key, empirically determined */
+#define MAX_PRIVKEY_SIZE 1700
+
+/* The maximum size of the bignum portion of the kexhash buffer */
+/* Sect. 8 of the transport draft, K_S + e + f + K */
+#define KEXHASHBUF_MAX_INTS (1700 + 130 + 130 + 130)
 
 #define DROPBEAR_MAX_SOCKS 2 /* IPv4, IPv6 are all we'll get for now. Revisit
 								in a few years time.... */
author	Matt Johnston <matt@ucc.asn.au>	2005-11-30 10:11:24 +0000
committer	Matt Johnston <matt@ucc.asn.au>	2005-11-30 10:11:24 +0000
commit	736f370dce614b717193f45d084e9e009de723ce (patch)
tree	d0b9bd7f5b4a76b441b0b3be63a1d48976ff99ca /options.h
parent	4a4e1b49ecd03caf4dd978b0cf24cd18fe0e0f73 (diff)