- Make curve25519 work after fixing a typo, interoperates with OpenSSH

- comment on ecc binary size effects --HG-- branch : ecc
author: Matt Johnston <matt@ucc.asn.au> 2013-11-09 00:02:26 +0800
committer: Matt Johnston <matt@ucc.asn.au> 2013-11-09 00:02:26 +0800
commit: 1e00d0b92676b985900594904084cc018803fa07 (patch)
tree: 2766c83b8e73a3aaa007d937ec08783a41be7060 /sysoptions.h
parent: 29b1455f362d3f40a7c328cbd202333a73149092 (diff)
1 files changed, 6 insertions, 1 deletions
diff --git a/sysoptions.h b/sysoptions.h
index 6637ad5..8459eb6 100644
--- a/sysoptions.h
+++ b/sysoptions.h
@@ -104,8 +104,13 @@
 #define DROPBEAR_LTC_PRNG
 #endif
 
+/* RSA can be vulnerable to timing attacks which use the time required for
+ * signing to guess the private key. Blinding avoids this attack, though makes
+ * signing operations slightly slower. */
+#define RSA_BLINDING
+
 /* hashes which will be linked and registered */
-#if defined(DROPBEAR_SHA2_256_HMAC) || defined(DROPBEAR_ECC_256)
+#if defined(DROPBEAR_SHA2_256_HMAC) || defined(DROPBEAR_ECC_256) || defined(DROPBEAR_CURVE25519)
 #define DROPBEAR_SHA256
 #endif
 #if defined(DROPBEAR_ECC_384)
author	Matt Johnston <matt@ucc.asn.au>	2013-11-09 00:02:26 +0800
committer	Matt Johnston <matt@ucc.asn.au>	2013-11-09 00:02:26 +0800
commit	1e00d0b92676b985900594904084cc018803fa07 (patch)
tree	2766c83b8e73a3aaa007d937ec08783a41be7060 /sysoptions.h
parent	29b1455f362d3f40a7c328cbd202333a73149092 (diff)