Get rid of group15, move group16 to sha512.

New groups are disabled by default pending draft-ietf-curdle-ssh-kex-sha2-02 being finalised
author: Matt Johnston <matt@ucc.asn.au> 2016-03-12 16:21:13 +0800
committer: Matt Johnston <matt@ucc.asn.au> 2016-03-12 16:21:13 +0800
commit: fdc61f3ab2c07f3f8d0546ee83b1a6776cc1786e (patch)
tree: 999a5037b2a5cc5c2fd0ed2f07be3ec56e56e588 /sysoptions.h
parent: a991d3b56bdd2750c772cb48bc1b932ed1714ad3 (diff)
1 files changed, 7 insertions, 2 deletions
diff --git a/sysoptions.h b/sysoptions.h
index 85ef718..8ce4361 100644
--- a/sysoptions.h
+++ b/sysoptions.h
@@ -113,20 +113,25 @@
 #define RSA_BLINDING
 
 /* hashes which will be linked and registered */
-#if defined(DROPBEAR_SHA2_256_HMAC) || defined(DROPBEAR_ECC_256) || defined(DROPBEAR_CURVE25519)
+#if defined(DROPBEAR_SHA2_256_HMAC) || defined(DROPBEAR_ECC_256) || defined(DROPBEAR_CURVE25519) || DROPBEAR_DH_GROUP14
 #define DROPBEAR_SHA256
 #endif
 #if defined(DROPBEAR_ECC_384)
 #define DROPBEAR_SHA384
 #endif
 /* LTC SHA384 depends on SHA512 */
-#if defined(DROPBEAR_SHA2_512_HMAC) || defined(DROPBEAR_ECC_521) || defined(DROPBEAR_ECC_384)
+#if defined(DROPBEAR_SHA2_512_HMAC) || defined(DROPBEAR_ECC_521) || defined(DROPBEAR_ECC_384) || DROPBEAR_DH_GROUP16
 #define DROPBEAR_SHA512
 #endif
 #if defined(DROPBEAR_MD5_HMAC)
 #define DROPBEAR_MD5
 #endif
 
+/* These are disabled in Dropbear 2016.73 by default since the spec 
+   draft-ietf-curdle-ssh-kex-sha2-02 is under development. */
+#define DROPBEAR_DH_GROUP14_256 0
+#define DROPBEAR_DH_GROUP16 0
+
 /* roughly 2x 521 bits */
 #define MAX_ECC_SIZE 140
author	Matt Johnston <matt@ucc.asn.au>	2016-03-12 16:21:13 +0800
committer	Matt Johnston <matt@ucc.asn.au>	2016-03-12 16:21:13 +0800
commit	fdc61f3ab2c07f3f8d0546ee83b1a6776cc1786e (patch)
tree	999a5037b2a5cc5c2fd0ed2f07be3ec56e56e588 /sysoptions.h
parent	a991d3b56bdd2750c772cb48bc1b932ed1714ad3 (diff)