ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-02-07 21:23:51 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

merge of 197e1bd25c1741218fbe0d73a1e37d4082054216

Browse Source 
and 4dc12a3e22d2e0c63f65a9d48b07b37db7567899

--HG--
extra : convert_revision : dda1c40ce86d3ab6f27279669a5174c945eb7eed
This commit is contained in:
Matt Johnston 2005-07-08 13:19:20 +00:00
commit 215a369c2b
2 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
options.h
View File

@ -90,6 +90,11 @@ etc) slower (perhaps by 50%). Recommended for most small systems. */
#define DROPBEAR_RSA #define DROPBEAR_RSA
#define DROPBEAR_DSS #define DROPBEAR_DSS
/* RSA can be vulnerable to timing attacks which use the time required for
* signing to guess the private key. Blinding avoids this attack, though makes
* signing operations slightly slower. */
#define RSA_BLINDING
/* Define DSS_PROTOK to use PuTTY's method of generating the value k for dss, /* Define DSS_PROTOK to use PuTTY's method of generating the value k for dss,
* rather than just from the random byte source. Undefining this will save you * rather than just from the random byte source. Undefining this will save you
* ~4k in binary size with static uclibc, but your DSS hostkey could be exposed * ~4k in binary size with static uclibc, but your DSS hostkey could be exposed

1
rsa.c
View File

@ -275,7 +275,6 @@ void buf_put_rsa_sign(buffer* buf, rsa_key *key, const unsigned char* data,
/* the actual signing of the padded data */ /* the actual signing of the padded data */
#define RSA_BLINDING
#ifdef RSA_BLINDING #ifdef RSA_BLINDING
/* With blinding, s = (r^(-1))((em)*r^e)^d mod n */ /* With blinding, s = (r^(-1))((em)*r^e)^d mod n */