From 8dd35374a9cd52af7ba70660defdb9f36ed9d75b Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Mon, 6 Apr 2020 23:18:26 +0800 Subject: use sigtype where appropriate --- sysoptions.h | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) (limited to 'sysoptions.h') diff --git a/sysoptions.h b/sysoptions.h index 2c27caf..0f52431 100644 --- a/sysoptions.h +++ b/sysoptions.h @@ -139,9 +139,17 @@ If you test it please contact the Dropbear author */ * signing operations slightly slower. */ #define DROPBEAR_RSA_BLINDING 1 +#ifndef DROPBEAR_RSA_SHA1 +#define DROPBEAR_RSA_SHA1 DROPBEAR_RSA +#endif +#ifndef DROPBEAR_RSA_SHA256 +#define DROPBEAR_RSA_SHA256 DROPBEAR_RSA +#endif + /* hashes which will be linked and registered */ -#define DROPBEAR_SHA256 ((DROPBEAR_SHA2_256_HMAC) || (DROPBEAR_ECC_256) \ - || (DROPBEAR_CURVE25519) || (DROPBEAR_DH_GROUP14_SHA256)) +#define DROPBEAR_SHA256 ((DROPBEAR_SHA2_256_HMAC) || (DROPBEAR_ECC_256) \ + || (DROPBEAR_CURVE25519) || (DROPBEAR_DH_GROUP14_SHA256) \ + || (DROPBEAR_RSA_SHA256)) #define DROPBEAR_SHA384 (DROPBEAR_ECC_384) /* LTC SHA384 depends on SHA512 */ #define DROPBEAR_SHA512 ((DROPBEAR_SHA2_512_HMAC) || (DROPBEAR_ECC_521) \ -- cgit v1.2.1 From 7871273feb1a2e76857ddcc80b1fe7e7081b60b1 Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Sun, 24 May 2020 14:16:58 +0800 Subject: send and handle SSH_MSG_EXT_INFO only at the correct point - other fixes for rsa pubkey auth - only include ext-info handling when rsa pubkey auth is compiled --- sysoptions.h | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'sysoptions.h') diff --git a/sysoptions.h b/sysoptions.h index 0f52431..d5f8da8 100644 --- a/sysoptions.h +++ b/sysoptions.h @@ -161,6 +161,10 @@ If you test it please contact the Dropbear author */ #define DROPBEAR_NORMAL_DH ((DROPBEAR_DH_GROUP1) || (DROPBEAR_DH_GROUP14) || (DROPBEAR_DH_GROUP16)) +/* Dropbear only uses server-sig-algs, only needed if we have rsa-sha256 pubkey auth */ +#define DROPBEAR_EXT_INFO ((DROPBEAR_RSA_SHA256) \ + && ((DROPBEAR_CLI_PUBKEY_AUTH) || (DROPBEAR_SVR_PUBKEY_AUTH))) + /* roughly 2x 521 bits */ #define MAX_ECC_SIZE 140 -- cgit v1.2.1