EljakimHerrewijnen/Openwrt
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

dropbear: split out curve25519 support into a separate config option

Browse Source 
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48195
This commit is contained in:
Felix Fietkau 2016-01-10 22:38:53 +00:00
parent 8c138d4ae8
commit 1455b5b89a
2 changed files with 19 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
package/network/services/dropbear/Config.in
View File

@ -1,6 +1,15 @@
menu "Configuration" menu "Configuration"
depends on PACKAGE_dropbear depends on PACKAGE_dropbear
config DROPBEAR_CURVE25519
bool "Curve25519 support"
default n
help
This enables the following key exchange algorithm:
curve25519-sha256@libssh.org
Increases binary size by about 13 kB uncompressed (MIPS).
config DROPBEAR_ECC config DROPBEAR_ECC
bool "Elliptic curve cryptography (ECC)" bool "Elliptic curve cryptography (ECC)"
default n default n
@ -12,7 +21,6 @@ config DROPBEAR_ECC
ecdh-sha2-nistp256 ecdh-sha2-nistp256
ecdh-sha2-nistp384 ecdh-sha2-nistp384
ecdh-sha2-nistp521 ecdh-sha2-nistp521
curve25519-sha256@libssh.org
Public key algorithms: Public key algorithms:
ecdsa-sha2-nistp256 ecdsa-sha2-nistp256
@ -22,6 +30,6 @@ config DROPBEAR_ECC
Does not generate ECC host keys by default (ECC key exchange will not be used, Does not generate ECC host keys by default (ECC key exchange will not be used,
only ECC public key auth). only ECC public key auth).
Increases binary size by about 36 kB (MIPS). Increases binary size by about 23 kB (MIPS).
endmenu endmenu

11
package/network/services/dropbear/Makefile
View File

@ -23,7 +23,7 @@ PKG_LICENSE_FILES:=LICENSE libtomcrypt/LICENSE libtommath/LICENSE
PKG_BUILD_PARALLEL:=1 PKG_BUILD_PARALLEL:=1
PKG_USE_MIPS16:=0 PKG_USE_MIPS16:=0
PKG_CONFIG_DEPENDS:=CONFIG_DROPBEAR_ECC PKG_CONFIG_DEPENDS:=CONFIG_DROPBEAR_ECC CONFIG_DROPBEAR_CURVE25519
include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/package.mk
@ -80,9 +80,16 @@ TARGET_LDFLAGS += -Wl,--gc-sections
define Build/Configure define Build/Configure
$(Build/Configure/Default) $(Build/Configure/Default)
awk 'BEGIN { rc = 1 } \
/'DROPBEAR_CURVE25519'/ { $$$$0 = "$(if $(CONFIG_DROPBEAR_CURVE25519),,// )#define 'DROPBEAR_CURVE25519'"; rc = 0 } \
{ print } \
END { exit(rc) }' $(PKG_BUILD_DIR)/options.h \
>$(PKG_BUILD_DIR)/options.h.new && \
mv $(PKG_BUILD_DIR)/options.h.new $(PKG_BUILD_DIR)/options.h
# Enforce that all replacements are made, otherwise options.h has changed # Enforce that all replacements are made, otherwise options.h has changed
# format and this logic is broken. # format and this logic is broken.
for OPTION in DROPBEAR_ECDSA DROPBEAR_ECDH DROPBEAR_CURVE25519; do \ for OPTION in DROPBEAR_ECDSA DROPBEAR_ECDH; do \
awk 'BEGIN { rc = 1 } \ awk 'BEGIN { rc = 1 } \
/'$$$$OPTION'/ { $$$$0 = "$(if $(CONFIG_DROPBEAR_ECC),,// )#define '$$$$OPTION'"; rc = 0 } \ /'$$$$OPTION'/ { $$$$0 = "$(if $(CONFIG_DROPBEAR_ECC),,// )#define '$$$$OPTION'"; rc = 0 } \
{ print } \ { print } \