From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Fri, 29 Jul 2022 08:27:09 +0200 Received: from metis.ext.pengutronix.de ([2001:67c:670:201:290:27ff:fe1d:cc33]) by lore.white.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1oHJSn-003G9F-Mt for lore@lore.pengutronix.de; Fri, 29 Jul 2022 08:27:09 +0200 Received: from localhost ([127.0.0.1] helo=metis.ext.pengutronix.de) by metis.ext.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1oHJSn-0002CB-09; Fri, 29 Jul 2022 08:27:09 +0200 Received: from drehscheibe.grey.stw.pengutronix.de ([2a0a:edc0:0:c01:1d::a2]) by metis.ext.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1oHJPN-00066I-0c; Fri, 29 Jul 2022 08:23:37 +0200 Received: from [2a0a:edc0:0:1101:1d::39] (helo=dude03.red.stw.pengutronix.de) by drehscheibe.grey.stw.pengutronix.de with esmtp (Exim 4.94.2) (envelope-from ) id 1oHJPM-000SNm-9v; Fri, 29 Jul 2022 08:23:36 +0200 Received: from mol by dude03.red.stw.pengutronix.de with local (Exim 4.94.2) (envelope-from ) id 1oHJPL-00A2L2-6K; Fri, 29 Jul 2022 08:23:35 +0200 From: Michael Olbrich To: ptxdist@pengutronix.de Date: Fri, 29 Jul 2022 08:23:35 +0200 Message-Id: <20220729062335.2392222-1-m.olbrich@pengutronix.de> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20220704121831.23787-7-ada@thorsis.com> References: <20220704121831.23787-7-ada@thorsis.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: Re: [ptxdist] [APPLIED] dropbear: Rework key exchange algorithm options X-BeenThere: ptxdist@pengutronix.de X-Mailman-Version: 2.1.29 Precedence: list List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Cc: Alexander Dahl Sender: "ptxdist" X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false Thanks, applied as 91608613316a0031ec4a9581f762160a99239ce2. Michael [sent from post-receive hook] On Fri, 29 Jul 2022 08:23:34 +0200, Alexander Dahl wrote: > The options for diffie-hellman key exchange were mixed up with message > integrity hmacs. > > Signed-off-by: Alexander Dahl > Message-Id: <20220704121831.23787-7-ada@thorsis.com> > Signed-off-by: Michael Olbrich > > diff --git a/rules/dropbear.in b/rules/dropbear.in > index 33e8500a93ee..a64b2306a64a 100644 > --- a/rules/dropbear.in > +++ b/rules/dropbear.in > @@ -279,7 +279,30 @@ config DROPBEAR_ED25519 > Public keys are 256 bits long and signatures are 512 bits > long. > > -comment "Key exchange algorithm ---" > +comment "Key exchange algorithm, at least one required ---" > + > +config DROPBEAR_DH_GROUP14_SHA256 > + bool > + prompt "group14_sha256" > + default y > + help > + 2048 bit, sha2-256. > + group14 is supported by most implementations. > + > +config DROPBEAR_DH_GROUP14_SHA1 > + bool > + prompt "group14_sha1" > + help > + 2048 bit, sha1. > + group14 is supported by most implementations. > + > +config DROPBEAR_DH_GROUP16 > + bool > + prompt "group16" > + help > + 4096 bit, sha2-512. > + group16 provides a greater strength level but is slower and > + increases binary size. > > config DROPBEAR_ECDH > bool > @@ -287,16 +310,32 @@ config DROPBEAR_ECDH > help > ECDH stands for Elliptic Curve Diffie-Hellman. > > + Small systems should generally include either curve25519 or > + ecdh for performance. > + > config DROPBEAR_CURVE25519 > bool > - prompt "curve25519-donna" > + prompt "curve25519" > help > - Enable curve25519-donna for key exchange. > + Enable curve25519 for key exchange. > This is another elliptic curve method with good security properties. > This algorithm does not rely on NIST-based curves > and gives us more security confidence against a possible > backdoor in nistp-256 curve. > > + Small systems should generally include either curve25519 or > + ecdh for performance. > + > +config DROPBEAR_DH_GROUP1 > + bool > + prompt "group1 (legacy, client only)" > + help > + 1024 bit, sha1. > + This is too small for security though is necessary if you need > + compatibility with some implementations such as Dropbear > + versions < 0.53. > + Client only! > + > comment "Authentication types, at least one required --- RFC Draft requires pubkey auth" > > config DROPBEAR_PASSWD > diff --git a/rules/dropbear.make b/rules/dropbear.make > index 7653cf3e57cc..e86b8bf43803 100644 > --- a/rules/dropbear.make > +++ b/rules/dropbear.make > @@ -157,13 +157,9 @@ endif > ifdef PTXCONF_DROPBEAR_SHA1 > @echo "ptxdist: enabling sha1" > @echo "#define DROPBEAR_SHA1_HMAC 1" >> $(DROPBEAR_LOCALOPTIONS) > - @echo "#define DROPBEAR_DH_GROUP1 1" >> $(DROPBEAR_LOCALOPTIONS) > - @echo "#define DROPBEAR_DH_GROUP14_SHA1 1" >> $(DROPBEAR_LOCALOPTIONS) > else > @echo "ptxdist: disabling sha1" > @echo "#define DROPBEAR_SHA1_HMAC 0" >> $(DROPBEAR_LOCALOPTIONS) > - @echo "#define DROPBEAR_DH_GROUP1 0" >> $(DROPBEAR_LOCALOPTIONS) > - @echo "#define DROPBEAR_DH_GROUP14_SHA1 0" >> $(DROPBEAR_LOCALOPTIONS) > endif > > ifdef PTXCONF_DROPBEAR_SHA1_96 > @@ -223,6 +219,30 @@ endif > @echo "#define DROPBEAR_SK_ED25519 0" >> $(DROPBEAR_LOCALOPTIONS) > > # key exchange algorithm > +ifdef PTXCONF_DROPBEAR_DH_GROUP14_SHA256 > + @echo "ptxdist: enabling dh_group14_sha256" > + @echo "#define DROPBEAR_DH_GROUP14_SHA256 1" >> $(DROPBEAR_LOCALOPTIONS) > +else > + @echo "ptxdist: disabling dh_group14_sha256" > + @echo "#define DROPBEAR_DH_GROUP14_SHA256 0" >> $(DROPBEAR_LOCALOPTIONS) > +endif > + > +ifdef PTXCONF_DROPBEAR_DH_GROUP14_SHA1 > + @echo "ptxdist: enabling dh_group14_sha1" > + @echo "#define DROPBEAR_DH_GROUP14_SHA1 1" >> $(DROPBEAR_LOCALOPTIONS) > +else > + @echo "ptxdist: disabling dh_group14_sha1" > + @echo "#define DROPBEAR_DH_GROUP14_SHA1 0" >> $(DROPBEAR_LOCALOPTIONS) > +endif > + > +ifdef PTXCONF_DROPBEAR_DH_GROUP16 > + @echo "ptxdist: enabling dh_group16" > + @echo "#define DROPBEAR_DH_GROUP16 1" >> $(DROPBEAR_LOCALOPTIONS) > +else > + @echo "ptxdist: disabling dh_group16" > + @echo "#define DROPBEAR_DH_GROUP16 0" >> $(DROPBEAR_LOCALOPTIONS) > +endif > + > ifdef PTXCONF_DROPBEAR_ECDH > @echo "ptxdist: enabling ecdh" > @echo "#define DROPBEAR_ECDH 1" >> $(DROPBEAR_LOCALOPTIONS) > @@ -239,6 +259,14 @@ else > @echo "#define DROPBEAR_CURVE25519 0" >> $(DROPBEAR_LOCALOPTIONS) > endif > > +ifdef PTXCONF_DROPBEAR_DH_GROUP1 > + @echo "ptxdist: enabling dh_group1" > + @echo "#define DROPBEAR_DH_GROUP1 1" >> $(DROPBEAR_LOCALOPTIONS) > +else > + @echo "ptxdist: disabling dh_group1" > + @echo "#define DROPBEAR_DH_GROUP1 0" >> $(DROPBEAR_LOCALOPTIONS) > +endif > + > # authentication types > ifdef PTXCONF_DROPBEAR_PASSWD > @echo "ptxdist: enabling passwd"