diff options
author | Christian Grothoff <christian@grothoff.org> | 2015-05-22 07:27:20 +0000 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2015-05-22 07:27:20 +0000 |
commit | 259e8c1c53b241df2717d8d0b740453c2252ef27 (patch) | |
tree | 47b7a9dabff4c1f160e0a47c4b09fc67cc63150e | |
parent | 2bcfaa1c52e32b45aa29cfe09e98b174db8f879c (diff) | |
download | gnunet-259e8c1c53b241df2717d8d0b740453c2252ef27.tar.gz gnunet-259e8c1c53b241df2717d8d0b740453c2252ef27.zip |
-use flag to disable key generation test for libgcrypt > 1.7
-rw-r--r-- | src/util/crypto_ecc.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c index dc3f206e7..e6d6bc133 100644 --- a/src/util/crypto_ecc.c +++ b/src/util/crypto_ecc.c | |||
@@ -492,9 +492,14 @@ GNUNET_CRYPTO_ecdhe_key_create () | |||
492 | gcry_mpi_t d; | 492 | gcry_mpi_t d; |
493 | int rc; | 493 | int rc; |
494 | 494 | ||
495 | /* NOTE: For libgcrypt >= 1.7, we do not need the 'eddsa' flag here, | ||
496 | but should also be harmless. For libgcrypt < 1.7, using 'eddsa' | ||
497 | disables an expensive key testing routine. We do not want to run | ||
498 | the expensive check for ECDHE, as we generate TONS of keys to | ||
499 | use for a very short time. */ | ||
495 | if (0 != (rc = gcry_sexp_build (&s_keyparam, NULL, | 500 | if (0 != (rc = gcry_sexp_build (&s_keyparam, NULL, |
496 | "(genkey(ecc(curve \"" CURVE "\")" | 501 | "(genkey(ecc(curve \"" CURVE "\")" |
497 | "(flags eddsa)))"))) | 502 | "(flags eddsa no-keytest)))"))) |
498 | { | 503 | { |
499 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc); | 504 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc); |
500 | return NULL; | 505 | return NULL; |