diff options
author | Christian Grothoff <christian@grothoff.org> | 2013-03-04 14:26:56 +0000 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2013-03-04 14:26:56 +0000 |
commit | 33797fe6d5375d34c17e093e63011d813e260da8 (patch) | |
tree | 1b45803ca73b86c4f1d5378ceb327d9fc8714f95 | |
parent | d0cf573115d89775e1546996c2e6780cac12a98c (diff) | |
download | gnunet-33797fe6d5375d34c17e093e63011d813e260da8.tar.gz gnunet-33797fe6d5375d34c17e093e63011d813e260da8.zip |
-go to more sane ECC curve to be more DoS-resistant
-rw-r--r-- | src/include/gnunet_crypto_lib.h | 4 | ||||
-rw-r--r-- | src/include/gnunet_testing_lib.h | 2 | ||||
-rw-r--r-- | src/util/crypto_ecc.c | 2 |
3 files changed, 4 insertions, 4 deletions
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h index 5b6d238c5..4dfe618a9 100644 --- a/src/include/gnunet_crypto_lib.h +++ b/src/include/gnunet_crypto_lib.h | |||
@@ -97,12 +97,12 @@ enum GNUNET_CRYPTO_Quality | |||
97 | * Maximum length of an ECC signature. | 97 | * Maximum length of an ECC signature. |
98 | * Note: round up to multiple of 8 minus 2 for alignment. | 98 | * Note: round up to multiple of 8 minus 2 for alignment. |
99 | */ | 99 | */ |
100 | #define GNUNET_CRYPTO_ECC_SIGNATURE_DATA_ENCODING_LENGTH 190 | 100 | #define GNUNET_CRYPTO_ECC_SIGNATURE_DATA_ENCODING_LENGTH 126 |
101 | 101 | ||
102 | /** | 102 | /** |
103 | * Maximum length of the public key (q-point, Q = dP) when encoded. | 103 | * Maximum length of the public key (q-point, Q = dP) when encoded. |
104 | */ | 104 | */ |
105 | #define GNUNET_CRYPTO_ECC_MAX_PUBLIC_KEY_LENGTH 140 | 105 | #define GNUNET_CRYPTO_ECC_MAX_PUBLIC_KEY_LENGTH 76 |
106 | 106 | ||
107 | 107 | ||
108 | /** | 108 | /** |
diff --git a/src/include/gnunet_testing_lib.h b/src/include/gnunet_testing_lib.h index 8a2910450..630152ddf 100644 --- a/src/include/gnunet_testing_lib.h +++ b/src/include/gnunet_testing_lib.h | |||
@@ -50,7 +50,7 @@ extern "C" | |||
50 | * curves (rounded up to the next full KB to make IO nicer); it is NOT | 50 | * curves (rounded up to the next full KB to make IO nicer); it is NOT |
51 | * the number of bits in the key. | 51 | * the number of bits in the key. |
52 | */ | 52 | */ |
53 | #define GNUNET_TESTING_HOSTKEYFILESIZE 2048 | 53 | #define GNUNET_TESTING_HOSTKEYFILESIZE 1024 |
54 | 54 | ||
55 | /** | 55 | /** |
56 | * Handle for a system on which GNUnet peers are executed; | 56 | * Handle for a system on which GNUnet peers are executed; |
diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c index d89989bd4..ea6dde647 100644 --- a/src/util/crypto_ecc.c +++ b/src/util/crypto_ecc.c | |||
@@ -30,7 +30,7 @@ | |||
30 | 30 | ||
31 | #define EXTRA_CHECKS ALLOW_EXTRA_CHECKS | 31 | #define EXTRA_CHECKS ALLOW_EXTRA_CHECKS |
32 | 32 | ||
33 | #define CURVE "NIST P-521" | 33 | #define CURVE "NIST P-256" |
34 | 34 | ||
35 | #define LOG(kind,...) GNUNET_log_from (kind, "util", __VA_ARGS__) | 35 | #define LOG(kind,...) GNUNET_log_from (kind, "util", __VA_ARGS__) |
36 | 36 | ||