[strongSwan-dev] [PATCH] DiffieHellman Groups 22-24 in RFC5114
Martin Willi
martin at strongswan.org
Thu Apr 8 14:10:23 CEST 2010
Hi Joy,
> + /**
> + * The generator as byte array.
> + */
> + const u_int8_t *hex_generator;
> +
> + /**
> + * Length of the hex generator.
> + */
> + size_t hex_generator_len;
I think we can unify the generator format and drop the current u_int16_t
definition by a generic chunk format. I'll push these changes to master
this afternoon.
> +modp_dh22, DIFFIE_HELLMAN_GROUP, MODP_DH22,
> +modp_dh23, DIFFIE_HELLMAN_GROUP, MODP_DH23,
> +modp_dh24, DIFFIE_HELLMAN_GROUP, MODP_DH24,
Traditionally, strongSwan did not use the group number for
configuration, but instead some more meaningful names by including the
size of the prime. This gives the user a hint how strong a group
actually is.
I'd prefer a naming scheme for the new groups in accordance to the
existing groups. What about modp1024s160 and MODP_1024_160? Too
complicated?
Regards
Martin
More information about the Dev
mailing list