From: Mark Wooding Date: Fri, 28 Apr 2017 21:51:36 +0000 (+0100) Subject: make-secnet-sites: Add XDH groups X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?a=commitdiff_plain;h=f18c0ddb749e43b38256516d254479dec0c0624e;p=secnet.git make-secnet-sites: Add XDH groups (This was originally only part of a larger commit by Mark Wooding; I (Ian Jackson) have split it out.) Signed-off-by: Mark Wooding Signed-off-by: Ian Jackson --- diff --git a/README.make-secnet-sites b/README.make-secnet-sites index ad1242b..a194906 100644 --- a/README.make-secnet-sites +++ b/README.make-secnet-sites @@ -188,9 +188,14 @@ INPUT SYNTAX location levels. dh P G - Assigns a Diffie--Hellman closure to the `dh' key, - constructed as `diffie-hellman(P, G)'. Acceptable at all - levels; required at site level. + dh GROUP-NAME + Assigns a Diffie--Hellman closure to the `dh' key. If + MODULUS and GENERATOR are given, the closure is + constructed as `diffie-hellman(P, G)'. If a GROUP-NAME + is given, it must be one of `x25519' or `x448', and the + like-named pre-existing DH closure is used. + + Acceptable at all levels; required at site level. hash HASH-NAME Assigns the HASH-NAME to the `hash' key. The HASH-NAME diff --git a/make-secnet-sites b/make-secnet-sites index 4fa29b0..e10f7fc 100755 --- a/make-secnet-sites +++ b/make-secnet-sites @@ -499,13 +499,16 @@ class networks (basetype): def __str__(self): return ",".join(map((lambda n: '"%s"'%n), self.set.networks())) -class dhgroup (basetype): +class trad_dhgroup (basetype): "A Diffie-Hellman group" def __init__(self,w): self.mod=w[1].bignum_16('dh','dh mod') self.gen=w[2].bignum_16('dh','dh gen') def __str__(self): return 'diffie-hellman("%s","%s")'%(self.mod,self.gen) +def dhgroup(w): + if w[1] in ('x25519', 'x448'): return w[1] + else: return trad_dhgroup(w) class hash (basetype): "A choice of hash function"