Also add these to `mdw-test/sites' to test the new functionality.
Signed-off-by: Mark Wooding <mdw@distorted.org.uk>
location levels.
dh P G
- Assigns a Diffie--Hellman closure to the `dh' key,
- constructed as `diffie-hellman(P, G)'. Acceptable at all
- levels; required at site level.
+ dh GROUP-NAME
+ Assigns a Diffie--Hellman closure to the `dh' key. If
+ MODULUS and GENERATOR are given, the closure is
+ constructed as `diffie-hellman(P, G)'. If a GROUP-NAME
+ is given, it must be one of `x25519' or `x448', and the
+ like-named pre-existing DH closure is used. This is a
+ listish property: it can be set more than once and the
+ values are accumulated into a list in the output.
+
+ Acceptable at all levels; required at site level.
hash HASH-NAME
Assigns the HASH-NAME to the `hash' key. The HASH-NAME
def __str__(self):
return ",".join(map((lambda n: '"%s"'%n), self.set.networks()))
-class dhgroup (basetype):
+class trad_dhgroup (basetype):
"A Diffie-Hellman group"
def __init__(self,w):
self.mod=w[1]
self.gen=w[2]
def __str__(self):
return 'diffie-hellman("%s","%s")'%(self.mod,self.gen)
+def dhgroup(w):
+ if w[1] in ('x25519', 'x448'): return w[1]
+ else: return trad_dhgroup(w)
class hash (basetype):
"A choice of hash function"
# Possible properties of configuration nodes
keywords={
'contact':(email,"Contact address"),
- 'dh':(dhgroup,"Diffie-Hellman group"),
+ 'dh':(listof(dhgroup),"Diffie-Hellman group"),
'hash':(hash,"Hash function"),
'key-lifetime':(num,"Maximum key lifetime (ms)"),
'setup-timeout':(num,"Key setup timeout (ms)"),
## 0 <= i < 12, so p is prime by Pocklington's theorem. Finally, set q =
## q_0, and g = 2^{(p-1)/q}, so that g has order q in GF(p)^*.
dh ef1233764fabef4f216f957871e7e9eda5a82d31aa1036ec54dd1d7f1dc6d15918370ebea703adbecf8ef48ca4760b555504b58eeadfe7ccfea8966096701434480dae0477537b1e8c56771b26742688a3804314ddbcd9121d21d1cdeb0574ab4f487a68b287e760305a8557d4b81aac36505ef206715e01ba581b4fed24f1806dc81051cedcbf78547574ef699f24b2aa02b0ae6d8dab4091795ed6ee95bf3120c8a7c7e607f4611b58f83bc0acde50a5345ff570366a2a3994b5ec09f1bb95a900f4b28ffd1b75336be514aaff162c810c35d65924710780f0954168d45a78179dbe496cd26fbc038846cbf054d8ae69bda87698a836866bde3d2c2aa4d7a2fb9a6cc3330d06f1e83e859f585f1612dd389badad41370a8d955dfd98ff241b0227130656b959962fc29e9721f7112bde43b4d09eb29db1ffac0a37ee25dbe99e1c4ea9bc23210971d2f02d8bc000f3caa711a6bab24ceab5022af119361bcb59b0c070989c8fb1ef005cef2aa988dabe9a822c082c374e15a94d8a0acd4a03 5418fc17aa90e9f025db7015c68748c63b021df235eb3f8dfc7a28bbfa0a119da168be262b639df2c285238713ef31075379dd4342ce526520e6b6d7d073509d1ff893dfed769536483228b89c00ec3b66b355d0158167e0f3bf67f34fdcbb40ffdd87d3cea8bc0723560d276f378301d120cb6ff5124ed325f1f7a93516f7f23ec5ba41a090a3c720f4a49bc2345304fd4683144f2b6970ee14e19dd75b95ce2273811de39cad185981eb5247f5049ae268390e1f54008fd052d1b6c07b5d93636db66a08de861cc4463512170c258221eb599ae595116274a71983f6e1f127609ca2114b244786b1648c0b9a7b4eb43073034fd19efce1f755b2e572d682176083eabfeba0bb5605de0c5c5ea01d6244284872a7f7e9a88105cde69c017590765ff24a62001b7674c39ee10260e440f56ab749fe352a3eb84b94981166e7a63bd294333668fcf9aa09ac7f133760a9d177d28bdfa4ee254dee39fa845a0230d6cf04384678970a88e20e829645e22fca339083803eb107282d0b4afd377e9a
+#dh x448
###--------------------------------------------------------------------------
location alice alice
~mdw / secnet / commitdiff