mirror of
https://github.com/yuzu-mirror/mbedtls.git
synced 2026-02-25 09:05:29 +01:00
bea98b4581
These examples rely on the NET module, which we want to remove. In theory we could remove just the dependency, but we decided to remove the whole example because: - They showcase some bad crypto: custom, undocumented protocol (not obviously broken though, apart from authenticating only one side); hard-coded limit of 512-bit size for the DH modulus (2048 is the recommended minimum these days); direct use of the shared secret as a key (instead of applying a KDF); encryption with ECB, custom parameters and the client not having the ability to verify them. - The programs use the DH API in the same way that TLS does, so they have limited demonstration value. - The programs only show finite-field DH, which is not used all that much these days. What people want to see is mostly ECDH. |
||
|---|---|---|
| .. | ||
| CMakeLists.txt | ||
| dh_genprime.c | ||
| dh_prime.txt | ||
| ecdh_curve25519.c | ||
| ecdsa.c | ||
| gen_key.c | ||
| key_app.c | ||
| key_app_writer.c | ||
| mpi_demo.c | ||
| pk_decrypt.c | ||
| pk_encrypt.c | ||
| pk_sign.c | ||
| pk_verify.c | ||
| rsa_decrypt.c | ||
| rsa_encrypt.c | ||
| rsa_genkey.c | ||
| rsa_priv.txt | ||
| rsa_pub.txt | ||
| rsa_sign.c | ||
| rsa_sign_pss.c | ||
| rsa_verify.c | ||
| rsa_verify_pss.c | ||