kdeconnect-kde

tristan/kdeconnect-kde

Fork 0

Commit graph

Author	SHA1	Message	Date
Albert Vaca Cintora	9a39eaa237	Use EC keys instead of RSA Use smaller and safer EC keys, replacing 2048 bit RSA. NID_X9_62_prime256v1 is roughly as secure as a 3072 bit RSA key, but way shorter. Since we have to embed the key in the identity packet that is sent over UDP and some stacks aren't happy with large UDP messages (notably: macos), I switched to EC instead of to a longer RSA key. This seems to be compatible with other clients even on older systems like Android 5.0. I did stick with NID_X9_62_prime256v1 because stronger EC like NID_secp384r1 failed the handshake (I didn't investigate why). We now store the kind of key in the config, so we can know which kind of key we are loading.	2024-05-19 10:04:43 +00:00
Albert Vaca Cintora	d0786d1b62	Simplify using QSslKey	2023-07-29 10:35:37 +02:00
Albert Vaca Cintora	d948d882aa	Replace QCA with a simple OpenSSL wrapper	2023-07-29 08:19:17 +00:00

Author

SHA1

Message

Date

Albert Vaca Cintora

9a39eaa237

Use EC keys instead of RSA

Use smaller and safer EC keys, replacing 2048 bit RSA.

NID_X9_62_prime256v1 is roughly as secure as a 3072 bit RSA key, but way shorter. 
Since we have to embed the key in the identity packet that is sent over UDP and
some stacks aren't happy with large UDP messages (notably: macos), I switched to
EC instead of to a longer RSA key.

This seems to be compatible with other clients even on older systems like Android 5.0.

I did stick with NID_X9_62_prime256v1 because stronger EC like NID_secp384r1 failed
the handshake (I didn't investigate why).

We now store the kind of key in the config, so we can know which kind of key we are loading.

2024-05-19 10:04:43 +00:00

Albert Vaca Cintora

d0786d1b62

Simplify using QSslKey

2023-07-29 10:35:37 +02:00

Albert Vaca Cintora

d948d882aa

Replace QCA with a simple OpenSSL wrapper

2023-07-29 08:19:17 +00:00

3 commits