Merge pull request #4604 from gilles-peskine-arm/default-hashes-curves-3.0
Update the default hash and curve selection for X.509 and TLS
This commit is contained in:
commit
3e7ddb2bb6
16 changed files with 235 additions and 152 deletions
|
@ -2901,7 +2901,6 @@ void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf,
|
|||
#if defined(MBEDTLS_ECP_C)
|
||||
/**
|
||||
* \brief Set the allowed curves in order of preference.
|
||||
* (Default: all defined curves.)
|
||||
*
|
||||
* On server: this only affects selection of the ECDHE curve;
|
||||
* the curves used for ECDH and ECDSA are determined by the
|
||||
|
@ -2922,6 +2921,19 @@ void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf,
|
|||
* \note This list should be ordered by decreasing preference
|
||||
* (preferred curve first).
|
||||
*
|
||||
* \note The default list is the same set of curves that
|
||||
* #mbedtls_x509_crt_profile_default allows, plus
|
||||
* ECDHE-only curves selected according to the same criteria.
|
||||
* The order favors curves with the lowest resource usage.
|
||||
*
|
||||
* \note New minor versions of Mbed TLS may extend this list,
|
||||
* for example if new curves are added to the library.
|
||||
* New minor versions of Mbed TLS will not remove items
|
||||
* from this list unless serious security concerns require it.
|
||||
* New minor versions of Mbed TLS may change the order in
|
||||
* keeping with the general principle of favoring the lowest
|
||||
* resource usage.
|
||||
*
|
||||
* \param conf SSL configuration
|
||||
* \param curves Ordered list of allowed curves,
|
||||
* terminated by MBEDTLS_ECP_DP_NONE.
|
||||
|
@ -2933,7 +2945,6 @@ void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf,
|
|||
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
|
||||
/**
|
||||
* \brief Set the allowed hashes for signatures during the handshake.
|
||||
* (Default: all available hashes except MD5.)
|
||||
*
|
||||
* \note This only affects which hashes are offered and can be used
|
||||
* for signatures during the handshake. Hashes for message
|
||||
|
@ -2945,6 +2956,18 @@ void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf,
|
|||
* \note This list should be ordered by decreasing preference
|
||||
* (preferred hash first).
|
||||
*
|
||||
* \note By default, all supported hashes whose length is at least
|
||||
* 256 bits are allowed. This is the same set as the default
|
||||
* for certificate verification
|
||||
* (#mbedtls_x509_crt_profile_default).
|
||||
* The preference order is currently unspecified and may
|
||||
* change in future versions.
|
||||
*
|
||||
* \note New minor versions of Mbed TLS may extend this list,
|
||||
* for example if new curves are added to the library.
|
||||
* New minor versions of Mbed TLS will not remove items
|
||||
* from this list unless serious security concerns require it.
|
||||
*
|
||||
* \param conf SSL configuration
|
||||
* \param hashes Ordered list of allowed signature hashes,
|
||||
* terminated by \c MBEDTLS_MD_NONE.
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue