Leave the preference order for hashes unspecified

We don't seem to have strong feelings about this, so allow ourselves to change the order later. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-06-02 15:29:38 +02:00 · 2021-06-02 15:29:38 +02:00 · a28f0f5082
commit a28f0f5082
parent b1940a76ad
2 changed files with 5 additions and 4 deletions
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@ -2943,8 +2943,9 @@ void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf,
 * \note           By default, all supported hashes whose length is at least
 *                 256 bits are allowed. This is the same set as the default
 *                 for certificate verification
- *                 (#mbedtls_x509_crt_profile_default). Larger hashes are
- *                 preferred.
+ *                 (#mbedtls_x509_crt_profile_default).
+ *                 The preference order is currently unspecified and may
+ *                 change in future versions.
 *
 * \param conf     SSL configuration
 * \param hashes   Ordered list of allowed signature hashes,