yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-28 00:11:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

SHA-1 is allowed for handshake signatures by default

Browse source 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2021-06-21 09:53:25 +02:00
parent da728b31b0
commit 138d9f52cf
1 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
include/mbedtls/ssl.h
View file

@ -3019,7 +3019,9 @@ void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf,
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
/** /**
* \brief Set the allowed hashes for signatures during the handshake. * \brief Set the allowed hashes for signatures during the handshake.
* (Default: all SHA2 hashes, largest first.) * (Default: all SHA-2 hashes, largest first. Also SHA-1 if
* the compile-time option
* `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE` is enabled.)
* *
* \note This only affects which hashes are offered and can be used * \note This only affects which hashes are offered and can be used
* for signatures during the handshake. Hashes for message * for signatures during the handshake. Hashes for message