Merge 'iotssl-558-2.1-md5-tls-sigs-restricted'

2025-03-24 22:35:15 +00:00 · 2015-12-23 18:52:18 +00:00 · 2015-12-23 18:52:18 +00:00 · aa4114910a
parent 35ea92dbc6 2bbfee3cbc
commit aa4114910a
4 changed files with 23 additions and 5 deletions
--- a/3
+++ b/3
@ -3,9 +3,12 @@ mbed TLS ChangeLog (Sorted per branch, date)
 = mbed TLS 2.1.4 released 2015-12-xx
 Security
   * Fix potential double free when mbedtls_asn1_store_named_data() fails to
     allocate memory. Only used for certificate generation, not triggerable
     remotely in SSL/TLS. Found by Rafał Przywara. #367
   * Disable MD5 handshake signatures in TLS 1.2 by default
     (Reported by Karthikeyan Bhargavan and Gaëtan Leurent.)
 Bugfix
   * Fix over-restrictive length limit in GCM. Found by Andreas-N. #362
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@ -1554,7 +1554,7 @@ void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf,
 #if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
 /**
 * \brief          Set the allowed hashes for signatures during the handshake.
- *                 (Default: all available hashes.)
+ *                 (Default: all available hashes except MD5.)
 *
 * \note           This only affects which hashes are offered and can be used
 *                 for signatures during the handshake. Hashes for message
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@ -1950,7 +1950,7 @@ static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl,
     */
    if( ( *md_alg = mbedtls_ssl_md_alg_from_hash( (*p)[0] ) ) == MBEDTLS_MD_NONE )
    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "Server used unsupported "
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "Server used unsupported "
                            "HashAlgorithm %d", *(p)[0] ) );
        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
    }
@ -1960,7 +1960,7 @@ static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl,
     */
    if( ( *pk_alg = mbedtls_ssl_pk_alg_from_sig( (*p)[1] ) ) == MBEDTLS_PK_NONE )
    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "server used unsupported "
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "server used unsupported "
                            "SignatureAlgorithm %d", (*p)[1] ) );
        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
    }
@ -1970,7 +1970,7 @@ static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl,
     */
    if( mbedtls_ssl_check_sig_hash( ssl, *md_alg ) != 0 )
    {
-        MBEDTLS_SSL_DEBUG_MSG( 2, ( "server used HashAlgorithm "
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "server used HashAlgorithm "
                                    "that was not offered" ) );
        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
    }
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -7032,6 +7032,21 @@ void mbedtls_ssl_config_init( mbedtls_ssl_config *conf )
    memset( conf, 0, sizeof( mbedtls_ssl_config ) );
 }
 static int ssl_preset_default_hashes[] = {
 #if defined(MBEDTLS_SHA512_C)
    MBEDTLS_MD_SHA512,
    MBEDTLS_MD_SHA384,
 #endif
 #if defined(MBEDTLS_SHA256_C)
    MBEDTLS_MD_SHA256,
    MBEDTLS_MD_SHA224,
 #endif
 #if defined(MBEDTLS_SHA1_C)
    MBEDTLS_MD_SHA1,
 #endif
    MBEDTLS_MD_NONE
 };
 static int ssl_preset_suiteb_ciphersuites[] = {
    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
@ -7188,7 +7203,7 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
 #endif
 #if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
-            conf->sig_hashes = mbedtls_md_list();
+            conf->sig_hashes = ssl_preset_default_hashes;
 #endif
 #if defined(MBEDTLS_ECP_C)