yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-03-24 22:15:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

Change wording of warnings

Browse source
This commit is contained in:
Hanno Becker 2017-10-03 12:09:22 +01:00
parent f240ea0b50
commit f9734b35b5
2 changed files with 25 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
include/mbedtls/config.h
View file

@ -619,11 +619,11 @@
* MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
* MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
* *
* \warning The possibility for the use of custom groups * \warning Using DHE constitutes a security risk as it
* in the use of DHM in TLS constitutes a security * is not possible to validate custom DH parameters.
* risk. If possible, it is recommended to use * If possible, it is recommended users should consider
* EC-based key exchanges instead. See the documentation * preferring other methods of key exchange.
* at the top of dhm.h for more information. * See dhm.h for more details.
* *
*/ */
#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED #define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
@ -725,11 +725,11 @@
* MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
* MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
* *
* \warning The possibility for the use of custom groups * \warning Using DHE constitutes a security risk as it
* in the use of DHM in TLS constitutes a security * is not possible to validate custom DH parameters.
* risk. If possible, it is recommended to use * If possible, it is recommended users should consider
* EC-based key exchanges instead. See the documentation * preferring other methods of key exchange.
* at the top of dhm.h for more information. * See dhm.h for more details.
* *
*/ */
#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED #define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
@ -1850,11 +1850,11 @@
* This module is used by the following key exchanges: * This module is used by the following key exchanges:
* DHE-RSA, DHE-PSK * DHE-RSA, DHE-PSK
* *
* \warning The possibility for the use of custom groups * \warning Using DHE constitutes a security risk as it
* in the use of DHM in TLS constitutes a security * is not possible to validate custom DH parameters.
* risk. If possible, it is recommended to use * If possible, it is recommended users should consider
* EC-based key exchanges instead. See the documentation * preferring other methods of key exchange.
* at the top of dhm.h for more information. * See dhm.h for more details.
* *
*/ */
#define MBEDTLS_DHM_C #define MBEDTLS_DHM_C

22
include/mbedtls/dhm.h
View file

@ -25,22 +25,20 @@
* of non-safe primes both decreases the difficulty of the underlying * of non-safe primes both decreases the difficulty of the underlying
* discrete logarithm problem and can lead to small subgroup attacks * discrete logarithm problem and can lead to small subgroup attacks
* leaking private exponent bits when invalid public keys are used * leaking private exponent bits when invalid public keys are used
* and not detected. This is especially relevant if the same DHM parameters * and not detected. This is especially relevant if the same DHM
* are reused for multiple key exchanges as in static DHM, while the * parameters are reused for multiple key exchanges as in static DHM,
* criticality of small-subgroup attacks is lower for ephemeral DHM. * while the criticality of small-subgroup attacks is lower for
* ephemeral DHM.
* *
* For performance reasons, the code does neither perform primality * For performance reasons, the code does neither perform primality
* nor safe primality tests, nor the expensive checks for invalid * nor safe primality tests, nor the expensive checks for invalid
* subgroups. * subgroups. Moreover, even if these were performed, non-standardized
* primes cannot be trusted because of the possibility of backdoors
* that can't be effectively checked for.
* *
* The possibility for the use of custom, non-safe primes in DHM * We therefore consider DHE a security risk. If possible, it is
* is a deficiency in the TLS protocol that has been adressed only * recommended users should consider preferring other methods of
* recently through the addition of the named group extension from * key exchange.
* RFC 7919, which however is not yet implemented in Mbed TLS.
*
* If possible, we recommend to use elliptic curve based key
* exchanges instead of DHM-based ones, because the former only
* accepts standardized groups.
* *
*/ */
#ifndef MBEDTLS_DHM_H #ifndef MBEDTLS_DHM_H