Google Git
Sign in
pigweed/third_party/github/ARMmbed/mbedtls/5d2511c4d48eb197697466d1bd6b776cf09b0e7c^!/./ChangeLog
commit
5d2511c4d48eb197697466d1bd6b776cf09b0e7c
[log]
author
Gilles Peskine <Gilles.Peskine@arm.com>
Fri May 12 13:16:40 2017 +0200
committer
Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Tue Jun 06 18:44:14 2017 +0200
tree
9b24707cff6e4a677d456523ae6b132d334ce374
parent
682df09159383c5456ea986220bdffe654d37583 [diff] [blame]
SHA-1 deprecation: allow it in key exchange

By default, keep allowing SHA-1 in key exchange signatures. Disabling
it causes compatibility issues, especially with clients that use
TLS1.2 but don't send the signature_algorithms extension.

SHA-1 is forbidden in certificates by default, since it's vulnerable
to offline collision-based attacks.

diff --git a/ChangeLog b/ChangeLog
index 3befcad..265205c 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -4,12 +4,9 @@
 
 Security
 
-   * SHA-1 deprecation: remove it from the default allowed hash
-     algorithms for certificate verification and TLS 1.2 handshake
-     signatures. It can be turned back on at compile time with
-     MBEDTLS_TLS_DEFAULT_ALLOW_SHA1 or explicitly with ssl_conf functions.
-   * Removed RIPEMD-160 from the default hash algorithms for
-     certificate verification.
+   * Removed SHA-1 and RIPEMD-160 from the default hash algorithms for
+     certificate verification. SHA-1 can be turned back on with a compile-time
+     option if needed.
 
 Bugfix
    * Remove invalid use of size zero arrays in ECJPAKE test suite.