SHA-1 deprecation: allow it in key exchange By default, keep allowing SHA-1 in key exchange signatures. Disabling it causes compatibility issues, especially with clients that use TLS1.2 but don't send the signature_algorithms extension. SHA-1 is forbidden in certificates by default, since it's vulnerable to offline collision-based attacks.

commit: 7344e1bd05a9ef0f7deb3100fe312d4f4bf05594 [log] [tgz]
author: Gilles Peskine <Gilles.Peskine@arm.com> Fri May 12 13:16:40 2017 +0200
committer: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Tue Jun 06 19:09:02 2017 +0200
tree: f6d070a9979359004cf0af695672d7ad58850335
parent: db56acae43d028705e37172277c17001fab97b1d [diff] [blame]
diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h
index 937dcd4..302dd2b 100644
--- a/include/mbedtls/x509_crt.h
+++ b/include/mbedtls/x509_crt.h

@@ -642,7 +642,7 @@
 }
 #endif
 
-#ifndef MBEDTLS_TLS_DEFAULT_ALLOW_SHA1
+#ifndef MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
 /* The test infrastructure requires a positive define */
 #define MBEDTLS_X509__DEFAULT_FORBID_SHA1
 #endif
commit	7344e1bd05a9ef0f7deb3100fe312d4f4bf05594	[log] [tgz]
author	Gilles Peskine <Gilles.Peskine@arm.com>	Fri May 12 13:16:40 2017 +0200
committer	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Tue Jun 06 19:09:02 2017 +0200
tree	f6d070a9979359004cf0af695672d7ad58850335
parent	db56acae43d028705e37172277c17001fab97b1d [diff] [blame]