Upgrade the default TLS hash and curve selection, matching X.509 Upgrade the default list of hashes and curves allowed for TLS. The list is now aligned with X.509 certificate verification: hashes and curves with at least 255 bits (Curve25519 included), and RSA 2048 and above. Remove MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE which would no longer do anything. Document more precisely what is allowed by default. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

commit: ae270bf3860aad2c68430d6381be586a72c4f1ab [log] [tgz]
author: Gilles Peskine <Gilles.Peskine@arm.com> Wed Jun 02 00:05:29 2021 +0200
committer: Gilles Peskine <Gilles.Peskine@arm.com> Thu Jun 17 21:46:14 2021 +0200
tree: 65b4928475e7c0606693830c21479639028e1082
parent: ffb92da622122c8d1f6dd9cd626ed3b098ccf181 [diff] [blame]
diff --git a/library/ecp.c b/library/ecp.c
index 044bbe1..6bb955c 100644
--- a/library/ecp.c
+++ b/library/ecp.c

@@ -509,9 +509,9 @@
  *  - readable name
  *
  * Curves are listed in order: largest curves first, and for a given size,
- * fastest curves first. This provides the default order for the SSL module.
+ * fastest curves first.
  *
- * Reminder: update profiles in x509_crt.c when adding a new curves!
+ * Reminder: update profiles in x509_crt.c and ssl_tls.c when adding a new curve!
  */
 static const mbedtls_ecp_curve_info ecp_supported_curves[] =
 {
commit	ae270bf3860aad2c68430d6381be586a72c4f1ab	[log] [tgz]
author	Gilles Peskine <Gilles.Peskine@arm.com>	Wed Jun 02 00:05:29 2021 +0200
committer	Gilles Peskine <Gilles.Peskine@arm.com>	Thu Jun 17 21:46:14 2021 +0200
tree	65b4928475e7c0606693830c21479639028e1082
parent	ffb92da622122c8d1f6dd9cd626ed3b098ccf181 [diff] [blame]