diff options
author | Valerio Setti <vsetti@baylibre.com> | 2022-12-22 14:27:34 +0100 |
---|---|---|
committer | Valerio Setti <vsetti@baylibre.com> | 2022-12-22 14:27:34 +0100 |
commit | 543d00ef6fbe24165db0a4a0271b7fd127825509 (patch) | |
tree | 40668ee8e1da56b359d78877e25df367e867993a | |
parent | d55cb5b3f0c6443f9d19d76e8ad4f16e6ca367d8 (diff) | |
download | mbedtls-543d00ef6fbe24165db0a4a0271b7fd127825509.zip mbedtls-543d00ef6fbe24165db0a4a0271b7fd127825509.tar.gz mbedtls-543d00ef6fbe24165db0a4a0271b7fd127825509.tar.bz2 |
sha: remove SHA1 from ssl_cookie
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
-rw-r--r-- | library/ssl_cookie.c | 14 |
1 files changed, 5 insertions, 9 deletions
diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c index 0aa7be6..a996174 100644 --- a/library/ssl_cookie.c +++ b/library/ssl_cookie.c @@ -38,23 +38,19 @@ #include <string.h> /* - * If DTLS is in use, then at least one of SHA-1, SHA-224, SHA-384 is - * available. Try SHA-224 first, 384 wastes resources + * If DTLS is in use, then at least one of SHA-256 or SHA-384 is + * available. Try SHA-256 first as 384 wastes resources */ -#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA) -#define COOKIE_MD MBEDTLS_MD_SHA224 +#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA) +#define COOKIE_MD MBEDTLS_MD_SHA256 #define COOKIE_MD_OUTLEN 32 #define COOKIE_HMAC_LEN 28 #elif defined(MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA) #define COOKIE_MD MBEDTLS_MD_SHA384 #define COOKIE_MD_OUTLEN 48 #define COOKIE_HMAC_LEN 28 -#elif defined(MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA) -#define COOKIE_MD MBEDTLS_MD_SHA1 -#define COOKIE_MD_OUTLEN 20 -#define COOKIE_HMAC_LEN 20 #else -#error "DTLS hello verify needs SHA-1 or SHA-2" +#error "DTLS hello verify needs SHA-256 or SHA-384" #endif /* |