aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorValerio Setti <vsetti@baylibre.com>2022-12-22 14:27:34 +0100
committerValerio Setti <vsetti@baylibre.com>2022-12-22 14:27:34 +0100
commit543d00ef6fbe24165db0a4a0271b7fd127825509 (patch)
tree40668ee8e1da56b359d78877e25df367e867993a
parentd55cb5b3f0c6443f9d19d76e8ad4f16e6ca367d8 (diff)
downloadmbedtls-543d00ef6fbe24165db0a4a0271b7fd127825509.zip
mbedtls-543d00ef6fbe24165db0a4a0271b7fd127825509.tar.gz
mbedtls-543d00ef6fbe24165db0a4a0271b7fd127825509.tar.bz2
sha: remove SHA1 from ssl_cookie
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
Diffstat
-rw-r--r--library/ssl_cookie.c14
1 files changed, 5 insertions, 9 deletions
diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c
index 0aa7be6..a996174 100644
--- a/library/ssl_cookie.c
+++ b/library/ssl_cookie.c
@@ -38,23 +38,19 @@
#include <string.h>
/*
- * If DTLS is in use, then at least one of SHA-1, SHA-224, SHA-384 is
- * available. Try SHA-224 first, 384 wastes resources
+ * If DTLS is in use, then at least one of SHA-256 or SHA-384 is
+ * available. Try SHA-256 first as 384 wastes resources
*/
-#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA)
-#define COOKIE_MD MBEDTLS_MD_SHA224
+#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA)
+#define COOKIE_MD MBEDTLS_MD_SHA256
#define COOKIE_MD_OUTLEN 32
#define COOKIE_HMAC_LEN 28
#elif defined(MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA)
#define COOKIE_MD MBEDTLS_MD_SHA384
#define COOKIE_MD_OUTLEN 48
#define COOKIE_HMAC_LEN 28
-#elif defined(MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA)
-#define COOKIE_MD MBEDTLS_MD_SHA1
-#define COOKIE_MD_OUTLEN 20
-#define COOKIE_HMAC_LEN 20
#else
-#error "DTLS hello verify needs SHA-1 or SHA-2"
+#error "DTLS hello verify needs SHA-256 or SHA-384"
#endif
/*
generated by cgit v1.1 at 2024-09-12 05:47:26 +0000