mbedtls/library/x509_crt.c at 59e6963a37a615b137ee4f9824f798dc704fdd96

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-11-06 19:29:29 +03:00

Files

Gilles Peskine 5d2511c4d4 SHA-1 deprecation: allow it in key exchange

By default, keep allowing SHA-1 in key exchange signatures. Disabling
it causes compatibility issues, especially with clients that use
TLS1.2 but don't send the signature_algorithms extension.

SHA-1 is forbidden in certificates by default, since it's vulnerable
to offline collision-based attacks.

2017-06-06 18:44:14 +02:00

69 KiB

Raw Blame History

View Raw

69 KiB Raw Blame History

69 KiB

Raw Blame History