Disable MD5 in handshake signatures by default

2024-11-22 16:45:41 +01:00 · 2015-12-04 15:02:56 +01:00 · 2015-12-04 15:02:56 +01:00 · b39528e2e8
commit b39528e2e8
parent 5a8396ed55
3 changed files with 22 additions and 2 deletions
--- a/5
+++ b/5
@ -1,5 +1,10 @@
 mbed TLS ChangeLog (Sorted per branch, date)

+= mbed TLS 2.1.4 released 2015-12-xx
+
+Security
+   * Disable MD5 for handshake signatures by default.
+
 = mbed TLS 2.1.3 released 2015-11-04

 Security
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@ -1553,7 +1553,7 @@ void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf,
 #if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
 /**
 * \brief          Set the allowed hashes for signatures during the handshake.
- *                 (Default: all available hashes.)
+ *                 (Default: all available hashes except MD5.)
 *
 * \note           This only affects which hashes are offered and can be used
 *                 for signatures during the handshake. Hashes for message
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -7006,6 +7006,21 @@ void mbedtls_ssl_config_init( mbedtls_ssl_config *conf )
    memset( conf, 0, sizeof( mbedtls_ssl_config ) );
 }

+static int ssl_preset_default_hashes[] = {
+#if defined(MBEDTLS_SHA512_C)
+    MBEDTLS_MD_SHA512,
+    MBEDTLS_MD_SHA384,
+#endif
+#if defined(MBEDTLS_SHA256_C)
+    MBEDTLS_MD_SHA256,
+    MBEDTLS_MD_SHA224,
+#endif
+#if defined(MBEDTLS_SHA1_C)
+    MBEDTLS_MD_SHA1,
+#endif
+    MBEDTLS_MD_NONE
+};
+
 static int ssl_preset_suiteb_ciphersuites[] = {
    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
@ -7162,7 +7177,7 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
 #endif

 #if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
-            conf->sig_hashes = mbedtls_md_list();
+            conf->sig_hashes = ssl_preset_default_hashes;
 #endif

 #if defined(MBEDTLS_ECP_C)