diff options
author | David Benjamin <davidben@google.com> | 2016-07-09 01:52:59 +0300 |
---|---|---|
committer | David Benjamin <davidben@google.com> | 2016-07-12 19:32:31 +0300 |
commit | ea9a0d5313f4244f2765e02d762788c1cb9be72a (patch) | |
tree | d5100ecccf1f97805c7755ae95dcc057725fb2b9 /crypto/crypto.c | |
parent | d246b817515b52b77ccc4876f25ddf4f41e67477 (diff) |
Refine SHA-1 default in signature algorithm negotiation.
Rather than blindly select SHA-1 if we can't find a matching one, act as
if the peer advertised rsa_pkcs1_sha1 and ecdsa_sha1. This means that we
will fail the handshake if no common algorithm may be found.
This is done in preparation for removing the SHA-1 default in TLS 1.3.
Change-Id: I3584947909d3d6988b940f9404044cace265b20d
Reviewed-on: https://boringssl-review.googlesource.com/8695
Reviewed-by: David Benjamin <davidben@google.com>
Diffstat (limited to 'crypto/crypto.c')
0 files changed, 0 insertions, 0 deletions