diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2013-10-15 13:37:01 +0100 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2013-10-20 22:07:33 +0100 |
commit | 3495842bb06fffd4c1032f224e5708295707a18e (patch) | |
tree | 3972edde183b7631a2ae72b492b1ee131556bee3 /ssl | |
parent | face65dab82debf993f61631db3c1cfffcda8234 (diff) |
Prevent use of RSA+MD5 in TLS 1.2 by default.
Removing RSA+MD5 from the default signature algorithm list
prevents its use by default.
If a broken implementation attempts to use RSA+MD5 anyway the sanity
checking of signature algorithms will cause a fatal alert.
(cherry picked from commit 77a0f740d00ecf8f6b01c0685a2f858c3f65a3dd)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/t1_lib.c | 11 |
1 files changed, 1 insertions, 10 deletions
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index ced7b83381..dbd02e2f3f 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -876,9 +876,6 @@ static unsigned char tls12_sigalgs[] = { #ifndef OPENSSL_NO_SHA tlsext_sigalg(TLSEXT_hash_sha1) #endif -#ifndef OPENSSL_NO_MD5 - tlsext_sigalg_rsa(TLSEXT_hash_md5) -#endif }; #ifndef OPENSSL_NO_ECDSA static unsigned char suiteb_sigalgs[] = { @@ -921,13 +918,7 @@ size_t tls12_get_psigalgs(SSL *s, const unsigned char **psigs) else { *psigs = tls12_sigalgs; -#ifdef OPENSSL_FIPS - /* If FIPS mode don't include MD5 which is last */ - if (FIPS_mode()) - return sizeof(tls12_sigalgs) - 2; - else -#endif - return sizeof(tls12_sigalgs); + return sizeof(tls12_sigalgs); } } /* Check signature algorithm is consistent with sent supported signature |