Improve documentation of truncated HMAC fallback option
This commit is contained in:
parent
4c2ac7ef58
commit
702dfbcf13
1 changed files with 10 additions and 6 deletions
|
@ -1366,13 +1366,17 @@
|
|||
/**
|
||||
* \def MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
|
||||
*
|
||||
* Fallback to old, non-conforming implementation of the truncated
|
||||
* HMAC extension which also truncates the HMAC key.
|
||||
* Fallback to old (pre-2.7), non-conforming implementation of the truncated
|
||||
* HMAC extension which also truncates the HMAC key. Note that this option is
|
||||
* only meant for a transitory upgrade period and is likely to be removed in
|
||||
* a future version of the library.
|
||||
*
|
||||
* \warning This should only be enabled temporarily when (1) the use of
|
||||
* truncated HMAC is essential in order to save bandwidth, and
|
||||
* (2) the peer is an Mbed TLS stack that doesn't use the fixed
|
||||
* implementation yet (version number <= 2.6.0).
|
||||
* \warning The old implementation is non-compliant and has a security weakness
|
||||
* (2^80 brute force attack on the HMAC key used for a single,
|
||||
* uninterrupted connection). This should only be enabled temporarily
|
||||
* when (1) the use of truncated HMAC is essential in order to save
|
||||
* bandwidth, and (2) the peer is an Mbed TLS stack that doesn't use
|
||||
* the fixed implementation yet (pre-2.7).
|
||||
*
|
||||
* \deprecated This option is deprecated and will likely be removed in a
|
||||
* future version of Mbed TLS.
|
||||
|
|
Loading…
Reference in a new issue