mbedtls/include
Gilles Peskine ae270bf386 Upgrade the default TLS hash and curve selection, matching X.509
Upgrade the default list of hashes and curves allowed for TLS. The list is
now aligned with X.509 certificate verification: hashes and curves with at
least 255 bits (Curve25519 included), and RSA 2048 and above.

Remove MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE which would no
longer do anything.

Document more precisely what is allowed by default.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-06-17 21:46:14 +02:00
..
mbedtls Upgrade the default TLS hash and curve selection, matching X.509 2021-06-17 21:46:14 +02:00
psa Merge remote-tracking branch 'mbedtls/development' into mbedtls_private_with_python 2021-06-14 16:17:32 +02:00
.gitignore
CMakeLists.txt Revert "Remove tests that depend on TLS or X.509" 2020-03-19 14:17:54 +01:00