cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-11-04 04:32:24 -05:00
Code Issues Packages Projects Releases Wiki Activity

Improve documentation of truncated HMAC fallback option

Browse Source
This commit is contained in:
Hanno Becker 2017-11-29 16:35:46 +00:00
parent 4c2ac7ef58
commit 702dfbcf13
1 changed files with 10 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
include/mbedtls/config.h
View File

@ -1366,13 +1366,17 @@
/** /**
* \def MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT * \def MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
* *
* Fallback to old, non-conforming implementation of the truncated * Fallback to old (pre-2.7), non-conforming implementation of the truncated
* HMAC extension which also truncates the HMAC key. * HMAC extension which also truncates the HMAC key. Note that this option is
* only meant for a transitory upgrade period and is likely to be removed in
* a future version of the library.
* *
* \warning This should only be enabled temporarily when (1) the use of * \warning The old implementation is non-compliant and has a security weakness
* truncated HMAC is essential in order to save bandwidth, and * (2^80 brute force attack on the HMAC key used for a single,
* (2) the peer is an Mbed TLS stack that doesn't use the fixed * uninterrupted connection). This should only be enabled temporarily
* implementation yet (version number <= 2.6.0). * when (1) the use of truncated HMAC is essential in order to save
* bandwidth, and (2) the peer is an Mbed TLS stack that doesn't use
* the fixed implementation yet (pre-2.7).
* *
* \deprecated This option is deprecated and will likely be removed in a * \deprecated This option is deprecated and will likely be removed in a
* future version of Mbed TLS. * future version of Mbed TLS.