Document more precisely what goes into the default preset Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

commit: 169fa2336b69d89f0c2ed3fcfa35a2f6fe05d766 [log] [tgz]
author: Gilles Peskine <Gilles.Peskine@arm.com> Mon Jun 07 21:26:41 2021 +0200
committer: Gilles Peskine <Gilles.Peskine@arm.com> Mon Jun 07 21:30:15 2021 +0200
tree: c71cd0f3d91b1f7935c01afed6146d1eacdb7231
parent: 347ada71cc7c6cae7e38a74360bd8434c4f31405 [diff] [blame]
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index fe33ac8..a8376a2 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h

@@ -2237,7 +2237,7 @@
 #if defined(MBEDTLS_ECP_C)
 /**
  * \brief          Set the allowed curves in order of preference.
- *                 (Default: all defined curves.)
+ *                 (Default: all defined curves in order of decreasing size.)
  *
  *                 On server: this only affects selection of the ECDHE curve;
  *                 the curves used for ECDH and ECDSA are determined by the
@@ -2269,7 +2269,7 @@
 #if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
 /**
  * \brief          Set the allowed hashes for signatures during the handshake.
- *                 (Default: all available hashes except MD5.)
+ *                 (Default: all SHA2 hashes, largest first.)
  *
  * \note           This only affects which hashes are offered and can be used
  *                 for signatures during the handshake. Hashes for message
commit	169fa2336b69d89f0c2ed3fcfa35a2f6fe05d766	[log] [tgz]
author	Gilles Peskine <Gilles.Peskine@arm.com>	Mon Jun 07 21:26:41 2021 +0200
committer	Gilles Peskine <Gilles.Peskine@arm.com>	Mon Jun 07 21:30:15 2021 +0200
tree	c71cd0f3d91b1f7935c01afed6146d1eacdb7231
parent	347ada71cc7c6cae7e38a74360bd8434c4f31405 [diff] [blame]