commit 543d00ef6fbe24165db0a4a0271b7fd127825509
author Valerio Setti <vsetti@baylibre.com> Thu Dec 22 14:27:34 2022 +0100
committer Valerio Setti <vsetti@baylibre.com> Thu Dec 22 14:27:34 2022 +0100
tree 40668ee8e1da56b359d78877e25df367e867993a
parent d55cb5b3f0c6443f9d19d76e8ad4f16e6ca367d8

sha: remove SHA1 from ssl_cookie

Signed-off-by: Valerio Setti <vsetti@baylibre.com>

library/ssl_cookie.c

diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c
index 0aa7be6..a996174 100644
--- a/library/ssl_cookie.c
+++ b/library/ssl_cookie.c
@@ -38,23 +38,19 @@
 #include <string.h>
 
 /*
- * If DTLS is in use, then at least one of SHA-1, SHA-224, SHA-384 is
- * available. Try SHA-224 first, 384 wastes resources
+ * If DTLS is in use, then at least one of SHA-256 or SHA-384 is
+ * available. Try SHA-256 first as 384 wastes resources
  */
-#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA)
-#define COOKIE_MD           MBEDTLS_MD_SHA224
+#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA)
+#define COOKIE_MD           MBEDTLS_MD_SHA256
 #define COOKIE_MD_OUTLEN    32
 #define COOKIE_HMAC_LEN     28
 #elif defined(MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA)
 #define COOKIE_MD           MBEDTLS_MD_SHA384
 #define COOKIE_MD_OUTLEN    48
 #define COOKIE_HMAC_LEN     28
-#elif defined(MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA)
-#define COOKIE_MD           MBEDTLS_MD_SHA1
-#define COOKIE_MD_OUTLEN    20
-#define COOKIE_HMAC_LEN     20
 #else
-#error "DTLS hello verify needs SHA-1 or SHA-2"
+#error "DTLS hello verify needs SHA-256 or SHA-384"
 #endif
 
 /*