TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-04-06 12:35:36 +02:00
Code Issues Packages Projects Releases Wiki Activity

Remove SHA1 from the list of dependencies for OCSP

Browse Source
This commit is contained in:
Andres Amaya Garcia
2017-11-28 22:02:00 +00:00
committed by Andres Amaya Garcia
parent a5487f5620
commit 8df18f0caa
1 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
include/mbedtls/check_config.h
View File

@@ -642,11 +642,17 @@
#error "MBEDTLS_X509_CSR_PARSE_C defined, but not all prerequisites"
#endif
/*
* RFC 6960 Section 4.3 states that "clients that request OCSP services SHALL
* be capable of processing responses signed using RSA with SHA-256".
* Therefore, we require MBEDTLS_RSA_C and MBEDTLS_SHA256_C when OCSP is
* enabled.
*/
#if defined(MBEDTLS_X509_OCSP_PARSE_C) && ( !defined(MBEDTLS_X509_USE_C) || \
!defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_MD_C) || \
!defined(MBEDTLS_OID_C) || !defined(MBEDTLS_ASN1_PARSE_C) || \
!defined(MBEDTLS_PK_C) || !defined(MBEDTLS_RSA_C) || \
!defined(MBEDTLS_SHA1_C) || !defined(MBEDTLS_SHA256_C) )
!defined(MBEDTLS_SHA256_C) )
#error "MBEDTLS_X509_OCSP_PARSE_C defined, but not all prerequisites"
#endif