locked
[Win10 build 14372] IE - SHA256 default hash breaks CSP functionality RRS feed

  • Question

  • Hello all,

    We are using a custom CSP for the CPS French SmartCard.

    Testing it on build 14372 of Win10 Insider Preview,

    we notice that it doesn't work on SSL connection with Internet Explorer.

    In the CSP logs, we find following:

    CPCreateHash(..., 0x0000800c, ..) which fails

    So IE is asking for a SHA256 hash to be signed.

    I thougth IE would fallback to using SHA1 algorithm.

    Is this a new security feature in IE ?

    Will it be present in upcoming Anniversary Update ?

    Thanks for your answer.

    Regards.

    Note : the custom CSP used to working in build 14295 of Insider Preview

    • Edited by Rosko_92 Wednesday, July 20, 2016 7:17 PM
    Wednesday, July 20, 2016 6:43 PM