Lines Matching refs:now
41 * The function mbedtls_mpi_gcd() now always gives a non-negative output.
123 non-default members of the union. The PSA core now ensures that this
140 as long as they had at most two trailing equal signs. They are now
151 * The function mbedtls_x509_string_to_names() now requires its head argument
160 mbedtls_ssl_handshake() now fails with
175 * MD module can now perform PSA dispatching also when
188 The library will now prevent the handshake and return
264 * A TLS handshake may now call psa_crypto_init() if TLS 1.3 is enabled.
267 * By default, the handling of TLS 1.3 tickets by the Mbed TLS client is now
269 signalled by MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET return values now
352 * MBEDTLS_ASN1_PARSE_C and MBEDTLS_ASN1_WRITE_C are now automatically enabled
441 * psa_import_key() now only accepts RSA keys in the PSA standard formats.
474 * AES-NI is now supported in Windows builds with clang and clang-cl.
485 * If a cipher or AEAD mechanism has a PSA driver, you can now build the
492 * The CTR_DRBG module will now use AES from a PSA driver if MBEDTLS_AES_C is
498 MBEDTLS_PSA_CRYPTO can now be enabled without MBEDTLS_CIPHER_C if all
523 with PKCS#5 PBES2. Keys encrypted this way can now be parsed by PK parse.
533 * The benchmark program now reports times for both ephemeral and static
562 * Mbed TLS now supports the writing and reading of TLS 1.3 early data (see
579 to PSA functions is now secure by default.
580 The PSA core now protects against modification of inputs or exposure
641 * mbedtls_pem_read_buffer() now performs a check on the padding data of
669 they are now treated separately. This means that they should be
675 * mbedtls_pk_sign_ext() is now always available, not just when
679 PSA_WANT_DH_RFC7919_XXXX. You now need to defined the corresponding macro
692 * The TLS 1.3 protocol is now enabled in the default configuration.
712 * Mbed TLS is now released under a dual Apache-2.0 OR GPL-2.0-or-later
737 * Officially require Python 3.8 now that earlier versions are out of support.
738 * Minimum required Windows version is now Windows Vista, or
744 are now being deprecated in favor of PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_yyy and
753 * mbedtls_pkcs5_pbes2() and mbedtls_pkcs12_pbe() functions are now
760 * All modules that use hashes or HMAC can now take advantage of PSA Crypto
770 * When a PSA driver for ECDH is present, it is now possible to disable
784 TLS 1.3 protocols are enabled, the TLS server now selects TLS 1.2 or
787 * X.509 hostname verification now supports IPAddress Subject Alternate Names.
798 * It is now possible to generate certificates with SubjectAltNames.
803 * X.509 hostname verification now partially supports URI Subject Alternate
844 extended: it is now possible to use mbedtls_pk_write_key_der(),
848 * The documentation of mbedtls_ecp_group now describes the optimized
980 * Functions in the ssl_cache module now return a negative MBEDTLS_ERR_xxx
983 * mbedtls_pk_parse_key() now rejects trailing garbage in encrypted keys.
1003 mbedtls_cipher_set_padding_mode() is now enforced. Previously, omitting
1020 ssl_ciphersuites.c). The preferred cipher suite is now
1024 * mbedtls_x509write_crt_set_serial() is now being deprecated in favor of
1027 * PSA to mbedtls error translation is now unified in psa_util.h,
1058 * SHA224_C/SHA384_C are now independent from SHA384_C/SHA512_C respectively.
1075 * When a PSA driver for ECDSA is present, it is now possible to disable
1090 * When a PSA driver for EC J-PAKE is present, it is now possible to disable
1097 * AES-NI is now supported with Visual Studio.
1098 * AES-NI is now supported in 32-bit builds, or when MBEDTLS_HAVE_ASM
1103 * It is now possible to use a PSA-held (opaque) password with the TLS 1.2
1120 timing side-channel attacks. There is now an intrinsics-based AES-NI
1143 * mbedtls_x509write_crt_set_serial() now explicitly rejects serial numbers
1145 forbidden by the standard (RFC5280 - section 4.1.2.2) and now it's being
1161 mbedtls_oid_get_numeric_string(). OIDs such as 2.40.0.25 are now printed
1171 * Fix the handling of renegotiation attempts in TLS 1.3. They are now
1198 defined, mbedtls_pk_sign() now use deterministic ECDSA for ECDSA
1205 - now it accepts the serial number in 2 different formats: decimal and
1223 compiler target flags on the command line; the library now sets target
1231 It is now no longer experimental, and implements the final version from
1244 from a release, the Python module jsonschema is now necessary, in
1263 * Some modules can now use PSA drivers for hashes, including with no
1265 - RSA OAEP and PSS (PKCS#1 v2.1), PKCS5, PKCS12 and EC J-PAKE now use
1267 - PEM parsing of encrypted files now uses MD-5 from PSA when (and only
1272 the entropy module. As a consequence, for now the only way to build with
1275 * When MBEDTLS_USE_PSA_CRYPTO is enabled, X.509, TLS 1.2 and TLS 1.3 now
1277 As a consequence, they now work in configurations where the built-in
1293 * Mbed TLS now supports TLS 1.3 key establishment via pre-shared keys.
1305 * The PSA driver wrapper generator generate_driver_wrappers.py now
1312 * The TLS 1.2 EC J-PAKE key exchange can now use the PSA Crypto API.
1397 serial numbers are now rendered in hex format. Fixes #6262.
1427 ChaCha20+Poly1305) now returns MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE
1438 * mbedtls_cipher_set_iv will now fail with ChaCha20 and ChaCha20+Poly1305
1461 TLS 1.3 handshake should now be configured with
1469 * The structures mbedtls_ssl_config and mbedtls_ssl_context now store
1485 * The X.509 module now uses PSA hash acceleration if present.
1521 now capable of negotiating another shared secret if the one sent in its
1524 TLS 1.3 protocols are enabled in the build of Mbed TLS, the TLS client now
1536 now causes most of them to be done using PSA Crypto; see
1538 * The function mbedtls_pk_setup_opaque() now supports RSA key pairs as well.
1539 Opaque keys can now be used everywhere a private key is expected in the
1543 previously only worked for "pure" PSK key exchange, now can also be used
1545 * cmake now detects if it is being built as a sub-project, and in that case
1605 * The TLS 1.3 implementation is now compatible with the
1635 * psa_raw_key_agreement() now returns PSA_ERROR_BUFFER_TOO_SMALL when
1660 connection identifier, the Mbed TLS client now properly sends the server
1683 * The file library/psa_crypto_driver_wrappers.c is now generated
1694 DLLs are now installed in the bin directory instead of lib.
1824 This algorithm now accepts only the same salt length for verification
1827 * The existing predicate macro name PSA_ALG_IS_HASH_AND_SIGN is now reserved
1845 * The key usage flags PSA_KEY_USAGE_SIGN_MESSAGE now allows the MAC
1847 * The key usage flags PSA_KEY_USAGE_VERIFY_MESSAGE now allows the MAC
1859 postponed until now.
1880 * The generated configuration-independent files are now automatically
1935 mbedtls_sha256_finish and mbedtls_sha256 now has a pointer type
1942 now takes extra output parameters for the last partial output block.
1943 mbedtls_gcm_update() now takes extra parameters for the output length.
1962 decryption functions now always use the private key and verification and
1974 mbedtls_cipher_finish() is now mandatory. Previously the documentation
1979 instead of computing tables in runtime. Thus, this option now increase
1989 * mbedtls_rsa_init() now always selects the PKCS#1v1.5 encoding for an RSA
1991 after initializing the context. mbedtls_rsa_set_padding() now returns an
1998 mbedtls_xxx() now return int instead of void, and the corresponding
2003 parameter, this parameter is now mandatory (that is, NULL is not an
2004 acceptable value). Functions which previously accepted NULL and now
2009 * The following functions now require an RNG parameter:
2016 Further, callbacks now receive an additional parameter
2020 context are now connection-specific.
2021 * Signature functions in the RSA and PK modules now require the hash
2027 mbedtls_ecdsa_write_signature_restartable() now take an extra parameter
2035 "Most structure fields are now private".
2037 mbedtls_ssl_{set,get}_session() may now only be called once for any given
2046 by default. The default order in TLS now favors faster curves over larger
2050 * The library now uses the %zu format specifier with the printf() family of
2055 release, some configuration-independent files are now generated at build
2138 now determined automatically based on supported curves.
2166 * The multi-part GCM interface now supports chunked associated data through
2212 * PSA functions creating a key now return PSA_ERROR_INVALID_ARGUMENT rather
2218 * PSA functions other than psa_open_key now return PSA_ERROR_INVALID_HANDLE
2275 implementations. This reliance is now removed. Fixes #3990.
2290 can now only be used as intended, for keys that cannot be modified through
2306 * Alternative implementations of CMAC may now opt to not support 3DES as a
2323 mbedtls_mpi_read_string() now construct an mbedtls_mpi object with 0 limbs
2327 now writing an empty string where it previously wrote one or more
2355 * The API glue function mbedtls_ecc_group_of_psa() now takes the curve size
2363 as always 0. It is now reserved for internal purposes and may take
2375 * The PSA crypto subsystem can now use HMAC_DRBG instead of CTR_DRBG.
2380 MBEDTLS_ECP_xxx_ALT accelerator hooks are in use can now be turned off
2382 * The PSA crypto subsystem can now be configured to use less static RAM by
2387 now use an external random generator instead of the library's own
2391 applications using TLS and MBEDTLS_USE_PSA_CRYPTO) can now use the PSA
2459 now uses the getrandom syscall instead of reading from /dev/urandom.
2508 operations now accept the key identifier. The type psa_key_handle_t is now
2569 * mbedtls_ecp_curve_list() now lists Curve25519 and Curve448 under the names
2589 * psa_set_key_id() now also sets the lifetime to persistent for keys located
2591 * Attempting to create a volatile key with a non-zero key identifier now
2595 range now fails.
2702 APIs. psa_import_key and psa_export_key will now correctly expect/output
2710 * PSA key import will now correctly import a Curve25519/Curve448 public key
2728 the copyright of contributors other than Arm is now acknowledged, and the
2829 * Fix warnings about signedness issues in format strings. The build is now
2847 dropped. As a consequence, the TLS handshake now fails when the output
2849 * The unit tests now rely on header files in framework/tests/include/test and source
2853 * The ECP module, enabled by `MBEDTLS_ECP_C`, now depends on
2999 * Key derivation inputs in the PSA API can now either come from a key object
3010 key derivation function, use a buffer instead (this is now always
3029 mbedtls_hmac_drbg_set_entropy_len() now work if you call them before
3035 * psa_close_key(0) and psa_destroy_key(0) now succeed (doing nothing, as
3037 * Variables containing error codes are now initialized to an error code
3108 * The HAVEGE state type now uses uint32_t elements instead of int.
3109 * The functions mbedtls_ecp_curve_list() and mbedtls_ecp_grp_id_list() now
3122 is now deprecated.
3178 code and tests are now only available via Mbed Crypto, which
3196 * It is now possible to use NIST key wrap mode via the mbedtls_cipher API.
3200 * It is now possible to perform RSA PKCS v1.5 signatures with RIPEMD-160 digest.
3354 * Ciphersuites based on 3DES now have the lowest priority by default when
3386 parameter validation whereas other modules had little. This has now been
3388 that it is now optional with the MBEDTLS_CHECK_PARAMS flag which by default
3519 supported are deprecated and are now replaced by the new equivalent
3846 mbedtls_ecdh_compute_shared()) are supported for now. Contributed by
3946 * The truncated HMAC extension now conforms to RFC 6066. This means
3948 HMAC extension, Mbed TLS can now interoperate with other
4255 * Certificate verification functions now set flags to -1 in case the full
4258 * With authmode set to optional, the TLS handshake is now aborted if the
4485 scripts, which is also now called by all.sh.
4594 * Fix non-compliance server extension handling. Extensions for SSLv3 are now
4654 * mbedtls_x509_crt_verify(_with_profile)() now also checks the key type and
4779 * The PEM parser now accepts a trailing space at end of lines (#226).
4780 * It is now possible to #include a user-provided configuration file at the
4809 You now need to link to all of them if you use TLS for example.
4818 * Headers are now found in the 'mbedtls' directory (previously 'polarssl').
4841 * mbedtls_ssl_conf_ca_chain() lost its last argument (peer_cn), now set
4845 * On server, mbedtls_ssl_conf_session_tickets_cb() must now be used in
4849 * mbedtls_ssl_conf_truncated_hmac() now returns void.
4850 * mbedtls_memory_buffer_alloc_init() now returns void.
4851 * X.509 verification flags are now an uint32_t. Affect the signature of:
4865 * In the threading layer, mbedtls_mutex_init() and mbedtls_mutex_free() now
4877 mbedtls_pk_parse_public_key() and mbedtls_dhm_parse_dhm() now expect the
4880 * calloc() is now used instead of malloc() everywhere. API of platform
4884 (support for renegotiation now needs explicit enabling in config.h).
4905 * Configuration options POLARSSL_HAVE_LONGLONG was removed (now always on).
4929 * The default minimum TLS version is now TLS 1.0.
4930 * RC4 is now blacklisted by default in the SSL/TLS layer, and excluded from the
4932 * Support for receiving SSLv2 ClientHello is now disabled by default at
4934 * The default authmode for SSL/TLS clients is now REQUIRED.
4935 * Support for RSA_ALT contexts in the PK layer is now optional. Since is is
4939 * A minimum RSA key size of 2048 bits is now enforced during ceritificate
4941 * Negotiation of truncated HMAC is now disabled by default on server too.
4942 * The following functions are now case-sensitive:
4950 * The minimum MSVC version required is now 2010 (better C99 support).
4951 * The NET layer now unconditionnaly relies on getaddrinfo() and select().
4957 * The following functions now return void:
4969 * mbedtls_ctr_drbg_random() and mbedtls_hmac_drbg_random() are now
5000 speed and RAM (heap only for now) usage.
5053 * Adjusting/overriding CFLAGS and LDFLAGS with the make build system is now
5093 * Support for renegotiation can now be disabled at compile-time
5118 * ssl_get_verify_result() now works even if the handshake was aborted due
5131 * ssl_set_own_cert() now returns an error on key-certificate mismatch.
5133 * debug_print_buf() now prints a text view in addition to hexadecimal.
5134 * A specific error is now returned when there are ciphersuites in common
5137 * It is now possible to disable negotiation of truncated HMAC server-side
5139 * Example programs for SSL client and server now disable SSLv3 by default.
5140 * Example programs for SSL client and server now disable RC4 by default.
5176 * Ciphersuites using SHA-256 or SHA-384 now require TLS 1.x (there is no
5182 * ssl_read() now returns POLARSSL_ERR_NET_WANT_READ rather than
5184 * POLARSSL_MPI_MAX_SIZE now defaults to 1024 in order to allow 8192 bits
5201 * Blowfish in the cipher layer now supports variable length keys.
5216 * md_list() now returns hashes strongest first
5217 * Selection of hash for signing ServerKeyExchange in TLS 1.2 now picks
5219 * All public contexts have _init() and _free() functions now for simpler
5271 * AES-NI now compiles with "old" assemblers too
5272 * Ciphersuites based on RC4 now have the lowest priority by default
5284 * rsa_check_pubkey() now allows an E up to N
5305 * x509_crt_info() now prints information about parsed extensions as well
5306 * pk_verify() now returns a specific error code when the signature is valid
5354 * Entropy module now supports seed writing and reading
5359 now thread-safe if POLARSSL_THREADING_C defined
5414 * ssl_mail_client now terminates lines with CRLF, instead of LF
5441 * Curves are now stored fully in ROM
5448 * SSL now gracefully handles missing RNG
5470 * Padding checks in cipher layer are now constant-time
5471 * Value comparisons in SSL layer are now constant-time
5547 * Client and server now filter sent and accepted ciphersuites on minimum
5555 * x509_crt_verify() now case insensitive for cn (RFC 6125 6.4)
5617 * ssl_get_verify_result() now works even if the handshake was aborted due
5654 * ssl_read() now returns POLARSSL_ERR_NET_WANT_READ rather than
5660 * Entropy module now supports seed writing and reading
5687 * SSL now gracefully handles missing RNG
5697 * ssl_mail_client now terminates lines with CRLF, instead of LF
5714 * rsa_check_pubkey() now allows an E up to N
5739 * x509_verify() now case insensitive for cn (RFC 6125 6.4)
5775 * x509parse_crt() now better handles PEM error situations
5776 * ssl_parse_certificate() now calls x509parse_crt_der() directly
5779 * x509parse_crtpath() is now reentrant and uses more portable stat()
5793 * Default Blowfish keysize is now 128-bits
5817 * The SSL session cache module (ssl_cache) now also retains peer_cert
5868 * Depth that the certificate verify callback receives is now numbered
5933 * mpi_exp_mod() now correctly handles negative base numbers (Closes ticket
5939 * mpi_add_abs() now correctly handles adding short numbers to long numbers
5964 * x509parse_crt() now better handles PEM error situations
5965 * ssl_parse_certificate() now calls x509parse_crt_der() directly
5995 * mpi_add_abs() now correctly handles adding short numbers to long numbers
5999 * mpi_exp_mod() now correctly handles negative base numbers (Closes ticket
6067 So now there is a module that is controlled with POLARSSL_ASN1_PARSE_C.
6084 * All error codes are now negative. Even on mermory failures and IO errors.
6095 * If certificate serial is longer than 32 octets, serial number is now
6108 * The generic cipher and message digest layer now have normal error
6120 * Functions requiring File System functions can now be disabled
6133 * mpi_init() and mpi_free() now only accept a single MPI
6136 is now done with a PLUS instead of an OR as error codes
6139 net_recv() now returns 0 on EOF instead of
6144 * Network functions now return POLARSSL_ERR_NET_WANT_READ or
6158 * Debug print of MPI now removes leading zero octets and
6165 * Debug output of MPI's now the same independent of underlying
6177 are now supported as well (Fixes ticket #5)
6253 * rsa_check_private() now supports PKCS1v2 keys as well
6273 * X509 signature algorithm determination is now
6292 * Coverage test definitions now support 'depends_on'
6294 * Tests requiring specific hashing algorithms now honor
6365 * Undefining POLARSSL_HAVE_ASM now also handles prevents asm in
6475 * Ciphers used in SSL/TLS can now be disabled at compile