Lines Matching refs:this
69 key. In particular, this attacker model may be possible against an SGX
88 val.len > 0. This impacts applications that call this function directly,
123 non-default members of the union. The PSA core now ensures that this
131 this could happen on platforms where enum types are smaller than 32 bits
153 this function (see the entry in the Security section) will be detected and
176 `MBEDTLS_PSA_CRYPTO_CLIENT && !MBEDTLS_PSA_CRYPTO_C`, even though this
424 * Warn if mbedtls/check_config.h is included manually, as this can
426 manually, as this can lead to silently inconsistent configurations,
429 included check_config.h, remove this inclusion from the Mbed TLS 3.x
523 with PKCS#5 PBES2. Keys encrypted this way can now be parsed by PK parse.
587 Note that setting this option will cause input-output buffer overlap to
700 might have precise enough timing measurements to exploit this. It requires
728 Starting with this release, it is necessary to declare which curves are
762 been called. Previously (in 3.3), this was restricted to a few modules,
765 provided - these limitations are lifted in this version. A new set of
772 key exchanges based on ECDH(E) to work, this requires
811 used to enable this feature.
827 (useful for testing purposes), but this might change in the future.
854 using CPU-accelerated AES (e.g., Arm Crypto Extensions), this option
871 suggest. This did not affect any library code, because this macro was
873 This may affect application code that uses this macro.
875 review the size of the output buffer passed to this function, and note
887 timing. (Clang has been seen to do this.) Also introduce assembly
892 undefined. Mbed TLS itself was unaffected by this, but user code
894 release containing this bug was Mbed TLS 3.4.0.
911 the programs directory. Without this, even though the configuration
1004 this call accidentally applied a default padding mode chosen at compile
1046 contributing this feature, and to Demi-Marie Obenour for contributing
1077 and TLS to fully work, this requires MBEDTLS_USE_PSA_CRYPTO to be enabled.
1088 be used to enable this feature. Run-time detection is supported
1142 an ECC public key. Reject this properly.
1216 As tested in issue 6790, the correlation between this define and
1262 are supported in this implementation.
1403 not processed correctly by some bignum operations. Fix this. This had no
1439 for IV lengths other than 12. The library was silently overwriting this
1531 MBEDTLS_SSL_SRV_C configuration options control this.
1624 pointer dereference. Fix this. Fixes #3998.
1651 when MBEDTLS_SSL_PROTO_TLS1_3 is specified, and make this and other
1685 driver descriptions. For the time being, to customize this file,
1789 on Linux. Fix this. Fixes #4774.
1805 where this function cannot fail, or full-module replacements with
1877 from this module will be included in the build as required. Currently
1878 most of the interface of this module is private and may change at any
1975 was unclear on this point, and this function happened to never do
1979 instead of computing tables in runtime. Thus, this option now increase
2003 parameter, this parameter is now mandatory (that is, NULL is not an
2023 other than raw PKCS#1 v1.5, this must match the output size of the
2053 bear this in mind and do not add them to backported code.
2126 * Remove MBEDTLS_ECDH_LEGACY_CONTEXT config option since this was purely for
2237 where these are already defined, this can result in a compilation
2280 A=0 represented with 0 limbs. Up to and including Mbed TLS 2.26, this bug
2324 when their input has length 0. Note that this is an implementation detail
2325 and can change at any time, so this change should be transparent, but it
2377 this choice by setting MBEDTLS_PSA_HMAC_DRBG_MD_TYPE at compile time.
2413 all calls inside the library were safe since this function is
2448 include this extension in all CA certificates that contain public keys
2450 extension as critical in such certificates." Previous to this change,
2502 external CMake projects that include this one to avoid CMake target name
2503 clashes. The default value of this variable is "", so default target names
2543 Many thanks to guidovranken who found this issue via differential fuzzing
2607 until this property was inadvertently broken in Mbed TLS 2.19.0.
2610 option on. In this configuration key management methods that are required
2659 getting a certificate for the corresponding IPv4 or IPv6 (this would
2679 if they have access to fine-grained measurements. In particular, this
2799 behavior, so this is unlikely to be exploitable anywhere. #3192
2855 coutermeasures. If side channels are not a concern, this dependency can
3010 key derivation function, use a buffer instead (this is now always
3039 cause functions to return this error code rather than a success. There are
3040 no known instances where this changes the behavior of the library: this is
3078 implement blinding. Because of this for the same key and message the same
3292 API stability). Disabling this option makes mbedtls_ssl_get_peer_cert()
3303 latter case, this could expose at most 5 bits of the private key.
3344 Previously, this could lead to functionally incorrect assembly being
3437 attack. In TLS, this affects servers that accept ciphersuites based on
3472 space and a PSK-(EC)DHE ciphersuite was used, this allowed an attacker
3504 an error if this was not possible. Now the salt size may be up to two bytes
3590 MBEDTLS_PLATFORM_GMTIME_R_ALT. At this stage Mbed TLS is only able to
3616 The maximum amount of RAM used for this can be controlled by the
3671 this recovery by sending many messages in the same connection. With TLS
3789 versions later than 3.6. Versions of Clang earlier than this may no longer
3800 functionality shared by multiple Mbed TLS modules. At this stage
3882 to make progress. Previously, this error code was also occasionally
3949 compliant implementations, but this breaks interoperability with
3987 In the context of SSL, this resulted in handshake failure. Reported by
4045 latter overflows. The exploitability of this issue depends on whether the
4193 Note, this padding mode is not used by the TLS protocol. Found and fixed by
4217 new ones with return codes. In particular, this modifies the
4735 callbacks set with mbedtls_ssl_conf_dtls_cookies()), this will be
4821 should generally be the first function called on this context after init:
4936 enabled in the default configuration, this is only noticeable if using a
5057 performance impact was bad for some users (this was introduced in 1.3.10).
5592 this will be made in the 1.2 branch at this point.
6048 data and pointers again. Adapted ssl_server to use this functionality.
6311 this is mind when checking for errors.
6478 havege_struct for this processor, thanks to David Patiño