Lines Matching refs:this
26 key. In particular, this attacker model may be possible against an SGX
45 val.len > 0. This impacts applications that call this function directly,
80 non-default members of the union. The PSA core now ensures that this
88 this could happen on platforms where enum types are smaller than 32 bits
110 this function (see the entry in the Security section) will be detected and
133 `MBEDTLS_PSA_CRYPTO_CLIENT && !MBEDTLS_PSA_CRYPTO_C`, even though this
381 * Warn if mbedtls/check_config.h is included manually, as this can
383 manually, as this can lead to silently inconsistent configurations,
386 included check_config.h, remove this inclusion from the Mbed TLS 3.x
480 with PKCS#5 PBES2. Keys encrypted this way can now be parsed by PK parse.
544 Note that setting this option will cause input-output buffer overlap to
657 might have precise enough timing measurements to exploit this. It requires
685 Starting with this release, it is necessary to declare which curves are
719 been called. Previously (in 3.3), this was restricted to a few modules,
722 provided - these limitations are lifted in this version. A new set of
729 key exchanges based on ECDH(E) to work, this requires
768 used to enable this feature.
784 (useful for testing purposes), but this might change in the future.
811 using CPU-accelerated AES (e.g., Arm Crypto Extensions), this option
828 suggest. This did not affect any library code, because this macro was
830 This may affect application code that uses this macro.
832 review the size of the output buffer passed to this function, and note
844 timing. (Clang has been seen to do this.) Also introduce assembly
849 undefined. Mbed TLS itself was unaffected by this, but user code
851 release containing this bug was Mbed TLS 3.4.0.
868 the programs directory. Without this, even though the configuration
961 this call accidentally applied a default padding mode chosen at compile
1003 contributing this feature, and to Demi-Marie Obenour for contributing
1034 and TLS to fully work, this requires MBEDTLS_USE_PSA_CRYPTO to be enabled.
1045 be used to enable this feature. Run-time detection is supported
1099 an ECC public key. Reject this properly.
1173 As tested in issue 6790, the correlation between this define and
1219 are supported in this implementation.
1360 not processed correctly by some bignum operations. Fix this. This had no
1396 for IV lengths other than 12. The library was silently overwriting this
1488 MBEDTLS_SSL_SRV_C configuration options control this.
1581 pointer dereference. Fix this. Fixes #3998.
1608 when MBEDTLS_SSL_PROTO_TLS1_3 is specified, and make this and other
1642 driver descriptions. For the time being, to customize this file,
1746 on Linux. Fix this. Fixes #4774.
1762 where this function cannot fail, or full-module replacements with
1834 from this module will be included in the build as required. Currently
1835 most of the interface of this module is private and may change at any
1932 was unclear on this point, and this function happened to never do
1936 instead of computing tables in runtime. Thus, this option now increase
1960 parameter, this parameter is now mandatory (that is, NULL is not an
1980 other than raw PKCS#1 v1.5, this must match the output size of the
2010 bear this in mind and do not add them to backported code.
2083 * Remove MBEDTLS_ECDH_LEGACY_CONTEXT config option since this was purely for
2194 where these are already defined, this can result in a compilation
2237 A=0 represented with 0 limbs. Up to and including Mbed TLS 2.26, this bug
2281 when their input has length 0. Note that this is an implementation detail
2282 and can change at any time, so this change should be transparent, but it
2334 this choice by setting MBEDTLS_PSA_HMAC_DRBG_MD_TYPE at compile time.
2370 all calls inside the library were safe since this function is
2405 include this extension in all CA certificates that contain public keys
2407 extension as critical in such certificates." Previous to this change,
2459 external CMake projects that include this one to avoid CMake target name
2460 clashes. The default value of this variable is "", so default target names
2500 Many thanks to guidovranken who found this issue via differential fuzzing
2564 until this property was inadvertently broken in Mbed TLS 2.19.0.
2567 option on. In this configuration key management methods that are required
2616 getting a certificate for the corresponding IPv4 or IPv6 (this would
2636 if they have access to fine-grained measurements. In particular, this
2756 behavior, so this is unlikely to be exploitable anywhere. #3192
2812 coutermeasures. If side channels are not a concern, this dependency can
2967 key derivation function, use a buffer instead (this is now always
2996 cause functions to return this error code rather than a success. There are
2997 no known instances where this changes the behavior of the library: this is
3035 implement blinding. Because of this for the same key and message the same
3249 API stability). Disabling this option makes mbedtls_ssl_get_peer_cert()
3260 latter case, this could expose at most 5 bits of the private key.
3301 Previously, this could lead to functionally incorrect assembly being
3394 attack. In TLS, this affects servers that accept ciphersuites based on
3429 space and a PSK-(EC)DHE ciphersuite was used, this allowed an attacker
3461 an error if this was not possible. Now the salt size may be up to two bytes
3547 MBEDTLS_PLATFORM_GMTIME_R_ALT. At this stage Mbed TLS is only able to
3573 The maximum amount of RAM used for this can be controlled by the
3628 this recovery by sending many messages in the same connection. With TLS
3746 versions later than 3.6. Versions of Clang earlier than this may no longer
3757 functionality shared by multiple Mbed TLS modules. At this stage
3839 to make progress. Previously, this error code was also occasionally
3906 compliant implementations, but this breaks interoperability with
3944 In the context of SSL, this resulted in handshake failure. Reported by
4002 latter overflows. The exploitability of this issue depends on whether the
4150 Note, this padding mode is not used by the TLS protocol. Found and fixed by
4174 new ones with return codes. In particular, this modifies the
4692 callbacks set with mbedtls_ssl_conf_dtls_cookies()), this will be
4778 should generally be the first function called on this context after init:
4893 enabled in the default configuration, this is only noticeable if using a
5014 performance impact was bad for some users (this was introduced in 1.3.10).
5549 this will be made in the 1.2 branch at this point.
6005 data and pointers again. Adapted ssl_server to use this functionality.
6268 this is mind when checking for errors.
6435 havege_struct for this processor, thanks to David Patiño