Lines Matching refs:used
24 AES to be used for some time when the program starts. This could allow
56 keys, which could be used by an attacker capable of feeding encrypted
150 * Zeroize a temporary heap buffer used in psa_key_derivation_output_key()
152 * Zeroize temporary heap buffers used in PSA operations.
163 * Fix invalid JSON schemas for driver descriptions used by
171 * Fix missing constraints on the AES-NI inline assembly which is used on
410 be used, but are deprecated.
411 * In the PSA API, domain parameters are no longer used for anything.
423 mbedtls_pk_import_into_psa() can be used to import a PK key into PSA,
424 while mbedtls_pk_setup_opaque() can be used to wrap a PSA key into a opaque
498 mbedtls_ecp_write_key(), but can be used without separately calculating
509 used as random number generator function (f_rng) and context (p_rng) in
723 feature macros, MBEDTLS_MD_CAN_xxx, has been introduced that can be used
768 used to enable this feature.
829 only used in relation with CMAC which does not support these ciphers.
850 which used MBEDTLS_MD_MAX_BLOCK_SIZE could be affected. The only
894 * Fix crypt_and_hash decryption fail when used with a stream cipher
1045 be used to enable this feature. Run-time detection is supported
1078 implementation as a fallback for when the assembly one cannot be used.
1098 used on a shared secret from a key agreement since its input must be
1157 the behaviour without it, where deterministic ECDSA was already used.
1163 hex. They cannot be used simultaneously
1164 - "serial" is used for the decimal format and it's limted in size to
1166 - "serial_hex" is used for the hex format; max length here is
1243 (LMS_SHA256_M32_H10), meaning that each private key can be used to sign
1248 required for LMS. This can be used independently, but each key can only
1249 be used to sign one message so is impractical for most circumstances.
1281 calculation that can be used to derive the session secret in TLS 1.2,
1292 victim performing a single private-key operation if the window size used
1434 information that was used to set up a message digest context.
1496 Opaque keys can now be used everywhere a private key is expected in the
1500 previously only worked for "pure" PSK key exchange, now can also be used
1511 * Zeroize dynamically-allocated buffers used by the PSA Crypto key storage
1557 enabled and an ECDHE-ECDSA or ECDHE-RSA key exchange was used, the
1564 * Fix unit tests that used 0 as the file UID. This failed on some
1723 * Zeroize several intermediate variables used to calculate the expected
1788 all algorithms that can be used with psa_{sign,verify}_hash(), including
1829 * Indicate in the error returned if the nonce length used with
1867 were not meant to be used in application code have been moved out of
1879 key type used, as well as the key bit-size in the case of
1883 as well as other functions and constants only used by
1914 * The getter and setter API of the SSL session cache (used for
2148 learn partial information about the leading bits of the nonce used for the
2193 defined to specific values. If the code is used in a context
2247 can now only be used as intended, for keys that cannot be modified through
2255 unsupported extension used by the server.
2273 should be used.
2297 used by the Mbed TLS release whose MBEDTLS_VERSION_NUMBER has the same
2333 CTR_DRBG is used by default if it is available, but you can override
2363 security strength, but the code incorrectly used a constant instead of
2406 used to validate digital signatures on certificates and MUST mark the
2458 mbedcrypto, mbedx509 and apidoc CMake target names. This can be used by
2478 size of the output buffer when used with NIST_KW. As a result, code using
2502 * Zeroising of local buffers and variables which are used for calculations
2533 agreement and subsequent key derivation operation to be used as a key
2730 reveal an RSA private key used in a secure enclave. Noticed by Sangho Lee,
2743 hardware accelerators were used (using one of the MBEDTLS_SHAxxx_ALT
2935 these variables can be used to recover the last round key. To follow best
2948 learn leading bits of the ephemeral key used during ECDSA signatures and to
3047 feature can be used alongside Connection ID and SSL context serialisation.
3160 and the used tls-prf.
3174 to the DTLS record header. This identifier can be used to associated an
3183 and the used tls-prf.
3194 used with negative inputs. Found by Guido Vranken in #2404. Credit to
3197 either used both encrypt and decrypt key schedules, or which perform padding.
3205 in case operators binding less strongly than subtraction were used
3216 This certificate is used in the demo server programs, which lead the
3294 * Add support for alternative CSR headers, as used by Microsoft and defined
3382 the PSA Crypto API from Mbed Crypto when additionally used with the
3429 space and a PSK-(EC)DHE ciphersuite was used, this allowed an attacker
3446 some configurable amount of operations. This is intended to be used in
3457 MPI multiplications used in ECC and RSA cryptography. Contributed by
3460 signature always used a salt with the same length as the hash, and returned
3501 * Zeroize memory used for buffering or reassembling handshake messages
3505 * Change the default string format used for various X.509 DN attributes to
3529 created which used PrintableStrings in the issuer field even though the
3530 signing CA used UTF8Strings in its subject field; while X.509 compliant,
3573 The maximum amount of RAM used for this can be controlled by the
3588 * Add ecc extensions only if an ecc based ciphersuite is used.
3629 or if mbedtls_ssl_conf_dtls_badmac_limit() was used, the attack only
3642 mbedtls_ssl_conf_dtls_badmac_limit() was used, the attack only worked if
3696 CBC based ciphersuite is used together with Encrypt-then-MAC. Previously,
3738 used by user applications. Found and fixed by Fabio Alessandrelli.
3745 * Changed the Clang parameters used in the CMake build files to work for
3793 offer or a ciphersuite that cannot be used with the TLS or DTLS version
3814 underlying transport in case event-driven IO is used.
3843 I/O was used. Found and reported by Hubert Mis in #772.
3942 * Fix mbedtls_x509_crt_profile_suiteb, which used to reject all certificates
3958 * Log correct number of ciphersuites used in Client Hello message. #918
3985 extension. When the truncated HMAC extension is enabled and CBC is used,
3986 sending a malicious application packet could be used to selectively corrupt
4062 * The configuration option MBEDTLS_RSA_ALT can be used to define alternative
4109 * Fix variable used before assignment compilation warnings with IAR
4150 Note, this padding mode is not used by the TLS protocol. Found and fixed by
4168 used. Reported and fix proposed independently by satur9nine and sliai
4405 * Fixed the templates used to generate project and solution files for Visual
4458 when GCM is used. Found by udf2457. #441
4558 allocate memory. Only used for certificate generation, not triggerable
4633 once in the same handhake and mbedtls_ssl_conf_psk() was used.
4636 * Fix stack buffer overflow in pkcs12 decryption (used by
4723 be always used (found by dcb314) (#235)
4793 * The following functions have been introduced and must be used in callback
4802 * On server, mbedtls_ssl_conf_session_tickets_cb() must now be used in
4837 * calloc() is now used instead of malloc() everywhere. API of platform
4872 argument (allowing memory savings if HMAC is not used)
4970 * Fix memory leak when gcm_setkey() and ccm_setkey() are used more than
4988 * Fix hardclock() (only used in the benchmarking program) with some
5011 more flexible (warning: OFLAGS is not used any more) (see the README)
5290 * oid_get_numeric_string() used to truncate the output without returning an
5344 * Bignum's MIPS-32 assembly was used on MIPS-64, causing chaos. (Found by
5541 * Fix hardclock() (only used in the benchmarking program) with some
5659 * Bignum's MIPS-32 assembly was used on MIPS-64, causing chaos. (Found by
6033 * Changed the used random function pointer to more flexible format. Renamed
6049 standard 1 byte version sometimes used by Microsoft. (Closes ticket #38)
6094 used are negative.
6432 * Ciphers used in SSL/TLS can now be disabled at compile