Lines Matching refs:used
26 used, by the non-secure side abusing timer interrupts (M-Step), and
67 AES to be used for some time when the program starts. This could allow
99 keys, which could be used by an attacker capable of feeding encrypted
193 * Zeroize a temporary heap buffer used in psa_key_derivation_output_key()
195 * Zeroize temporary heap buffers used in PSA operations.
206 * Fix invalid JSON schemas for driver descriptions used by
214 * Fix missing constraints on the AES-NI inline assembly which is used on
453 be used, but are deprecated.
454 * In the PSA API, domain parameters are no longer used for anything.
466 mbedtls_pk_import_into_psa() can be used to import a PK key into PSA,
467 while mbedtls_pk_setup_opaque() can be used to wrap a PSA key into a opaque
541 mbedtls_ecp_write_key(), but can be used without separately calculating
552 used as random number generator function (f_rng) and context (p_rng) in
766 feature macros, MBEDTLS_MD_CAN_xxx, has been introduced that can be used
811 used to enable this feature.
872 only used in relation with CMAC which does not support these ciphers.
893 which used MBEDTLS_MD_MAX_BLOCK_SIZE could be affected. The only
937 * Fix crypt_and_hash decryption fail when used with a stream cipher
1088 be used to enable this feature. Run-time detection is supported
1121 implementation as a fallback for when the assembly one cannot be used.
1141 used on a shared secret from a key agreement since its input must be
1200 the behaviour without it, where deterministic ECDSA was already used.
1206 hex. They cannot be used simultaneously
1207 - "serial" is used for the decimal format and it's limted in size to
1209 - "serial_hex" is used for the hex format; max length here is
1286 (LMS_SHA256_M32_H10), meaning that each private key can be used to sign
1291 required for LMS. This can be used independently, but each key can only
1292 be used to sign one message so is impractical for most circumstances.
1324 calculation that can be used to derive the session secret in TLS 1.2,
1335 victim performing a single private-key operation if the window size used
1477 information that was used to set up a message digest context.
1539 Opaque keys can now be used everywhere a private key is expected in the
1543 previously only worked for "pure" PSK key exchange, now can also be used
1554 * Zeroize dynamically-allocated buffers used by the PSA Crypto key storage
1600 enabled and an ECDHE-ECDSA or ECDHE-RSA key exchange was used, the
1607 * Fix unit tests that used 0 as the file UID. This failed on some
1766 * Zeroize several intermediate variables used to calculate the expected
1831 all algorithms that can be used with psa_{sign,verify}_hash(), including
1872 * Indicate in the error returned if the nonce length used with
1910 were not meant to be used in application code have been moved out of
1922 key type used, as well as the key bit-size in the case of
1926 as well as other functions and constants only used by
1957 * The getter and setter API of the SSL session cache (used for
2191 learn partial information about the leading bits of the nonce used for the
2236 defined to specific values. If the code is used in a context
2290 can now only be used as intended, for keys that cannot be modified through
2298 unsupported extension used by the server.
2316 should be used.
2340 used by the Mbed TLS release whose MBEDTLS_VERSION_NUMBER has the same
2376 CTR_DRBG is used by default if it is available, but you can override
2406 security strength, but the code incorrectly used a constant instead of
2449 used to validate digital signatures on certificates and MUST mark the
2501 mbedcrypto, mbedx509 and apidoc CMake target names. This can be used by
2521 size of the output buffer when used with NIST_KW. As a result, code using
2545 * Zeroising of local buffers and variables which are used for calculations
2576 agreement and subsequent key derivation operation to be used as a key
2773 reveal an RSA private key used in a secure enclave. Noticed by Sangho Lee,
2786 hardware accelerators were used (using one of the MBEDTLS_SHAxxx_ALT
2978 these variables can be used to recover the last round key. To follow best
2991 learn leading bits of the ephemeral key used during ECDSA signatures and to
3090 feature can be used alongside Connection ID and SSL context serialisation.
3203 and the used tls-prf.
3217 to the DTLS record header. This identifier can be used to associated an
3226 and the used tls-prf.
3237 used with negative inputs. Found by Guido Vranken in #2404. Credit to
3240 either used both encrypt and decrypt key schedules, or which perform padding.
3248 in case operators binding less strongly than subtraction were used
3259 This certificate is used in the demo server programs, which lead the
3337 * Add support for alternative CSR headers, as used by Microsoft and defined
3425 the PSA Crypto API from Mbed Crypto when additionally used with the
3472 space and a PSK-(EC)DHE ciphersuite was used, this allowed an attacker
3489 some configurable amount of operations. This is intended to be used in
3500 MPI multiplications used in ECC and RSA cryptography. Contributed by
3503 signature always used a salt with the same length as the hash, and returned
3544 * Zeroize memory used for buffering or reassembling handshake messages
3548 * Change the default string format used for various X.509 DN attributes to
3572 created which used PrintableStrings in the issuer field even though the
3573 signing CA used UTF8Strings in its subject field; while X.509 compliant,
3616 The maximum amount of RAM used for this can be controlled by the
3631 * Add ecc extensions only if an ecc based ciphersuite is used.
3672 or if mbedtls_ssl_conf_dtls_badmac_limit() was used, the attack only
3685 mbedtls_ssl_conf_dtls_badmac_limit() was used, the attack only worked if
3739 CBC based ciphersuite is used together with Encrypt-then-MAC. Previously,
3781 used by user applications. Found and fixed by Fabio Alessandrelli.
3788 * Changed the Clang parameters used in the CMake build files to work for
3836 offer or a ciphersuite that cannot be used with the TLS or DTLS version
3857 underlying transport in case event-driven IO is used.
3886 I/O was used. Found and reported by Hubert Mis in #772.
3985 * Fix mbedtls_x509_crt_profile_suiteb, which used to reject all certificates
4001 * Log correct number of ciphersuites used in Client Hello message. #918
4028 extension. When the truncated HMAC extension is enabled and CBC is used,
4029 sending a malicious application packet could be used to selectively corrupt
4105 * The configuration option MBEDTLS_RSA_ALT can be used to define alternative
4152 * Fix variable used before assignment compilation warnings with IAR
4193 Note, this padding mode is not used by the TLS protocol. Found and fixed by
4211 used. Reported and fix proposed independently by satur9nine and sliai
4448 * Fixed the templates used to generate project and solution files for Visual
4501 when GCM is used. Found by udf2457. #441
4601 allocate memory. Only used for certificate generation, not triggerable
4676 once in the same handhake and mbedtls_ssl_conf_psk() was used.
4679 * Fix stack buffer overflow in pkcs12 decryption (used by
4766 be always used (found by dcb314) (#235)
4836 * The following functions have been introduced and must be used in callback
4845 * On server, mbedtls_ssl_conf_session_tickets_cb() must now be used in
4880 * calloc() is now used instead of malloc() everywhere. API of platform
4915 argument (allowing memory savings if HMAC is not used)
5013 * Fix memory leak when gcm_setkey() and ccm_setkey() are used more than
5031 * Fix hardclock() (only used in the benchmarking program) with some
5054 more flexible (warning: OFLAGS is not used any more) (see the README)
5333 * oid_get_numeric_string() used to truncate the output without returning an
5387 * Bignum's MIPS-32 assembly was used on MIPS-64, causing chaos. (Found by
5584 * Fix hardclock() (only used in the benchmarking program) with some
5702 * Bignum's MIPS-32 assembly was used on MIPS-64, causing chaos. (Found by
6076 * Changed the used random function pointer to more flexible format. Renamed
6092 standard 1 byte version sometimes used by Microsoft. (Closes ticket #38)
6137 used are negative.
6475 * Ciphers used in SSL/TLS can now be disabled at compile