Lines Matching refs:which
42 Previously the output was negative when B = 0 and A < 0, which was not
49 * Add the function mbedtls_ssl_export_keying_material() which allows the
59 * Fix a vulnerability in LMS verification through which an adversary could
65 available in hardware, an adversary with fine control over which
71 The same vulnerability affects GCM acceleration, which could allow
99 keys, which could be used by an attacker capable of feeding encrypted
104 which would allow an attacker who can request decryption of arbitrary
129 * Fix a sloppy check in LMS public key import, which could lead to accepting
170 * Added new configuration option MBEDTLS_PSA_STATIC_KEY_SLOTS, which
178 PSA Crypto provider library which:
214 * Fix missing constraints on the AES-NI inline assembly which is used on
228 * Remove Everest Visual Studio 2010 compatibility headers, which could
237 computes the public key (which was immediately discarded). Fixes #9732.
476 * Add new mbedtls_x509_csr_parse_der_with_ext_cb() routine which allows
617 which mainly causes failures when building Windows target using
704 * Fix a failure to validate input when writing x509 extensions lengths which
713 license. Users may choose which license they take the code under.
728 Starting with this release, it is necessary to declare which curves are
764 entropy module was not covered which meant an external RNG had to be
856 CPU feature, which reduces code size and avoids the vulnerability of the
872 only used in relation with CMAC which does not support these ciphers.
878 which checks for overflow of the output buffer and reports the actual
883 time code, which could allow a padding oracle attack if the attacker
886 conditional instructions, which can have an observable difference in
888 implementations for 32- and 64-bit Arm and for x86 and x86-64, which are
890 * Fix definition of MBEDTLS_MD_MAX_BLOCK_SIZE, which was too
893 which used MBEDTLS_MD_MAX_BLOCK_SIZE could be affected. The only
940 * Fix a bug in which mbedtls_x509_string_to_names() would return success
942 * Fix compilation warnings in aes.c, which prevented the
1115 attacks. This is configured by MBEDTLS_AESCE_C, which is on by default.
1117 * MBEDTLS_AESNI_C, which is enabled by default, was silently ignored on
1124 * Fix possible integer overflow in mbedtls_timing_hardclock(), which
1150 * Fix behavior of certain sample programs which could, when run with no
1151 arguments, access uninitialized memory in some cases. Fixes #6700 (which
1158 possible to verify RSA PSS signatures with the pk module, which was
1170 descriptions, which started appearing with Clang 15. Fixes #6960.
1188 enabled, which required specifying compiler flags enabling SHA3 Crypto
1190 modules, which would then fail if run on a CPU without the SHA3
1232 RFC 9146, which is not interoperable with the draft-05 version.
1290 * Add the LM-OTS post-quantum-safe one-time signature scheme, which is
1394 * Fix a bug in which mbedtls_x509_crt_info() would produce non-printable
1402 with A > 0 created an unintended representation of the value 0 which was
1425 * Calling AEAD tag-specific functions for non-AEAD algorithms (which
1470 a piece of user data which is reserved for the application. The user
1491 * Add mbedtls_pk_sign_ext() which allows generating RSA-PSS signatures when
1534 * The configuration option MBEDTLS_USE_PSA_CRYPTO, which previously
1542 mbedtls_ssl_conf_psk_opaque() or mbedtls_ssl_set_hs_psk_opaque(), which
1549 and hmac_demo.c, which use PSA and the md/cipher interfaces side
1669 which have been broken, resulting in compilation errors, since Mbed TLS
1679 * Removed the prompt to exit from all windows build programs, which was causing
1729 which had been unmaintained since 2018.
1906 which have also been renamed to ecp_internal_alt.h and rsa_alt_helpers.h
1924 * Add configuration option MBEDTLS_X509_REMOVE_INFO which
1930 and `MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH` which are never
1972 which allows to mark an extension as critical. Fixes #4055.
1977 possible to skip calling it, which is no longer supported.
1995 * Instead of accessing the len field of a DHM context, which is no longer
1999 function mbedtls_xxx_ret() which was identical except for returning int
2004 acceptable value). Functions which previously accepted NULL and now
2041 * Enable by default the functionalities which have no reason to be disabled.
2066 compile-time option, which was off by default. Users should not trust
2102 ciphersuites per version, which are no longer relevant. This removes the
2122 MBEDTLS_REMOVE_3DES_CIPHERSUITES option which is no longer relevant.
2127 backward compatibility which is no longer supported. Addresses #4404.
2181 directly, which is no longer supported.
2208 * Fix premature fopen() call in mbedtls_entropy_write_seed_file which may
2224 unintended representation of the value 0 which was not processed
2257 * Fix a regression introduced in 2.24.0 which broke (D)TLS CBC ciphersuites
2293 in all the right places. Include it from crypto_platform.h, which is
2295 * Fix which alert is sent in some cases to conform to the
2308 * Remove the AES sample application programs/aes/aescrypt2 which shows
2310 * Remove configs/config-psa-crypto.h, which no longer had any intended
2313 python2, which is no longer supported upstream.
2343 * Various changes to which alert and/or error code may be returned
2447 consistent with RFC 5280 4.2.1.9 which says: "Conforming CAs MUST
2500 * Add MBEDTLS_TARGET_PREFIX CMake variable, which is prefixed to the mbedtls,
2529 which is how most uses of randomization in asymmetric cryptography
2533 obtain entropy, or due to an internal failure (which, for Mbed TLS's own
2545 * Zeroising of local buffers and variables which are used for calculations
2582 CCM, which allowed encryption with a non-standard length field.
2606 the buffer back, which was the case for mbedtls_x509write_{crt,csr}_pem
2722 * Reduce the stack consumption of mbedtls_x509write_csr_der() which
2733 example applications which allows to provide a password for the key file
2736 ssl_server2 only, add the command line parameter key_pwd2 which allows to
2754 which constructs a string for any error code, including compound
2760 * Add new mbedtls_x509_crt_parse_der_with_ext_cb() routine which allows
2870 mbedtls_ssl_get_input_max_frag_len() to be more precise about which max
2879 (which it is by default).
2917 library which allows TLS authentication to use keys stored in a
2940 specification version 1.0.0. The main change which may break some
2973 entropy module formerly only grabbed 32 bytes, which is good enough for
3034 structures, which was exposed only in an internal header.
3074 as an ASN.1 INTEGER, which caused the size of the key to leak
3110 list all curves for which at least one of ECDH or ECDSA is supported, not
3111 just curves for which both are supported. Call mbedtls_ecdsa_can_do() or
3160 functionally incorrect code on bigendian systems which don't have
3165 * Make it easier to define MBEDTLS_PARAM_FAILED as assert (which config.h
3178 code and tests are now only available via Mbed Crypto, which
3239 * Fix bugs in the AEAD test suite which would be exposed by ciphers which
3240 either used both encrypt and decrypt key schedules, or which perform padding.
3259 This certificate is used in the demo server programs, which lead the
3277 which allows copy-less parsing of DER encoded X.509 CRTs,
3294 mbedtls_ssl_session structure which otherwise stores the peer's
3301 interpreted according to the second group, which could lead to either
3310 * Reduce the stack consumption of mbedtls_mpi_fill_random() which could
3313 in the header files, which missed the precompilation check. #971
3352 * Re-enable certain interoperability tests in ssl-opt.sh which had previously
3365 function to see for which parameter values it is defined. This feature is
3388 that it is now optional with the MBEDTLS_CHECK_PARAMS flag which by default
3389 is off. That means that checks which were previously present by default
3397 * Fix for Clang, which was reporting a warning for the bignum.c inline
3407 programs/pkey/gen_key which previously led to compilation failure
3525 mbedtls_mpi_is_prime_ext() which allows specifying the number of
3533 * Fix a bug in the update function for SSL ticket keys which previously
3538 which lead to accepting properly authenticated but improperly
3553 * Fix compilation failure for configurations which use compile time
3571 string format (mostly PrintableString), which could lead to CRTs being
3572 created which used PrintableStrings in the issuer field even though the
3600 * Fix an issue in the X.509 module which could lead to a buffer overread
3627 * Fixes an issue with MBEDTLS_CHACHAPOLY_C which would not compile if
3708 buffer, which can save some RAM. If buffer lengths are kept equal, there
3715 * Fix the key_app_writer example which was writing a leading zero byte which
3738 * Fix decryption for zero length messages (which contain all padding) when a
3802 mbedtls_platform_zeroize(), which is a critical function from a security
3810 * Fix an issue with MicroBlaze support in bn_mul.h which was causing the
3821 * Fix an issue in the X.509 module which could lead to a buffer overread
3829 function which led to an arbitrary overread of the message buffer. The
3835 which could potentially lead to the client accepting a ciphersuite it didn't
3873 unable to parse keys which had only the optional parameters field of the
3888 function which leads to a potential one byte overread of the message
3985 * Fix mbedtls_x509_crt_profile_suiteb, which used to reject all certificates
4030 6 bytes on the peer's heap, which could potentially lead to crash or remote
4034 for the key size, which could potentially lead to crash or remote code
4485 scripts, which is also now called by all.sh.
4502 * Fix for key exchanges based on ECDH-RSA or ECDH-ECDSA which weren't
4541 naming collision in projects which also have files with the common name
4582 * Fix issue in ssl_fork_server which was preventing it from functioning. #429
4801 which algorithms and key sizes (curves for ECDSA) are acceptable.
5070 (only possible if POLARSSL_MEMORY_BUFFER_ALLOC_C is enabled, which it is
5327 * Fixed type which made POLARSSL_ENTROPY_FORCE_SHA256 uneffective (found by
5329 * Fix #include path in ecdsa.h which wasn't accepted by some compilers.
5340 * EC curves constants, which should be only in ROM since 1.3.3, were also
6174 This release replaces version 0.99-pre2 which had possible copyright issues.
6404 * Fixed a memory leak in x509parse_crt() which was reported by Greg
6407 * Fixed x509_get_ext() to accept some rare certificates which have
6421 for which the RSA signature check fails (bug reported by Benoit)
6437 message digests, which fixes IE6/IE7 client authentication
6460 * Fixed a bug in ssl_tls.c which sometimes prevented SSL