Lines Matching refs:which
6 * Add the function mbedtls_ssl_export_keying_material() which allows the
16 * Fix a vulnerability in LMS verification through which an adversary could
22 available in hardware, an adversary with fine control over which
28 The same vulnerability affects GCM acceleration, which could allow
56 keys, which could be used by an attacker capable of feeding encrypted
61 which would allow an attacker who can request decryption of arbitrary
86 * Fix a sloppy check in LMS public key import, which could lead to accepting
127 * Added new configuration option MBEDTLS_PSA_STATIC_KEY_SLOTS, which
135 PSA Crypto provider library which:
171 * Fix missing constraints on the AES-NI inline assembly which is used on
185 * Remove Everest Visual Studio 2010 compatibility headers, which could
194 computes the public key (which was immediately discarded). Fixes #9732.
433 * Add new mbedtls_x509_csr_parse_der_with_ext_cb() routine which allows
574 which mainly causes failures when building Windows target using
661 * Fix a failure to validate input when writing x509 extensions lengths which
670 license. Users may choose which license they take the code under.
685 Starting with this release, it is necessary to declare which curves are
721 entropy module was not covered which meant an external RNG had to be
813 CPU feature, which reduces code size and avoids the vulnerability of the
829 only used in relation with CMAC which does not support these ciphers.
835 which checks for overflow of the output buffer and reports the actual
840 time code, which could allow a padding oracle attack if the attacker
843 conditional instructions, which can have an observable difference in
845 implementations for 32- and 64-bit Arm and for x86 and x86-64, which are
847 * Fix definition of MBEDTLS_MD_MAX_BLOCK_SIZE, which was too
850 which used MBEDTLS_MD_MAX_BLOCK_SIZE could be affected. The only
897 * Fix a bug in which mbedtls_x509_string_to_names() would return success
899 * Fix compilation warnings in aes.c, which prevented the
1072 attacks. This is configured by MBEDTLS_AESCE_C, which is on by default.
1074 * MBEDTLS_AESNI_C, which is enabled by default, was silently ignored on
1081 * Fix possible integer overflow in mbedtls_timing_hardclock(), which
1107 * Fix behavior of certain sample programs which could, when run with no
1108 arguments, access uninitialized memory in some cases. Fixes #6700 (which
1115 possible to verify RSA PSS signatures with the pk module, which was
1127 descriptions, which started appearing with Clang 15. Fixes #6960.
1145 enabled, which required specifying compiler flags enabling SHA3 Crypto
1147 modules, which would then fail if run on a CPU without the SHA3
1189 RFC 9146, which is not interoperable with the draft-05 version.
1247 * Add the LM-OTS post-quantum-safe one-time signature scheme, which is
1351 * Fix a bug in which mbedtls_x509_crt_info() would produce non-printable
1359 with A > 0 created an unintended representation of the value 0 which was
1382 * Calling AEAD tag-specific functions for non-AEAD algorithms (which
1427 a piece of user data which is reserved for the application. The user
1448 * Add mbedtls_pk_sign_ext() which allows generating RSA-PSS signatures when
1491 * The configuration option MBEDTLS_USE_PSA_CRYPTO, which previously
1499 mbedtls_ssl_conf_psk_opaque() or mbedtls_ssl_set_hs_psk_opaque(), which
1506 and hmac_demo.c, which use PSA and the md/cipher interfaces side
1626 which have been broken, resulting in compilation errors, since Mbed TLS
1636 * Removed the prompt to exit from all windows build programs, which was causing
1686 which had been unmaintained since 2018.
1863 which have also been renamed to ecp_internal_alt.h and rsa_alt_helpers.h
1881 * Add configuration option MBEDTLS_X509_REMOVE_INFO which
1887 and `MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH` which are never
1929 which allows to mark an extension as critical. Fixes #4055.
1934 possible to skip calling it, which is no longer supported.
1952 * Instead of accessing the len field of a DHM context, which is no longer
1956 function mbedtls_xxx_ret() which was identical except for returning int
1961 acceptable value). Functions which previously accepted NULL and now
1998 * Enable by default the functionalities which have no reason to be disabled.
2023 compile-time option, which was off by default. Users should not trust
2059 ciphersuites per version, which are no longer relevant. This removes the
2079 MBEDTLS_REMOVE_3DES_CIPHERSUITES option which is no longer relevant.
2084 backward compatibility which is no longer supported. Addresses #4404.
2138 directly, which is no longer supported.
2165 * Fix premature fopen() call in mbedtls_entropy_write_seed_file which may
2181 unintended representation of the value 0 which was not processed
2214 * Fix a regression introduced in 2.24.0 which broke (D)TLS CBC ciphersuites
2250 in all the right places. Include it from crypto_platform.h, which is
2252 * Fix which alert is sent in some cases to conform to the
2265 * Remove the AES sample application programs/aes/aescrypt2 which shows
2267 * Remove configs/config-psa-crypto.h, which no longer had any intended
2270 python2, which is no longer supported upstream.
2300 * Various changes to which alert and/or error code may be returned
2404 consistent with RFC 5280 4.2.1.9 which says: "Conforming CAs MUST
2457 * Add MBEDTLS_TARGET_PREFIX CMake variable, which is prefixed to the mbedtls,
2486 which is how most uses of randomization in asymmetric cryptography
2490 obtain entropy, or due to an internal failure (which, for Mbed TLS's own
2502 * Zeroising of local buffers and variables which are used for calculations
2539 CCM, which allowed encryption with a non-standard length field.
2563 the buffer back, which was the case for mbedtls_x509write_{crt,csr}_pem
2679 * Reduce the stack consumption of mbedtls_x509write_csr_der() which
2690 example applications which allows to provide a password for the key file
2693 ssl_server2 only, add the command line parameter key_pwd2 which allows to
2711 which constructs a string for any error code, including compound
2717 * Add new mbedtls_x509_crt_parse_der_with_ext_cb() routine which allows
2827 mbedtls_ssl_get_input_max_frag_len() to be more precise about which max
2836 (which it is by default).
2874 library which allows TLS authentication to use keys stored in a
2897 specification version 1.0.0. The main change which may break some
2930 entropy module formerly only grabbed 32 bytes, which is good enough for
2991 structures, which was exposed only in an internal header.
3031 as an ASN.1 INTEGER, which caused the size of the key to leak
3067 list all curves for which at least one of ECDH or ECDSA is supported, not
3068 just curves for which both are supported. Call mbedtls_ecdsa_can_do() or
3117 functionally incorrect code on bigendian systems which don't have
3122 * Make it easier to define MBEDTLS_PARAM_FAILED as assert (which config.h
3135 code and tests are now only available via Mbed Crypto, which
3196 * Fix bugs in the AEAD test suite which would be exposed by ciphers which
3197 either used both encrypt and decrypt key schedules, or which perform padding.
3216 This certificate is used in the demo server programs, which lead the
3234 which allows copy-less parsing of DER encoded X.509 CRTs,
3251 mbedtls_ssl_session structure which otherwise stores the peer's
3258 interpreted according to the second group, which could lead to either
3267 * Reduce the stack consumption of mbedtls_mpi_fill_random() which could
3270 in the header files, which missed the precompilation check. #971
3309 * Re-enable certain interoperability tests in ssl-opt.sh which had previously
3322 function to see for which parameter values it is defined. This feature is
3345 that it is now optional with the MBEDTLS_CHECK_PARAMS flag which by default
3346 is off. That means that checks which were previously present by default
3354 * Fix for Clang, which was reporting a warning for the bignum.c inline
3364 programs/pkey/gen_key which previously led to compilation failure
3482 mbedtls_mpi_is_prime_ext() which allows specifying the number of
3490 * Fix a bug in the update function for SSL ticket keys which previously
3495 which lead to accepting properly authenticated but improperly
3510 * Fix compilation failure for configurations which use compile time
3528 string format (mostly PrintableString), which could lead to CRTs being
3529 created which used PrintableStrings in the issuer field even though the
3557 * Fix an issue in the X.509 module which could lead to a buffer overread
3584 * Fixes an issue with MBEDTLS_CHACHAPOLY_C which would not compile if
3665 buffer, which can save some RAM. If buffer lengths are kept equal, there
3672 * Fix the key_app_writer example which was writing a leading zero byte which
3695 * Fix decryption for zero length messages (which contain all padding) when a
3759 mbedtls_platform_zeroize(), which is a critical function from a security
3767 * Fix an issue with MicroBlaze support in bn_mul.h which was causing the
3778 * Fix an issue in the X.509 module which could lead to a buffer overread
3786 function which led to an arbitrary overread of the message buffer. The
3792 which could potentially lead to the client accepting a ciphersuite it didn't
3830 unable to parse keys which had only the optional parameters field of the
3845 function which leads to a potential one byte overread of the message
3942 * Fix mbedtls_x509_crt_profile_suiteb, which used to reject all certificates
3987 6 bytes on the peer's heap, which could potentially lead to crash or remote
3991 for the key size, which could potentially lead to crash or remote code
4442 scripts, which is also now called by all.sh.
4459 * Fix for key exchanges based on ECDH-RSA or ECDH-ECDSA which weren't
4498 naming collision in projects which also have files with the common name
4539 * Fix issue in ssl_fork_server which was preventing it from functioning. #429
4758 which algorithms and key sizes (curves for ECDSA) are acceptable.
5027 (only possible if POLARSSL_MEMORY_BUFFER_ALLOC_C is enabled, which it is
5284 * Fixed type which made POLARSSL_ENTROPY_FORCE_SHA256 uneffective (found by
5286 * Fix #include path in ecdsa.h which wasn't accepted by some compilers.
5297 * EC curves constants, which should be only in ROM since 1.3.3, were also
6131 This release replaces version 0.99-pre2 which had possible copyright issues.
6361 * Fixed a memory leak in x509parse_crt() which was reported by Greg
6364 * Fixed x509_get_ext() to accept some rare certificates which have
6378 for which the RSA signature check fails (bug reported by Benoit)
6394 message digests, which fixes IE6/IE7 client authentication
6417 * Fixed a bug in ssl_tls.c which sometimes prevented SSL