xref: /optee_os/lib/libmbedtls/mbedtls/ChangeLog

210      size may have been rounded up to a whole number of bytes.
222      PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN have been renamed, and the old names
225      have been renamed, and the old names deprecated.
317    * The numerical values of the PSA Crypto API macros have been updated to
324      as they have no way to check if the output buffer is large enough.
334    * PSA_ALG_CHACHA20 and PSA_ALG_ARC4 have been deprecated.
368      PSA_CIPHER_IV_MAX_SIZE macros have been added as defined in version
375      those functions as documented with NIST_KW could have a buffer overwrite
532      if they have access to fine-grained measurements. In particular, this
549    * Library files installed after a CMake build no longer have execute
840      to have only large prime factors), and then, by brute force, recover the
922    * Fix a missing error detection in ECJPAKE. This could have caused a
1013      functionally incorrect code on bigendian systems which don't have
1207    * Ciphersuites based on 3DES now have the lowest priority by default when
1216      changed, but requirements on parameters have been made more explicit in
1220      steps you have to take when enabling it.
1223    * The following functions in the random generator modules have been
1234    * Additional parameter validation checks have been added for the following
1237      Where modules have had parameter validation added, existing parameter
1238      checks may have changed. Some modules, such as Chacha20 had existing
1302      have been similarly vulnerable. Reported by Eyal Ronen, Robert Gillham,
1331      primes with high probability. This does not have an impact on the
1792      not need to copy the declarations, and ensures that they will have the
1961      SHA1, SHA256, SHA512) have been deprecated and replaced as shown below.
2227    * The following functions in the AES module have been deprecated and replaced
2394      naming collision in projects which also have files with the common name
2664      Some names have been further changed to make them more consistent.
2672    * The following _init() functions that could return errors have
2684      ssl_legacy_renegotiation()) have been renamed to mbedtls_ssl_conf_xxx()
2689    * The following functions have been introduced and must be used in callback
2740    * net_connect() and net_bind() have a new 'proto' argument to choose
2759    * Configuration options POLARSSL_HAVE_INT8 and POLARSSL_HAVE_INT16 have
3072    * All public contexts have _init() and _free() functions now for simpler
3125    * Ciphersuites based on RC4 now have the lowest priority by default
3395    * Internals for SSL module adapted to have separate IV pointer that is
3627    * Fixed const correctness issues that have no impact on the ABI
3961    * The generic cipher and message digest layer now have normal error
3988    * The error codes have been remapped and combining error codes
4058 Note: Most of these features have been donated by Fox-IT
4081      of ssl_session have been renamed to ciphersuites and
4260     * Fixed x509_get_ext() to accept some rare certificates which have
4269       selftest and benchmark to not test ciphers that have been disabled

Last Index update Sat Jun 03 09:59:21 CST 2023