Lines Matching refs:which
70 * Fix premature fopen() call in mbedtls_entropy_write_seed_file which may
82 unintended representation of the value 0 which was not processed
117 * Fix a regression introduced in 2.24.0 which broke (D)TLS CBC ciphersuites
153 in all the right places. Include it from crypto_platform.h, which is
159 * Fix which alert is sent in some cases to conform to the
170 * Remove the AES sample application programs/aes/aescrypt2 which shows
174 * Remove configs/config-psa-crypto.h, which was identical to the default
180 python2, which is no longer supported upstream.
183 sessions which are consistent with the negotiated ciphersuite
300 consistent with RFC 5280 4.2.1.9 which says: "Conforming CAs MUST
353 * Add MBEDTLS_TARGET_PREFIX CMake variable, which is prefixed to the mbedtls,
382 which is how most uses of randomization in asymmetric cryptography
386 obtain entropy, or due to an internal failure (which, for Mbed TLS's own
398 * Zeroising of local buffers and variables which are used for calculations
435 CCM, which allowed encryption with a non-standard length field.
459 the buffer back, which was the case for mbedtls_x509write_{crt,csr}_pem
575 * Reduce the stack consumption of mbedtls_x509write_csr_der() which
586 example applications which allows to provide a password for the key file
589 ssl_server2 only, add the command line parameter key_pwd2 which allows to
607 which constructs a string for any error code, including compound
613 * Add new mbedtls_x509_crt_parse_der_with_ext_cb() routine which allows
723 mbedtls_ssl_get_input_max_frag_len() to be more precise about which max
732 (which it is by default).
770 library which allows TLS authentication to use keys stored in a
793 specification version 1.0.0. The main change which may break some
826 entropy module formerly only grabbed 32 bytes, which is good enough for
887 structures, which was exposed only in an internal header.
927 as an ASN.1 INTEGER, which caused the size of the key to leak
963 list all curves for which at least one of ECDH or ECDSA is supported, not
964 just curves for which both are supported. Call mbedtls_ecdsa_can_do() or
1013 functionally incorrect code on bigendian systems which don't have
1018 * Make it easier to define MBEDTLS_PARAM_FAILED as assert (which config.h
1031 code and tests are now only available via Mbed Crypto, which
1092 * Fix bugs in the AEAD test suite which would be exposed by ciphers which
1093 either used both encrypt and decrypt key schedules, or which perform padding.
1112 This certificate is used in the demo server programs, which lead the
1130 which allows copy-less parsing of DER encoded X.509 CRTs,
1147 mbedtls_ssl_session structure which otherwise stores the peer's
1154 interpreted according to the second group, which could lead to either
1163 * Reduce the stack consumption of mbedtls_mpi_fill_random() which could
1166 in the header files, which missed the precompilation check. #971
1205 * Re-enable certain interoperability tests in ssl-opt.sh which had previously
1218 function to see for which parameter values it is defined. This feature is
1241 that it is now optional with the MBEDTLS_CHECK_PARAMS flag which by default
1242 is off. That means that checks which were previously present by default
1250 * Fix for Clang, which was reporting a warning for the bignum.c inline
1260 programs/pkey/gen_key which previously led to compilation failure
1378 mbedtls_mpi_is_prime_ext() which allows specifying the number of
1386 * Fix a bug in the update function for SSL ticket keys which previously
1391 which lead to accepting properly authenticated but improperly
1406 * Fix compilation failure for configurations which use compile time
1424 string format (mostly PrintableString), which could lead to CRTs being
1425 created which used PrintableStrings in the issuer field even though the
1453 * Fix an issue in the X.509 module which could lead to a buffer overread
1480 * Fixes an issue with MBEDTLS_CHACHAPOLY_C which would not compile if
1561 buffer, which can save some RAM. If buffer lengths are kept equal, there
1568 * Fix the key_app_writer example which was writing a leading zero byte which
1591 * Fix decryption for zero length messages (which contain all padding) when a
1655 mbedtls_platform_zeroize(), which is a critical function from a security
1663 * Fix an issue with MicroBlaze support in bn_mul.h which was causing the
1674 * Fix an issue in the X.509 module which could lead to a buffer overread
1682 function which led to an arbitrary overread of the message buffer. The
1688 which could potentially lead to the client accepting a ciphersuite it didn't
1726 unable to parse keys which had only the optional parameters field of the
1741 function which leads to a potential one byte overread of the message
1838 * Fix mbedtls_x509_crt_profile_suiteb, which used to reject all certificates
1883 6 bytes on the peer's heap, which could potentially lead to crash or remote
1887 for the key size, which could potentially lead to crash or remote code
2338 scripts, which is also now called by all.sh.
2355 * Fix for key exchanges based on ECDH-RSA or ECDH-ECDSA which weren't
2394 naming collision in projects which also have files with the common name
2435 * Fix issue in ssl_fork_server which was preventing it from functioning. #429
2654 which algorithms and key sizes (curves for ECDSA) are acceptable.
2923 (only possible if POLARSSL_MEMORY_BUFFER_ALLOC_C is enabled, which it is
3180 * Fixed type which made POLARSSL_ENTROPY_FORCE_SHA256 uneffective (found by
3182 * Fix #include path in ecdsa.h which wasn't accepted by some compilers.
3193 * EC curves constants, which should be only in ROM since 1.3.3, were also
4027 This release replaces version 0.99-pre2 which had possible copyright issues.
4257 * Fixed a memory leak in x509parse_crt() which was reported by Greg
4260 * Fixed x509_get_ext() to accept some rare certificates which have
4274 for which the RSA signature check fails (bug reported by Benoit)
4290 message digests, which fixes IE6/IE7 client authentication
4313 * Fixed a bug in ssl_tls.c which sometimes prevented SSL