ChangeLog - OpenGrok cross reference for /mbedtls-development/ChangeLog

Lines Matching refs:keys
18      Transfer keys and certificates embedded in the library to the test
20      users from using unsafe keys in production.
78      a key-value store with keys being session IDs and values
134      Raw keys and IVs are no longer passed to the callback.
278    * Added support for built-in driver keys through the PSA opaque crypto
306      private keys and of blinding values for DHM and elliptic curves (ECP)
406    * The PSA API no longer allows the creation or destruction of keys with a
408      can now only be used as intended, for keys that cannot be modified through
501      tweaking the setting for the maximum amount of keys simultaneously in RAM.
502      MBEDTLS_PSA_KEY_SLOT_COUNT sets the maximum number of volatile keys that
535      value the function might fail to write a private RSA keys of the largest
562      both the old SE interface and the new PSA driver interface, external keys were
566      include this extension in all CA certificates that contain public keys
625    * In the PSA API, it is no longer necessary to open persistent keys:
629      version 1.0.0. Opening persistent keys is still supported for backward
707    * psa_set_key_id() now also sets the lifetime to persistent for keys located
736      attribute. No automatic upgrade path is provided. Previously stored keys
758    * Stop storing persistent information about externally stored keys created
763    * The new function mbedtls_ecp_write_key() exports private ECC keys back to
819    * Fix the endianness of Curve25519 keys imported/exported through the PSA
821      Montgomery keys in little-endian as defined by RFC7748. Contributed by
865      instead of the keys' lifetime. If the library is upgraded on an existing
866      device, keys created with the old lifetime value will not be readable or
1035      library which allows TLS authentication to use keys stored in a
1073      RSA keys that would later be rejected by functions expecting private
1074      keys. Found by Catena cyber using oss-fuzz (issue 20467).
1076      accept some RSA keys with invalid values by silently fixing those values.
1104      blinded value, factor it (as it is smaller than RSA keys and not guaranteed
1127    * In the PSA API, forbid zero-length keys. To pass a zero-length input to a
1418      passed keys that belonged to different group, the first key's data was
1625    * Add support for 128-bit keys in CTR_DRBG. Note that using keys shorter
1651    * Fix a bug in the update function for SSL ticket keys which previously
1652      invalidated keys of a lifetime of less than a 1s. Fixes #1968.
1990    * Fix parsing of PKCS#8 encoded Elliptic Curve keys. Previously Mbed TLS was
1991      unable to parse keys which had only the optional parameters field of the
2089      algorithms family when encrypting private keys using PKCS#5 v2.0.
2093    * Add support for public keys encoded in PKCS#1 format. #1122
2172    * Set PEM buffer to zero before freeing it, to avoid decoded private keys
2221      contexts from keys consisting of N,D,E only, even if P,Q are needed for the
2265    * Fix some invalid RSA-PSS signatures with keys of size 8N+1 that were
2267    * Fix out-of-memory problem when parsing 4096-bit PKCS8-encrypted RSA keys.
2695    * Fix issue that caused a hang when generating RSA keys of odd bitlength
2750      on untrusted input or write keys of untrusted origin. Found by Guido
2774      minimum key size for end-entity certificates with RSA keys. Found by
2836      https://securityblog.redhat.com/2015/09/02/factoring-rsa-keys-with-tls-perfect-forward-secrecy/
2916    * New server-side implementation of session tickets that rotate keys to
3145    * Fix bug in pk_parse_key() that caused some valid private EC keys to be
3207    * Add function pk_check_pair() to test if public and private keys match.
3303      RSA keys.
3319    * Blowfish in the cipher layer now supports variable length keys.
3455    * pk_get_size() and pk_get_len() were off by a factor 8 for RSA-alt keys.
3471    * Support for reading EC keys that use SpecifiedECDomain in some cases.
3640    * Parsing Elliptic Curve keys
4294    * Parsing PEM private keys encrypted with DES and AES
4330    * Detection for DES weak keys and parity bits added
4371    * rsa_check_private() now supports PKCS1v2 keys as well
4552     * Modified the HMAC functions to handle keys larger
4649       valid RSA keys to be dismissed (thanks to oldwolf)