mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-22 05:35:38 +01:00
Justify moving zeroize() to utils in ChangeLog
This commit is contained in:
parent
806f403a02
commit
1962405be1
14
ChangeLog
14
ChangeLog
@ -26,6 +26,15 @@ API Changes
|
||||
if more data is pending to be processed in the internal message buffers.
|
||||
This function is necessary to determine when it is safe to idle on the
|
||||
underlying transport in case event-driven IO is used.
|
||||
* Extend the platform module with a util component that contains
|
||||
functionality shared by multiple Mbed TLS modules. At this stage
|
||||
platform_util.h (and its associated platform_util.c) only contain
|
||||
mbedtls_platform_zeroize(), which is a critical function from a security
|
||||
point of view. mbedtls_platform_zeroize() needs to be regularly tested
|
||||
against compilers to ensure that calls to it are not removed from the
|
||||
output binary as part of redundant code elimination optimizations.
|
||||
Therefore, mbedtls_platform_zeroize() is moved to the platform module to
|
||||
facilitate testing and maintenance.
|
||||
|
||||
Bugfix
|
||||
* Fix spurious uninitialized variable warning in cmac.c. Fix independently
|
||||
@ -286,11 +295,6 @@ New deprecations
|
||||
from hex strings. Superseded by mbedtls_ssl_conf_dh_param_bin()
|
||||
accepting DHM parameters in binary form, matching the new constants.
|
||||
|
||||
API Changes
|
||||
* Create a new header utils.h that contains functionality shared by multiple
|
||||
mbed TLS modules. At this stage utils.h (and its associated utils.c) only
|
||||
contain mbedtls_zeroize().
|
||||
|
||||
Bugfix
|
||||
* Fix ssl_parse_record_header() to silently discard invalid DTLS records
|
||||
as recommended in RFC 6347 Section 4.1.2.7.
|
||||
|
Loading…
Reference in New Issue
Block a user