mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-30 04:04:21 +01:00
Actually remove compiled changelog entries
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
This commit is contained in:
parent
3ca4892432
commit
46c0cf7dfe
@ -1,9 +0,0 @@
|
|||||||
Changes
|
|
||||||
* mbedtls_mpi_read_binary(), mbedtls_mpi_read_binary_le() and
|
|
||||||
mbedtls_mpi_read_string() now construct an mbedtls_mpi object with 0 limbs
|
|
||||||
when their input has length 0. Note that this is an implementation detail
|
|
||||||
and can change at any time, so this change should be transparent, but it
|
|
||||||
may result in mbedtls_mpi_write_binary() or mbedtls_mpi_write_string()
|
|
||||||
now writing an empty string where it previously wrote one or more
|
|
||||||
zero digits when operating from values constructed with an mpi_read
|
|
||||||
function and some mpi operations.
|
|
@ -1,3 +0,0 @@
|
|||||||
Features
|
|
||||||
* Implement psa_mac_compute() and psa_mac_verify() as defined in the
|
|
||||||
PSA Cryptograpy API 1.0.0 specification.
|
|
@ -1,4 +0,0 @@
|
|||||||
API changes
|
|
||||||
* Implement one-shot cipher functions, psa_cipher_encrypt and
|
|
||||||
psa_cipher_decrypt, according to the PSA Crypto API 1.0.0
|
|
||||||
specification.
|
|
@ -1,5 +0,0 @@
|
|||||||
Features
|
|
||||||
* Add mbedtls_rsa_rsassa_pss_sign_ext() function allowing to generate a
|
|
||||||
signature with a specific salt length. This function allows to validate
|
|
||||||
test cases provided in the NIST's CAVP test suite. Contributed by Cédric
|
|
||||||
Meuter in PR #3183.
|
|
@ -1,6 +0,0 @@
|
|||||||
Bugfix
|
|
||||||
* In library/net_sockets.c, _POSIX_C_SOURCE and _XOPEN_SOURCE are
|
|
||||||
defined to specific values. If the code is used in a context
|
|
||||||
where these are already defined, this can result in a compilation
|
|
||||||
error. Instead, assume that if they are defined, the values will
|
|
||||||
be adequate to build Mbed TLS.
|
|
@ -1,12 +0,0 @@
|
|||||||
API changes
|
|
||||||
* Update AEAD output size macros to bring them in line with the PSA Crypto
|
|
||||||
API version 1.0 spec. This version of the spec parameterizes them on the
|
|
||||||
key type used, as well as the key bit-size in the case of
|
|
||||||
PSA_AEAD_TAG_LENGTH.
|
|
||||||
The old versions of these macros were renamed and deprecated as follows:
|
|
||||||
- PSA_AEAD_TAG_LENGTH -> PSA_AEAD_TAG_LENGTH_1_ARG
|
|
||||||
- PSA_AEAD_ENCRYPT_OUTPUT_SIZE -> PSA_AEAD_ENCRYPT_OUTPUT_SIZE_2_ARG
|
|
||||||
- PSA_AEAD_DECRYPT_OUTPUT_SIZE -> PSA_AEAD_DECRYPT_OUTPUT_SIZE_2_ARG
|
|
||||||
- PSA_AEAD_UPDATE_OUTPUT_SIZE -> PSA_AEAD_UPDATE_OUTPUT_SIZE_2_ARG
|
|
||||||
- PSA_AEAD_FINISH_OUTPUT_SIZE -> PSA_AEAD_FINISH_OUTPUT_SIZE_1_ARG
|
|
||||||
- PSA_AEAD_VERIFY_OUTPUT_SIZE -> PSA_AEAD_VERIFY_OUTPUT_SIZE_1_ARG
|
|
@ -1,4 +0,0 @@
|
|||||||
Features
|
|
||||||
* Added support for built-in driver keys through the PSA opaque crypto
|
|
||||||
driver interface. Refer to the documentation of
|
|
||||||
MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS for more information.
|
|
@ -1,5 +0,0 @@
|
|||||||
Bugfix
|
|
||||||
* The PSA API no longer allows the creation or destruction of keys with a
|
|
||||||
read-only lifetime. The persistence level PSA_KEY_PERSISTENCE_READ_ONLY
|
|
||||||
can now only be used as intended, for keys that cannot be modified through
|
|
||||||
normal use of the API.
|
|
@ -1,7 +0,0 @@
|
|||||||
Bugfix
|
|
||||||
* psa_verify_hash() was relying on implementation-specific behavior of
|
|
||||||
mbedtls_rsa_rsassa_pss_verify() and was causing failures in some _ALT
|
|
||||||
implementations. This reliance is now removed. Fixes #3990.
|
|
||||||
* Disallow inputs of length different from the corresponding hash when
|
|
||||||
signing or verifying with PSA_ALG_RSA_PSS (The PSA Crypto API mandates
|
|
||||||
that PSA_ALG_RSA_PSS uses the same hash throughout the algorithm.)
|
|
@ -1,5 +0,0 @@
|
|||||||
Bugfix
|
|
||||||
* Restore the ability to configure PSA via Mbed TLS options to support RSA
|
|
||||||
key pair operations but exclude RSA key generation. When MBEDTLS_GENPRIME
|
|
||||||
is not defined PSA will no longer attempt to use mbedtls_rsa_gen_key().
|
|
||||||
Fixes #4512.
|
|
@ -1,3 +0,0 @@
|
|||||||
Bugfix
|
|
||||||
* Fix PSA_ALG_TLS12_PRF and PSA_ALG_TLS12_PSK_TO_MS being too permissive
|
|
||||||
about missing inputs.
|
|
@ -1,2 +0,0 @@
|
|||||||
Features
|
|
||||||
* Implement psa_sign_message() and psa_verify_message().
|
|
@ -1,4 +0,0 @@
|
|||||||
Security
|
|
||||||
* Fix a bias in the generation of finite-field Diffie-Hellman-Merkle (DHM)
|
|
||||||
private keys and of blinding values for DHM and elliptic curves (ECP)
|
|
||||||
computations. Reported by FlorianF89 in #4245.
|
|
@ -1,6 +0,0 @@
|
|||||||
Security
|
|
||||||
* An adversary with access to precise enough timing information (typically, a
|
|
||||||
co-located process) could recover a Curve25519 or Curve448 static ECDH key
|
|
||||||
after inputting a chosen public key and observing the victim performing the
|
|
||||||
corresponding private-key operation. Found and reported by Leila Batina,
|
|
||||||
Lukas Chmielewski, Björn Haase, Niels Samwel and Peter Schwabe.
|
|
@ -1,6 +0,0 @@
|
|||||||
Changes
|
|
||||||
* Remove configs/config-psa-crypto.h, which was identical to the default
|
|
||||||
configuration except for having some extra cryptographic mechanisms
|
|
||||||
enabled and for unintended differences. This configuration was primarily
|
|
||||||
intended to demonstrate the PSA API, and lost most of its usefulness when
|
|
||||||
MBEDTLS_PSA_CRYPTO_C became enabled by default.
|
|
@ -1,5 +0,0 @@
|
|||||||
Changes
|
|
||||||
* When using session cache based session resumption on the server,
|
|
||||||
double-check that custom session cache implementations return
|
|
||||||
sessions which are consistent with the negotiated ciphersuite
|
|
||||||
and compression method.
|
|
@ -1,4 +0,0 @@
|
|||||||
Bugfix
|
|
||||||
* When MBEDTLS_PSA_CRYPTO_SPM is enabled, crypto_spe.h was not included
|
|
||||||
in all the right places. Include it from crypto_platform.h, which is
|
|
||||||
the natural place. Fixes #4649.
|
|
@ -1,4 +0,0 @@
|
|||||||
Bugfix
|
|
||||||
* With MBEDTLS_PSA_CRYPTO_C disabled, some functions were getting built
|
|
||||||
nonetheless, resulting in undefined reference errors when building a
|
|
||||||
shared library. Reported by Guillermo Garcia M. in #4411.
|
|
@ -1,4 +0,0 @@
|
|||||||
Bugfix
|
|
||||||
* Fix mbedtls_net_poll() and mbedtls_net_recv_timeout() often failing with
|
|
||||||
MBEDTLS_ERR_NET_POLL_FAILED on Windows. Fixes #4465.
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user