Enhancement of ChangeLog entry

2024-11-22 10:45:36 +01:00 · 2017-10-17 10:22:47 +01:00 · 2017-10-17 10:22:47 +01:00 · e2a73c13cf
commit e2a73c13cf
parent 554c32dae6
1 changed files with 16 additions and 11 deletions
--- a/27
+++ b/27
@ -13,9 +13,15 @@ API Changes
     independent setup and export of RSA contexts. Most notably,
     mbedtls_rsa_import and mbedtls_rsa_complete are introduced for setting
     up RSA contexts from partial key material and having them completed to the
-     needs of the implementation automatically. This allows to setup RSA
+     needs of the implementation automatically. This allows to setup private RSA
     contexts from keys consisting of N,D,E only, even if P,Q are needed for the
     purpose or CRT and/or blinding.
+   * The configuration option MBEDTLS_RSA_ALT can be used to define alternative
+     implementations of the RSA interface declared in rsa.h.
+
+New deprecations
+   * Direct manipulation of structure fields of RSA contexts is deprecated.
+     Users are advised to use the extended RSA API instead.

 = mbed TLS x.x.x branch released xxxx-xx-xx

@ -321,7 +327,7 @@ Security
   * Fix potential integer overflow to buffer overflow in
     mbedtls_rsa_rsaes_pkcs1_v15_encrypt and mbedtls_rsa_rsaes_oaep_encrypt
     (not triggerable remotely in (D)TLS).
-   * Fix a potential integer underflow to buffer overread in 
+   * Fix a potential integer underflow to buffer overread in
     mbedtls_rsa_rsaes_oaep_decrypt. It is not triggerable remotely in
     SSL/TLS.

@ -341,7 +347,7 @@ Bugfix
   * Fix an issue that caused valid certificates to be rejected whenever an
     expired or not yet valid certificate was parsed before a valid certificate
     in the trusted certificate list.
-   * Fix bug in mbedtls_x509_crt_parse that caused trailing extra data in the 
+   * Fix bug in mbedtls_x509_crt_parse that caused trailing extra data in the
     buffer after DER certificates to be included in the raw representation.
   * Fix issue that caused a hang when generating RSA keys of odd bitlength
   * Fix bug in mbedtls_rsa_rsaes_pkcs1_v15_encrypt that made null pointer
@ -1597,7 +1603,7 @@ Security
 Changes
   * Allow enabling of dummy error_strerror() to support some use-cases
   * Debug messages about padding errors during SSL message decryption are
-     disabled by default and can be enabled with POLARSSL_SSL_DEBUG_ALL 
+     disabled by default and can be enabled with POLARSSL_SSL_DEBUG_ALL
   * Sending of security-relevant alert messages that do not break
     interoperability can be switched on/off with the flag
     POLARSSL_SSL_ALL_ALERT_MESSAGES
@ -1626,7 +1632,7 @@ Bugfix
 Changes
   * Added p_hw_data to ssl_context for context specific hardware acceleration
     data
-   * During verify trust-CA is only checked for expiration and CRL presence  
+   * During verify trust-CA is only checked for expiration and CRL presence

 Bugfixes
   * Fixed client authentication compatibility
@ -1924,9 +1930,9 @@ Features
     with random data (Fixed ticket #10)

 Changes
-   * Debug print of MPI now removes leading zero octets and 
+   * Debug print of MPI now removes leading zero octets and
     displays actual bit size of the value.
-   * x509parse_key() (and as a consequence x509parse_keyfile()) 
+   * x509parse_key() (and as a consequence x509parse_keyfile())
     does not zeroize memory in advance anymore. Use rsa_init()
     before parsing a key or keyfile!

@ -1948,7 +1954,7 @@ Features
     printing of X509 CRLs from file

 Changes
-   * Parsing of PEM files moved to separate module (Fixes 
+   * Parsing of PEM files moved to separate module (Fixes
     ticket #13). Also possible to remove PEM support for
     systems only using DER encoding

@ -2091,7 +2097,7 @@ Bug fixes
   * Fixed HMAC-MD2 by modifying md2_starts(), so that the
     required HMAC ipad and opad variables are not cleared.
     (found by code coverage tests)
-   * Prevented use of long long in bignum if 
+   * Prevented use of long long in bignum if
     POLARSSL_HAVE_LONGLONG not defined (found by Giles
     Bathgate).
   * Fixed incorrect handling of negative strings in
@ -2132,7 +2138,7 @@ Bug fixes
   * Made definition of net_htons() endian-clean for big endian
     systems (Found by Gernot).
   * Undefining POLARSSL_HAVE_ASM now also handles prevents asm in
-     padlock and timing code. 
+     padlock and timing code.
   * Fixed an off-by-one buffer allocation in ssl_set_hostname()
     responsible for crashes and unwanted behaviour.
   * Added support for Certificate Revocation List (CRL) parsing.
@ -2306,4 +2312,3 @@ XySSL ChangeLog
    who maintains the Debian package :-)

 = Version 0.1 released on 2006-11-01
-