Bugfix * Ensure that calling mbedtls_rsa_free() twice is safe. This happens when some Mbed TLS library functions fail. Such a double-free was not safe when MBEDTLS_THREADING_C was enabled on platforms where freeing a mutex twice is not safe. * Fix a resource leak in a bad-arguments case of mbedtls_rsa_gen_key() when MBEDTLS_THREADING_C is enabled on platforms where initializing a mutex allocates resources. Default behavior changes * In mbedtls_rsa_context objects, the ver field was formerly documented as always 0. It is now reserved for internal purposes and may take different values.