Lines Matching refs:now
28 * A TLS handshake may now call psa_crypto_init() if TLS 1.3 is enabled.
31 * By default, the handling of TLS 1.3 tickets by the Mbed TLS client is now
33 signalled by MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET return values now
116 * MBEDTLS_ASN1_PARSE_C and MBEDTLS_ASN1_WRITE_C are now automatically enabled
205 * psa_import_key() now only accepts RSA keys in the PSA standard formats.
238 * AES-NI is now supported in Windows builds with clang and clang-cl.
249 * If a cipher or AEAD mechanism has a PSA driver, you can now build the
256 * The CTR_DRBG module will now use AES from a PSA driver if MBEDTLS_AES_C is
262 MBEDTLS_PSA_CRYPTO can now be enabled without MBEDTLS_CIPHER_C if all
287 with PKCS#5 PBES2. Keys encrypted this way can now be parsed by PK parse.
297 * The benchmark program now reports times for both ephemeral and static
326 * Mbed TLS now supports the writing and reading of TLS 1.3 early data (see
343 to PSA functions is now secure by default.
344 The PSA core now protects against modification of inputs or exposure
405 * mbedtls_pem_read_buffer() now performs a check on the padding data of
433 they are now treated separately. This means that they should be
439 * mbedtls_pk_sign_ext() is now always available, not just when
443 PSA_WANT_DH_RFC7919_XXXX. You now need to defined the corresponding macro
456 * The TLS 1.3 protocol is now enabled in the default configuration.
476 * Mbed TLS is now released under a dual Apache-2.0 OR GPL-2.0-or-later
501 * Officially require Python 3.8 now that earlier versions are out of support.
502 * Minimum required Windows version is now Windows Vista, or
508 are now being deprecated in favor of PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_yyy and
517 * mbedtls_pkcs5_pbes2() and mbedtls_pkcs12_pbe() functions are now
524 * All modules that use hashes or HMAC can now take advantage of PSA Crypto
534 * When a PSA driver for ECDH is present, it is now possible to disable
548 TLS 1.3 protocols are enabled, the TLS server now selects TLS 1.2 or
551 * X.509 hostname verification now supports IPAddress Subject Alternate Names.
562 * It is now possible to generate certificates with SubjectAltNames.
567 * X.509 hostname verification now partially supports URI Subject Alternate
608 extended: it is now possible to use mbedtls_pk_write_key_der(),
612 * The documentation of mbedtls_ecp_group now describes the optimized
744 * Functions in the ssl_cache module now return a negative MBEDTLS_ERR_xxx
747 * mbedtls_pk_parse_key() now rejects trailing garbage in encrypted keys.
767 mbedtls_cipher_set_padding_mode() is now enforced. Previously, omitting
784 ssl_ciphersuites.c). The preferred cipher suite is now
788 * mbedtls_x509write_crt_set_serial() is now being deprecated in favor of
791 * PSA to mbedtls error translation is now unified in psa_util.h,
822 * SHA224_C/SHA384_C are now independent from SHA384_C/SHA512_C respectively.
839 * When a PSA driver for ECDSA is present, it is now possible to disable
854 * When a PSA driver for EC J-PAKE is present, it is now possible to disable
861 * AES-NI is now supported with Visual Studio.
862 * AES-NI is now supported in 32-bit builds, or when MBEDTLS_HAVE_ASM
867 * It is now possible to use a PSA-held (opaque) password with the TLS 1.2
884 timing side-channel attacks. There is now an intrinsics-based AES-NI
907 * mbedtls_x509write_crt_set_serial() now explicitly rejects serial numbers
909 forbidden by the standard (RFC5280 - section 4.1.2.2) and now it's being
925 mbedtls_oid_get_numeric_string(). OIDs such as 2.40.0.25 are now printed
935 * Fix the handling of renegotiation attempts in TLS 1.3. They are now
962 defined, mbedtls_pk_sign() now use deterministic ECDSA for ECDSA
969 - now it accepts the serial number in 2 different formats: decimal and
987 compiler target flags on the command line; the library now sets target
995 It is now no longer experimental, and implements the final version from
1008 from a release, the Python module jsonschema is now necessary, in
1027 * Some modules can now use PSA drivers for hashes, including with no
1029 - RSA OAEP and PSS (PKCS#1 v2.1), PKCS5, PKCS12 and EC J-PAKE now use
1031 - PEM parsing of encrypted files now uses MD-5 from PSA when (and only
1036 the entropy module. As a consequence, for now the only way to build with
1039 * When MBEDTLS_USE_PSA_CRYPTO is enabled, X.509, TLS 1.2 and TLS 1.3 now
1041 As a consequence, they now work in configurations where the built-in
1057 * Mbed TLS now supports TLS 1.3 key establishment via pre-shared keys.
1069 * The PSA driver wrapper generator generate_driver_wrappers.py now
1076 * The TLS 1.2 EC J-PAKE key exchange can now use the PSA Crypto API.
1161 serial numbers are now rendered in hex format. Fixes #6262.
1191 ChaCha20+Poly1305) now returns MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE
1202 * mbedtls_cipher_set_iv will now fail with ChaCha20 and ChaCha20+Poly1305
1225 TLS 1.3 handshake should now be configured with
1233 * The structures mbedtls_ssl_config and mbedtls_ssl_context now store
1249 * The X.509 module now uses PSA hash acceleration if present.
1285 now capable of negotiating another shared secret if the one sent in its
1288 TLS 1.3 protocols are enabled in the build of Mbed TLS, the TLS client now
1300 now causes most of them to be done using PSA Crypto; see
1302 * The function mbedtls_pk_setup_opaque() now supports RSA key pairs as well.
1303 Opaque keys can now be used everywhere a private key is expected in the
1307 previously only worked for "pure" PSK key exchange, now can also be used
1309 * cmake now detects if it is being built as a sub-project, and in that case
1369 * The TLS 1.3 implementation is now compatible with the
1399 * psa_raw_key_agreement() now returns PSA_ERROR_BUFFER_TOO_SMALL when
1424 connection identifier, the Mbed TLS client now properly sends the server
1447 * The file library/psa_crypto_driver_wrappers.c is now generated
1458 DLLs are now installed in the bin directory instead of lib.
1588 This algorithm now accepts only the same salt length for verification
1591 * The existing predicate macro name PSA_ALG_IS_HASH_AND_SIGN is now reserved
1609 * The key usage flags PSA_KEY_USAGE_SIGN_MESSAGE now allows the MAC
1611 * The key usage flags PSA_KEY_USAGE_VERIFY_MESSAGE now allows the MAC
1623 postponed until now.
1644 * The generated configuration-independent files are now automatically
1699 mbedtls_sha256_finish and mbedtls_sha256 now has a pointer type
1706 now takes extra output parameters for the last partial output block.
1707 mbedtls_gcm_update() now takes extra parameters for the output length.
1726 decryption functions now always use the private key and verification and
1738 mbedtls_cipher_finish() is now mandatory. Previously the documentation
1743 instead of computing tables in runtime. Thus, this option now increase
1753 * mbedtls_rsa_init() now always selects the PKCS#1v1.5 encoding for an RSA
1755 after initializing the context. mbedtls_rsa_set_padding() now returns an
1762 mbedtls_xxx() now return int instead of void, and the corresponding
1767 parameter, this parameter is now mandatory (that is, NULL is not an
1768 acceptable value). Functions which previously accepted NULL and now
1773 * The following functions now require an RNG parameter:
1780 Further, callbacks now receive an additional parameter
1784 context are now connection-specific.
1785 * Signature functions in the RSA and PK modules now require the hash
1791 mbedtls_ecdsa_write_signature_restartable() now take an extra parameter
1799 "Most structure fields are now private".
1801 mbedtls_ssl_{set,get}_session() may now only be called once for any given
1810 by default. The default order in TLS now favors faster curves over larger
1814 * The library now uses the %zu format specifier with the printf() family of
1819 release, some configuration-independent files are now generated at build
1902 now determined automatically based on supported curves.
1930 * The multi-part GCM interface now supports chunked associated data through
1976 * PSA functions creating a key now return PSA_ERROR_INVALID_ARGUMENT rather
1982 * PSA functions other than psa_open_key now return PSA_ERROR_INVALID_HANDLE
2039 implementations. This reliance is now removed. Fixes #3990.
2054 can now only be used as intended, for keys that cannot be modified through
2070 * Alternative implementations of CMAC may now opt to not support 3DES as a
2087 mbedtls_mpi_read_string() now construct an mbedtls_mpi object with 0 limbs
2091 now writing an empty string where it previously wrote one or more
2119 * The API glue function mbedtls_ecc_group_of_psa() now takes the curve size
2127 as always 0. It is now reserved for internal purposes and may take
2139 * The PSA crypto subsystem can now use HMAC_DRBG instead of CTR_DRBG.
2144 MBEDTLS_ECP_xxx_ALT accelerator hooks are in use can now be turned off
2146 * The PSA crypto subsystem can now be configured to use less static RAM by
2151 now use an external random generator instead of the library's own
2155 applications using TLS and MBEDTLS_USE_PSA_CRYPTO) can now use the PSA
2223 now uses the getrandom syscall instead of reading from /dev/urandom.
2272 operations now accept the key identifier. The type psa_key_handle_t is now
2333 * mbedtls_ecp_curve_list() now lists Curve25519 and Curve448 under the names
2353 * psa_set_key_id() now also sets the lifetime to persistent for keys located
2355 * Attempting to create a volatile key with a non-zero key identifier now
2359 range now fails.
2466 APIs. psa_import_key and psa_export_key will now correctly expect/output
2474 * PSA key import will now correctly import a Curve25519/Curve448 public key
2492 the copyright of contributors other than Arm is now acknowledged, and the
2593 * Fix warnings about signedness issues in format strings. The build is now
2611 dropped. As a consequence, the TLS handshake now fails when the output
2613 * The unit tests now rely on header files in tests/include/test and source
2617 * The ECP module, enabled by `MBEDTLS_ECP_C`, now depends on
2763 * Key derivation inputs in the PSA API can now either come from a key object
2774 key derivation function, use a buffer instead (this is now always
2793 mbedtls_hmac_drbg_set_entropy_len() now work if you call them before
2799 * psa_close_key(0) and psa_destroy_key(0) now succeed (doing nothing, as
2801 * Variables containing error codes are now initialized to an error code
2872 * The HAVEGE state type now uses uint32_t elements instead of int.
2873 * The functions mbedtls_ecp_curve_list() and mbedtls_ecp_grp_id_list() now
2886 is now deprecated.
2942 code and tests are now only available via Mbed Crypto, which
2960 * It is now possible to use NIST key wrap mode via the mbedtls_cipher API.
2964 * It is now possible to perform RSA PKCS v1.5 signatures with RIPEMD-160 digest.
3118 * Ciphersuites based on 3DES now have the lowest priority by default when
3150 parameter validation whereas other modules had little. This has now been
3152 that it is now optional with the MBEDTLS_CHECK_PARAMS flag which by default
3283 supported are deprecated and are now replaced by the new equivalent
3610 mbedtls_ecdh_compute_shared()) are supported for now. Contributed by
3710 * The truncated HMAC extension now conforms to RFC 6066. This means
3712 HMAC extension, Mbed TLS can now interoperate with other
4019 * Certificate verification functions now set flags to -1 in case the full
4022 * With authmode set to optional, the TLS handshake is now aborted if the
4249 scripts, which is also now called by all.sh.
4358 * Fix non-compliance server extension handling. Extensions for SSLv3 are now
4418 * mbedtls_x509_crt_verify(_with_profile)() now also checks the key type and
4543 * The PEM parser now accepts a trailing space at end of lines (#226).
4544 * It is now possible to #include a user-provided configuration file at the
4573 You now need to link to all of them if you use TLS for example.
4582 * Headers are now found in the 'mbedtls' directory (previously 'polarssl').
4605 * mbedtls_ssl_conf_ca_chain() lost its last argument (peer_cn), now set
4609 * On server, mbedtls_ssl_conf_session_tickets_cb() must now be used in
4613 * mbedtls_ssl_conf_truncated_hmac() now returns void.
4614 * mbedtls_memory_buffer_alloc_init() now returns void.
4615 * X.509 verification flags are now an uint32_t. Affect the signature of:
4629 * In the threading layer, mbedtls_mutex_init() and mbedtls_mutex_free() now
4641 mbedtls_pk_parse_public_key() and mbedtls_dhm_parse_dhm() now expect the
4644 * calloc() is now used instead of malloc() everywhere. API of platform
4648 (support for renegotiation now needs explicit enabling in config.h).
4669 * Configuration options POLARSSL_HAVE_LONGLONG was removed (now always on).
4693 * The default minimum TLS version is now TLS 1.0.
4694 * RC4 is now blacklisted by default in the SSL/TLS layer, and excluded from the
4696 * Support for receiving SSLv2 ClientHello is now disabled by default at
4698 * The default authmode for SSL/TLS clients is now REQUIRED.
4699 * Support for RSA_ALT contexts in the PK layer is now optional. Since is is
4703 * A minimum RSA key size of 2048 bits is now enforced during ceritificate
4705 * Negotiation of truncated HMAC is now disabled by default on server too.
4706 * The following functions are now case-sensitive:
4714 * The minimum MSVC version required is now 2010 (better C99 support).
4715 * The NET layer now unconditionnaly relies on getaddrinfo() and select().
4721 * The following functions now return void:
4733 * mbedtls_ctr_drbg_random() and mbedtls_hmac_drbg_random() are now
4764 speed and RAM (heap only for now) usage.
4817 * Adjusting/overriding CFLAGS and LDFLAGS with the make build system is now
4857 * Support for renegotiation can now be disabled at compile-time
4882 * ssl_get_verify_result() now works even if the handshake was aborted due
4895 * ssl_set_own_cert() now returns an error on key-certificate mismatch.
4897 * debug_print_buf() now prints a text view in addition to hexadecimal.
4898 * A specific error is now returned when there are ciphersuites in common
4901 * It is now possible to disable negotiation of truncated HMAC server-side
4903 * Example programs for SSL client and server now disable SSLv3 by default.
4904 * Example programs for SSL client and server now disable RC4 by default.
4940 * Ciphersuites using SHA-256 or SHA-384 now require TLS 1.x (there is no
4946 * ssl_read() now returns POLARSSL_ERR_NET_WANT_READ rather than
4948 * POLARSSL_MPI_MAX_SIZE now defaults to 1024 in order to allow 8192 bits
4965 * Blowfish in the cipher layer now supports variable length keys.
4980 * md_list() now returns hashes strongest first
4981 * Selection of hash for signing ServerKeyExchange in TLS 1.2 now picks
4983 * All public contexts have _init() and _free() functions now for simpler
5035 * AES-NI now compiles with "old" assemblers too
5036 * Ciphersuites based on RC4 now have the lowest priority by default
5048 * rsa_check_pubkey() now allows an E up to N
5069 * x509_crt_info() now prints information about parsed extensions as well
5070 * pk_verify() now returns a specific error code when the signature is valid
5118 * Entropy module now supports seed writing and reading
5123 now thread-safe if POLARSSL_THREADING_C defined
5178 * ssl_mail_client now terminates lines with CRLF, instead of LF
5205 * Curves are now stored fully in ROM
5212 * SSL now gracefully handles missing RNG
5234 * Padding checks in cipher layer are now constant-time
5235 * Value comparisons in SSL layer are now constant-time
5311 * Client and server now filter sent and accepted ciphersuites on minimum
5319 * x509_crt_verify() now case insensitive for cn (RFC 6125 6.4)
5381 * ssl_get_verify_result() now works even if the handshake was aborted due
5418 * ssl_read() now returns POLARSSL_ERR_NET_WANT_READ rather than
5424 * Entropy module now supports seed writing and reading
5451 * SSL now gracefully handles missing RNG
5461 * ssl_mail_client now terminates lines with CRLF, instead of LF
5478 * rsa_check_pubkey() now allows an E up to N
5503 * x509_verify() now case insensitive for cn (RFC 6125 6.4)
5539 * x509parse_crt() now better handles PEM error situations
5540 * ssl_parse_certificate() now calls x509parse_crt_der() directly
5543 * x509parse_crtpath() is now reentrant and uses more portable stat()
5557 * Default Blowfish keysize is now 128-bits
5581 * The SSL session cache module (ssl_cache) now also retains peer_cert
5632 * Depth that the certificate verify callback receives is now numbered
5697 * mpi_exp_mod() now correctly handles negative base numbers (Closes ticket
5703 * mpi_add_abs() now correctly handles adding short numbers to long numbers
5728 * x509parse_crt() now better handles PEM error situations
5729 * ssl_parse_certificate() now calls x509parse_crt_der() directly
5759 * mpi_add_abs() now correctly handles adding short numbers to long numbers
5763 * mpi_exp_mod() now correctly handles negative base numbers (Closes ticket
5831 So now there is a module that is controlled with POLARSSL_ASN1_PARSE_C.
5848 * All error codes are now negative. Even on mermory failures and IO errors.
5859 * If certificate serial is longer than 32 octets, serial number is now
5872 * The generic cipher and message digest layer now have normal error
5884 * Functions requiring File System functions can now be disabled
5897 * mpi_init() and mpi_free() now only accept a single MPI
5900 is now done with a PLUS instead of an OR as error codes
5903 net_recv() now returns 0 on EOF instead of
5908 * Network functions now return POLARSSL_ERR_NET_WANT_READ or
5922 * Debug print of MPI now removes leading zero octets and
5929 * Debug output of MPI's now the same independent of underlying
5941 are now supported as well (Fixes ticket #5)
6017 * rsa_check_private() now supports PKCS1v2 keys as well
6037 * X509 signature algorithm determination is now
6056 * Coverage test definitions now support 'depends_on'
6058 * Tests requiring specific hashing algorithms now honor
6129 * Undefining POLARSSL_HAVE_ASM now also handles prevents asm in
6239 * Ciphers used in SSL/TLS can now be disabled at compile