Lines Matching refs:used
217 be used, but are deprecated.
218 * In the PSA API, domain parameters are no longer used for anything.
230 mbedtls_pk_import_into_psa() can be used to import a PK key into PSA,
231 while mbedtls_pk_setup_opaque() can be used to wrap a PSA key into a opaque
305 mbedtls_ecp_write_key(), but can be used without separately calculating
316 used as random number generator function (f_rng) and context (p_rng) in
530 feature macros, MBEDTLS_MD_CAN_xxx, has been introduced that can be used
575 used to enable this feature.
636 only used in relation with CMAC which does not support these ciphers.
657 which used MBEDTLS_MD_MAX_BLOCK_SIZE could be affected. The only
701 * Fix crypt_and_hash decryption fail when used with a stream cipher
852 be used to enable this feature. Run-time detection is supported
885 implementation as a fallback for when the assembly one cannot be used.
905 used on a shared secret from a key agreement since its input must be
964 the behaviour without it, where deterministic ECDSA was already used.
970 hex. They cannot be used simultaneously
971 - "serial" is used for the decimal format and it's limted in size to
973 - "serial_hex" is used for the hex format; max length here is
1050 (LMS_SHA256_M32_H10), meaning that each private key can be used to sign
1055 required for LMS. This can be used independently, but each key can only
1056 be used to sign one message so is impractical for most circumstances.
1088 calculation that can be used to derive the session secret in TLS 1.2,
1099 victim performing a single private-key operation if the window size used
1241 information that was used to set up a message digest context.
1303 Opaque keys can now be used everywhere a private key is expected in the
1307 previously only worked for "pure" PSK key exchange, now can also be used
1318 * Zeroize dynamically-allocated buffers used by the PSA Crypto key storage
1364 enabled and an ECDHE-ECDSA or ECDHE-RSA key exchange was used, the
1371 * Fix unit tests that used 0 as the file UID. This failed on some
1530 * Zeroize several intermediate variables used to calculate the expected
1595 all algorithms that can be used with psa_{sign,verify}_hash(), including
1636 * Indicate in the error returned if the nonce length used with
1674 were not meant to be used in application code have been moved out of
1686 key type used, as well as the key bit-size in the case of
1690 as well as other functions and constants only used by
1721 * The getter and setter API of the SSL session cache (used for
1955 learn partial information about the leading bits of the nonce used for the
2000 defined to specific values. If the code is used in a context
2054 can now only be used as intended, for keys that cannot be modified through
2062 unsupported extension used by the server.
2080 should be used.
2104 used by the Mbed TLS release whose MBEDTLS_VERSION_NUMBER has the same
2140 CTR_DRBG is used by default if it is available, but you can override
2170 security strength, but the code incorrectly used a constant instead of
2213 used to validate digital signatures on certificates and MUST mark the
2265 mbedcrypto, mbedx509 and apidoc CMake target names. This can be used by
2285 size of the output buffer when used with NIST_KW. As a result, code using
2309 * Zeroising of local buffers and variables which are used for calculations
2340 agreement and subsequent key derivation operation to be used as a key
2537 reveal an RSA private key used in a secure enclave. Noticed by Sangho Lee,
2550 hardware accelerators were used (using one of the MBEDTLS_SHAxxx_ALT
2742 these variables can be used to recover the last round key. To follow best
2755 learn leading bits of the ephemeral key used during ECDSA signatures and to
2854 feature can be used alongside Connection ID and SSL context serialisation.
2967 and the used tls-prf.
2981 to the DTLS record header. This identifier can be used to associated an
2990 and the used tls-prf.
3001 used with negative inputs. Found by Guido Vranken in #2404. Credit to
3004 either used both encrypt and decrypt key schedules, or which perform padding.
3012 in case operators binding less strongly than subtraction were used
3023 This certificate is used in the demo server programs, which lead the
3101 * Add support for alternative CSR headers, as used by Microsoft and defined
3189 the PSA Crypto API from Mbed Crypto when additionally used with the
3236 space and a PSK-(EC)DHE ciphersuite was used, this allowed an attacker
3253 some configurable amount of operations. This is intended to be used in
3264 MPI multiplications used in ECC and RSA cryptography. Contributed by
3267 signature always used a salt with the same length as the hash, and returned
3308 * Zeroize memory used for buffering or reassembling handshake messages
3312 * Change the default string format used for various X.509 DN attributes to
3336 created which used PrintableStrings in the issuer field even though the
3337 signing CA used UTF8Strings in its subject field; while X.509 compliant,
3380 The maximum amount of RAM used for this can be controlled by the
3395 * Add ecc extensions only if an ecc based ciphersuite is used.
3436 or if mbedtls_ssl_conf_dtls_badmac_limit() was used, the attack only
3449 mbedtls_ssl_conf_dtls_badmac_limit() was used, the attack only worked if
3503 CBC based ciphersuite is used together with Encrypt-then-MAC. Previously,
3545 used by user applications. Found and fixed by Fabio Alessandrelli.
3552 * Changed the Clang parameters used in the CMake build files to work for
3600 offer or a ciphersuite that cannot be used with the TLS or DTLS version
3621 underlying transport in case event-driven IO is used.
3650 I/O was used. Found and reported by Hubert Mis in #772.
3749 * Fix mbedtls_x509_crt_profile_suiteb, which used to reject all certificates
3765 * Log correct number of ciphersuites used in Client Hello message. #918
3792 extension. When the truncated HMAC extension is enabled and CBC is used,
3793 sending a malicious application packet could be used to selectively corrupt
3869 * The configuration option MBEDTLS_RSA_ALT can be used to define alternative
3916 * Fix variable used before assignment compilation warnings with IAR
3957 Note, this padding mode is not used by the TLS protocol. Found and fixed by
3975 used. Reported and fix proposed independently by satur9nine and sliai
4212 * Fixed the templates used to generate project and solution files for Visual
4265 when GCM is used. Found by udf2457. #441
4365 allocate memory. Only used for certificate generation, not triggerable
4440 once in the same handhake and mbedtls_ssl_conf_psk() was used.
4443 * Fix stack buffer overflow in pkcs12 decryption (used by
4530 be always used (found by dcb314) (#235)
4600 * The following functions have been introduced and must be used in callback
4609 * On server, mbedtls_ssl_conf_session_tickets_cb() must now be used in
4644 * calloc() is now used instead of malloc() everywhere. API of platform
4679 argument (allowing memory savings if HMAC is not used)
4777 * Fix memory leak when gcm_setkey() and ccm_setkey() are used more than
4795 * Fix hardclock() (only used in the benchmarking program) with some
4818 more flexible (warning: OFLAGS is not used any more) (see the README)
5097 * oid_get_numeric_string() used to truncate the output without returning an
5151 * Bignum's MIPS-32 assembly was used on MIPS-64, causing chaos. (Found by
5348 * Fix hardclock() (only used in the benchmarking program) with some
5466 * Bignum's MIPS-32 assembly was used on MIPS-64, causing chaos. (Found by
5840 * Changed the used random function pointer to more flexible format. Renamed
5856 standard 1 byte version sometimes used by Microsoft. (Closes ticket #38)
5901 used are negative.
6239 * Ciphers used in SSL/TLS can now be disabled at compile