Lines Matching refs:Add
46 * Add new mbedtls_x509_csr_parse_der_with_ext_cb() routine which allows
73 * Add support for record size limit extension as defined by RFC 8449
79 * Add functions mbedtls_ecc_group_to_psa() and mbedtls_ecc_group_from_psa()
81 * Add utility functions to manipulate mbedtls_ecp_keypair objects, filling
85 * Add functions mbedtls_md_psa_alg_from_type() and
88 * Add partial platform support for z/OS.
90 * Add functions mbedtls_ecdsa_raw_to_der() and mbedtls_ecdsa_der_to_raw() to
92 * Add support for using AES-CBC 128, 192, and 256 bit schemes
96 * Add pc files for pkg-config, e.g.:
98 * Add getter (mbedtls_ssl_session_get_ticket_creation_time()) to access
105 * Add support for 8-bit GCM tables for Shoup's algorithm to speedup GCM
113 * Add new accessor to expose the private group id member of
115 * Add new accessor to expose the `MBEDTLS_PRIVATE(ca_istrue)` member of
127 * Add new accessors to expose the private session-id,
130 Add new accessor to expose the ciphersuite-id of
136 * Add protection for multithreaded access to the PSA keystore and protection
301 * Add new millisecond time type `mbedtls_ms_time_t` and `mbedtls_ms_time()`
350 * Add parsing of directoryName subtype for subjectAltName extension in
352 * Add support for server-side TLS version negotiation. If both TLS 1.2 and
357 * Add support for reading and writing X25519 and X448
363 * Add support for the FFDH algorithm and DH key types in PSA, with
375 * Add function mbedtls_oid_from_numeric_string() to parse an OID from a
377 * Add SHA-3 family hash functions.
378 * Add support to restrict AES to 128-bit keys in order to save code size.
387 * Add support for PBKDF2-HMAC through the PSA API.
397 * Add support for FFDH key exchange in TLS 1.3.
406 * Add getter (mbedtls_ssl_cache_get_timeout()) to access
408 * Add getter (mbedtls_ssl_get_hostname()) to access
410 * Add getter (mbedtls_ssl_conf_get_endpoint()) to access
419 * Add a possibility to generate CSR's with RCF822 and directoryName subtype
421 * Add support for PBKDF2-CMAC through the PSA API.
479 * Add missing md.h includes to some of the external programs from
622 * Add support for reading points in compressed format
630 * Add parsing of V3 extensions (key usage, Netscape cert-type,
635 * Add parsing of uniformResourceIdentifier subtype for subjectAltName
637 * Add an interruptible version of sign and verify hash to the PSA interface,
639 * Add parsing of rfc822Name subtype for subjectAltName
650 * Add a driver dispatch layer for EC J-PAKE, enabling alternative
652 * Add new API mbedtls_ssl_cache_remove for cache entry removal by
654 * Add support to include the SubjectAltName extension to a CSR.
655 * Add support for AES with the Armv8-A Cryptographic Extension on
663 * Add functions mbedtls_rsa_get_padding_mode() and mbedtls_rsa_get_md_alg()
682 * Add support for AES with the Armv8-A Cryptographic Extension on 64-bit
850 * Add support for opaque keys as the private keys associated to certificates
852 * Add the LMS post-quantum-safe stateful-hash asymmetric signature scheme.
859 * Add the LM-OTS post-quantum-safe one-time signature scheme, which is
885 * Add support for DTLS Connection ID as defined by RFC 9146, controlled by
888 * Add a driver dispatch layer for raw key agreement, enabling alternative
892 * Add an ad-hoc key derivation function handling EC J-PAKE to PMS
961 * Add a configuration check to exclude optional client authentication
993 * Add the ability to query PSA_WANT_xxx macros to query_compile_time_config.
1034 * Add accessor to obtain ciphersuite id from ssl context.
1035 * Add accessors to get members from ciphersuite info.
1036 * Add mbedtls_ssl_ticket_rotate() for external ticket rotation.
1037 * Add accessor to get the raw buffer pointer from a PEM context.
1041 * Add an accessor function to get the configuration associated with
1043 * Add a function to access the protocol version from an SSL context in a
1045 * Add function mbedtls_md_info_from_ctx() to recall the message digest
1047 * Add ALPN support in TLS 1.3 clients.
1048 * Add server certificate selection callback near end of Client Hello.
1052 * Add accessor mbedtls_ssl_get_hs_sni() to retrieve SNI from within
1055 * Add support for psa crypto key derivation for elliptic curve
1057 * Add function mbedtls_timing_get_final_delay() to access the private
1060 * Add mbedtls_pk_sign_ext() which allows generating RSA-PSS signatures when
1062 * Add function mbedtls_ecp_export() to export ECP key pair parameters.
1064 * Add function mbedtls_ssl_is_handshake_over() to enable querying if the SSL
1067 * Add the function mbedtls_ssl_get_own_cid() to access our own connection id
1072 * Add functions mbedtls_ssl_conf_max_tls_version() and
1076 mixed-PSK. Add an optional input PSA_KEY_DERIVATION_INPUT_OTHER_SECRET
1083 * Add the function mbedtls_x509_crt_has_ext_type() to access the ext types
1085 * Add HKDF-Expand and HKDF-Extract as separate algorithms in the PSA API.
1086 * Add support for the ARMv8 SHA-2 acceleration instructions when building
1088 * Add support for authentication of TLS 1.3 clients by TLS 1.3 servers.
1089 * Add support for server HelloRetryRequest message. The TLS 1.3 client is
1092 * Add support for client-side TLS version negotiation. If both TLS 1.2 and
1101 * Add accessors to configure DN hints for certificate request:
1117 * Add example programs cipher_aead_demo.c, md_hmac_demo.c, aead_demo.c
1128 * Add the platform function mbedtls_setbuf() to allow buffering to be
1181 * Fix compile errors when MBEDTLS_HAVE_TIME is not defined. Add tests
1213 * Add mbedtls_x509_dn_get_next function to return the next relative DN in
1268 * Add a CMake option that enables static linking of the runtime library
1315 * Add missing PSA macros declared by PSA Crypto API 1.0.0:
1317 * Add support for CCM*-no-tag cipher to the PSA.
1321 * Add new API mbedtls_ct_memcmp for constant time buffer comparison.
1322 * Add functions to get the IV and block size from cipher_info structs.
1323 * Add functions to check if a cipher supports variable IV or key size.
1324 * Add the internal implementation of and support for CCM to the PSA multipart
1332 * Add PSA API definition for ARIA.
1464 * Add missing const attributes to API functions.
1493 * Add configuration option MBEDTLS_X509_REMOVE_INFO which
1724 * Add mbedtls_rsa_rsassa_pss_sign_ext() function allowing to generate a
1785 * Add printf function attributes to mbedtls_debug_print_msg to ensure we
1873 * Add extra printf compiler warning flags to builds.
1899 * Add CMake package config generation for CMake projects consuming Mbed TLS.
2063 * Add support for ECB to the PSA cipher API.
2069 * Add MBEDTLS_TARGET_PREFIX CMake variable, which is prefixed to the mbedtls,
2074 * Add support for DTLS-SRTP as defined in RFC 5764. Contributed by Johan
2166 * Add missing arguments of debug message in mbedtls_ssl_decrypt_buf.
2301 * Add the command line parameter key_pwd to the ssl_client2 and ssl_server2
2328 * Add support for midipix, a POSIX layer for Microsoft Windows.
2329 * Add new mbedtls_x509_crt_parse_der_with_ext_cb() routine which allows
2338 * Add support for Windows 2000 in net_sockets. Contributed by opatomic. #3239
2383 * Add additional bounds checks in ssl_write_client_hello() preventing
2574 * Add ENUMERATED tag support to the ASN.1 module. Contributed by
2623 * Add nss_keylog to ssl_client2 and ssl_server2, enabling easier analysis of
2653 * Add new API functions mbedtls_ssl_session_save() and
2657 * Add a new API function mbedtls_ssl_check_record() to allow checking that
2668 * Add mbedtls_net_close(), enabling the building of forking servers where
2674 * Add DER-encoded test CRTs to library/certs.c, allowing
2737 * Add a Dockerfile and helper scripts (all-in-docker.sh, basic-in-docker.sh,
2740 * Add `reproducible` option to `ssl_client2` and `ssl_server2` to enable
2763 * Add the Any Policy certificate policy oid, as defined in
2767 * Add the Wi-SUN Field Area Network (FAN) device extended key usage.
2768 * Add the oid certificate policy x509 extension.
2773 * Add public API for tls-prf function, according to requested enum.
2774 * Add support for parsing otherName entries in the Subject Alternative Name
2777 * Add support for parsing certificate policies extension, as defined in
2782 * Add support for draft-05 of the Connection ID extension, as specified
2796 * Add public API for tls-prf function, according to requested enum.
2813 * Add psa_util.h to test/cpp_dummy_build to fix build_default_make_gcc_and_cxx.
2815 * Add missing parentheses around parameters in the definition of the
2819 * Add a check for MBEDTLS_X509_CRL_PARSE_C in ssl_server2, guarding the crl
2837 * Add test for minimal value of MBEDTLS_MPI_WINDOW_SIZE to all.sh.
2845 * Add a new X.509 API call `mbedtls_x509_parse_der_nocopy()`
2849 * Add a new function mbedtls_asn1_write_named_bitstring() to write ASN.1
2851 * Add MBEDTLS_REMOVE_3DES_CIPHERSUITES to allow removing 3DES ciphersuites
2856 * Add a new X.509 API call `mbedtls_x509_parse_der_nocopy()`.
2881 * Add `MBEDTLS_SELF_TEST` for the mbedtls_self_test functions
2906 * Add support for alternative CSR headers, as used by Microsoft and defined
2929 * Add a new config.h option of MBEDTLS_CHECK_PARAMS that enables validation
2975 * Add explicit integer to enumeration type casts to example program
2991 * Add an experimental build option, USE_CRYPTO_SUBMODULE, to enable use of
2993 * Add an experimental configuration option, MBEDTLS_PSA_CRYPTO_C, to enable
2998 * Add unit tests for AES-GCM when called through mbedtls_cipher_auth_xxx()
3057 * Add support for temporarily suspending expensive ECC computations after
3067 * Add support for Arm CPU DSP extensions to accelerate asymmetric key
3076 * Add support for 128-bit keys in CTR_DRBG. Note that using keys shorter
3080 * Add a common error code of `MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED` for
3129 * Add tests for session resumption in DTLS.
3148 * Add MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR flag to mbedtls_mpi_gen_prime() and
3175 * Add support for fragmentation of outgoing DTLS handshake messages. This
3179 * Add support for auto-adjustment of MTU to a safe value during the
3182 * Add support for packing multiple records within a single datagram,
3184 * Add support for buffering out-of-order handshake messages in DTLS.
3190 * Add function mbedtls_ssl_set_datagram_packing() to configure
3200 * Add ecc extensions only if an ecc based ciphersuite is used.
3228 * Add support for buffering of out-of-order handshake messages.
3229 * Add warnings to the documentation of the HKDF module to reduce the risk
3259 * Add a counter-measure against a vulnerability in TLS ciphersuites based
3269 * Add new crypto primitives from RFC 7539: stream cipher Chacha20, one-time
3272 * Add support for CHACHA20-POLY1305 ciphersuites from RFC 7905.
3273 * Add platform support for the Haiku OS. (https://www.haiku-os.org).
3280 * Add support for key wrapping modes based on AES as defined by
3335 * Add additional block mode, OFB (Output Feedback), to the AES module and
3339 * Add support for the CCM* block cipher mode as defined in IEEE Std. 802.15.4.
3340 * Add support for the XTS block cipher mode with AES (AES-XTS).
3364 * Add support for ARIA cipher (RFC 5794) and associated TLS ciphersuites
3410 * Add an option, MBEDTLS_AES_FEWER_TABLES, to dynamically compute smaller AES
3413 * Add initial support for Curve448 (RFC 7748). Only mbedtls_ecp_mul() and
3422 * Add function mbedtls_ssl_check_pending() to the public API to allow
3431 * Add missing dependencies in test suites that led to build failures
3436 * Add missing dependencies for MBEDTLS_HAVE_TIME_DATE and
3483 * Add the order of the base point as N in the mbedtls_ecp_group structure
3490 * Add an option in the Makefile to support ar utilities where the operation
3510 * Add platform setup and teardown calls in test suites.
3544 * Add support for public keys encoded in PKCS#1 format. #1122
3619 * Add a provision to prevent compiler optimizations breaking the time
3646 * Add alternative implementation support for CCM and CMAC (MBEDTLS_CCM_ALT,
3648 * Add support for alternative implementations of GCM, selected by the
3650 * Add support for alternative implementations for ECDSA, controlled by new
3656 * Add support for alternative implementation of ECDH, controlled by the
3662 * Add support for alternative implementation of ECJPAKE, controlled by
3664 * Add mechanism to provide alternative implementation of the DHM module.
3741 * Add a check for invalid private parameters in mbedtls_ecdsa_sign().
3745 * Add size-checks for record and handshake message content, securing
3790 * Add MBEDTLS_ERR_XXX_HW_ACCEL_FAILED error codes for all cryptography
3793 * Add explicit warnings for the use of MD2, MD4, MD5, SHA-1, DES and ARC4
3810 * Add the functions mbedtls_platform_setup() and mbedtls_platform_teardown()
3832 * Add a check if iv_len is zero in GCM, and return an error if it is zero.
3839 * Add MBEDTLS_MPI_CHK to check for error value of mbedtls_mpi_fill_random.
3927 * Add exponent blinding to RSA private operations as a countermeasure
3934 * Add hardware acceleration support for the Elliptic Curve Point module.
3938 * Add a new configuration option to 'mbedtls_ssl_config' to enable
3955 * Add checks in the PK module for the RSA functions on 64-bit systems.
3963 * Add checks to prevent signature forgeries for very large messages while
4285 * Add countermeasure against Lenstra's RSA-CRT attack for PKCS#1 v1.5
4357 * Add mbedtls_ssl_get_max_frag_len() to query the current maximum fragment
4549 * Add countermeasure against "Lucky 13 strikes back" cache-based attack,
4555 * Add x509_crt_verify_info() to display certificate verification results.
4556 * Add support for reading DH parameters with privateValueLength included
4558 * Add support for bit strings in X.509 names (request by Fredrik Axelsson).
4559 * Add support for id-at-uniqueIdentifier in X.509 names.
4560 * Add support for overriding snprintf() (except on Windows) and exit() in
4562 * Add an option to use macros instead of function pointers in the platform
4572 * Add config flag POLARSSL_DEPRECATED_WARNING (off by default) to produce
4574 * Add config flag POLARSSL_DEPRECATED_REMOVED (off by default) to produce
4609 * Add missing extern "C" guard in aesni.h (reported by amir zamani).
4610 * Add missing dependency on SHA-256 in some x509 programs (reported by
4655 * Add support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv).
4656 * Add support for Extended Master Secret (draft-ietf-tls-session-hash).
4657 * Add support for Encrypt-then-MAC (RFC 7366).
4658 * Add function pk_check_pair() to test if public and private keys match.
4659 * Add x509_crl_parse_der().
4660 * Add compile-time option POLARSSL_X509_MAX_INTERMEDIATE_CA to limit the
4666 * Add support for getrandom() syscall on recent Linux kernels with Glibc or
4668 * Add ssl_set_arc4_support() to make it easier to disable RC4 at runtime
4766 * Add CCM module and cipher mode to Cipher Layer
4771 * Add example config.h for PSK with CCM, optimized for low RAM usage.
4773 * Add POLARSSL_REMOVE_ARC4_CIPHERSUITES to allow removing RC4 ciphersuites
4775 * Add server-side enforcement of sent renegotiation requests
4777 * Add SSL_CIPHERSUITES config.h flag to allow specifying a list of
4781 * Add LINK_WITH_PTHREAD option in CMake for explicit linking that is
4867 * Add option 'use_dev_random' to gen_key application
5148 * Add countermeasure against "Lucky 13 strikes back" cache-based attack,
5198 * Add compile-time option POLARSSL_X509_MAX_INTERMEDIATE_CA to limit the