diff options
Diffstat (limited to 'ChangeLog.d')
32 files changed, 0 insertions, 139 deletions
diff --git a/ChangeLog.d/_GNU_SOURCE-redefined.txt b/ChangeLog.d/_GNU_SOURCE-redefined.txt deleted file mode 100644 index 59c8a15..0000000 --- a/ChangeLog.d/_GNU_SOURCE-redefined.txt +++ /dev/null @@ -1,3 +0,0 @@ -Bugfix - * Fix the build when the macro _GNU_SOURCE is defined to a non-empty value. - Fix #3432. diff --git a/ChangeLog.d/add-aes-ecb-to-psa.txt b/ChangeLog.d/add-aes-ecb-to-psa.txt deleted file mode 100644 index b0de67c..0000000 --- a/ChangeLog.d/add-aes-ecb-to-psa.txt +++ /dev/null @@ -1,2 +0,0 @@ -Features - * Add support for ECB to the PSA cipher API. diff --git a/ChangeLog.d/add_MBEDTLS_TARGET_PREFIX_to_cmake.txt b/ChangeLog.d/add_MBEDTLS_TARGET_PREFIX_to_cmake.txt deleted file mode 100644 index 533f309..0000000 --- a/ChangeLog.d/add_MBEDTLS_TARGET_PREFIX_to_cmake.txt +++ /dev/null @@ -1,6 +0,0 @@ -Features - * Add MBEDTLS_TARGET_PREFIX CMake variable, which is prefixed to the mbedtls, - mbedcrypto, mbedx509 and apidoc CMake target names. This can be used by - external CMake projects that include this one to avoid CMake target name - clashes. The default value of this variable is "", so default target names - are unchanged. diff --git a/ChangeLog.d/add_cipher_transparent_driver.txt b/ChangeLog.d/add_cipher_transparent_driver.txt deleted file mode 100644 index ce6f33d..0000000 --- a/ChangeLog.d/add_cipher_transparent_driver.txt +++ /dev/null @@ -1,4 +0,0 @@ -Features - * Partial implementation of the new PSA Crypto accelerator APIs for - enabling symmetric cipher acceleration through crypto accelerators. - Contributed by Steven Cooreman in #3644. diff --git a/ChangeLog.d/add_export_public_key_driver.txt b/ChangeLog.d/add_export_public_key_driver.txt deleted file mode 100644 index a9bffbc..0000000 --- a/ChangeLog.d/add_export_public_key_driver.txt +++ /dev/null @@ -1,3 +0,0 @@ -Features - * Implementation of the export_public_key interface for PSA Crypto - accelerator drivers, as defined in #3493. Contributed in #3786. diff --git a/ChangeLog.d/add_sign_verify_keygen_transparent_driver.txt b/ChangeLog.d/add_sign_verify_keygen_transparent_driver.txt deleted file mode 100644 index fe43899..0000000 --- a/ChangeLog.d/add_sign_verify_keygen_transparent_driver.txt +++ /dev/null @@ -1,4 +0,0 @@ -Features - * Partial implementation of the new PSA Crypto accelerator APIs for - enabling key generation and asymmetric signing/verification through crypto - accelerators. Contributed by Steven Cooreman in #3501. diff --git a/ChangeLog.d/adjusting sliding_window_size_PR3592.txt b/ChangeLog.d/adjusting sliding_window_size_PR3592.txt deleted file mode 100644 index 6089565..0000000 --- a/ChangeLog.d/adjusting sliding_window_size_PR3592.txt +++ /dev/null @@ -1,3 +0,0 @@ -Changes - * Reduce stack usage significantly during sliding window exponentiation. - Reported in #3591 and fix contributed in #3592 by Daniel Otte. diff --git a/ChangeLog.d/aes-zeroize-pointer.txt b/ChangeLog.d/aes-zeroize-pointer.txt deleted file mode 100644 index ccc6dc1..0000000 --- a/ChangeLog.d/aes-zeroize-pointer.txt +++ /dev/null @@ -1,5 +0,0 @@ -Changes - * Remove the zeroization of a pointer variable in AES rounds. It was valid - but spurious and misleading since it looked like a mistaken attempt to - zeroize the pointed-to buffer. Reported by Antonio de la Piedra, CEA - Leti, France. diff --git a/ChangeLog.d/android-socklen_t.txt b/ChangeLog.d/android-socklen_t.txt deleted file mode 100644 index d795a52..0000000 --- a/ChangeLog.d/android-socklen_t.txt +++ /dev/null @@ -1,3 +0,0 @@ -Bugfix - * Use socklen_t on Android and other POSIX-compliant system - diff --git a/ChangeLog.d/arc4random_buf-implicit.txt b/ChangeLog.d/arc4random_buf-implicit.txt deleted file mode 100644 index 81c245e..0000000 --- a/ChangeLog.d/arc4random_buf-implicit.txt +++ /dev/null @@ -1,3 +0,0 @@ -Bugfix - * Make arc4random_buf available on NetBSD and OpenBSD when _POSIX_C_SOURCE is - defined. Fix contributed in #3571. diff --git a/ChangeLog.d/bugfix-2927.txt b/ChangeLog.d/bugfix-2927.txt deleted file mode 100644 index 2213c6e..0000000 --- a/ChangeLog.d/bugfix-2927.txt +++ /dev/null @@ -1,3 +0,0 @@ -Bugfix - * In CTR_DRBG and HMAC_DRBG, don't reset the reseed interval in seed(). - Fixes #2927. diff --git a/ChangeLog.d/bugfix_3524.txt b/ChangeLog.d/bugfix_3524.txt deleted file mode 100644 index e038340..0000000 --- a/ChangeLog.d/bugfix_3524.txt +++ /dev/null @@ -1,3 +0,0 @@ -Bugfix - * Include the psa_constant_names generated source code in the source tree - instead of generating it at build time. Fixes #3524. diff --git a/ChangeLog.d/bugfix_3782.txt b/ChangeLog.d/bugfix_3782.txt deleted file mode 100644 index 25e18cb..0000000 --- a/ChangeLog.d/bugfix_3782.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bugfix - * Fix build failures on GCC 11. Fixes #3782. diff --git a/ChangeLog.d/bugfix_3794.txt b/ChangeLog.d/bugfix_3794.txt deleted file mode 100644 index a483ea7..0000000 --- a/ChangeLog.d/bugfix_3794.txt +++ /dev/null @@ -1,4 +0,0 @@ -Bugfix - * Fix handling of EOF against 0xff bytes and on platforms with - unsigned chars. Fixes a build failure on platforms where char is - unsigned. Fixes #3794. diff --git a/ChangeLog.d/bugfix_PR3294.txt b/ChangeLog.d/bugfix_PR3294.txt deleted file mode 100644 index a6ea75e..0000000 --- a/ChangeLog.d/bugfix_PR3294.txt +++ /dev/null @@ -1,4 +0,0 @@ -Bugfix - * Fix build failure in configurations where MBEDTLS_USE_PSA_CRYPTO is - enabled but ECDSA is disabled. Contributed by jdurkop. Fixes #3294. - diff --git a/ChangeLog.d/clean_pem_buffers.txt b/ChangeLog.d/clean_pem_buffers.txt deleted file mode 100644 index 818fad9..0000000 --- a/ChangeLog.d/clean_pem_buffers.txt +++ /dev/null @@ -1,6 +0,0 @@ -Bugfix - * In PEM writing functions, fill the trailing part of the buffer with null - bytes. This guarantees that the corresponding parsing function can read - the buffer back, which was the case for mbedtls_x509write_{crt,csr}_pem - until this property was inadvertently broken in Mbed TLS 2.19.0. - Fixes #3682. diff --git a/ChangeLog.d/ecb_iv_fix.txt b/ChangeLog.d/ecb_iv_fix.txt deleted file mode 100644 index ae2ae25..0000000 --- a/ChangeLog.d/ecb_iv_fix.txt +++ /dev/null @@ -1,3 +0,0 @@ -Bugfix - * Correct the default IV size for mbedtls_cipher_info_t structures using - MBEDTLS_MODE_ECB to 0, since ECB mode ciphers don't use IVs. diff --git a/ChangeLog.d/ecp-bignum-error-checks.txt b/ChangeLog.d/ecp-bignum-error-checks.txt deleted file mode 100644 index 8cad08e..0000000 --- a/ChangeLog.d/ecp-bignum-error-checks.txt +++ /dev/null @@ -1,5 +0,0 @@ -Bugfix - * Fix a memory leak in mbedtls_mpi_sub_abs() when the result was negative - (an error condition) and the second operand was aliased to the result. - * Fix a case in elliptic curve arithmetic where an out-of-memory condition - could go undetected, resulting in an incorrect result. diff --git a/ChangeLog.d/ecp_curve_list.txt b/ChangeLog.d/ecp_curve_list.txt deleted file mode 100644 index 55745d3..0000000 --- a/ChangeLog.d/ecp_curve_list.txt +++ /dev/null @@ -1,5 +0,0 @@ -Bugfix - * mbedtls_ecp_curve_list() now lists Curve25519 and Curve448 under the names - "x25519" and "x448". These curves support ECDH but not ECDSA. If you need - only the curves that support ECDSA, filter the list with - mbedtls_ecdsa_can_do(). diff --git a/ChangeLog.d/error-include-string.txt b/ChangeLog.d/error-include-string.txt deleted file mode 100644 index 0a12c7b..0000000 --- a/ChangeLog.d/error-include-string.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bugfix - * Fix conditions for including string.h in error.c. Fixes #3866. diff --git a/ChangeLog.d/feature-dtls-srtp.txt b/ChangeLog.d/feature-dtls-srtp.txt deleted file mode 100644 index 8b9186b..0000000 --- a/ChangeLog.d/feature-dtls-srtp.txt +++ /dev/null @@ -1,2 +0,0 @@ -Features -* Add support for DTLS-SRTP as defined in RFC 5764. Contributed by Johan Pascal, improved by Ron Eldor. diff --git a/ChangeLog.d/fix-rsa-blinding.txt b/ChangeLog.d/fix-rsa-blinding.txt deleted file mode 100644 index a13572c..0000000 --- a/ChangeLog.d/fix-rsa-blinding.txt +++ /dev/null @@ -1,6 +0,0 @@ -Bugfix - * Fix rsa_prepare_blinding() to retry when the blinding value is not - invertible (mod N), instead of returning MBEDTLS_ERR_RSA_RNG_FAILED. This - addresses a regression but is rare in practice (approx. 1 in 2/sqrt(N)). - Found by Synopsys Coverity, fix contributed by Peter Kolbus (Garmin). - Fixes #3647. diff --git a/ChangeLog.d/fix_ccm_add_length_check.txt b/ChangeLog.d/fix_ccm_add_length_check.txt deleted file mode 100644 index 259399f..0000000 --- a/ChangeLog.d/fix_ccm_add_length_check.txt +++ /dev/null @@ -1,5 +0,0 @@ -Bugfix - * Fix an off-by-one error in the additional data length check for - CCM, which allowed encryption with a non-standard length field. - Fixes #3719. - diff --git a/ChangeLog.d/minimum_cmake_version_PR3802.txt b/ChangeLog.d/minimum_cmake_version_PR3802.txt deleted file mode 100644 index 549f9b1..0000000 --- a/ChangeLog.d/minimum_cmake_version_PR3802.txt +++ /dev/null @@ -1,3 +0,0 @@ -Requirement changes -* Update the minimum required CMake version to 2.8.12. -* This silences a warning on CMake 3.19.0. #3801 diff --git a/ChangeLog.d/missing-debug-message-arguments_mbedtls_ssl_decrypt_buf.txt b/ChangeLog.d/missing-debug-message-arguments_mbedtls_ssl_decrypt_buf.txt deleted file mode 100644 index e03178f..0000000 --- a/ChangeLog.d/missing-debug-message-arguments_mbedtls_ssl_decrypt_buf.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bugfix - * Add missing arguments of debug message in mbedtls_ssl_decrypt_buf. diff --git a/ChangeLog.d/psa-crypto-api-values-1.0.0.txt b/ChangeLog.d/psa-crypto-api-values-1.0.0.txt deleted file mode 100644 index 0bd3764..0000000 --- a/ChangeLog.d/psa-crypto-api-values-1.0.0.txt +++ /dev/null @@ -1,9 +0,0 @@ -API changes - * The numerical values of the PSA Crypto API macros have been updated to - conform to version 1.0.0 of the specification. - * PSA_ALG_STREAM_CIPHER replaces PSA_ALG_CHACHA20 and PSA_ALG_ARC4. - The underlying stream cipher is determined by the key type - (PSA_KEY_TYPE_CHACHA20 or PSA_KEY_TYPE_ARC4). -New deprecations - * PSA_KEY_TYPE_CHACHA20 and PSA_KEY_TYPE_ARC4 have been deprecated. - Use PSA_ALG_STREAM_CIPHER instead. diff --git a/ChangeLog.d/psa-openless.txt b/ChangeLog.d/psa-openless.txt deleted file mode 100644 index 2e40cdf..0000000 --- a/ChangeLog.d/psa-openless.txt +++ /dev/null @@ -1,17 +0,0 @@ -Features - * In the PSA API, it is no longer necessary to open persistent keys: - operations now accept the key identifier. The type psa_key_handle_t is now - identical to psa_key_id_t instead of being platform-defined. This bridges - the last major gap to compliance with the PSA Cryptography specification - version 1.0.0. Opening persistent keys is still supported for backward - compatibility, but will be deprecated and later removed in future - releases. - -Bugfix - * psa_set_key_id() now also sets the lifetime to persistent for keys located - in a secure element. - * Attempting to create a volatile key with a non-zero key identifier now - fails. Previously the key identifier was just ignored when creating a - volatile key. - * Attempting to create or register a key with a key identifier in the vendor - range now fails. diff --git a/ChangeLog.d/psa_error_invalid_argument_for_invalid_cipher_input_sizes.txt b/ChangeLog.d/psa_error_invalid_argument_for_invalid_cipher_input_sizes.txt deleted file mode 100644 index 85c363b..0000000 --- a/ChangeLog.d/psa_error_invalid_argument_for_invalid_cipher_input_sizes.txt +++ /dev/null @@ -1,4 +0,0 @@ -Bugfix - * Consistently return PSA_ERROR_INVALID_ARGUMENT on invalid cipher input - sizes (instead of PSA_ERROR_BAD_STATE in some cases) to make the - psa_cipher_* functions compliant with the PSA Crypto API specification. diff --git a/ChangeLog.d/psa_generate_key-curve25519.txt b/ChangeLog.d/psa_generate_key-curve25519.txt deleted file mode 100644 index 24b6fcf..0000000 --- a/ChangeLog.d/psa_generate_key-curve25519.txt +++ /dev/null @@ -1,3 +0,0 @@ -Bugfix - * Fix psa_generate_key() returning an error when asked to generate - an ECC key pair on Curve25519 or secp244k1. diff --git a/ChangeLog.d/support-ecdh-kdf-with-ecdh-key.txt b/ChangeLog.d/support-ecdh-kdf-with-ecdh-key.txt deleted file mode 100644 index 6660dc3..0000000 --- a/ChangeLog.d/support-ecdh-kdf-with-ecdh-key.txt +++ /dev/null @@ -1,6 +0,0 @@ -Features - * In PSA, allow using a key declared with a base key agreement algorithm - in combined key agreement and derivation operations, as long as the key - agreement algorithm in use matches the algorithm the key was declared with. - This is currently non-standard behaviour, but expected to make it into a - future revision of the PSA Crypto standard. diff --git a/ChangeLog.d/support-key-agreement-and-derivation-output-as-key.txt b/ChangeLog.d/support-key-agreement-and-derivation-output-as-key.txt deleted file mode 100644 index 3f61481..0000000 --- a/ChangeLog.d/support-key-agreement-and-derivation-output-as-key.txt +++ /dev/null @@ -1,4 +0,0 @@ -Bugfix - * Fix psa_key_derivation_output_key() to allow the output of a combined key - agreement and subsequent key derivation operation to be used as a key - inside of the PSA Crypto core. diff --git a/ChangeLog.d/systematically_store_bit_size_3740.txt b/ChangeLog.d/systematically_store_bit_size_3740.txt deleted file mode 100644 index 9e63bbc..0000000 --- a/ChangeLog.d/systematically_store_bit_size_3740.txt +++ /dev/null @@ -1,5 +0,0 @@ -Changes - * The PSA persistent storage format is updated to always store the key bits - attribute. No automatic upgrade path is provided. Previously stored keys - must be erased, or manually upgraded based on the key storage format - specification (docs/architecture/mbed-crypto-storage-specification.md). #3740 |