Lines Matching refs:used
18 * Zeroize dynamically-allocated buffers used by the PSA Crypto key storage
40 enabled and an ECDHE-ECDSA or ECDHE-RSA key exchange was used, the
45 * Fix unit tests that used 0 as the file UID. This failed on some
134 * Zeroize several intermediate variables used to calculate the expected
184 all algorithms that can be used with psa_{sign,verify}_hash(), including
209 * Indicate in the error returned if the nonce length used with
223 key type used, as well as the key bit-size in the case of
264 learn partial information about the leading bits of the nonce used for the
311 defined to specific values. If the code is used in a context
365 can now only be used as intended, for keys that cannot be modified through
377 unsupported extension used by the server.
402 should be used.
444 CTR_DRBG is used by default if it is available, but you can override
474 security strength, but the code incorrectly used a constant instead of
517 used to validate digital signatures on certificates and MUST mark the
569 mbedcrypto, mbedx509 and apidoc CMake target names. This can be used by
589 size of the output buffer when used with NIST_KW. As a result, code using
613 * Zeroising of local buffers and variables which are used for calculations
644 agreement and subsequent key derivation operation to be used as a key
841 reveal an RSA private key used in a secure enclave. Noticed by Sangho Lee,
854 hardware accelerators were used (using one of the MBEDTLS_SHAxxx_ALT
1046 these variables can be used to recover the last round key. To follow best
1059 learn leading bits of the ephemeral key used during ECDSA signatures and to
1158 feature can be used alongside Connection ID and SSL context serialisation.
1271 and the used tls-prf.
1285 to the DTLS record header. This identifier can be used to associated an
1294 and the used tls-prf.
1305 used with negative inputs. Found by Guido Vranken in #2404. Credit to
1308 either used both encrypt and decrypt key schedules, or which perform padding.
1316 in case operators binding less strongly than subtraction were used
1327 This certificate is used in the demo server programs, which lead the
1405 * Add support for alternative CSR headers, as used by Microsoft and defined
1493 the PSA Crypto API from Mbed Crypto when additionally used with the
1540 space and a PSK-(EC)DHE ciphersuite was used, this allowed an attacker
1557 some configurable amount of operations. This is intended to be used in
1568 MPI multiplications used in ECC and RSA cryptography. Contributed by
1571 signature always used a salt with the same length as the hash, and returned
1612 * Zeroize memory used for buffering or reassembling handshake messages
1616 * Change the default string format used for various X.509 DN attributes to
1640 created which used PrintableStrings in the issuer field even though the
1641 signing CA used UTF8Strings in its subject field; while X.509 compliant,
1684 The maximum amount of RAM used for this can be controlled by the
1699 * Add ecc extensions only if an ecc based ciphersuite is used.
1740 or if mbedtls_ssl_conf_dtls_badmac_limit() was used, the attack only
1753 mbedtls_ssl_conf_dtls_badmac_limit() was used, the attack only worked if
1807 CBC based ciphersuite is used together with Encrypt-then-MAC. Previously,
1849 used by user applications. Found and fixed by Fabio Alessandrelli.
1856 * Changed the Clang parameters used in the CMake build files to work for
1904 offer or a ciphersuite that cannot be used with the TLS or DTLS version
1925 underlying transport in case event-driven IO is used.
1954 I/O was used. Found and reported by Hubert Mis in #772.
2053 * Fix mbedtls_x509_crt_profile_suiteb, which used to reject all certificates
2069 * Log correct number of ciphersuites used in Client Hello message. #918
2096 extension. When the truncated HMAC extension is enabled and CBC is used,
2097 sending a malicious application packet could be used to selectively corrupt
2173 * The configuration option MBEDTLS_RSA_ALT can be used to define alternative
2220 * Fix variable used before assignment compilation warnings with IAR
2261 Note, this padding mode is not used by the TLS protocol. Found and fixed by
2279 used. Reported and fix proposed independently by satur9nine and sliai
2516 * Fixed the templates used to generate project and solution files for Visual
2569 when GCM is used. Found by udf2457. #441
2669 allocate memory. Only used for certificate generation, not triggerable
2744 once in the same handhake and mbedtls_ssl_conf_psk() was used.
2747 * Fix stack buffer overflow in pkcs12 decryption (used by
2834 be always used (found by dcb314) (#235)
2904 * The following functions have been introduced and must be used in callback
2913 * On server, mbedtls_ssl_conf_session_tickets_cb() must now be used in
2948 * calloc() is now used instead of malloc() everywhere. API of platform
2983 argument (allowing memory savings if HMAC is not used)
3081 * Fix memory leak when gcm_setkey() and ccm_setkey() are used more than
3099 * Fix hardclock() (only used in the benchmarking program) with some
3122 more flexible (warning: OFLAGS is not used any more) (see the README)
3401 * oid_get_numeric_string() used to truncate the output without returning an
3455 * Bignum's MIPS-32 assembly was used on MIPS-64, causing chaos. (Found by
3652 * Fix hardclock() (only used in the benchmarking program) with some
3770 * Bignum's MIPS-32 assembly was used on MIPS-64, causing chaos. (Found by
4144 * Changed the used random function pointer to more flexible format. Renamed
4160 standard 1 byte version sometimes used by Microsoft. (Closes ticket #38)
4205 used are negative.
4543 * Ciphers used in SSL/TLS can now be disabled at compile