TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 60b29d6bfddcb749a22a4614023494a2fbf8bfa8^! / . / ChangeLog
commit60b29d6bfddcb749a22a4614023494a2fbf8bfa8[log] [tgz]
authorGilles Peskine <Gilles.Peskine@arm.com>Wed Aug 14 18:37:59 2019 +0200
committerGilles Peskine <Gilles.Peskine@arm.com>Wed Aug 14 18:37:59 2019 +0200
tree3c866a9936dfe778ba5e82760ba813201ed24312
parent41f2de9da2f1b43722bce0849b79ee6a5ad1d09c [diff] [blame]
parentcd218f86f61dcbf1443655ac1dcde5df8968d131 [diff] [blame]
Merge remote-tracking branch 'upstream-restricted/pr/503' into development-restricted-proposed

diff --git a/ChangeLog b/ChangeLog
index 37373a2..5032be6 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -2,6 +2,13 @@
 
 = mbed TLS x.x.x branch released xxxx-xx-xx
 
+Security
+   * When writing a private EC key, use a constant size for the private
+     value, as specified in RFC 5915. Previously, the value was written
+     as an ASN.1 INTEGER, which caused the size of the key to leak
+     about 1 bit of information on average and could cause the value to be
+     1 byte too large for the output buffer.
+
 Features
    * Add the Any Policy certificate policy oid, as defined in
      rfc 5280 section 4.2.1.4.
@@ -32,6 +39,15 @@
      MBEDTLS_SSL_DTLS_CONNECTION_ID (disabled by default), and at run-time
      through the new APIs mbedtls_ssl_conf_cid() and mbedtls_ssl_set_cid().
 
+API Changes
+   * Extend the MBEDTLS_SSL_EXPORT_KEYS to export the handshake randbytes,
+     and the used tls-prf.
+   * Add public API for tls-prf function, according to requested enum.
+   * Add DER-encoded test CRTs to library/certs.c, allowing
+     the example programs ssl_server2 and ssl_client2 to be run
+     if MBEDTLS_FS_IO and MBEDTLS_PEM_PARSE_C are unset. Fixes #2254.
+   * The HAVEGE state type now uses uint32_t elements instead of int.
+
 Bugfix
    * Fix private key DER output in the key_app_writer example. File contents
      were shifted by one byte, creating an invalid ASN.1 tag. Fixed by
@@ -80,15 +96,6 @@
      in mbedtls_x509write_crt_der() to 2Kb. Reported by soccerGB in #2631.
    * Fix partial zeroing in x509_get_other_name. Found and fixed by ekse, #2716.
 
-API Changes
-   * Extend the MBEDTLS_SSL_EXPORT_KEYS to export the handshake randbytes,
-     and the used tls-prf.
-   * Add public API for tls-prf function, according to requested enum.
-   * Add DER-encoded test CRTs to library/certs.c, allowing
-     the example programs ssl_server2 and ssl_client2 to be run
-     if MBEDTLS_FS_IO and MBEDTLS_PEM_PARSE_C are unset. Fixes #2254.
-   * The HAVEGE state type now uses uint32_t elements instead of int.
-
 Changes
    * Server's RSA certificate in certs.c was SHA-1 signed. In the default
      mbedTLS configuration only SHA-2 signed certificates are accepted.