Merge branch 'development' into iotssl-513-alerts

2026-01-07 06:59:19 +01:00 · 2015-10-27 16:05:34 +00:00 · 2015-10-27 16:05:34 +00:00 · 62aab15085
commit 62aab15085
parent d21eb2ae81 c87747b675
35 changed files with 2917 additions and 89 deletions
--- a/18
+++ b/18
@ -2,9 +2,23 @@ mbed TLS ChangeLog (Sorted per branch, date)

 = mbed TLS 2.2.0 released 2015-10-xx

+Features
+   * Experimental support for EC J-PAKE as defined in Thread 1.0.0.
+     Disabled by default as the specification might still change.
+   * Added a key extraction callback to accees the master secret and key
+     block. (Potential uses include EAP-TLS and Thread.)
+
 Bugfix
-   * Fix bug causing some handshakes to fail due to some non-fatal alerts not
-     begin properly ignored. Found by mancha and Kasom Koht-arsa, #308
+   * Fixed a bug causing some handshakes to fail due to some non-fatal alerts
+     not being properly ignored. Found by mancha and Kasom Koht-arsa, #308
+   * mbedtls_x509_crt_verify(_with_profile)() now also checks the key type and
+     size/curve against the profile. Before that, there was no way to set a
+     minimum key size for end-entity certificates with RSA keys. Found by
+     Matthew Page of Scannex Electronics Ltd.
+
+Changes
+   * Improved performance of mbedtls_ecp_muladd() when one of the scalars is 1
+     or -1.

 = mbed TLS 2.1.2 released 2015-10-06