Fix missing check for RSA key length on EE certs

- also adapt tests to use lesser requirement for compatibility with old testing material
2026-01-07 06:59:19 +01:00 · 2015-10-23 14:08:48 +02:00 · 2015-10-23 14:08:48 +02:00 · 65eefc8707
commit 65eefc8707
parent 7980096899
6 changed files with 54 additions and 15 deletions
--- a/8
+++ b/8
@ -1,5 +1,13 @@
 mbed TLS ChangeLog (Sorted per branch, date)

+= mbed TLS 2.2.0 released 2015-10-06
+
+Bugfix
+   * mbedtls_x509_crt_verify(_with_profile)() now also checks the key type and
+     size/curve against the profile. Before that, there was no way to set a
+     minimum key size for end-entity certificates with RSA keys. Found by
+     Matthew Page.
+
 = mbed TLS 2.1.2 released 2015-10-06

 Security