Add change log and migration guide

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron 2021-06-07 09:35:02 +02:00
parent c1905a1c3d
commit 6fe1bc3f24
2 changed files with 34 additions and 0 deletions

View file

@ -0,0 +1,5 @@
API changes
* mbedtls_rsa_init() now always selects the PKCS#1v1.5 encoding for an RSA
key. To use an RSA key with PSS or OAEP, call mbedtls_rsa_set_padding()
after initializing the context. mbedtls_rsa_set_padding() now returns an
error if its parameters are invalid.

View file

@ -0,0 +1,29 @@
Remove the padding parameters from mbedtls_rsa_init()
-----------------------------------------------------
This affects all users who use the RSA encryption, decryption, sign and
verify APIs.
The function mbedtls_rsa_init() no longer supports selecting the PKCS#1 v2.1
encoding and its hash. It just selects the PKCS#1 v1.5 encoding by default. If
you were using the PKCS#1 v2.1 encoding you now need, subsequently to the call
to mbedtls_rsa_init(), to call mbedtls_rsa_set_padding() to set it.
Code migration examples:
```C
mbedtls_rsa_init(ctx, padding, hash_id);
```
to
```C
mbedtls_rsa_init(ctx);
mbedtls_rsa_set_padding(ctx, padding, hash_id);
```
or
```C
mbedtls_rsa_init(ctx, MBEDTLS_RSA_PKCS_V15, <ignored>);
```
to
```C
mbedtls_rsa_init(ctx);
```