Improve ChangeLog and migration guide entries
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard
parent
1503a9adab
commit
8707259318
2 changed files with 16 additions and 10 deletions
|
|
@ -1,12 +1,14 @@
|
|||
API changes
|
||||
* For all functions that take an RNG parameter, this parameter is now
|
||||
mandatory (that is, NULL is not an acceptable value). Functions which
|
||||
previously accepted NULL and now reject it are: the X.509 CRT and CSR
|
||||
writing functions; the PK sign and decrypt function; the RSA encrypt,
|
||||
decrypt, sign and private functions; the function in DHM and ECDH that
|
||||
compute the share secret; the scalar multiplication functions in ECP.
|
||||
* For all functions that take a random number generator (RNG) as a
|
||||
parameter, this parameter is now mandatory (that is, NULL is not an
|
||||
acceptable value). Functions which previously accepted NULL and now
|
||||
reject it are: the X.509 CRT and CSR writing functions; the PK and RSA
|
||||
sign and decrypt function; mbedtls_rsa_private(); the functions
|
||||
in DHM and ECDH that compute the shared secret; the scalar multiplication
|
||||
functions in ECP.
|
||||
* The following functions now require an RNG parameter:
|
||||
mbedtls_ecp_check_pub_priv(), mbedtls_pk_check_pair(),
|
||||
mbedtls_pk_parse_key(), mbedtls_pk_parse_keyfile().
|
||||
Removals
|
||||
* The configuration option MBEDTLS_ECP_NO_INTERNAL_RNG has been removed as
|
||||
it no longer had any effect.
|
||||
|
|
|
|||
|
|
@ -5,16 +5,20 @@ This change affects all users who called a function accepting a `f_rng`
|
|||
parameter with `NULL` as the value of this argument; this is no longer
|
||||
supported.
|
||||
|
||||
The changed functions are: the X.509 CRT and CSR writing functions; the PK
|
||||
sign and decrypt function; the RSA encrypt, decrypt, sign and private
|
||||
functions; the functions in DHM and ECDH that compute the share secret; the
|
||||
scalar multiplication functions in ECP.
|
||||
The changed functions are: the X.509 CRT and CSR writing functions; the PK and
|
||||
RSA sign and decrypt functions; `mbedtls_rsa_private()`; the functions in DHM
|
||||
and ECDH that compute the shared secret; the scalar multiplication functions in
|
||||
ECP.
|
||||
|
||||
You now need to pass a properly seeded, cryptographically secure RNG to all
|
||||
functions that accept a `f_rng` parameter. It is of course still possible to
|
||||
pass `NULL` as the context pointer `p_rng` if your RNG function doesn't need a
|
||||
context.
|
||||
|
||||
Alternative implementations of a module (enabled with the `MBEDTLS_module_ALT`
|
||||
configuration options) may have their own internal and are free to ignore the
|
||||
`f_rng` argument but must allow users to pass one anyway.
|
||||
|
||||
Some functions gained an RNG parameter
|
||||
--------------------------------------
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue