From 8707259318618bb6d1b972b470cb21b3b730a8f0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 16 Jun 2021 11:02:38 +0200 Subject: [PATCH] Improve ChangeLog and migration guide entries MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- ChangeLog.d/mandatory-rng-param.txt | 14 ++++++++------ docs/3.0-migration-guide.d/mandatory-rng-param.md | 12 ++++++++---- 2 files changed, 16 insertions(+), 10 deletions(-) diff --git a/ChangeLog.d/mandatory-rng-param.txt b/ChangeLog.d/mandatory-rng-param.txt index 4e04248fa..39ee33533 100644 --- a/ChangeLog.d/mandatory-rng-param.txt +++ b/ChangeLog.d/mandatory-rng-param.txt @@ -1,12 +1,14 @@ API changes - * For all functions that take an RNG parameter, this parameter is now - mandatory (that is, NULL is not an acceptable value). Functions which - previously accepted NULL and now reject it are: the X.509 CRT and CSR - writing functions; the PK sign and decrypt function; the RSA encrypt, - decrypt, sign and private functions; the function in DHM and ECDH that - compute the share secret; the scalar multiplication functions in ECP. + * For all functions that take a random number generator (RNG) as a + parameter, this parameter is now mandatory (that is, NULL is not an + acceptable value). Functions which previously accepted NULL and now + reject it are: the X.509 CRT and CSR writing functions; the PK and RSA + sign and decrypt function; mbedtls_rsa_private(); the functions + in DHM and ECDH that compute the shared secret; the scalar multiplication + functions in ECP. * The following functions now require an RNG parameter: mbedtls_ecp_check_pub_priv(), mbedtls_pk_check_pair(), mbedtls_pk_parse_key(), mbedtls_pk_parse_keyfile(). +Removals * The configuration option MBEDTLS_ECP_NO_INTERNAL_RNG has been removed as it no longer had any effect. diff --git a/docs/3.0-migration-guide.d/mandatory-rng-param.md b/docs/3.0-migration-guide.d/mandatory-rng-param.md index 3cbc35695..f6aba08b1 100644 --- a/docs/3.0-migration-guide.d/mandatory-rng-param.md +++ b/docs/3.0-migration-guide.d/mandatory-rng-param.md @@ -5,16 +5,20 @@ This change affects all users who called a function accepting a `f_rng` parameter with `NULL` as the value of this argument; this is no longer supported. -The changed functions are: the X.509 CRT and CSR writing functions; the PK -sign and decrypt function; the RSA encrypt, decrypt, sign and private -functions; the functions in DHM and ECDH that compute the share secret; the -scalar multiplication functions in ECP. +The changed functions are: the X.509 CRT and CSR writing functions; the PK and +RSA sign and decrypt functions; `mbedtls_rsa_private()`; the functions in DHM +and ECDH that compute the shared secret; the scalar multiplication functions in +ECP. You now need to pass a properly seeded, cryptographically secure RNG to all functions that accept a `f_rng` parameter. It is of course still possible to pass `NULL` as the context pointer `p_rng` if your RNG function doesn't need a context. +Alternative implementations of a module (enabled with the `MBEDTLS_module_ALT` +configuration options) may have their own internal and are free to ignore the +`f_rng` argument but must allow users to pass one anyway. + Some functions gained an RNG parameter --------------------------------------