19 lines
865 B
Text
19 lines
865 B
Text
Bugfix
|
|
* mbedtls_x509write_crt_set_serial() now explicitly rejects serial numbers
|
|
whose binary representation is longer than 20 bytes. This was already
|
|
forbidden by the standard (RFC5280 - section 4.1.2.2) and now it's being
|
|
enforced also at code level.
|
|
|
|
New deprecations
|
|
* mbedtls_x509write_crt_set_serial() is now being deprecated in favor of
|
|
mbedtls_x509write_crt_set_serial_raw(). The goal here is to remove any
|
|
direct dependency of X509 on BIGNUM_C.
|
|
|
|
Changes
|
|
* programs/x509/cert_write:
|
|
- now it accepts the serial number in 2 different formats: decimal and
|
|
hex. They cannot be used simultaneously
|
|
- "serial" is used for the decimal format and it's limted in size to
|
|
unsigned long long int
|
|
- "serial_hex" is used for the hex format; max length here is
|
|
MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN*2
|