mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-03-03 01:13:37 +00:00
Improve mbedtls_pkcs5_pbes2_ext changelog description
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
This commit is contained in:
parent
79b6e26b1b
commit
4ac8619282
@ -1,6 +1,6 @@
|
||||
Features
|
||||
* Add new mbedtls_pkcs5_pbes2_ext function a more secure replacement to
|
||||
mbedtls_pkcs5_pbes2 function because it reports the length of the output
|
||||
bytes written to the output buffer and it requires a parameter containing
|
||||
the output buffer size and validate if the output buffer is big enough
|
||||
for output including padding.
|
||||
Security
|
||||
* Developers using mbedtls_pkcs5_pbes2() should review the size of the output
|
||||
buffer passed to this function, and note that the output after decryption
|
||||
may include CBC padding. Consider moving to the new function
|
||||
mbedtls_pkcs5_pbes2_ext() which checks for overflow of the output buffer
|
||||
and reports the actual length of the output.
|
||||
|
Loading…
x
Reference in New Issue
Block a user