mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-01-25 09:35:19 +00:00
68933640f5
Merge a development version of Mbed TLS 2.16.0 that doesn't have parameter validation into development. The following conflicts were resolved: - Update ChangeLog to include release notes merged from development so far, with a version of "2.14.0+01b34fb316a5" and release date of "xxxx-xx-xx" to show this is not a released version, but instead a snapshot of the development branch equivalent to version of the 2.14.0 with additional commits from the mbedtls/development branch up through 01b34fb316a5 included. Entries added for unreleased versions of Mbed Crypto remain at the top of the file for Mbed TLS 2.xx.x. - Replace the Mbed Crypto version of mbedtls_rsa_rsaes_pkcs1_v15_decrypt() with the version from Mbed TLS which fixes timing variations and memory access variations that could lead to a Bleichenbacher-style padding oracle attack. This will prevent using psa_asymmetric_decrypt() with zero-length output buffers until a follow up commit is made to restore this capability. - In ssl_srv.c, include changes for both the new ECDH interface and opaque PSK as already added to development previously.