Fix missing check for RSA key length on EE certs - also adapt tests to use lesser requirement for compatibility with old testing material

commit: 65eefc8707059ca905aaf46e249b5f6ebdf927ca [log] [tgz]
author: Manuel Pégourié-Gonnard <mpg2@elzevir.fr> Fri Oct 23 14:08:48 2015 +0200
committer: Manuel Pégourié-Gonnard <mpg2@elzevir.fr> Fri Oct 23 16:19:53 2015 +0200
tree: c2e4edfcbc024d5ddf2f069a0590c2e27563c8c0
parent: 79800968996aa53e21f2c7162fff70a2de28030e [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index aa96b18..d0ec031 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -1,5 +1,13 @@
 mbed TLS ChangeLog (Sorted per branch, date)
 
+= mbed TLS 2.2.0 released 2015-10-06
+
+Bugfix
+   * mbedtls_x509_crt_verify(_with_profile)() now also checks the key type and
+     size/curve against the profile. Before that, there was no way to set a
+     minimum key size for end-entity certificates with RSA keys. Found by
+     Matthew Page.
+
 = mbed TLS 2.1.2 released 2015-10-06
 
 Security
commit	65eefc8707059ca905aaf46e249b5f6ebdf927ca	[log] [tgz]
author	Manuel Pégourié-Gonnard <mpg2@elzevir.fr>	Fri Oct 23 14:08:48 2015 +0200
committer	Manuel Pégourié-Gonnard <mpg2@elzevir.fr>	Fri Oct 23 16:19:53 2015 +0200
tree	c2e4edfcbc024d5ddf2f069a0590c2e27563c8c0
parent	79800968996aa53e21f2c7162fff70a2de28030e [diff] [blame]