Google Git
Sign in
pigweed/third_party/github/ARMmbed/mbedtls/65eefc8707059ca905aaf46e249b5f6ebdf927ca^!/./ChangeLog
commit
65eefc8707059ca905aaf46e249b5f6ebdf927ca
[log]
author
Manuel Pégourié-Gonnard <mpg2@elzevir.fr>
Fri Oct 23 14:08:48 2015 +0200
committer
Manuel Pégourié-Gonnard <mpg2@elzevir.fr>
Fri Oct 23 16:19:53 2015 +0200
tree
c2e4edfcbc024d5ddf2f069a0590c2e27563c8c0
parent
79800968996aa53e21f2c7162fff70a2de28030e [diff] [blame]
Fix missing check for RSA key length on EE certs

- also adapt tests to use lesser requirement for compatibility with old
  testing material

diff --git a/ChangeLog b/ChangeLog
index aa96b18..d0ec031 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -1,5 +1,13 @@
 mbed TLS ChangeLog (Sorted per branch, date)
 
+= mbed TLS 2.2.0 released 2015-10-06
+
+Bugfix
+   * mbedtls_x509_crt_verify(_with_profile)() now also checks the key type and
+     size/curve against the profile. Before that, there was no way to set a
+     minimum key size for end-entity certificates with RSA keys. Found by
+     Matthew Page.
+
 = mbed TLS 2.1.2 released 2015-10-06
 
 Security