cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-11-02 19:52:07 -05:00
Code Issues Packages Projects Releases Wiki Activity

Move subsection

Browse Source 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
This commit is contained in:
Dave Rodgman 2021-06-30 20:10:10 +01:00
parent 9637bd30a3
commit 7b743193b0
1 changed files with 35 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

70
docs/3.0-migration-guide.md
View File

@ -332,6 +332,41 @@ RSA verification functions also no longer take random generator arguments (this
was only needed when using a private key). This affects all applications using was only needed when using a private key). This affects all applications using
the RSA verify functions. the RSA verify functions.
### Remove the padding parameters from `mbedtls_rsa_init()`
This affects all users who use the RSA encryption, decryption, sign and
verify APIs.
The function `mbedtls_rsa_init()` no longer supports selecting the PKCS#1 v2.1
encoding and its hash. It just selects the PKCS#1 v1.5 encoding by default. If
you were using the PKCS#1 v2.1 encoding you now need, subsequently to the call
to `mbedtls_rsa_init()`, to call `mbedtls_rsa_set_padding()` to set it.
To choose the padding type when initializing a context, instead of
```C
mbedtls_rsa_init(ctx, padding, hash_id);
```
use
```C
mbedtls_rsa_init(ctx);
mbedtls_rsa_set_padding(ctx, padding, hash_id);
```
To use PKCS#1 v1.5 padding, instead of
```C
mbedtls_rsa_init(ctx, MBEDTLS_RSA_PKCS_V15, <ignored>);
```
just use
```C
mbedtls_rsa_init(ctx);
```
## High-level crypto ## High-level crypto
@ -402,41 +437,6 @@ The signature functions in the PK module no longer accept 0 as the `hash_len` pa
The migration path is to pass the correct value to those functions. The migration path is to pass the correct value to those functions.
### Remove the padding parameters from `mbedtls_rsa_init()`
This affects all users who use the RSA encryption, decryption, sign and
verify APIs.
The function `mbedtls_rsa_init()` no longer supports selecting the PKCS#1 v2.1
encoding and its hash. It just selects the PKCS#1 v1.5 encoding by default. If
you were using the PKCS#1 v2.1 encoding you now need, subsequently to the call
to `mbedtls_rsa_init()`, to call `mbedtls_rsa_set_padding()` to set it.
To choose the padding type when initializing a context, instead of
```C
mbedtls_rsa_init(ctx, padding, hash_id);
```
use
```C
mbedtls_rsa_init(ctx);
mbedtls_rsa_set_padding(ctx, padding, hash_id);
```
To use PKCS#1 v1.5 padding, instead of
```C
mbedtls_rsa_init(ctx, MBEDTLS_RSA_PKCS_V15, <ignored>);
```
just use
```C
mbedtls_rsa_init(ctx);
```
### Some function parameters were made const ### Some function parameters were made const
Various functions in the PK and ASN.1 modules had a `const` qualifier added to Various functions in the PK and ASN.1 modules had a `const` qualifier added to