Fix missing check for RSA key length on EE certs

- also adapt tests to use lesser requirement for compatibility with old testing material
2026-03-25 15:52:58 +00:00 · 2015-10-23 14:08:48 +02:00
parent 7980096899
commit 65eefc8707
6 changed files with 54 additions and 15 deletions
--- a/8
+++ b/8
@@ -1,5 +1,13 @@
 mbed TLS ChangeLog (Sorted per branch, date)

+= mbed TLS 2.2.0 released 2015-10-06
+
+Bugfix
+   * mbedtls_x509_crt_verify(_with_profile)() now also checks the key type and
+     size/curve against the profile. Before that, there was no way to set a
+     minimum key size for end-entity certificates with RSA keys. Found by
+     Matthew Page.
+
 = mbed TLS 2.1.2 released 2015-10-06

 Security