diff options
author | Dave Rodgman <dave.rodgman@arm.com> | 2022-12-06 13:37:24 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-12-06 13:37:24 +0000 |
commit | 98be95563d433328e83d1c9fe81da399d0692459 (patch) | |
tree | e0721674ada31c9c5f037994324120efb073f446 | |
parent | 977c53f00ad8609c1fa495b2723907a35891bf85 (diff) | |
parent | 77d3057c6df1b3787c9512b346737ab626955044 (diff) | |
download | mbedtls-98be95563d433328e83d1c9fe81da399d0692459.tar.gz |
Merge pull request #6689 from gilles-peskine-arm/changelog-20221129-pre-3.3
Changelog improvements for 3.3
18 files changed, 66 insertions, 62 deletions
diff --git a/ChangeLog.d/LMS.txt b/ChangeLog.d/LMS.txt index 6de374f86..785bfcf84 100644 --- a/ChangeLog.d/LMS.txt +++ b/ChangeLog.d/LMS.txt @@ -3,9 +3,9 @@ Features Signature verification is production-ready, but generation is for testing purposes only. This currently only supports one parameter set (LMS_SHA256_M32_H10), meaning that each private key can be used to sign - 1024 messages. As such, it is not intended for use in TLS, but instead for - verification of assets transmitted over an insecure channel, particularly - firmware images. + 1024 messages. As such, it is not intended for use in TLS, but instead + for verification of assets transmitted over an insecure channel, + particularly firmware images. * Add the LM-OTS post-quantum-safe one-time signature scheme, which is - required for LMS. This can be used independently, but each key can only be - used to sign one message so is impractical for most circumstances. + required for LMS. This can be used independently, but each key can only + be used to sign one message so is impractical for most circumstances. diff --git a/ChangeLog.d/add-rsa-pss-rsae-support-for-tls12.txt b/ChangeLog.d/add-rsa-pss-rsae-support-for-tls12.txt index f88eb9ed4..0d409688e 100644 --- a/ChangeLog.d/add-rsa-pss-rsae-support-for-tls12.txt +++ b/ChangeLog.d/add-rsa-pss-rsae-support-for-tls12.txt @@ -1,8 +1,8 @@ Features - * When GnuTLS/Openssl server is configured in TLS 1.2 mode with a certificate - declaring an RSA public key and Mbed TLS is configured in hybrid mode, if - `rsa_pss_rsae_*` algorithms are before `rsa_pkcs1_*` ones in this list then - the GnuTLS/Openssl server chooses an `rsa_pss_rsae_*` signature algorithm - for its signature in the key exchange message. As Mbed TLS 1.2 does not - support them, the handshake fails. Add `rsa_pss_rsae_*` support for TLS 1.2 - to resolve the compitablity issue. + * Support rsa_pss_rsae_* signature algorithms in TLS 1.2. +Bugfix + * Fix an interoperability failure between an Mbed TLS client with both + TLS 1.2 and TLS 1.3 support, and a TLS 1.2 server that supports + rsa_pss_rsae_* signature algorithms. This failed because Mbed TLS + advertised support for PSS in both TLS 1.2 and 1.3, but only + actually supported PSS in TLS 1.3. diff --git a/ChangeLog.d/dtls-connection-id.txt b/ChangeLog.d/dtls-connection-id.txt index eb9e216c4..840f837d8 100644 --- a/ChangeLog.d/dtls-connection-id.txt +++ b/ChangeLog.d/dtls-connection-id.txt @@ -3,14 +3,15 @@ Features MBEDTLS_SSL_DTLS_CONNECTION_ID (enabled by default) and configured with mbedtls_ssl_set_cid(). -Changes +Default behavior changes * Previously the macro MBEDTLS_SSL_DTLS_CONNECTION_ID implemented version 05 - of the draft, and was marked experimental and disabled by default. It is - now no longer experimental, and implements the final version from RFC 9146, - which is not interoperable with the draft-05 version. If you need to - communicate with peers that use earlier versions of Mbed TLS, you - need to define MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT to 1, but then you - won't be able to communicate with peers that use the standard (non-draft) - version. If you need to interoperate with both classes of peers with the + of the IETF draft, and was marked experimental and disabled by default. + It is now no longer experimental, and implements the final version from + RFC 9146, which is not interoperable with the draft-05 version. + If you need to communicate with peers that use earlier versions of + Mbed TLS, then you need to define MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT + to 1, but then you won't be able to communicate with peers that use the + standard (non-draft) version. + If you need to interoperate with both classes of peers with the same build of Mbed TLS, please let us know about your situation on the mailing list or GitHub. diff --git a/ChangeLog.d/extend-query_compile_time_config-to-psa_want.txt b/ChangeLog.d/extend-query_compile_time_config-to-psa_want.txt index b268fd4f0..99b2ec4ee 100644 --- a/ChangeLog.d/extend-query_compile_time_config-to-psa_want.txt +++ b/ChangeLog.d/extend-query_compile_time_config-to-psa_want.txt @@ -1,2 +1,2 @@ Changes - * Add the ability to query PSA_WANT_xxx macros to query_compile_time_config + * Add the ability to query PSA_WANT_xxx macros to query_compile_time_config. diff --git a/ChangeLog.d/fix-tls12server-sent-sigalgs.txt b/ChangeLog.d/fix-tls12server-sent-sigalgs.txt index 9abde2b52..b74c6ec20 100644 --- a/ChangeLog.d/fix-tls12server-sent-sigalgs.txt +++ b/ChangeLog.d/fix-tls12server-sent-sigalgs.txt @@ -1,5 +1,5 @@ Bugfix - * Fix a bug whereby the the list of signature algorithms sent as part of the - TLS 1.2 server certificate request would get corrupted, meaning the first - algorithm would not get sent and an entry consisting of two random bytes - would be sent instead. Found by Serban Bejan and Dudek Sebastian. + * Fix a bug whereby the list of signature algorithms sent as part of + the TLS 1.2 server certificate request would get corrupted, meaning the + first algorithm would not get sent and an entry consisting of two random + bytes would be sent instead. Found by Serban Bejan and Dudek Sebastian. diff --git a/ChangeLog.d/fix_build_error_for_mbedtls_deprecated_removed.txt b/ChangeLog.d/fix_build_error_for_mbedtls_deprecated_removed.txt index a70521a00..f0fa00046 100644 --- a/ChangeLog.d/fix_build_error_for_mbedtls_deprecated_removed.txt +++ b/ChangeLog.d/fix_build_error_for_mbedtls_deprecated_removed.txt @@ -1,3 +1,3 @@ Bugfix - * Fix build error due to missing prototype - warning when MBEDTLS_DEPRECATED_REMOVED is enabled + * Fix a build error due to a missing prototype warning when + MBEDTLS_DEPRECATED_REMOVED is enabled. diff --git a/ChangeLog.d/fix_build_tls1_2_with_single_encryption_type.txt b/ChangeLog.d/fix_build_tls1_2_with_single_encryption_type.txt index bac491026..c7d269142 100644 --- a/ChangeLog.d/fix_build_tls1_2_with_single_encryption_type.txt +++ b/ChangeLog.d/fix_build_tls1_2_with_single_encryption_type.txt @@ -1,4 +1,3 @@ Bugfix - * Fix bugs and missing dependencies when - building and testing configurations with - only one encryption type enabled in TLS 1.2. + * Fix bugs and missing dependencies when building and testing + configurations with only one encryption type enabled in TLS 1.2. diff --git a/ChangeLog.d/fix_cmake_gen_files b/ChangeLog.d/fix_cmake_gen_files deleted file mode 100644 index 3b2c09992..000000000 --- a/ChangeLog.d/fix_cmake_gen_files +++ /dev/null @@ -1,3 +0,0 @@ -Bugfix - * Fix an issue in releases with GEN_FILES turned off whereby missing - generated files could be turned into symlinks to themselves. diff --git a/ChangeLog.d/fix_cmake_gen_files.txt b/ChangeLog.d/fix_cmake_gen_files.txt new file mode 100644 index 000000000..cdec6e8a6 --- /dev/null +++ b/ChangeLog.d/fix_cmake_gen_files.txt @@ -0,0 +1,4 @@ +Bugfix + * Fix an issue with in-tree CMake builds in releases with GEN_FILES + turned off: if a shipped file was missing from the working directory, + it could be turned into a symbolic link to itself. diff --git a/ChangeLog.d/fix_cmake_using_iar_toolchain.txt b/ChangeLog.d/fix_cmake_using_iar_toolchain.txt index ecc09c241..9ec6e0d6b 100644 --- a/ChangeLog.d/fix_cmake_using_iar_toolchain.txt +++ b/ChangeLog.d/fix_cmake_using_iar_toolchain.txt @@ -1,3 +1,3 @@ Bugfix - * Fixed an issue that cause compile error using CMake IAR toolchain. + * Fix a compilation error when using CMake with an IAR toolchain. Fixes #5964. diff --git a/ChangeLog.d/fix_hard_link_across_drives b/ChangeLog.d/fix_hard_link_across_drives deleted file mode 100644 index 0c55c3038..000000000 --- a/ChangeLog.d/fix_hard_link_across_drives +++ /dev/null @@ -1,3 +0,0 @@ -Bugfix - * Fix a build issue on Windows where the source and build directory could not be on - different drives (#5751). diff --git a/ChangeLog.d/fix_hard_link_across_drives.txt b/ChangeLog.d/fix_hard_link_across_drives.txt new file mode 100644 index 000000000..46d05c0cf --- /dev/null +++ b/ChangeLog.d/fix_hard_link_across_drives.txt @@ -0,0 +1,3 @@ +Bugfix + * Fix a build issue on Windows using CMake where the source and build + directories could not be on different drives. Fixes #5751. diff --git a/ChangeLog.d/fix_tls13_session_resumption_fail_when_hostname_is_not_localhost.txt b/ChangeLog.d/fix_tls13_session_resumption_fail_when_hostname_is_not_localhost.txt index 5797f48e8..9f5c6499d 100644 --- a/ChangeLog.d/fix_tls13_session_resumption_fail_when_hostname_is_not_localhost.txt +++ b/ChangeLog.d/fix_tls13_session_resumption_fail_when_hostname_is_not_localhost.txt @@ -1,4 +1,4 @@ Bugfix - * Fix TLS 1.3 session resumption fail. Fixes #6488. - * Add configuration check to exclude TLS 1.3 optional authentication of - client. + * Fix TLS 1.3 session resumption. Fixes #6488. + * Add a configuration check to exclude optional client authentication + in TLS 1.3 (where it is forbidden). diff --git a/ChangeLog.d/fix_zeroization.txt b/ChangeLog.d/fix_zeroization.txt index ad74d9c59..8b00dcc98 100644 --- a/ChangeLog.d/fix_zeroization.txt +++ b/ChangeLog.d/fix_zeroization.txt @@ -1,3 +1,3 @@ Bugfix - * Fix possible crash in TLS PRF code, if a failure to allocate memory occurs. - Reported by Michael Madsen in #6516. + * Fix a possible null pointer dereference if a memory allocation fails + in TLS PRF code. Reported by Michael Madsen in #6516. diff --git a/ChangeLog.d/mbedtls_asn1_type_free.txt b/ChangeLog.d/mbedtls_asn1_type_free.txt index 81f3a2007..3459bbe2d 100644 --- a/ChangeLog.d/mbedtls_asn1_type_free.txt +++ b/ChangeLog.d/mbedtls_asn1_type_free.txt @@ -1,6 +1,8 @@ Features - * Shared code to free x509 structs like mbedtls_x509_named_data + * The new functions mbedtls_asn1_free_named_data_list() and + mbedtls_asn1_free_named_data_list_shallow() simplify the management + of memory in named data lists in X.509 structures. New deprecations * Deprecate mbedtls_asn1_free_named_data(). Use mbedtls_asn1_free_named_data_list() - or mbedtls_asn1_free_named_data_list_shallow() + or mbedtls_asn1_free_named_data_list_shallow(). diff --git a/ChangeLog.d/psa_crypto_code_gen_1_1.txt b/ChangeLog.d/psa_crypto_code_gen_1_1.txt index 2c18e6f31..e10a81c9a 100644 --- a/ChangeLog.d/psa_crypto_code_gen_1_1.txt +++ b/ChangeLog.d/psa_crypto_code_gen_1_1.txt @@ -1,6 +1,13 @@ Features - * Brought in PSA code geneneration JSON driver list. - Added auto generated templating support for key management. - Added Support for transparent and opaque keys (import/export/copy). - Included some general JSON validation for the given entry points. - Addresses version 1.1 of #5137. + * The PSA driver wrapper generator generate_driver_wrappers.py now + supports a subset of the driver description language, including + the following entry points: import_key, export_key, export_public_key, + get_builtin_key, copy_key. + +Requirement changes + * When building with PSA drivers using generate_driver_wrappers.py, or + when building the library from the development branch rather than + from a release, the Python module jsonschema is now necessary, in + addition to jinja2. The official list of required Python modules is + maintained in scripts/basic.requirements.txt and may change again + in the future. diff --git a/ChangeLog.d/remove_ssl_session_compression.txt b/ChangeLog.d/remove_ssl_session_compression.txt deleted file mode 100644 index dc59f1c9d..000000000 --- a/ChangeLog.d/remove_ssl_session_compression.txt +++ /dev/null @@ -1,5 +0,0 @@ -Removals - * Remove compression property from SSL session struct. - MBEDTLS_SSL_COMPRESS_NULL is now the only supported - compression option and can be used for compatibility - reasons. Changes requested in #4223. diff --git a/ChangeLog.d/tls13-misc.txt b/ChangeLog.d/tls13-misc.txt index 497ed38d2..673317328 100644 --- a/ChangeLog.d/tls13-misc.txt +++ b/ChangeLog.d/tls13-misc.txt @@ -1,9 +1,8 @@ Features - * Mbed TLS supports TLS 1.3 key establishment via pre-shared keys, - pre-shared keys provisioned externally or via the ticket mechanism - (session resumption). - The MBEDTLS_SSL_SESSION_TICKETS configuration option controls the support - for the ticket mechanism. - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_xxx_ENABLED configuration options - have been introduced to control the support for the three possible - TLS 1.3 key exchange modes. + * Mbed TLS now supports TLS 1.3 key establishment via pre-shared keys. + The pre-shared keys can be provisioned externally or via the ticket + mechanism (session resumption). + The ticket mechanism is supported when the configuration option + MBEDTLS_SSL_SESSION_TICKETS is enabled. + New options MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_xxx_ENABLED + control the support for the three possible TLS 1.3 key exchange modes. |