From 10ba553c2e16e36c508cd263593c5b6099a37e08 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 26 Apr 2021 14:58:26 +0100 Subject: [PATCH] Update Changelog Signed-off-by: Dave Rodgman --- ChangeLog | 100 ++++++++++++++++++ ChangeLog.d/add_const_parameters.txt | 2 - ChangeLog.d/bugfix_PR3616.txt | 5 - ChangeLog.d/dtls_sample_use_read_timeout.txt | 2 - ChangeLog.d/fix-invalid-id-error-code.txt | 5 - ChangeLog.d/fix-printf-specifiers.txt | 10 -- ChangeLog.d/fix_memsan_build_clang11.txt | 2 - ...fix_return_type_for_invalid_crypto_key.txt | 4 - ChangeLog.d/issue1792.txt | 3 - ChangeLog.d/issue4280.txt | 2 - ChangeLog.d/issue4283.txt | 2 - ChangeLog.d/issue4284.txt | 2 - ChangeLog.d/mbedtls3.0.txt | 3 - ChangeLog.d/move_alt_helpers.txt | 7 -- ChangeLog.d/move_internal_headers.txt | 6 -- ChangeLog.d/mpi_read_negative_zero.txt | 3 - ChangeLog.d/pkcs1_v21_sign_ext.txt | 5 - .../remove_allow_sha1_in_certificates.txt | 14 --- ChangeLog.d/remove_certs.txt | 5 - ChangeLog.d/remove_havege.txt | 9 -- ChangeLog.d/remove_obsolete_tls_features.txt | 10 -- ChangeLog.d/remove_old_transition_helpers.txt | 3 - ChangeLog.d/remove_pkcs11.txt | 6 -- 23 files changed, 100 insertions(+), 110 deletions(-) delete mode 100644 ChangeLog.d/add_const_parameters.txt delete mode 100644 ChangeLog.d/bugfix_PR3616.txt delete mode 100644 ChangeLog.d/dtls_sample_use_read_timeout.txt delete mode 100644 ChangeLog.d/fix-invalid-id-error-code.txt delete mode 100644 ChangeLog.d/fix-printf-specifiers.txt delete mode 100644 ChangeLog.d/fix_memsan_build_clang11.txt delete mode 100644 ChangeLog.d/fix_return_type_for_invalid_crypto_key.txt delete mode 100644 ChangeLog.d/issue1792.txt delete mode 100644 ChangeLog.d/issue4280.txt delete mode 100644 ChangeLog.d/issue4283.txt delete mode 100644 ChangeLog.d/issue4284.txt delete mode 100644 ChangeLog.d/mbedtls3.0.txt delete mode 100644 ChangeLog.d/move_alt_helpers.txt delete mode 100644 ChangeLog.d/move_internal_headers.txt delete mode 100644 ChangeLog.d/mpi_read_negative_zero.txt delete mode 100644 ChangeLog.d/pkcs1_v21_sign_ext.txt delete mode 100644 ChangeLog.d/remove_allow_sha1_in_certificates.txt delete mode 100644 ChangeLog.d/remove_certs.txt delete mode 100644 ChangeLog.d/remove_havege.txt delete mode 100644 ChangeLog.d/remove_obsolete_tls_features.txt delete mode 100644 ChangeLog.d/remove_old_transition_helpers.txt delete mode 100644 ChangeLog.d/remove_pkcs11.txt diff --git a/ChangeLog b/ChangeLog index a6d4adfa1..6e3467f1d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,105 @@ mbed TLS ChangeLog (Sorted per branch, date) += mbed TLS x.x.x branch released xxxx-xx-xx + +API changes + * Remove HAVEGE module. + The design of HAVEGE makes it unsuitable for microcontrollers. Platforms + with a more complex CPU usually have an operating system interface that + provides better randomness. Instead of HAVEGE, declare OS or hardware RNG + interfaces with mbedtls_entropy_add_source() and/or use an entropy seed + file created securely during device provisioning. See + https://tls.mbed.org/kb/how-to/add-entropy-sources-to-entropy-pool for + more information. + * Add missing const attributes to API functions. + * Remove helpers for the transition from Mbed TLS 1.3 to Mbed TLS 2.0: the + header compat-1.3.h and the script rename.pl. + * Remove certs module from the API. + Transfer keys and certificates embedded in the library to the test + component. This contributes to minimizing library API and discourages + users from using unsafe keys in production. + * Move alt helpers and definitions. + Various helpers and definitions available for use in alt implementations + have been moved out of the include/ directory and into the library/ + directory. The files concerned are ecp_internal.h and rsa_internal.h + which have also been renamed to ecp_alt.h and rsa_alt_helpers.h + respectively. + * Move internal headers. + Header files that were only meant for the library's internal use and + were not meant to be used in application code have been moved out of + the include/ directory. The headers concerned are bn_mul.h, aesni.h, + padlock.h, entropy_poll.h and *_internal.h. + * Drop support for parsing SSLv2 ClientHello + (MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO). + * Drop support for SSLv3 (MBEDTLS_SSL_PROTO_SSL3). + * Drop support for compatibility with our own previous buggy + implementation of truncated HMAC (MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT). + * Drop support for TLS record-level compression (MBEDTLS_ZLIB_SUPPORT). + * Drop support for RC4 TLS ciphersuites. + * Drop support for single-DES ciphersuites. + * Drop support for MBEDTLS_SSL_HW_RECORD_ACCEL. + +Requirement changes + * The library now uses the %zu format specifier with the printf() family of + functions, so requires a toolchain that supports it. This change does not + affect the maintained LTS branches, so when contributing changes please + bear this in mind and do not add them to backported code. + +Removals + * Remove the MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES + compile-time option, which was off by default. Users should not trust + certificates signed with SHA-1 due to the known attacks against SHA-1. + If needed, SHA-1 cerificate can still be used by providing custom + verification profile to mbedtls_x509_crt_verify_with_profile function + in x509_crt.h, or mbedtls_ssl_conf_cert_profile function in ssl.h. + Example of custom verification profile, supporting SHA-1: + const mbedtls_x509_crt_profile mbedtls_x509_crt_custom = { + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ), + 0xFFFFFFF, /* Any PK alg */ + 0xFFFFFFF, /* Any curve */ + 2048 + }; + * Removed deprecated things in psa/crypto_compat.h. Fixes #4284 + * Removed deprecated functions from hashing modules. Fixes #4280. + * Remove PKCS#11 library wrapper. PKCS#11 has limited functionality, + lacks automated tests and has scarce documentation. Also, PSA Crypto + provides a more flexible private key management. + More details on PCKS#11 wrapper removal can be found in the mailing list + https://lists.trustedfirmware.org/pipermail/mbed-tls/2020-April/000024.html + * Remove deprecated error codes. Fix #4283 + +Features + * Add mbedtls_rsa_rsassa_pss_sign_ext() function allowing to generate a + signature with a specific salt length. This function allows to validate + test cases provided in the NIST's CAVP test suite. Contributed by Cédric + Meuter in PR #3183. + +Bugfix + * Fix premature fopen() call in mbedtls_entropy_write_seed_file which may + lead to the seed file corruption in case if the path to the seed file is + equal to MBEDTLS_PLATFORM_STD_NV_SEED_FILE. Contributed by Victor + Krasnoshchok in #3616. + * PSA functions creating a key now return PSA_ERROR_INVALID_ARGUMENT rather + than PSA_ERROR_INVALID_HANDLE when the identifier specified for the key + to create is not valid, bringing them in line with version 1.0.0 of the + specification. Fix #4271. + * Add printf function attributes to mbedtls_debug_print_msg to ensure we + get printf format specifier warnings. + * PSA functions other than psa_open_key now return PSA_ERROR_INVALID_HANDLE + rather than PSA_ERROR_DOES_NOT_EXIST for an invalid handle, bringing them + in line with version 1.0.0 of the specification. Fix #4162. + * Fix a bug in ECDSA that would cause it to fail when the hash is all-bits + zero. Fixes #1792 + * mbedtls_mpi_read_string on "-0" produced an MPI object that was not treated + as equal to 0 in all cases. Fix it to produce the same object as "0". + +Changes + * Fix the setting of the read timeout in the DTLS sample programs. + * Add extra printf compiler warning flags to builds. + * Fix memsan build false positive in x509_crt.c with clang 11 + * There is ongoing work for the next release (= Mbed TLS 3.0.0 branch to + be released 2021-xx-xx), including various API-breaking changes. + = mbed TLS 2.26.0 branch released 2021-03-08 API changes diff --git a/ChangeLog.d/add_const_parameters.txt b/ChangeLog.d/add_const_parameters.txt deleted file mode 100644 index a55ca3660..000000000 --- a/ChangeLog.d/add_const_parameters.txt +++ /dev/null @@ -1,2 +0,0 @@ -API changes - * Add missing const attributes to API functions. diff --git a/ChangeLog.d/bugfix_PR3616.txt b/ChangeLog.d/bugfix_PR3616.txt deleted file mode 100644 index 47d104492..000000000 --- a/ChangeLog.d/bugfix_PR3616.txt +++ /dev/null @@ -1,5 +0,0 @@ -Bugfix - * Fix premature fopen() call in mbedtls_entropy_write_seed_file which may - lead to the seed file corruption in case if the path to the seed file is - equal to MBEDTLS_PLATFORM_STD_NV_SEED_FILE. Contributed by Victor - Krasnoshchok in #3616. diff --git a/ChangeLog.d/dtls_sample_use_read_timeout.txt b/ChangeLog.d/dtls_sample_use_read_timeout.txt deleted file mode 100644 index e3150d6ef..000000000 --- a/ChangeLog.d/dtls_sample_use_read_timeout.txt +++ /dev/null @@ -1,2 +0,0 @@ -Changes - * Fix the setting of the read timeout in the DTLS sample programs. diff --git a/ChangeLog.d/fix-invalid-id-error-code.txt b/ChangeLog.d/fix-invalid-id-error-code.txt deleted file mode 100644 index 069a7678b..000000000 --- a/ChangeLog.d/fix-invalid-id-error-code.txt +++ /dev/null @@ -1,5 +0,0 @@ -Bugfix - * PSA functions creating a key now return PSA_ERROR_INVALID_ARGUMENT rather - than PSA_ERROR_INVALID_HANDLE when the identifier specified for the key - to create is not valid, bringing them in line with version 1.0.0 of the - specification. Fix #4271. diff --git a/ChangeLog.d/fix-printf-specifiers.txt b/ChangeLog.d/fix-printf-specifiers.txt deleted file mode 100644 index 4867721bf..000000000 --- a/ChangeLog.d/fix-printf-specifiers.txt +++ /dev/null @@ -1,10 +0,0 @@ -Bugfix - * Add printf function attributes to mbedtls_debug_print_msg to ensure we - get printf format specifier warnings. -Changes - * Add extra printf compiler warning flags to builds. -Requirement changes - * The library now uses the %zu format specifier with the printf() family of - functions, so requires a toolchain that supports it. This change does not - affect the maintained LTS branches, so when contributing changes please - bear this in mind and do not add them to backported code. diff --git a/ChangeLog.d/fix_memsan_build_clang11.txt b/ChangeLog.d/fix_memsan_build_clang11.txt deleted file mode 100644 index 3f5cc058f..000000000 --- a/ChangeLog.d/fix_memsan_build_clang11.txt +++ /dev/null @@ -1,2 +0,0 @@ -Changes - * Fix memsan build false positive in x509_crt.c with clang 11 diff --git a/ChangeLog.d/fix_return_type_for_invalid_crypto_key.txt b/ChangeLog.d/fix_return_type_for_invalid_crypto_key.txt deleted file mode 100644 index dc6996e02..000000000 --- a/ChangeLog.d/fix_return_type_for_invalid_crypto_key.txt +++ /dev/null @@ -1,4 +0,0 @@ -Bugfix - * PSA functions other than psa_open_key now return PSA_ERROR_INVALID_HANDLE - rather than PSA_ERROR_DOES_NOT_EXIST for an invalid handle, bringing them - in line with version 1.0.0 of the specification. Fix #4162. diff --git a/ChangeLog.d/issue1792.txt b/ChangeLog.d/issue1792.txt deleted file mode 100644 index 9949bf41d..000000000 --- a/ChangeLog.d/issue1792.txt +++ /dev/null @@ -1,3 +0,0 @@ -Bugfix - * Fix a bug in ECDSA that would cause it to fail when the hash is all-bits - zero. Fixes #1792 diff --git a/ChangeLog.d/issue4280.txt b/ChangeLog.d/issue4280.txt deleted file mode 100644 index 38d9b2c5d..000000000 --- a/ChangeLog.d/issue4280.txt +++ /dev/null @@ -1,2 +0,0 @@ -Removals - * Removed deprecated functions from hashing modules. Fixes #4280. diff --git a/ChangeLog.d/issue4283.txt b/ChangeLog.d/issue4283.txt deleted file mode 100644 index 021ea7e1a..000000000 --- a/ChangeLog.d/issue4283.txt +++ /dev/null @@ -1,2 +0,0 @@ -Removals - * Remove deprecated error codes. Fix #4283 diff --git a/ChangeLog.d/issue4284.txt b/ChangeLog.d/issue4284.txt deleted file mode 100644 index 1429becb8..000000000 --- a/ChangeLog.d/issue4284.txt +++ /dev/null @@ -1,2 +0,0 @@ -Removals - * Removed deprecated things in psa/crypto_compat.h. Fixes #4284 diff --git a/ChangeLog.d/mbedtls3.0.txt b/ChangeLog.d/mbedtls3.0.txt deleted file mode 100644 index 73b7cc0f8..000000000 --- a/ChangeLog.d/mbedtls3.0.txt +++ /dev/null @@ -1,3 +0,0 @@ -Changes - * There is ongoing work for the next release (= Mbed TLS 3.0.0 branch to - be released 2021-xx-xx), including various API-breaking changes. diff --git a/ChangeLog.d/move_alt_helpers.txt b/ChangeLog.d/move_alt_helpers.txt deleted file mode 100644 index ba96c9d1a..000000000 --- a/ChangeLog.d/move_alt_helpers.txt +++ /dev/null @@ -1,7 +0,0 @@ -API changes - * Move alt helpers and definitions. - Various helpers and definitions available for use in alt implementations - have been moved out of the include/ directory and into the library/ - directory. The files concerned are ecp_internal.h and rsa_internal.h - which have also been renamed to ecp_alt.h and rsa_alt_helpers.h - respectively. diff --git a/ChangeLog.d/move_internal_headers.txt b/ChangeLog.d/move_internal_headers.txt deleted file mode 100644 index 8a38fe68d..000000000 --- a/ChangeLog.d/move_internal_headers.txt +++ /dev/null @@ -1,6 +0,0 @@ -API changes - * Move internal headers. - Header files that were only meant for the library's internal use and - were not meant to be used in application code have been moved out of - the include/ directory. The headers concerned are bn_mul.h, aesni.h, - padlock.h, entropy_poll.h and *_internal.h. diff --git a/ChangeLog.d/mpi_read_negative_zero.txt b/ChangeLog.d/mpi_read_negative_zero.txt deleted file mode 100644 index e338de70b..000000000 --- a/ChangeLog.d/mpi_read_negative_zero.txt +++ /dev/null @@ -1,3 +0,0 @@ -Bugfix - * mbedtls_mpi_read_string on "-0" produced an MPI object that was not treated - as equal to 0 in all cases. Fix it to produce the same object as "0". diff --git a/ChangeLog.d/pkcs1_v21_sign_ext.txt b/ChangeLog.d/pkcs1_v21_sign_ext.txt deleted file mode 100644 index 76dfaf960..000000000 --- a/ChangeLog.d/pkcs1_v21_sign_ext.txt +++ /dev/null @@ -1,5 +0,0 @@ -Features - * Add mbedtls_rsa_rsassa_pss_sign_ext() function allowing to generate a - signature with a specific salt length. This function allows to validate - test cases provided in the NIST's CAVP test suite. Contributed by Cédric - Meuter in PR #3183. diff --git a/ChangeLog.d/remove_allow_sha1_in_certificates.txt b/ChangeLog.d/remove_allow_sha1_in_certificates.txt deleted file mode 100644 index e3d16ef87..000000000 --- a/ChangeLog.d/remove_allow_sha1_in_certificates.txt +++ /dev/null @@ -1,14 +0,0 @@ -Removals - * Remove the MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES - compile-time option, which was off by default. Users should not trust - certificates signed with SHA-1 due to the known attacks against SHA-1. - If needed, SHA-1 cerificate can still be used by providing custom - verification profile to mbedtls_x509_crt_verify_with_profile function - in x509_crt.h, or mbedtls_ssl_conf_cert_profile function in ssl.h. - Example of custom verification profile, supporting SHA-1: - const mbedtls_x509_crt_profile mbedtls_x509_crt_custom = { - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ), - 0xFFFFFFF, /* Any PK alg */ - 0xFFFFFFF, /* Any curve */ - 2048 - }; diff --git a/ChangeLog.d/remove_certs.txt b/ChangeLog.d/remove_certs.txt deleted file mode 100644 index 20fa0c691..000000000 --- a/ChangeLog.d/remove_certs.txt +++ /dev/null @@ -1,5 +0,0 @@ -API changes - * Remove certs module from the API. - Transfer keys and certificates embedded in the library to the test - component. This contributes to minimizing library API and discourages - users from using unsafe keys in production. diff --git a/ChangeLog.d/remove_havege.txt b/ChangeLog.d/remove_havege.txt deleted file mode 100644 index 9054010be..000000000 --- a/ChangeLog.d/remove_havege.txt +++ /dev/null @@ -1,9 +0,0 @@ -API changes - * Remove HAVEGE module. - The design of HAVEGE makes it unsuitable for microcontrollers. Platforms - with a more complex CPU usually have an operating system interface that - provides better randomness. Instead of HAVEGE, declare OS or hardware RNG - interfaces with mbedtls_entropy_add_source() and/or use an entropy seed - file created securely during device provisioning. See - https://tls.mbed.org/kb/how-to/add-entropy-sources-to-entropy-pool for - more information. diff --git a/ChangeLog.d/remove_obsolete_tls_features.txt b/ChangeLog.d/remove_obsolete_tls_features.txt deleted file mode 100644 index 87186bff8..000000000 --- a/ChangeLog.d/remove_obsolete_tls_features.txt +++ /dev/null @@ -1,10 +0,0 @@ -API changes - * Drop support for parsing SSLv2 ClientHello - (MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO). - * Drop support for SSLv3 (MBEDTLS_SSL_PROTO_SSL3). - * Drop support for compatibility with our own previous buggy - implementation of truncated HMAC (MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT). - * Drop support for TLS record-level compression (MBEDTLS_ZLIB_SUPPORT). - * Drop support for RC4 TLS ciphersuites. - * Drop support for single-DES ciphersuites. - * Drop support for MBEDTLS_SSL_HW_RECORD_ACCEL. diff --git a/ChangeLog.d/remove_old_transition_helpers.txt b/ChangeLog.d/remove_old_transition_helpers.txt deleted file mode 100644 index c23bbe91c..000000000 --- a/ChangeLog.d/remove_old_transition_helpers.txt +++ /dev/null @@ -1,3 +0,0 @@ -API changes - * Remove helpers for the transition from Mbed TLS 1.3 to Mbed TLS 2.0: the - header compat-1.3.h and the script rename.pl. diff --git a/ChangeLog.d/remove_pkcs11.txt b/ChangeLog.d/remove_pkcs11.txt deleted file mode 100644 index 5c8134cfc..000000000 --- a/ChangeLog.d/remove_pkcs11.txt +++ /dev/null @@ -1,6 +0,0 @@ -Removals - * Remove PKCS#11 library wrapper. PKCS#11 has limited functionality, - lacks automated tests and has scarce documentation. Also, PSA Crypto - provides a more flexible private key management. - More details on PCKS#11 wrapper removal can be found in the mailing list - https://lists.trustedfirmware.org/pipermail/mbed-tls/2020-April/000024.html