mbedTLS v1.2.0 Release Notes
Release Date: 2012-10-31 // over 11 years ago-
๐ Features
- Added support for NULL cipher (POLARSSL_CIPHER_NULL_CIPHER) and weak ciphersuites (POLARSSL_ENABLE_WEAK_CIPHERSUITES). They are disabled by default!
- Added support for wildcard certificates
- Added support for multi-domain certificates through the X509 Subject Alternative Name extension
- Added preliminary ASN.1 buffer writing support
- Added preliminary X509 Certificate Request writing support
- Added key_app_writer example application
- Added cert_req example application
- Added base Galois Counter Mode (GCM) for AES
- Added TLS 1.2 support (RFC 5246)
- Added GCM suites to TLS 1.2 (RFC 5288)
- Added commandline error code convertor (util/strerror)
- Added support for Hardware Acceleration hooking in SSL/TLS
- Added OpenSSL / PolarSSL compatibility script (tests/compat.sh) and example application (programs/ssl/o_p_test) (requires OpenSSL)
- Added X509 CA Path support
- Added Thumb assembly optimizations
- Added DEFLATE compression support as per RFC3749 (requires zlib)
- Added blowfish algorithm (Generic and cipher layer)
- Added PKCS#5 PBKDF2 key derivation function
- Added Secure Renegotiation (RFC 5746)
- Added predefined DHM groups from RFC 5114
- Added simple SSL session cache implementation
- Added ServerName extension parsing (SNI) at server side
- Added option to add minimum accepted SSL/TLS protocol version
๐ Changes
- Removed redundant POLARSSL_DEBUG_MSG define
- AES code only check for Padlock once
- Fixed const-correctness mpi_get_bit()
- Documentation for mpi_lsb() and mpi_msb()
- Moved out_msg to out_hdr + 32 to support hardware acceleration
- Changed certificate verify behaviour to comply with RFC 6125 section 6.3 to not match CN if subjectAltName extension is present (Closes ticket #56)
- Cipher layer cipher_mode_t POLARSSL_MODE_CFB128 is renamed to POLARSSL_MODE_CFB, to also handle different block size CFB modes.
- Removed handling for SSLv2 Client Hello (as per RFC 5246 recommendation)
- Revamped session resumption handling
- Generalized external private key implementation handling (like PKCS#11) in SSL/TLS
- Revamped x509_verify() and the SSL f_vrfy callback implementations
- Moved from unsigned long to fixed width uint32_t types throughout code
- Renamed ciphersuites naming scheme to IANA reserved names
๐ Bugfix
- Fixed handling error in mpi_cmp_mpi() on longer B values (found by Hui Dong)
- Fixed potential heap corruption in x509_name allocation
- Fixed single RSA test that failed on Big Endian systems (Closes ticket #54)
- mpi_exp_mod() now correctly handles negative base numbers (Closes ticket #52)
- Handle encryption with private key and decryption with public key as per RFC 2313
- Handle empty certificate subject names
- Prevent reading over buffer boundaries on X509 certificate parsing
- mpi_add_abs() now correctly handles adding short numbers to long numbers with carry rollover (found by Ruslan Yushchenko)
- Handle existence of OpenSSL Trust Extensions at end of X.509 DER blob
- Fixed MPI assembly for SPARC64 platform
๐ Security
- Fixed potential memory zeroization on miscrafted RSA key (found by Eloi Vanderbeken)