mbedTLS v1.2.0 Release Notes

Release Date: 2012-10-31 // over 11 years ago
  • ๐Ÿ”‹ Features

    • Added support for NULL cipher (POLARSSL_CIPHER_NULL_CIPHER) and weak ciphersuites (POLARSSL_ENABLE_WEAK_CIPHERSUITES). They are disabled by default!
    • Added support for wildcard certificates
    • Added support for multi-domain certificates through the X509 Subject Alternative Name extension
    • Added preliminary ASN.1 buffer writing support
    • Added preliminary X509 Certificate Request writing support
    • Added key_app_writer example application
    • Added cert_req example application
    • Added base Galois Counter Mode (GCM) for AES
    • Added TLS 1.2 support (RFC 5246)
    • Added GCM suites to TLS 1.2 (RFC 5288)
    • Added commandline error code convertor (util/strerror)
    • Added support for Hardware Acceleration hooking in SSL/TLS
    • Added OpenSSL / PolarSSL compatibility script (tests/compat.sh) and example application (programs/ssl/o_p_test) (requires OpenSSL)
    • Added X509 CA Path support
    • Added Thumb assembly optimizations
    • Added DEFLATE compression support as per RFC3749 (requires zlib)
    • Added blowfish algorithm (Generic and cipher layer)
    • Added PKCS#5 PBKDF2 key derivation function
    • Added Secure Renegotiation (RFC 5746)
    • Added predefined DHM groups from RFC 5114
    • Added simple SSL session cache implementation
    • Added ServerName extension parsing (SNI) at server side
    • Added option to add minimum accepted SSL/TLS protocol version

    ๐Ÿ”„ Changes

    • Removed redundant POLARSSL_DEBUG_MSG define
    • AES code only check for Padlock once
    • Fixed const-correctness mpi_get_bit()
    • Documentation for mpi_lsb() and mpi_msb()
    • Moved out_msg to out_hdr + 32 to support hardware acceleration
    • Changed certificate verify behaviour to comply with RFC 6125 section 6.3 to not match CN if subjectAltName extension is present (Closes ticket #56)
    • Cipher layer cipher_mode_t POLARSSL_MODE_CFB128 is renamed to POLARSSL_MODE_CFB, to also handle different block size CFB modes.
    • Removed handling for SSLv2 Client Hello (as per RFC 5246 recommendation)
    • Revamped session resumption handling
    • Generalized external private key implementation handling (like PKCS#11) in SSL/TLS
    • Revamped x509_verify() and the SSL f_vrfy callback implementations
    • Moved from unsigned long to fixed width uint32_t types throughout code
    • Renamed ciphersuites naming scheme to IANA reserved names

    ๐Ÿ›  Bugfix

    • Fixed handling error in mpi_cmp_mpi() on longer B values (found by Hui Dong)
    • Fixed potential heap corruption in x509_name allocation
    • Fixed single RSA test that failed on Big Endian systems (Closes ticket #54)
    • mpi_exp_mod() now correctly handles negative base numbers (Closes ticket #52)
    • Handle encryption with private key and decryption with public key as per RFC 2313
    • Handle empty certificate subject names
    • Prevent reading over buffer boundaries on X509 certificate parsing
    • mpi_add_abs() now correctly handles adding short numbers to long numbers with carry rollover (found by Ruslan Yushchenko)
    • Handle existence of OpenSSL Trust Extensions at end of X.509 DER blob
    • Fixed MPI assembly for SPARC64 platform

    ๐Ÿ”’ Security

    • Fixed potential memory zeroization on miscrafted RSA key (found by Eloi Vanderbeken)