ยซ Changelog History


mbedTLS v2.7.12 Release Notes

Release Date: 2019-09-18 // over 4 years ago

  • Description

    ๐Ÿš€ Mbed TLS 2.7.12 is a maintenance release of the Mbed TLS 2.7 branch, and
    ๐Ÿ›  provides bug fixes and minor enhancements.

    ๐Ÿ”’ Security

    • ๐Ÿ›  Fix a missing error detection in ECJPAKE. This could have caused a predictable shared secret if a hardware accelerator failed and the other side of the key exchange had a similar bug.
    • When writing a private EC key, use a constant size for the private value, as specified in RFC 5915. Previously, the value was written as an ASN.1 INTEGER, which caused the size of the key to leak about 1 bit of information on average and could cause the value to be 1 byte too large for the output buffer.
    • The deterministic ECDSA calculation reused the scheme's HMAC-DRBG to implement blinding. Because of this for the same key and message the same blinding value was generated. This reduced the effectiveness of the countermeasure and leaked information about the private key through side channels. Reported by Jack Lloyd.

    API Changes

    • The new function mbedtls_ecdsa_sign_det_ext() is similar to mbedtls_ecdsa_sign_det() but allows passing an external RNG for the purpose of blinding.
    • The new function mbedtls_ecp_gen_privkey() allows to generate a private key without generating the public part of the pair.

    ๐Ÿ›  Bugfix

    • ๐Ÿ›  Fix to allow building test suites with any warning that detects unused functions. Fixes #1628.
    • Fix typo in net_would_block(). Fixes #528 reported by github-monoculture.
    • โœ‚ Remove redundant include file in timing.c. Fixes #2640 reported by irwir.
    • ๐Ÿ›  Fix Visual Studio Release x64 build configuration by inheriting PlatformToolset from the project configuration. Fixes #1430 reported by irwir.
    • ๐Ÿ›  Enable Suite B with subset of ECP curves. Make sure the code compiles even if some curves are not defined. Fixes #1591 reported by dbedev.
    • ๐Ÿ›  Fix misuse of signed arithmetic in the HAVEGE module. #2598
    • โšก๏ธ Update test certificates that were about to expire. Reported by Bernhard M. Wiedemann in #2357.
    • Make NV seed test support MBEDTLS_ENTROPY_FORCE_SHA256.
    • Fix memory leak in in mpi_miller_rabin(). Contributed by Jens Wiklander [email protected] in #2363.

    ๐Ÿ”„ Changes

    • ๐Ÿ›  Make make clean clean all programs always. Fixes #1862.

    โšก๏ธ Who should update

    โšก๏ธ We recommend all affected users should update to take advantage of the bug
    ๐Ÿ›  fixes contained in this release at an appropriate point in their development
    lifecycle.