espressif/mbedtls
1
0
Fork 0
mirror of https://github.com/espressif/mbedtls.git synced 2025-05-09 11:21:21 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #985 from Mbed-TLS/mbedtls-3.3.0rc2-pr

Browse Source 
Mbedtls 3.3.0rc2 pr
This commit is contained in:
Dave Rodgman 2022-12-14 19:06:39 +00:00 committed by GitHub
commit 8c89224991
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 8 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
ChangeLog
View File

@ -2,12 +2,6 @@ Mbed TLS ChangeLog (Sorted per branch, date)
= Mbed TLS 3.3.0 branch released 2022-12-14 = Mbed TLS 3.3.0 branch released 2022-12-14
API changes
* Add an ad-hoc key derivation function handling EC J-PAKE to PMS
calculation that can be used to derive the session secret in TLS 1.2,
as described in draft-cragie-tls-ecjpake-01. This can be achieved by
using PSA_ALG_TLS12_ECJPAKE_TO_PMS as the key derivation algorithm.
Default behavior changes Default behavior changes
* Previously the macro MBEDTLS_SSL_DTLS_CONNECTION_ID implemented version 05 * Previously the macro MBEDTLS_SSL_DTLS_CONNECTION_ID implemented version 05
of the IETF draft, and was marked experimental and disabled by default. of the IETF draft, and was marked experimental and disabled by default.
@ -103,6 +97,10 @@ Features
implementations of raw key agreement through the key_agreement driver implementations of raw key agreement through the key_agreement driver
entry point. This entry point is specified in the proposed PSA driver entry point. This entry point is specified in the proposed PSA driver
interface, but had not yet been implemented. interface, but had not yet been implemented.
* Add an ad-hoc key derivation function handling EC J-PAKE to PMS
calculation that can be used to derive the session secret in TLS 1.2,
as described in draft-cragie-tls-ecjpake-01. This can be achieved by
using PSA_ALG_TLS12_ECJPAKE_TO_PMS as the key derivation algorithm.
Security Security
* Fix potential heap buffer overread and overwrite in DTLS if * Fix potential heap buffer overread and overwrite in DTLS if

4
library/CMakeLists.txt
View File

@ -282,7 +282,7 @@ endif(USE_STATIC_MBEDTLS_LIBRARY)
if(USE_SHARED_MBEDTLS_LIBRARY) if(USE_SHARED_MBEDTLS_LIBRARY)
set(CMAKE_LIBRARY_PATH ${CMAKE_CURRENT_BINARY_DIR}) set(CMAKE_LIBRARY_PATH ${CMAKE_CURRENT_BINARY_DIR})
add_library(${mbedcrypto_target} SHARED ${src_crypto}) add_library(${mbedcrypto_target} SHARED ${src_crypto})
set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 3.3.0 SOVERSION 12) set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 3.3.0 SOVERSION 13)
target_link_libraries(${mbedcrypto_target} PUBLIC ${libs}) target_link_libraries(${mbedcrypto_target} PUBLIC ${libs})
if(TARGET everest) if(TARGET everest)
@ -294,7 +294,7 @@ if(USE_SHARED_MBEDTLS_LIBRARY)
target_link_libraries(${mbedx509_target} PUBLIC ${libs} ${mbedcrypto_target}) target_link_libraries(${mbedx509_target} PUBLIC ${libs} ${mbedcrypto_target})
add_library(${mbedtls_target} SHARED ${src_tls}) add_library(${mbedtls_target} SHARED ${src_tls})
set_target_properties(${mbedtls_target} PROPERTIES VERSION 3.3.0 SOVERSION 18) set_target_properties(${mbedtls_target} PROPERTIES VERSION 3.3.0 SOVERSION 19)
target_link_libraries(${mbedtls_target} PUBLIC ${libs} ${mbedx509_target}) target_link_libraries(${mbedtls_target} PUBLIC ${libs} ${mbedx509_target})
endif(USE_SHARED_MBEDTLS_LIBRARY) endif(USE_SHARED_MBEDTLS_LIBRARY)

4
library/Makefile
View File

@ -47,9 +47,9 @@ LOCAL_CFLAGS += -fPIC -fpic
endif endif
endif endif
SOEXT_TLS?=so.18 SOEXT_TLS?=so.19
SOEXT_X509?=so.4 SOEXT_X509?=so.4
SOEXT_CRYPTO?=so.12 SOEXT_CRYPTO?=so.13
# Set AR_DASH= (empty string) to use an ar implementation that does not accept # Set AR_DASH= (empty string) to use an ar implementation that does not accept
# the - prefix for command line options (e.g. llvm-ar) # the - prefix for command line options (e.g. llvm-ar)