lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-30 22:43:08 +03:00
Code Activity

Update ChangeLog and migration guide

Browse Source 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard
2021-06-07 11:13:34 +02:00
parent 9371a40476
commit 3b5a7c198c
2 changed files with 27 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
ChangeLog.d/issue4286.txt
View File

@ -1,11 +1,14 @@
Removals Removals
* Remove the TLS 1.0, TLS 1.1 and DTLS 1.0 support by removing the following * Remove support for TLS 1.0, TLS 1.1 and DTLS 1.0, as well as support for
library constants: MBEDTLS_SSL_PROTO_TLS1, CBC record splitting, fallback SCSV, and the ability to configure
MBEDTLS_SSL_PROTO_TLS1_1, MBEDTLS_SSL_CBC_RECORD_SPLITTING, ciphersuites per version, which are no longer relevant. This removes the
following public constants: MBEDTLS_SSL_PROTO_TLS1,
MBEDTLS_SSL_PROTO_TLS1_1, MBEDTLS_SSL_MINOR_VERSION_1,
MBEDTLS_SSL_MINOR_VERSION_2, MBEDTLS_SSL_CBC_RECORD_SPLITTING,
MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED, MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED,
MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED, MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED,
MBEDTLS_SSL_FALLBACK_SCSV, MBEDTLS_SSL_FALLBACK_SCSV_VALUE, MBEDTLS_SSL_FALLBACK_SCSV, MBEDTLS_SSL_FALLBACK_SCSV_VALUE,
MBEDTLS_SSL_IS_FALLBACK, MBEDTLS_SSL_IS_NOT_FALLBACK, and functions: MBEDTLS_SSL_IS_FALLBACK, MBEDTLS_SSL_IS_NOT_FALLBACK; and functions:
mbedtls_ssl_conf_cbc_record_splitting(), mbedtls_ssl_conf_cbc_record_splitting(),
mbedtls_ssl_get_key_exchange_md_ssl_tls(), mbedtls_ssl_conf_fallback(). mbedtls_ssl_get_key_exchange_md_ssl_tls(), mbedtls_ssl_conf_fallback(),
Fixes #4286. mbedtls_ssl_conf_ciphersuites_for_version(). Fixes #4286.

20
docs/3.0-migration-guide.d/remove_support_for_tls_1.0_1.1_and_dtls_1.0.md
View File

@ -3,9 +3,25 @@ Remove suport for TLS 1.0, 1.1 and DTLS 1.0
This change affects users of the TLS 1.0, 1.1 and DTLS 1.0 protocols. This change affects users of the TLS 1.0, 1.1 and DTLS 1.0 protocols.
The versions of (D)TLS that are being removed are not as secure as the latest These versions have been deprecated by RFC 8996.
versions. Keeping them in the library creates opportunities for misconfiguration Keeping them in the library creates opportunities for misconfiguration
and possibly downgrade attacks. More generally, more code means a larger attack and possibly downgrade attacks. More generally, more code means a larger attack
surface, even if the code is supposedly not used. surface, even if the code is supposedly not used.
The migration path is to adopt the latest versions of the protocol. The migration path is to adopt the latest versions of the protocol.
As a consequence of removing 1.0, support for CBC record splitting was also
removed, as it was a work-around for a weakness in this particular version.
There is no migration path is no longer makes sense with newer versions.
As a consequence of currently supporting only one version of (D)TLS (and in the
future 1.3 which will have a different version negociation mechanism), support
for fallback SCSV (RFC 7507) was also removed. There is no migration path as
it's no longer useful with TLS 1.2 and later.
As a consequence of currently supporting only one version of (D)TLS (and in the
future 1.3 which will have a different concept of ciphersuites), support for
configuring ciphersuites separately for each version via
`mbedtls_ssl_conf_ciphersuites_for_version()` was removed. Use
`mbedtls_ssl_conf_ciphersuites()` to configure ciphersuites to use with (D)TLS
1.2; in the future a different API will be added for (D)TLS 1.3.