From ccba2b7507a0e90c1a88750cbb417086efcaba97 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 2 Aug 2023 14:47:25 +0100 Subject: [PATCH 1/3] Assemble 2.28.4 changelog Signed-off-by: Dave Rodgman --- ChangeLog | 26 +++++++++++++++++++ ChangeLog.d/armclang-compile-fix.txt | 5 ---- ChangeLog.d/bugfix_iar_typo.txt | 3 --- .../cmake-pass-through-config-defines.txt | 3 --- .../fix-crypt_and_hash-decrypt-issue.txt | 4 --- ChangeLog.d/fix-string-to-names-retcode.txt | 3 --- ChangeLog.d/fix-tfm-build.txt | 3 --- ChangeLog.d/fix-win32-llvm-build.txt | 2 -- ChangeLog.d/inject-entropy.txt | 2 -- ChangeLog.d/programs_psa_fix.txt | 3 --- ChangeLog.d/ssl_premaster_secret-empty.txt | 3 --- 11 files changed, 26 insertions(+), 31 deletions(-) delete mode 100644 ChangeLog.d/armclang-compile-fix.txt delete mode 100644 ChangeLog.d/bugfix_iar_typo.txt delete mode 100644 ChangeLog.d/cmake-pass-through-config-defines.txt delete mode 100644 ChangeLog.d/fix-crypt_and_hash-decrypt-issue.txt delete mode 100644 ChangeLog.d/fix-string-to-names-retcode.txt delete mode 100644 ChangeLog.d/fix-tfm-build.txt delete mode 100644 ChangeLog.d/fix-win32-llvm-build.txt delete mode 100644 ChangeLog.d/inject-entropy.txt delete mode 100644 ChangeLog.d/programs_psa_fix.txt delete mode 100644 ChangeLog.d/ssl_premaster_secret-empty.txt diff --git a/ChangeLog b/ChangeLog index 4033839d9..67b72fc66 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,31 @@ Mbed TLS ChangeLog (Sorted per branch, date) += Mbed TLS 2.28.4 branch released 2023-08-04 + +Features + * Allow MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE to be set by + setting the CMake variable of the same name at configuration time. + +Bugfix + * Fix crypt_and_hash decryption fail when used with a stream cipher + mode of operation, due to the input not being a multiple of the block + size. Resolves #7417. + * Fix a bug where mbedtls_x509_string_to_names() would return success + when given a invalid name string, if it did not contain '=' or ','. + * Fix missing PSA initialization in sample programs when + MBEDTLS_USE_PSA_CRYPTO is enabled. + * Fix clang and armclang compilation error when targeting certain Arm + M-class CPUs (Cortex-M0, Cortex-M0+, Cortex-M1, Cortex-M23, + SecurCore SC000). Fixes #1077. + * Fixed an issue that caused compile errors when using CMake and the IAR + toolchain. + * Fix the build with MBEDTLS_PSA_INJECT_ENTROPY. Fixes #7516. + * Fix builds on Windows with clang. + * Fix compilation warnings in aes.c for certain combinations + of configuration options. + * Fix a compilation error on some platforms when including mbedtls/ssl.h + with all TLS support disabled. Fixes #6628. + = Mbed TLS 2.28.3 branch released 2023-03-28 Features diff --git a/ChangeLog.d/armclang-compile-fix.txt b/ChangeLog.d/armclang-compile-fix.txt deleted file mode 100644 index 93ad6af88..000000000 --- a/ChangeLog.d/armclang-compile-fix.txt +++ /dev/null @@ -1,5 +0,0 @@ -Bugfix - * Fix clang and armclang compilation error when targeting certain Arm - M-class CPUs (Cortex-M0, Cortex-M0+, Cortex-M1, Cortex-M23, - SecurCore SC000). Fixes #1077. - diff --git a/ChangeLog.d/bugfix_iar_typo.txt b/ChangeLog.d/bugfix_iar_typo.txt deleted file mode 100644 index 95f97b1cb..000000000 --- a/ChangeLog.d/bugfix_iar_typo.txt +++ /dev/null @@ -1,3 +0,0 @@ -Bugfix - * Fixed an issue that caused compile errors when using CMake and the IAR - toolchain. diff --git a/ChangeLog.d/cmake-pass-through-config-defines.txt b/ChangeLog.d/cmake-pass-through-config-defines.txt deleted file mode 100644 index 6122f37d2..000000000 --- a/ChangeLog.d/cmake-pass-through-config-defines.txt +++ /dev/null @@ -1,3 +0,0 @@ -Features - * Allow MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE to be set by - setting the CMake variable of the same name at configuration time. diff --git a/ChangeLog.d/fix-crypt_and_hash-decrypt-issue.txt b/ChangeLog.d/fix-crypt_and_hash-decrypt-issue.txt deleted file mode 100644 index ded9b2d47..000000000 --- a/ChangeLog.d/fix-crypt_and_hash-decrypt-issue.txt +++ /dev/null @@ -1,4 +0,0 @@ -Bugfix - * Fix crypt_and_hash decryption fail when used with a stream cipher - mode of operation due to the input not being multiple of block size. - Resolves #7417. diff --git a/ChangeLog.d/fix-string-to-names-retcode.txt b/ChangeLog.d/fix-string-to-names-retcode.txt deleted file mode 100644 index ac4b3d176..000000000 --- a/ChangeLog.d/fix-string-to-names-retcode.txt +++ /dev/null @@ -1,3 +0,0 @@ -Bugfix - * Fix a bug in which mbedtls_x509_string_to_names() would return success - when given a invalid name string if it did not contain '=' or ','. diff --git a/ChangeLog.d/fix-tfm-build.txt b/ChangeLog.d/fix-tfm-build.txt deleted file mode 100644 index a63bc2fa4..000000000 --- a/ChangeLog.d/fix-tfm-build.txt +++ /dev/null @@ -1,3 +0,0 @@ -Bugfix - * Fix compilation warnings in aes.c for certain combinations - of configuration options. diff --git a/ChangeLog.d/fix-win32-llvm-build.txt b/ChangeLog.d/fix-win32-llvm-build.txt deleted file mode 100644 index 826551ccf..000000000 --- a/ChangeLog.d/fix-win32-llvm-build.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bugfix - * Fix builds on Windows with clang diff --git a/ChangeLog.d/inject-entropy.txt b/ChangeLog.d/inject-entropy.txt deleted file mode 100644 index 762662969..000000000 --- a/ChangeLog.d/inject-entropy.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bugfix - * Fix the build with MBEDTLS_PSA_INJECT_ENTROPY. Fixes #7516. diff --git a/ChangeLog.d/programs_psa_fix.txt b/ChangeLog.d/programs_psa_fix.txt deleted file mode 100644 index fe2099ecc..000000000 --- a/ChangeLog.d/programs_psa_fix.txt +++ /dev/null @@ -1,3 +0,0 @@ -Bugfix - * Fix missing PSA initialization in sample programs when - MBEDTLS_USE_PSA_CRYPTO is enabled. diff --git a/ChangeLog.d/ssl_premaster_secret-empty.txt b/ChangeLog.d/ssl_premaster_secret-empty.txt deleted file mode 100644 index 0ce5f36ea..000000000 --- a/ChangeLog.d/ssl_premaster_secret-empty.txt +++ /dev/null @@ -1,3 +0,0 @@ -Bugfix - * Fix a compilation error on some platforms when including mbedtls/ssl.h - with all TLS support disabled. Fixes #6628. From 403ce0a6ccd4f388f4ffdeac1d01956900c232dc Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 2 Aug 2023 15:35:45 +0100 Subject: [PATCH 2/3] Bump version numbers Signed-off-by: Dave Rodgman --- doxygen/input/doc_mainpage.h | 2 +- doxygen/mbedtls.doxyfile | 2 +- include/mbedtls/version.h | 8 ++++---- library/CMakeLists.txt | 6 +++--- tests/suites/test_suite_version.data | 4 ++-- 5 files changed, 11 insertions(+), 11 deletions(-) diff --git a/doxygen/input/doc_mainpage.h b/doxygen/input/doc_mainpage.h index bbf4ea2f4..d19f93e71 100644 --- a/doxygen/input/doc_mainpage.h +++ b/doxygen/input/doc_mainpage.h @@ -22,7 +22,7 @@ */ /** - * @mainpage Mbed TLS v2.28.3 API Documentation + * @mainpage Mbed TLS v2.28.4 API Documentation * * This documentation describes the internal structure of Mbed TLS. It was * automatically generated from specially formatted comment blocks in diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile index 78299ed5b..2f22e3fe8 100644 --- a/doxygen/mbedtls.doxyfile +++ b/doxygen/mbedtls.doxyfile @@ -1,4 +1,4 @@ -PROJECT_NAME = "mbed TLS v2.28.3" +PROJECT_NAME = "mbed TLS v2.28.4" OUTPUT_DIRECTORY = ../apidoc/ FULL_PATH_NAMES = NO OPTIMIZE_OUTPUT_FOR_C = YES diff --git a/include/mbedtls/version.h b/include/mbedtls/version.h index 0ef52138f..1ae06e686 100644 --- a/include/mbedtls/version.h +++ b/include/mbedtls/version.h @@ -38,16 +38,16 @@ */ #define MBEDTLS_VERSION_MAJOR 2 #define MBEDTLS_VERSION_MINOR 28 -#define MBEDTLS_VERSION_PATCH 3 +#define MBEDTLS_VERSION_PATCH 4 /** * The single version number has the following structure: * MMNNPP00 * Major version | Minor version | Patch version */ -#define MBEDTLS_VERSION_NUMBER 0x021C0300 -#define MBEDTLS_VERSION_STRING "2.28.3" -#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.28.3" +#define MBEDTLS_VERSION_NUMBER 0x021C0400 +#define MBEDTLS_VERSION_STRING "2.28.4" +#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.28.4" #if defined(MBEDTLS_VERSION_C) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index a15925198..147caafd5 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -204,15 +204,15 @@ endif(USE_STATIC_MBEDTLS_LIBRARY) if(USE_SHARED_MBEDTLS_LIBRARY) set(CMAKE_LIBRARY_PATH ${CMAKE_CURRENT_BINARY_DIR}) add_library(${mbedcrypto_target} SHARED ${src_crypto}) - set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 2.28.3 SOVERSION 7) + set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 2.28.4 SOVERSION 7) target_link_libraries(${mbedcrypto_target} PUBLIC ${libs}) add_library(${mbedx509_target} SHARED ${src_x509}) - set_target_properties(${mbedx509_target} PROPERTIES VERSION 2.28.3 SOVERSION 1) + set_target_properties(${mbedx509_target} PROPERTIES VERSION 2.28.4 SOVERSION 1) target_link_libraries(${mbedx509_target} PUBLIC ${libs} ${mbedcrypto_target}) add_library(${mbedtls_target} SHARED ${src_tls}) - set_target_properties(${mbedtls_target} PROPERTIES VERSION 2.28.3 SOVERSION 14) + set_target_properties(${mbedtls_target} PROPERTIES VERSION 2.28.4 SOVERSION 14) target_link_libraries(${mbedtls_target} PUBLIC ${libs} ${mbedx509_target}) endif(USE_SHARED_MBEDTLS_LIBRARY) diff --git a/tests/suites/test_suite_version.data b/tests/suites/test_suite_version.data index 4b57192f0..8226a6840 100644 --- a/tests/suites/test_suite_version.data +++ b/tests/suites/test_suite_version.data @@ -1,8 +1,8 @@ Check compile time library version -check_compiletime_version:"2.28.3" +check_compiletime_version:"2.28.4" Check runtime library version -check_runtime_version:"2.28.3" +check_runtime_version:"2.28.4" Check for MBEDTLS_VERSION_C check_feature:"MBEDTLS_VERSION_C":0 From 8abc2e61127255ca2c797bb04e6b3f4e9cf6b37b Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 2 Aug 2023 15:36:46 +0100 Subject: [PATCH 3/3] Update BRANCHES.md Signed-off-by: Dave Rodgman --- BRANCHES.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/BRANCHES.md b/BRANCHES.md index 6d2e5c0e4..f912e95be 100644 --- a/BRANCHES.md +++ b/BRANCHES.md @@ -76,6 +76,6 @@ The following branches are currently maintained: - [`development`](https://github.com/Mbed-TLS/mbedtls/) - [`mbedtls-2.28`](https://github.com/Mbed-TLS/mbedtls/tree/mbedtls-2.28) maintained until at least the end of 2024, see - . + . Users are urged to always use the latest version of a maintained branch.