ChangeLog.d/tls13-reorder-ciphersuite-preference-list.txt - mirror/mbed-tls - TrustedFirmware Git Browser

 Default behavior changes
    * The default priority order of TLS 1.3 cipher suites has been modified to
      follow the same rules as the TLS 1.2 cipher suites (see
      ssl_ciphersuites.c). The preferred cipher suite is now
      TLS_CHACHA20_POLY1305_SHA256.

 Bugfix
    * In the TLS 1.3 server, select the preferred client cipher suite, not the
      least preferred. The selection error was introduced in Mbed TLS 3.3.0.
    * Fix TLS 1.3 session resumption when the established pre-shared key is
      384 bits long. That is the length of pre-shared keys created under a
      session where the cipher suite is TLS_AES_256_GCM_SHA384.
	Default behavior changes
	* The default priority order of TLS 1.3 cipher suites has been modified to
	follow the same rules as the TLS 1.2 cipher suites (see
	ssl_ciphersuites.c). The preferred cipher suite is now
	TLS_CHACHA20_POLY1305_SHA256.

	Bugfix
	* In the TLS 1.3 server, select the preferred client cipher suite, not the
	least preferred. The selection error was introduced in Mbed TLS 3.3.0.
	* Fix TLS 1.3 session resumption when the established pre-shared key is
	384 bits long. That is the length of pre-shared keys created under a
	session where the cipher suite is TLS_AES_256_GCM_SHA384.