Assemble changelog for 2.28.3 release
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
diff --git a/ChangeLog b/ChangeLog
index 23be7dd..4033839 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,84 @@
Mbed TLS ChangeLog (Sorted per branch, date)
+= Mbed TLS 2.28.3 branch released 2023-03-28
+
+Features
+ * Use HOSTCC (if it is set) when compiling C code during generation of the
+ configuration-independent files. This allows them to be generated when
+ CC is set for cross compilation.
+ * AES-NI is now supported with Visual Studio.
+ * AES-NI is now supported in 32-bit builds, or when MBEDTLS_HAVE_ASM
+ is disabled, when compiling with GCC or Clang or a compatible compiler
+ for a target CPU that supports the requisite instructions (for example
+ gcc -m32 -msse2 -maes -mpclmul). (Generic x86 builds with GCC-like
+ compilers still require MBEDTLS_HAVE_ASM and a 64-bit target.)
+
+Security
+ * MBEDTLS_AESNI_C, which is enabled by default, was silently ignored on
+ builds that couldn't compile the GCC-style assembly implementation
+ (most notably builds with Visual Studio), leaving them vulnerable to
+ timing side-channel attacks. There is now an intrinsics-based AES-NI
+ implementation as a fallback for when the assembly one cannot be used.
+
+Bugfix
+ * Fix a build issue on Windows where the source and build directory could
+ not be on different drives (#5751).
+ * Fix possible integer overflow in mbedtls_timing_hardclock(), which
+ could cause a crash for certain platforms & compiler options.
+ * Fix IAR compiler warnings. Fixes #6924.
+ * Fix a bug in the build where directory names containing spaces were
+ causing generate_errors.pl to error out resulting in a build failure.
+ Fixes issue #6879.
+ * Fix compile error where MBEDTLS_RSA_C and MBEDTLS_X509_CRT_WRITE_C are
+ defined, but MBEDTLS_PK_RSA_ALT_SUPPORT is not defined. Fixes #3174.
+ * Fix a build issue when defining MBEDTLS_TIMING_ALT and MBEDTLS_SELF_TEST.
+ The library would not link if the user didn't provide an external self-test
+ function. The self-test is now provided regardless of the choice of
+ internal/alternative timing implementation. Fixes #6923.
+ * mbedtls_x509write_crt_set_serial() now explicitly rejects serial numbers
+ whose binary representation is longer than 20 bytes. This was already
+ forbidden by the standard (RFC5280 - section 4.1.2.2) and now it's being
+ enforced also at code level.
+ * Fix potential undefined behavior in mbedtls_mpi_sub_abs(). Reported by
+ Pascal Cuoq using TrustInSoft Analyzer in #6701; observed independently by
+ Aaron Ucko under Valgrind.
+ * Fix behavior of certain sample programs which could, when run with no
+ arguments, access uninitialized memory in some cases. Fixes #6700 (which
+ was found by TrustInSoft Analyzer during REDOCS'22) and #1120.
+ * Fix build errors in test programs when MBEDTLS_CERTS_C is disabled.
+ Fixes #6243.
+ * Fix parsing of X.509 SubjectAlternativeName extension. Previously,
+ malformed alternative name components were not caught during initial
+ certificate parsing, but only on subsequent calls to
+ mbedtls_x509_parse_subject_alt_name(). Fixes #2838.
+ * Fix bug in conversion from OID to string in
+ mbedtls_oid_get_numeric_string(). OIDs such as 2.40.0.25 are now printed
+ correctly.
+ * Reject OIDs with overlong-encoded subidentifiers when converting
+ them to a string.
+ * Reject OIDs with subidentifier values exceeding UINT_MAX. Such
+ subidentifiers can be valid, but Mbed TLS cannot currently handle them.
+ * Reject OIDs that have unterminated subidentifiers, or (equivalently)
+ have the most-significant bit set in their last byte.
+ * Silence a warning about an unused local variable in bignum.c on
+ some architectures. Fixes #7166.
+ * Silence warnings from clang -Wdocumentation about empty \retval
+ descriptions, which started appearing with Clang 15. Fixes #6960.
+ * Fix undefined behavior in mbedtls_ssl_read() and mbedtls_ssl_write() if
+ len argument is 0 and buffer is NULL.
+
+Changes
+ * The C code follows a new coding style. This is transparent for users but
+ affects contributors and maintainers of local patches. For more
+ information, see
+ https://mbed-tls.readthedocs.io/en/latest/kb/how-to/rewrite-branch-for-coding-style/
+ * Changed the default MBEDTLS_ECP_WINDOW_SIZE from 6 to 2.
+ As tested in issue 6790, the correlation between this define and
+ RSA decryption performance has changed lately due to security fixes.
+ To fix the performance degradation when using default values the
+ window was reduced from 6 to 2, a value that gives the best or close
+ to best results when tested on Cortex-M4 and Intel i7.
+
= Mbed TLS 2.28.2 branch released 2022-12-14
Security
diff --git a/ChangeLog.d/aes-ni-security-notice.txt b/ChangeLog.d/aes-ni-security-notice.txt
deleted file mode 100644
index ccf8c9a..0000000
--- a/ChangeLog.d/aes-ni-security-notice.txt
+++ /dev/null
@@ -1,6 +0,0 @@
-Security
- * MBEDTLS_AESNI_C, which is enabled by default, was silently ignored on
- builds that couldn't compile the GCC-style assembly implementation
- (most notably builds with Visual Studio), leaving them vulnerable to
- timing side-channel attacks. There is now an intrinsics-based AES-NI
- implementation as a fallback for when the assembly one cannot be used.
diff --git a/ChangeLog.d/aesni.txt b/ChangeLog.d/aesni.txt
deleted file mode 100644
index 2d90a6e..0000000
--- a/ChangeLog.d/aesni.txt
+++ /dev/null
@@ -1,7 +0,0 @@
-Features
- * AES-NI is now supported with Visual Studio.
- * AES-NI is now supported in 32-bit builds, or when MBEDTLS_HAVE_ASM
- is disabled, when compiling with GCC or Clang or a compatible compiler
- for a target CPU that supports the requisite instructions (for example
- gcc -m32 -msse2 -maes -mpclmul). (Generic x86 builds with GCC-like
- compilers still require MBEDTLS_HAVE_ASM and a 64-bit target.)
diff --git a/ChangeLog.d/build-without-certs.txt b/ChangeLog.d/build-without-certs.txt
deleted file mode 100644
index dcb5c77..0000000
--- a/ChangeLog.d/build-without-certs.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Bugfix
- * Fix build errors in test programs when MBEDTLS_CERTS_C is disabled.
- Fixes #6243.
diff --git a/ChangeLog.d/c-build-helper-hostcc.txt b/ChangeLog.d/c-build-helper-hostcc.txt
deleted file mode 100644
index 86182c3..0000000
--- a/ChangeLog.d/c-build-helper-hostcc.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-Features
- * Use HOSTCC (if it is set) when compiling C code during generation of the
- configuration-independent files. This allows them to be generated when
- CC is set for cross compilation.
diff --git a/ChangeLog.d/clang-15-bignum-warning.txt b/ChangeLog.d/clang-15-bignum-warning.txt
deleted file mode 100644
index d3308b4..0000000
--- a/ChangeLog.d/clang-15-bignum-warning.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Bugfix
- * Silence a warning about an unused local variable in bignum.c on
- some architectures. Fixes #7166.
diff --git a/ChangeLog.d/coding-style.txt b/ChangeLog.d/coding-style.txt
deleted file mode 100644
index b2cff5c..0000000
--- a/ChangeLog.d/coding-style.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-Changes
- * The C code follows a new coding style. This is transparent for users but
- affects contributors and maintainers of local patches. For more
- information, see
- https://mbed-tls.readthedocs.io/en/latest/kb/how-to/rewrite-branch-for-coding-style/
diff --git a/ChangeLog.d/conditionalize-mbedtls_mpi_sub_abs-memcpy.txt b/ChangeLog.d/conditionalize-mbedtls_mpi_sub_abs-memcpy.txt
deleted file mode 100644
index 0a90721..0000000
--- a/ChangeLog.d/conditionalize-mbedtls_mpi_sub_abs-memcpy.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-Bugfix
- * Fix potential undefined behavior in mbedtls_mpi_sub_abs(). Reported by
- Pascal Cuoq using TrustInSoft Analyzer in #6701; observed independently by
- Aaron Ucko under Valgrind.
diff --git a/ChangeLog.d/empty-retval-description.txt b/ChangeLog.d/empty-retval-description.txt
deleted file mode 100644
index 491adf5..0000000
--- a/ChangeLog.d/empty-retval-description.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Bugfix
- * Silence warnings from clang -Wdocumentation about empty \retval
- descriptions, which started appearing with Clang 15. Fixes #6960.
diff --git a/ChangeLog.d/fix-example-programs-no-args.txt b/ChangeLog.d/fix-example-programs-no-args.txt
deleted file mode 100644
index 57fe37a..0000000
--- a/ChangeLog.d/fix-example-programs-no-args.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-Bugfix
- * Fix behavior of certain sample programs which could, when run with no
- arguments, access uninitialized memory in some cases. Fixes #6700 (which
- was found by TrustInSoft Analyzer during REDOCS'22) and #1120.
diff --git a/ChangeLog.d/fix-gettimeofday-overflow.txt b/ChangeLog.d/fix-gettimeofday-overflow.txt
deleted file mode 100644
index 99a049d..0000000
--- a/ChangeLog.d/fix-gettimeofday-overflow.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-Bugfix
- * Fix possible integer overflow in mbedtls_timing_hardclock(), which
- could cause a crash for certain platforms & compiler options.
-
diff --git a/ChangeLog.d/fix-iar-warnings.txt b/ChangeLog.d/fix-iar-warnings.txt
deleted file mode 100644
index 8a30132..0000000
--- a/ChangeLog.d/fix-iar-warnings.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-Bugfix
- * Fix IAR compiler warnings. Fixes #6924.
diff --git a/ChangeLog.d/fix-oid-to-string-bugs.txt b/ChangeLog.d/fix-oid-to-string-bugs.txt
deleted file mode 100644
index 3cf02c3..0000000
--- a/ChangeLog.d/fix-oid-to-string-bugs.txt
+++ /dev/null
@@ -1,10 +0,0 @@
-Bugfix
- * Fix bug in conversion from OID to string in
- mbedtls_oid_get_numeric_string(). OIDs such as 2.40.0.25 are now printed
- correctly.
- * Reject OIDs with overlong-encoded subidentifiers when converting
- them to a string.
- * Reject OIDs with subidentifier values exceeding UINT_MAX. Such
- subidentifiers can be valid, but Mbed TLS cannot currently handle them.
- * Reject OIDs that have unterminated subidentifiers, or (equivalently)
- have the most-significant bit set in their last byte.
diff --git a/ChangeLog.d/fix-rsaalt-test-guards.txt b/ChangeLog.d/fix-rsaalt-test-guards.txt
deleted file mode 100644
index f4f39c9..0000000
--- a/ChangeLog.d/fix-rsaalt-test-guards.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Bugfix
- * Fix compile error where MBEDTLS_RSA_C and MBEDTLS_X509_CRT_WRITE_C are
- defined, but MBEDTLS_PK_RSA_ALT_SUPPORT is not defined. Fixes #3174.
diff --git a/ChangeLog.d/fix_build_for_directory_names_containing_spaces.txt b/ChangeLog.d/fix_build_for_directory_names_containing_spaces.txt
deleted file mode 100644
index e7643b7..0000000
--- a/ChangeLog.d/fix_build_for_directory_names_containing_spaces.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-Bugfix
- * Fix a bug in the build where directory names containing spaces were
- causing generate_errors.pl to error out resulting in a build failure.
- Fixes issue #6879.
diff --git a/ChangeLog.d/fix_hard_link_across_drives.txt b/ChangeLog.d/fix_hard_link_across_drives.txt
deleted file mode 100644
index 99df0f0..0000000
--- a/ChangeLog.d/fix_hard_link_across_drives.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Bugfix
- * Fix a build issue on Windows where the source and build directory could
- not be on different drives (#5751).
diff --git a/ChangeLog.d/fix_timing_alt.txt b/ChangeLog.d/fix_timing_alt.txt
deleted file mode 100644
index 86ec16d..0000000
--- a/ChangeLog.d/fix_timing_alt.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-Bugfix
- * Fix a build issue when defining MBEDTLS_TIMING_ALT and MBEDTLS_SELF_TEST.
- The library would not link if the user didn't provide an external self-test
- function. The self-test is now provided regardless of the choice of
- internal/alternative timing implementation. Fixes #6923.
diff --git a/ChangeLog.d/improve_x509_cert_writing_serial_number_management.txt b/ChangeLog.d/improve_x509_cert_writing_serial_number_management.txt
deleted file mode 100644
index a85c79b..0000000
--- a/ChangeLog.d/improve_x509_cert_writing_serial_number_management.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-Bugfix
- * mbedtls_x509write_crt_set_serial() now explicitly rejects serial numbers
- whose binary representation is longer than 20 bytes. This was already
- forbidden by the standard (RFC5280 - section 4.1.2.2) and now it's being
- enforced also at code level.
diff --git a/ChangeLog.d/mbedtls_ssl_read_undefined_behavior.txt b/ChangeLog.d/mbedtls_ssl_read_undefined_behavior.txt
deleted file mode 100644
index 1f2c563..0000000
--- a/ChangeLog.d/mbedtls_ssl_read_undefined_behavior.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Bugfix
- * Fix undefined behavior in mbedtls_ssl_read() and mbedtls_ssl_write() if
- len argument is 0 and buffer is NULL.
diff --git a/ChangeLog.d/mpi-window-perf.txt b/ChangeLog.d/mpi-window-perf.txt
deleted file mode 100644
index 0f75d6a..0000000
--- a/ChangeLog.d/mpi-window-perf.txt
+++ /dev/null
@@ -1,7 +0,0 @@
-Changes
- * Changed the default MBEDTLS_ECP_WINDOW_SIZE from 6 to 2.
- As tested in issue 6790, the correlation between this define and
- RSA decryption performance has changed lately due to security fixes.
- To fix the performance degradation when using default values the
- window was reduced from 6 to 2, a value that gives the best or close
- to best results when tested on Cortex-M4 and Intel i7.
diff --git a/ChangeLog.d/x509-subaltname-ext.txt b/ChangeLog.d/x509-subaltname-ext.txt
deleted file mode 100644
index 7845f18..0000000
--- a/ChangeLog.d/x509-subaltname-ext.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-Bugfix
- * Fix parsing of X.509 SubjectAlternativeName extension. Previously,
- malformed alternative name components were not caught during initial
- certificate parsing, but only on subsequent calls to
- mbedtls_x509_parse_subject_alt_name(). Fixes #2838.