Merge pull request #985 from Mbed-TLS/mbedtls-3.3.0rc2-pr

Mbedtls 3.3.0rc2 pr
2025-02-06 03:40:04 +00:00 · 2022-12-14 19:06:39 +00:00 · 2022-12-14 19:06:39 +00:00 · 8c89224991
commit 8c89224991
parent 70f8157ec5 e90ed7d249
3 changed files with 8 additions and 10 deletions
--- a/10
+++ b/10
@ -2,12 +2,6 @@ Mbed TLS ChangeLog (Sorted per branch, date)

 = Mbed TLS 3.3.0 branch released 2022-12-14

-API changes
-   * Add an ad-hoc key derivation function handling EC J-PAKE to PMS
-     calculation that can be used to derive the session secret in TLS 1.2,
-     as described in draft-cragie-tls-ecjpake-01. This can be achieved by
-     using PSA_ALG_TLS12_ECJPAKE_TO_PMS as the key derivation algorithm.
-
 Default behavior changes
   * Previously the macro MBEDTLS_SSL_DTLS_CONNECTION_ID implemented version 05
     of the IETF draft, and was marked experimental and disabled by default.
@ -103,6 +97,10 @@ Features
     implementations of raw key agreement through the key_agreement driver
     entry point. This entry point is specified in the proposed PSA driver
     interface, but had not yet been implemented.
+   * Add an ad-hoc key derivation function handling EC J-PAKE to PMS
+     calculation that can be used to derive the session secret in TLS 1.2,
+     as described in draft-cragie-tls-ecjpake-01. This can be achieved by
+     using PSA_ALG_TLS12_ECJPAKE_TO_PMS as the key derivation algorithm.

 Security
   * Fix potential heap buffer overread and overwrite in DTLS if
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@ -282,7 +282,7 @@ endif(USE_STATIC_MBEDTLS_LIBRARY)
 if(USE_SHARED_MBEDTLS_LIBRARY)
    set(CMAKE_LIBRARY_PATH ${CMAKE_CURRENT_BINARY_DIR})
    add_library(${mbedcrypto_target} SHARED ${src_crypto})
-    set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 3.3.0 SOVERSION 12)
+    set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 3.3.0 SOVERSION 13)
    target_link_libraries(${mbedcrypto_target} PUBLIC ${libs})

    if(TARGET everest)
@ -294,7 +294,7 @@ if(USE_SHARED_MBEDTLS_LIBRARY)
    target_link_libraries(${mbedx509_target} PUBLIC ${libs} ${mbedcrypto_target})

    add_library(${mbedtls_target} SHARED ${src_tls})
-    set_target_properties(${mbedtls_target} PROPERTIES VERSION 3.3.0 SOVERSION 18)
+    set_target_properties(${mbedtls_target} PROPERTIES VERSION 3.3.0 SOVERSION 19)
    target_link_libraries(${mbedtls_target} PUBLIC ${libs} ${mbedx509_target})
 endif(USE_SHARED_MBEDTLS_LIBRARY)

--- a/library/Makefile
+++ b/library/Makefile
@ -47,9 +47,9 @@ LOCAL_CFLAGS += -fPIC -fpic
 endif
 endif

-SOEXT_TLS?=so.18
+SOEXT_TLS?=so.19
 SOEXT_X509?=so.4
-SOEXT_CRYPTO?=so.12
+SOEXT_CRYPTO?=so.13

 # Set AR_DASH= (empty string) to use an ar implementation that does not accept
 # the - prefix for command line options (e.g. llvm-ar)