Rustls Versions Save

A modern TLS library in Rust

v/0.23.3

2 months ago

Release notes

  • Bug fix: correct cipher suite selection when ECDHE and FFDHE suites are both offered.

What's Changed

New Contributors

Full Changelog: https://github.com/rustls/rustls/compare/v/0.23.2...v/0.23.3

rustls-post-quantum-v/0.1.0

3 months ago

This crate provides experimental support for X25519Kyber768Draft00 post-quantum key exchange. See the documentation for more details.

This crate is release under the same licenses as the main rustls crate.

v/0.23.2

3 months ago
  • Bug fix: return correct ConnectionTrafficSecrets variant from dangerous_extract_secrets() when AES-256-GCM is negotiated.
  • New feature: groundwork for supporting post-quantum key exchange. Experimental support for X25519Kyber768Draft00 will be released as a separate crate: rustls-post-quantum.
  • Add aws-lc-rs crate feature as alias for aws_lc_rs crate feature.

What's Changed

New Contributors

Full Changelog: https://github.com/rustls/rustls/compare/v/0.23.1...v/0.23.2

v/0.23.1

3 months ago
  • Fix build with aws_lc_rs feature enabled but std feature disabled.
  • Fix build for docs.rs.

What's Changed

Full Changelog: https://github.com/rustls/rustls/compare/v/0.23.0...v/0.23.1

v/0.23.0

3 months ago

  • Default cryptography provider changed to aws-lc-rs. Note that this has some implications on platform support and build-time tool requirements such as cmake on all platforms and nasm on Windows. Support for ring continues to be available: set the ring crate feature.

  • Support for FIPS validated mode with aws-lc-rs: see the manual section and aws-lc-rs's FIPS documentation. Note that aws-lc-rs in FIPS mode has further build-time requirements as detailed in the FIPS documentation. Thanks to the aws-lc-rs for their assistance on this.

  • Support for process-wide selection of CryptoProviders. See the documentation. Note that callers of ClientConfig::builder(), ServerConfig::builder(), WebPkiServerVerifier::builder() and WebPkiClientVerifier::builder() must now ensure that the crate's features are unambiguous or explicitly select a process-level provider using CryptoProvider::install_default(). Otherwise, these calls will panic with:

    no process-level CryptoProvider available -- call CryptoProvider::install_default() before this point

    We recommend that libraries rely on the process-level provider by default, and that applications use this new API to select the provider they wish to use.

  • New unbuffered API. UnbufferedClientConnection and UnbufferedServerConnection offer a low-level, event-driven API which does not internally buffer data. Thanks to the team from Ferrous Systems.

  • New no_std support. A new (enabled by default) std crate feature now gates all APIs that depend on std. The above unbuffered APIs must be used for no_std support. Note that alloc continues to be required. Work is ongoing to reintroduce certain APIs for no_std users (see #1688) -- please file issues for other no_std use cases. Thanks to the team from Ferrous Systems.

  • Performance improvement: internal copying while sending data is reduced. Thanks to the team from the Sōzu project.

  • Performance improvement: write_vectored now produces less on-the-wire overhead, which will dramatically improve throughput if it is used with a large number of small messages. Thanks to the team from the Sōzu project.

  • Acceptor API error handling improvement. If a TLS alert should be sent to inform the peer of a connection failure, this is now made available in the Err() variant returned from Acceptor::accept and Accepted::into_connection (which is also a breaking change). Applications should write this data to the peer. See the server_acceptor example.

  • Support for FFDHE key exchange: custom CryptoProviders can now support FFDHE key exchange, in accordance with RFC7919. Note that the default providers do not do this. Thanks to the team from Fortanix.

  • Support for servers requiring extended_master_secret support from clients. See ServerConfig::require_ems. Thanks to the team from Fortanix.

  • Extension ordering in ClientHello messages are now randomised as an anti-fingerprinting measure. We do not foresee any interoperability issues as Chrome has already rolled out the same change. Thanks to @GomesGoncalo.

  • Breaking change: CipherSuiteCommon::integrity_limit field removed (this was QUIC-specific, it has moved to quic::PacketKey::integrity_limit()).

  • Breaking change: crypto::cipher::BorrowedPlainMessage and crypto::cipher::OpaqueMessage have been renamed (to OutboundPlainMessage and OutboundOpaqueMessage) and altered to support performance improvements. See the example code.

  • Breaking change: all protocol enum types (eg. CipherSuite) have had their get_u8/get_u16 accessor removed; use u8::from() / u16::from() instead.

What's Changed

New Contributors

Full Changelog: https://github.com/rustls/rustls/compare/v/0.22.2...v/0.23.0

v/0.22.2

5 months ago

Release notes

  • Avoid sending an empty certificate_authorities extension as a TLS1.3 server. This is incorrect and breaks interop with Java (#1727).
  • Support NISTP521-SHA512 signatures (both for verification and signing), when used with the aws-lc-rs provider (#1706).

What's Changed

Full Changelog: https://github.com/rustls/rustls/compare/v/0.22.1...v/0.22.2

v/0.22.1

6 months ago
  • TLS 1.2 servers now remove session tickets after observing a failure to decrypt, preventing future resumption with the same unusable ticket.
  • The rustls_pki_types crate is now re-exported as rustls::pki_types.
  • The crate examples examples have been updated to use the rustls::pki_types re-export.
  • The quic::PacketKey and quic::HeaderProtectionKey traits are now Send + Sync.
  • Performance improvements to the MessageDeframer internals.
  • Small documentation improvements.

What's Changed

New Contributors

Full Changelog: https://github.com/rustls/rustls/compare/v/0.22.0...v/0.22.1

v/0.21.10

6 months ago

TLS 1.2 servers now remove session tickets after observing a failure to decrypt, preventing future resumption with the same unusable ticket.

What's Changed

Full Changelog: https://github.com/rustls/rustls/compare/v/0.21.9...v/0.21.10

v/0.22.0

6 months ago

New features

  • Configurable cryptography providers. The cryptography used by rustls is represented by the CryptoProvider trait. ring is now optional, but remains the default provider.
  • Certificate revocation list (CRL) support. The default certificate verifier used in rustls can now be configured with CRLs to control revocation of client and server certificates.
  • Optional support for cryptography from aws-lc-rs. Once the certification process completes , we will support FIPS mode using aws-lc-rs.
  • Separate configuration of root hints in client certificate verifier. To deal with cross-signed client certificate topologies, the list of hints sent to a client can now be configured. The default behaviour remains to send the names of the configured root certificates.

There are some related libraries in the rustls ecosystem. If you depend on these libraries, you'll need at least these versions to be compatible with rustls 0.22:

rustls-pki-types = { version = "1" }
webpki-roots = { version = "0.26" }
rustls-webpki = { version = "0.102" }
rustls-pemfile = { version = "2" }
rustls-native-certs = { version = "0.7"}

Breaking changes

  • Remove support for SCTs provided via TLS extension. Ecosystem support for this is rare compared to inclusion of SCTs in certificates.
  • Rename WebPkiVerifier to WebPkiServerVerifier and add WebPkiClientVerifier.
  • Remove default trait implementations in ServerCertVerifier/ClientCertVerifier so the trait doesn't depend on webpki. Instead the previous implementations are exposed as rustls::crypto::verify_tls12_signature, rustls::crypto::verify_tls13_signature and $PROVIDER.signature_verification_algorithms.supported_schemes(), using the crypto provider of your choice. See tlsclient-mio for an example verifier that has been updated for 0.22.
  • Rework certificate auth verifiers construction into a builder. This covers both server and client certificate verifiers: call WebPkiServerVerifier::builder() and WebPkiClientVerifier::builder().
  • Removed the crate features dangerous_configuration, secret_extraction and quic. The API features those previously gated are now available without a crate feature. Types previously gated on the dangerous_configuration feature now appear in danger modules in the same place.
  • New types for keys and certificates. rustls::Certificate has been replaced with CertificateDer from the new rustls-pki-types crate. Likewise, rustls::PrivateKey has been replaced with rustls_pki_types::PrivateKeyDer. These types come in both owned and borrowed variants, like std::borrow::Cow, but some uses, like rustls::RootCertStore, required the owned (<'static>) variant.
  • RootCertStore is now passed around wrapped in an Arc, to improve efficiency when creating a different verifier for different servers/clients but with the same roots.
  • RootCertStore::add_parsable_certificates now takes a impl IntoIterator<Item = impl AsRef<[u8]>>.
  • RootCertStore::add_server_trust_anchors became RootCertStore::extend.
  • Traits exposed by rustls now require a Debug bound. Please exercise caution in using #[derive(Debug)] on types that contain secret data.
  • The deprecated ConfigBuilder<ClientConfig, WantsClientCert>::with_single_cert fn was removed in favour of with_client_auth_cert (https://github.com/rustls/rustls/commit/42cda4658f3f5c865a9248803a8a083633525998)
  • Some types and values have moved to accommodate cryptography provider work:
Old New
rustls::CipherSuiteCommon rustls::crypto::CipherSuiteCommon
rustls::SupportedKxGroup rustls::crypto::SupportedKxGroup
rustls::cipher_suite::* rustls::crypto::ring::cipher_suite::*
rustls::Ticketer rustls::crypto::ring::Ticketer
rustls::ALL_KX_GROUPS rustls::crypto::ring::ALL_KX_GROUPS
rustls::ALL_CIPHER_SUITES rustls::crypto::ring::ALL_CIPHER_SUITES
rustls::DEFAULT_CIPHER_SUITES rustls::crypto::ring::DEFAULT_CIPHER_SUITES
rustls::kx_group::* rustls::crypto::ring::kx_group::*
rustls::sign::any_ecdsa_type rustls::crypto::ring::sign::any_ecdsa_type
rustls::sign::any_eddsa_type rustls::crypto::ring::sign::any_eddsa_type
rustls::sign::any_supported_type rustls::crypto::ring::sign::any_supported_type

Moved/renamed/new items

Moved

  • ALL_CIPHER_SUITES (crypto providers)
  • ALL_KX_GROUPS (crypto providers)
  • DEFAULT_CIPHER_SUITES (crypto providers)
  • SECP256R1 (crypto providers)
  • SECP384R1 (crypto providers)
  • any_ecdsa_type (crypto providers)
  • any_eddsa_type (crypto providers)
  • any_supported_type (crypto providers)
  • CipherSuiteCommon (crypto)
  • ClientCertVerified (server::danger)
  • ClientCertVerifier (server::danger)
  • DangerousClientConfig (client::danger)
  • HandshakeSignatureValid (client::danger)
  • ServerCertVerified (client::danger)
  • ServerCertVerifier (client::danger)
  • SupportedKxGroup (crypto)
  • Ticketer (crypto providers)
  • TLS13_AES_128_GCM_SHA256 (crypto providers)
  • TLS13_AES_256_GCM_SHA384 (crypto providers)
  • TLS13_CHACHA20_POLY1305_SHA256 (crypto providers)
  • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (crypto providers)
  • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (crypto providers)
  • TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (crypto providers)
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (crypto providers)
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (crypto providers)
  • TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (crypto providers)
  • X25519 (crypto providers)

Renamed

  • WebPkiVerifier (client::WebPkiServerVerifier)
  • Certificate (rustls_pki_types::CertificateDer)
  • PrivateKey (rustls_pki_types::PrivateKeyDer)
  • SignError (crypto::ring::sign::InvalidKeyError)

Added

  • ActiveKeyExchange (crypto)
  • AeadKey (crypto::cipher)
  • Algorithm (quic)
  • ClientCertVerifierBuilder (server)
  • DangerousClientConfigBuilder (client::danger)
  • expand (crypto::tls13)
  • OkmBlock (crypto::tls13)
  • OutputLengthError (crypto::tls13)
  • ServerCertVerifierBuilder (client)
  • TicketSwitcher (ticketer)
  • WebPkiClientVerifier (server)

Added (crypto provider extensibility)

  • default_provider() (crypto::ring)
  • default_provider() (crypto::aws_lc_rs)
  • HashAlgorithm (crypto::hash)
  • Hash (crypto::hash)
  • Hkdf (crypto::tls13)
  • HkdfExpander (crypto::tls13)
  • HkdfExpanderUsingHmac (crypto::tls13)
  • HkdfUsingHmac (crypto::tls13)
  • Hmac (crypto::hmac)
  • Iv (crypto::cipher)
  • KeyBlockShape (crypto::cipher)
  • Key (crypto::hmac)
  • KeyExchangeAlgorithm (crypto)
  • make_tls12_aad (crypto::cipher)
  • make_tls13_aad (crypto::cipher)
  • MessageDecrypter (crypto::cipher)
  • MessageEncrypter (crypto::cipher)
  • Nonce (crypto::cipher)
  • Nonce (crypto::cipher)
  • OpaqueMessage (crypto::cipher)
  • Output (crypto::hash)
  • PlainMessage (crypto::cipher)
  • Prf (crypto::tls12)
  • PrfUsingHmac (crypto::tls12)
  • SharedSecret (crypto)
  • Tag (crypto::hmac)
  • Tls12AeadAlgorithm (crypto::cipher)
  • UnsupportedOperationError (crypto::cipher)
  • WebPkiSupportedAlgorithms (crypto)

Added (error types)

  • GetRandomFailed (crypto)
  • OtherError (top level)
  • UnsupportedOperationError (crypto::cipher)
  • VerifierBuilderError (client)
  • VerifierBuilderError (server)

Removed

  • AllowAnyAnonymousOrAuthenticatedClient
  • AllowAnyAuthenticatedClient
  • BulkAlgorithm
  • CertificateTransparencyPolicy
  • supported_sign_tls13
  • WantsTransparencyPolicyOrClientCert
  • OwnedTrustAnchor - use rustls_pki_types::TrustAnchor instead, and replace from_subject_spki_name_constraints with direct assignment to the struct fields.
  • ConfigBuilder::with_safe_defaults - calls to this can simply be deleted since safe defaults are now implicit.

Changed

What's Changed

New Contributors

Full Changelog: https://github.com/rustls/rustls/compare/v/0.21.9...v/0.22.0

v/0.21.9

7 months ago
  • Fixes using the (non-default) read_buf feature with Rust nightly newer than nightly-2023-11-01 by opting in to the core_io_borrowed_buf feature and updated BorrowedBuf, BorrowedCursor types.

What's Changed

Full Changelog: https://github.com/rustls/rustls/compare/v/0.21.8...v/0.21.9