Mbed TLS 2.7.10

Description

Mbed TLS 2.7.10 is a maintenance release of the Mbed TLS 2.7 branch, and provides bug fixes and minor enhancements.

Features

• Add MBEDTLS_REMOVE_3DES_CIPHERSUITES to allow removing 3DES ciphersuites from the default list (enabled by default). See https://sweet32.info/SWEET32_CCS16.pdf.

Bugfix

• Run the AD too long test only if MBEDTLS_CCM_ALT is not defined. Raised as a comment in #1996.
• Fix clobber list in MIPS assembly for large integer multiplication. Previously, this could lead to functionally incorrect assembly being produced by some optimizing compilers, showing up as failures in e.g. RSA or ECC signature operations. Reported in #1722, fix suggested by Aurelien Jarno and submitted by Jeffrey Martin.
• Reduce stack usage of mpi_write_hlp() by eliminating recursion. Fixes #2190.
• Remove a duplicate #include in a sample program. Fixed by Masashi Honma #2326.
• Fix returning the value 1 when mbedtls_ecdsa_genkey() failed.
• Ensure that unused bits are zero when writing ASN.1 bitstrings when using mbedtls_asn1_write_bitstring().
• Fix issue when writing the named bitstrings in KeyUsage and NsCertType extensions in CSRs and CRTs that caused these bitstrings to not be encoded correctly as trailing zeroes were not accounted for as unused bits in the leading content octet. Fixes #1610.

Changes

• Include configuration file in all header files that use configuration, instead of relying on other header files that they include. Inserted as an enhancement for #1371
• Add support for alternative CSR headers, as used by Microsoft and defined in RFC 7468. Found by Michael Ernst. Fixes #767.
• Reduce the complexity of the timing tests. They were assuming more than the underlying OS actually guarantees.
• Ciphersuites based on 3DES now have the lowest priority by default when they are enabled.

Who should update

We recommend all affected users should update to take advantage of the bug fixes contained in this release at an appropriate point in their development lifecycle.