0.23.17

• Performance improvement: by default rustls servers now send fewer TLS1.3 tickets to a client. The old default was 4 tickets, now it is 2. The number can be tuned if needed by setting ServerConfig::send_tls13_tickets.
• Performance improvement: the default ticket rotator now has improved multithreaded performance.

What's Changed

• Add note about ed25519 browser support by @ctz in #2186
• doc(no_inline) rustls::pki_types re-export by @ctz in #2188
• server: default send_tls13_tickets 4 -> 2 by @cpu in #2187
• build: bump nightly for cargo-check-external-types by @ctz in #2191
• Assorted "design" documentation, and record stance on custom TLS extension APIs by @ctz in #2189
• cancel-in-progress github action runs keyed on PR/ref by @ctz in #2197
• minor improvements to internal test imports by @brodycj in #2199
• Introduce TicketRotator, a version of TicketSwitcher with improved thread scalability by @ctz in #2193
• Support multithreaded benchmarks by @ctz in #2192
• Static site for rustls.dev, including home for performance reports by @ctz in #2201
• add arm performance results by @ctz in #2206
• StoresServerSessions: guarantee keys are high entropy by @ctz in #2209
• fix(deps): update rust crate zlib-rs to 0.4 by @renovate-bot in #2210
• chore(deps): update codecov/codecov-action action to v5 by @renovate-bot in #2211
• Prepare 0.23.17 by @ctz in #2214

Full Changelog: v/0.23.16...v/0.23.17

0.23.16

Release notes

• Add support for RFC 7250 raw public keys.

What's Changed

• ci: update ECH daily-test configuration by @cpu in #2161
• Support for Raw Public Keys (RFC 7250) by @holodorum in #2062
• ci: restore defo.ie ECH daily test by @cpu in #2164
• bench: avoid debug_assert by @ctz in #2163
• client/tls12: remove stale ref to SCT verification by @cpu in #2166
• Remove crossbuilds and coverage from merge_checks by @ctz in #2165
• bench: match default BoringSSL/OpenSSL ticket count by @ctz in #2167
• Faster TLS1.3 server resumption by @ctz in #2168
• Markdown fixes in manual by @ctz in #2169
• Change link to the NSS Key Log Format by @yedayak in #2170
• consistent APIs for connection FIPS indicator by @cpu in #2174
• Make ciphersuite enum smaller by @ctz in #2172
• automate dead link checking of documentation by @cpu in #2173
• Lychee linkcheck tweaks by @cpu in #2176
• ci: loosen lychee-action version by @cpu in #2178
• fix(deps): update rust crate asn1 to 0.18 by @renovate-bot in #2180
• post-quantum: move from kyber768 to ML-KEM768 by @ctz in #2175
• Expose ConfigBuilder::crypto_provider() by @djc in #2181
• chore(deps): lock file maintenance by @renovate-bot in #2185
• Don't warn on UserCanceled alerts by @djc in #2184
• Bump version to 0.23.16 by @djc in #2183

0.23.15

Release notes

• Improve performance when reading plaintext data in small increments (#2154)

What's Changed

• chore(deps): lock file maintenance by @renovate-bot in #2150
• chore(deps): lock file maintenance by @renovate-bot in #2153
• fix: renamed structs to correct naming inconsistency by @hex1c in #2152
• Improve receive performance by @ctz in #2155
• list ECH as a feature, fix some low-hanging nightly clippy findings. by @cpu in #2157
• Use re-exported pki-types everywhere by @djc in #2158
• bench: decrease bench allocator traffic by @ctz in #2160
• Prepare 0.23.15 by @ctz in #2156

New Contributors

• @hex1c made their first contribution in #2152

Full Changelog: v/0.23.14...v/0.23.15

0.23.14

Release notes

• Breaking change for no_std users: The return type of CryptoProvider::install_default() would change depending on the std crate feature. This was unintended and is corrected in this release. But that does mean this semver-compatible release contains a breaking API change, albeit only for users who omit the std crate feature. Our apologies in advance.
• Performance improvements especially for servers doing a full TLS1.3 handshake, and clients doing a resumed TLS1.2 handshake.
• Improvements to example code: demonstrate usage of TLS1.3 early data (thanks to @tahmid-23) & using clap for CLI.

What's Changed

• Allow SupportedKxGroup to be version-specific by @ctz in #2112
• Improve early data examples by @tahmid-23 in #2102
• chore(deps): lock file maintenance by @renovate-bot in #2124
• Send flights of handshake messages in single message by @ctz in #2120
• Fix daily connect-tests by @cpu in #2127
• Fix links in howto section of manual by @ctz in #2129
• Lower noise in ci-bench by @ctz in #2123
• examples: convert tlsserver-mio from docopt to clap by @djc in #2126
• Small refactors by @liujustin604 in #2130
• chore(deps): lock file maintenance by @renovate-bot in #2131
• Remove remaining uses of docopt by @ctz in #2132
• Eliminate large copies in resumption code paths by @ctz in #2122
• Eliminate an allocation in signature verification by @ctz in #2135
• chore(deps): lock file maintenance by @renovate-bot in #2139
• Fix tls13_packed_handshake test bitrot by @ctz in #2141
• Migrate to pki-types PEM decoder by @ctz in #2140
• Cargo: hashbrown 0.14 -> 0.15 by @cpu in #2143
• fix(deps): update rust crate brotli to v7 by @renovate-bot in #2144
• Refer to FIPS cert in fips.rs by @ctz in #2145
• default crypto provider improvements by @brodycj in #2089
• Update bogo by @ctz in #2146
• Take aws-lc-rs 1.10 by @ctz in #2147
• Prepare 0.23.14 by @ctz in #2149

New Contributors

• @liujustin604 made their first contribution in #2130

Full Changelog: v/0.23.13...v/0.23.14

0.23.13

• Add new custom-provider crate feature to disable installation of built-in provider. This may be useful in situations where your application wishes to ensure consistent use of a custom crypto provider throughout the dependency tree. Thanks to @stormshield-gt
• Ensure only max_early_data_size bytes of early data will be accepted, if it is read while it is being received. Thanks to @tahmid-23 for the report and fix.
• Use the ticket construction recommended by RFC5077 for the default aws-lc-rs ticketer.
• Take aws-lc-rs 1.9 -- this removes the build-time requirement for NASM on Windows. There is an environment variable which reenables the old behaviour of building these artifacts from source.

What's Changed

• Spell checker pass by @ctz in #2053
• Fix clippy lints stabilised in 1.80 by @ctz in #2055
• Update CLI of example tlsserver-mio to support early data and disabling resumption (closes #2058) by @Leonie-Theobald in #2059
• Take upstream bogo changes, and expand testing using it by @ctz in #2057
• Enable one more bogo ECH test, update skip reason for another by @cpu in #2061
• Rewrite message deframer by @ctz in #2049
• Remove default_fips_provider() item without aws_lc_rs by @ctz in #2064
• Fix daily-tests failures by @ctz in #2065
• Avoid hanging if the client disconnects while self.wants_write() by @lasiotus in #2060
• fix(deps): update rust crate asn1 to 0.17 by @renovate-bot in #2067
• chore(deps): lock file maintenance by @renovate-bot in #2069
• Remove unused code in ServerConnection::new by @DragonDev1906 in #2073
• aws_lc_rs: implement RFC 5077 recommended ticketer by @cpu in #2066
• Optimise crate size by @ctz in #2077
• chore(deps): lock file maintenance by @renovate-bot in #2080
• Add end entity and client public keys in PEM format for testing by @holodorum in #2078
• Crypto: add feature to disable installation of built-in provider by @stormshield-gt in #2082
• Reinstate coverage of CryptoProvider provider fns by @ctz in #2083
• remove Send + Sync not needed from client session storage field by @brodycj in #2087
• chore: remove trailing spaces by @brodycj in #2090
• polyfill: allow dead code w/o built-in providers, no-std by @cpu in #2091
• nit(ci): remove extra blank line from .github/workflows/build.yml by @brodycj in #2094
• ci: trim daily-tests powerset by @cpu in #2093
• Ensure only max_early_data_size will be read after reading from ReadEarlyData by @tahmid-23 in #2097
• nit(ci): remove a trailing space from daily-tests.yml by @brodycj in #2098
• ci: cross-target build & test updates by @brodycj in #2095
• chore(deps): lock file maintenance by @renovate-bot in #2105
• Tidy logging macros by @ctz in #2106
• nit: move rustls::crypto::CryptoProvider documentation item by @brodycj in #2107
• Fix excessively long first rustdoc paragraphs by @ctz in #2109
• Remove FFDHE constants from programs that don't use FFDHE by @ctz in #2092
• Mention rustls-wolfcrypt-provider in providers docs by @gasbytes in #2110
• fix(deps): update rust crate zlib-rs to 0.3 by @renovate-bot in #2111
• Take aws-lc-rs 1.9 by @ctz in #2118

New Contributors

• @Leonie-Theobald made their first contribution in #2059
• @lasiotus made their first contribution in #2060
• @DragonDev1906 made their first contribution in #2073
• @holodorum made their first contribution in #2078
• @stormshield-gt made their first contribution in #2082
• @tahmid-23 made their first contribution in #2097
• @gasbytes made their first contribution in #2110

Full Changelog: v/0.23.12...v/0.23.13

0.23.12

Added support for P521 SHA-256/SHA-384 signature verification with aws-lc-rs.

What's Changed

• chore(deps): update rust crate tikv-jemallocator to 0.6 by @renovate-bot in #2045
• chore(deps): lock file maintenance by @renovate-bot in #2046
• ci: tweak renovate config by @cpu in #2047
• Support P521 SHA-256/SHA-384 signatures with aws-lc-rs by @samin-cf in #2050
• build(deps): bump openssl from 0.10.64 to 0.10.66 by @dependabot in #2051
• Prepare 0.23.12 release by @samin-cf in #2052

0.23.11

• New feature: API for determining whether a CertifiedKey's certificate and private key matches: keys_match(). This is called from existing fallible functions that accept a private key and certificate (for example, with_single_cert()) so these functions now detect this misconfiguration.

  This relies on a new -- optional -- member of the SigningKey trait: public_key() -- downstream implementers of this trait can opt-in to this behavior by implementing this method.

• New feature: API for determining which key exchange group a connection used: negotiated_key_exchange_group()

• New feature: Automatic sending of TLS1.3 key_update messages to avoid exceeding AEAD confidentiality limits. This is complemented with a new API for manual use, refresh_traffic_keys()

• Expose common connection items in unbuffered API (docs)

What's Changed

• docs: cross off client-side ECH from roadmap by @cpu in #2006
• fix(deps): update rust crate zlib-rs to 0.2 by @renovate-bot in #2005
• deps: use hickory-resolver 0.25 alpha release by @cpu in #2007
• chore(deps): update seanmiddleditch/gha-setup-ninja action to v5 by @renovate-bot in #2008
• (Examples) Bugfix: Use normal brackets to avoid docopt literal default by @ckcr4lyf in #2009
• docs: add ech-client.rs to examples/README.md by @cpu in #2011
• build(deps): bump curve25519-dalek from 4.1.2 to 4.1.3 by @dependabot in #2012
• Refactor integration tests to let rustfmt work by @ctz in #2014
• (Examples) Feature: Use port-prefix naming to lookup correct ECHConfig by @ckcr4lyf in #2013
• docs: word iff => if and only if by @Borber in #2015
• key_update API and automatic key refreshing by @ctz in #2003
• chore(deps): lock file maintenance by @renovate-bot in #2020
• Fix flickery unbuffered examples by @ctz in #2017
• key_update review follow-up by @ctz in #2016
• add warn for elided_lifetimes_in_paths by @cpu in #2025
• chore: fix some comments by @haouvw in #2026
• Tighten up ticketer decryption by @ctz in #2022
• examples Fix minor typo (ciper -> cipher) by @bheesham in #2027
• chore(deps): lock file maintenance by @renovate-bot in #2029
• unbuffered: add missing deref for CommonState by @ctz in #2032
• common_state: expose key exchange group by @cpu in #2028
• Add function to verify CertifiedKey consistency by @lvkv in #1954
• Avoid markdown footnotes by @ctz in #2033
• Benchmark unbuffered API by @ctz in #2024
• chore(deps): lock file maintenance by @renovate-bot in #2035
• chore(deps): lock file maintenance by @renovate-bot in #2036
• Verify CertifiedKey consistency in ConfigBuilder with_single_cert methods by @lvkv in #2034
• Implement public_key() for all built-in SigningKey impls by @ctz in #2039
• Prepare 0.23.11 by @ctz in #2037

New Contributors

• @ckcr4lyf made their first contribution in #2009
• @Borber made their first contribution in #2015
• @haouvw made their first contribution in #2026
• @bheesham made their first contribution in #2027
• @lvkv made their first contribution in #1954

Full Changelog: v/0.23.10...v/0.23.11

0.23.10

• draft-ietf-tls-esni-18 encrypted client hello (ECH) is now supported for client applications. See the ech-client.rs example for a complete end-to-end demonstration using DNS-over-HTTPS to retrieve a server's ECH configuration for building a Rustls ClientConfig using with_ech().
• Additional safety limits guarding against fruitless processing of small messages have been added. Rustls will now limit excessive warning-level alerts, post-handshake renegotiation attempts, key update requests, and empty plaintext fragments.
• FIPS mode has been updated to exclude X25519 key exchange.

What's Changed

• docs: add OpenSSF best practices badge by @cpu in #1985
• ROADMAP: check off cert compression by @ctz in #1987
• chore: Configure Renovate by @renovate-bot in #1984
• chore(deps): lock file maintenance by @renovate-bot in #1991
• Disable x25519 key exchange in fips mode by @ctz in #1993
• aws_lc_rs: fix unused import w/ no-std by @cpu in #1994
• Limit fruitless processing of small messages by @ctz in #1988
• fix lib.rs examples link by @bmw in #1995
• chore(deps): lock file maintenance by @renovate-bot in #1996
• Revert "ci: temp. pin nightly to 2024-05-22" by @cpu in #1998
• Encrypted Client Hello support (client only) by @cpu in #1718
• apply nightly formatting by @cpu in #2002
• ech: implement inner hello extension compression by @cpu in #2001
• v0.23.10 release preparation by @cpu in #2004

New Contributors

• @renovate-bot made their first contribution in #1984
• @bmw made their first contribution in #1995

Full Changelog: v/0.23.9...v/0.23.10

0.23.9

• RFC8879 certificate compression is now supported. Get started by enabling the brotli and/or zlib crate features, which depend on the brotli or zlib-rs crates. We recommend brotli as it has the widest deployment so far.

What's Changed

• ci: temp. pin nightly to 2024-05-22 by @cpu in #1971
• deps: update semver compatible dependencies by @cpu in #1972
• Fix LTO setting and a clippy::use_self finding by @cpu in #1973
• ci: update cargo-check-external-types toolchain by @cpu in #1974
• fix rustc-check-cfg by @cpu in #1975
• Support RFC8879 certificate compression by @ctz in #1966
• Update roadmap to reflect initial release of the OpenSSL compat layer by @bdaehlie in #1977
• Implement RFC 9180 HPKE provider backed by aws-lc-rs by @cpu in #1963
• Tidy handshake_tests file by @ctz in #1978
• General roadmap updates. by @bdaehlie in #1979
• Minor #[allow()] cleanups by @ctz in #1982
• Prepare 0.23.9 by @ctz in #1986

Full Changelog: v/0.23.8...v/0.23.9

0.23.8

• Add support for enforcing CRL expiration, by @jasperpatterson

What's Changed

• updated the command to run the examples tlsserver-mio and tlsclient-mio by @sarath3192 in #1956
• update cargo deps by @cpu in #1960
• Misc changes around certificate encoding by @ctz in #1962
• Add support for enforcing CRL expiration by @jasperpatterson in #1922
• Certificate compression preparation by @ctz in #1964
• Prepare 0.23.8 by @ctz in #1965

New Contributors

• @sarath3192 made their first contribution in #1956
• @jasperpatterson made their first contribution in #1922

Full Changelog: v/0.23.7...v/0.23.8