0.23.0

• Default cryptography provider changed to aws-lc-rs. Note that this has some implications on platform support and build-time tool requirements such as cmake on all platforms and nasm on Windows.
  Support for ring continues to be available: set the ring crate feature.

• Support for FIPS validated mode with aws-lc-rs: see the manual section and aws-lc-rs's FIPS documentation. Note that aws-lc-rs in FIPS mode has further build-time requirements as detailed in the FIPS documentation.
  Thanks to the aws-lc-rs for their assistance on this.

• Support for process-wide selection of CryptoProviders. See the documentation. Note that callers of ClientConfig::builder(), ServerConfig::builder(), WebPkiServerVerifier::builder() and WebPkiClientVerifier::builder() must now ensure that the crate's features are unambiguous or explicitly select a process-level provider using CryptoProvider::install_default(). Otherwise, these calls will panic with:

  no process-level CryptoProvider available -- call CryptoProvider::install_default() before this point

  We recommend that libraries rely on the process-level provider by default, and that applications use this new API to select the provider they wish to use.

• New unbuffered API. UnbufferedClientConnection and UnbufferedServerConnection offer a low-level, event-driven API which does not internally buffer data.
  Thanks to the team from Ferrous Systems.

• New no_std support. A new (enabled by default) std crate feature now gates all APIs that depend on std. The above unbuffered APIs must be used for no_std support. Note that alloc continues to be required. Work is ongoing to reintroduce certain APIs for no_std users (see #1688) -- please file issues for other no_std use cases.
  Thanks to the team from Ferrous Systems.

• Performance improvement: internal copying while sending data is reduced.
  Thanks to the team from the Sōzu project.

• Performance improvement: write_vectored now produces less on-the-wire overhead, which will dramatically improve throughput if it is used with a large number of small messages.
  Thanks to the team from the Sōzu project.

• Acceptor API error handling improvement. If a TLS alert should be sent to inform the peer of a connection failure, this is now made available in the Err() variant returned from Acceptor::accept and Accepted::into_connection (which is also a breaking change). Applications should write this data to the peer. See the server_acceptor example.

• Support for FFDHE key exchange: custom CryptoProviders can now support FFDHE key exchange, in accordance with RFC7919. Note that the default providers do not do this.
  Thanks to the team from Fortanix.

• Support for servers requiring extended_master_secret support from clients. See ServerConfig::require_ems.
  Thanks to the team from Fortanix.

• Extension ordering in ClientHello messages are now randomised as an anti-fingerprinting measure. We do not foresee any interoperability issues as Chrome has already rolled out the same change.
  Thanks to @GomesGoncalo.

• Breaking change: CipherSuiteCommon::integrity_limit field removed (this was QUIC-specific, it has moved to quic::PacketKey::integrity_limit()).

• Breaking change: crypto::cipher::BorrowedPlainMessage and crypto::cipher::OpaqueMessage have been renamed (to OutboundPlainMessage and OutboundOpaqueMessage) and altered to support performance improvements. See the example code.

• Breaking change: all protocol enum types (eg. CipherSuite) have had their get_u8/get_u16 accessor removed; use u8::from() / u16::from() instead.

What's Changed

• make the provider-example library no-std compatible (almost) by @japaric in #1636
• doc: fix outdated documentation by @omegablitz in #1669
• Minor tweaks to provider-example code by @djc in #1670
• remove the TLS 1.2 session ticket on DecryptError by @Geal in #1668
• [1/3] MessageDeframer: batch discard operations by @japaric in #1595
• Cargo: version 0.22 -> 0.23-alpha.0 by @cpu in #1672
• crypto: explain TLS 1.2 version in TLS 1.3 message encrypters by @cpu in #1671
• Mark SupportedProtocolVersion as non-exhaustive by @pvdrz in #1673
• quic: require that PacketKey and HeaderProtectionKey are Send + Sync by @djc in #1665
• bench: remove redundant benchmark param by @aochagavia in #1675
• Re-export the types crate contents by @djc in #1674
• update examples to use pki_types re-export by @jsha in #1679
• build(deps): bump actions/setup-go from 4 to 5 by @dependabot in #1681
• Update semver-compatible dependencies by @djc in #1683
• bench: remove unused function by @aochagavia in #1684
• Add a roadmap by @ctz in #1676
• build(deps): bump actions/upload-artifact from 3 to 4 by @dependabot in #1695
• build(deps): bump the crates-io group with 1 update by @dependabot in #1694
• bench: remove icount workflow from GitHub Actions by @aochagavia in #1696
• bench: remove cachegrind diff post-processing by @aochagavia in #1697
• examples: consistently document example program purpose by @cpu in #1693
• [2/3] implement the caller-side managed buffers API (take 2) by @japaric in #1583
• verify.rs: correct comment for verify_server_name by @ctz in #1698
• ci-bench: explain motivation for wall-time measurements in readme by @aochagavia in #1700
• Condense the fragment_slice return type by @pvdrz in #1701
• Add BENCHMARKING.md by @aochagavia in #1699
• move sendable_plaintext from CommonState to ConnectionCommon by @japaric in #1591
• Clarify ClientHello legacy_record_version commentary by @ctz in #1705
• Implement FromIterator for RootCertStore by @niklasf in #1708
• Cargo: update semver compat deps by @cpu in #1714
• Misc testing improvements by @ctz in #1717
• examples: add very simple server, README by @cpu in #1715
• docs: provide more pointers for examples by @cpu in #1716
• Support P521-SHA512 signatures with aws-lc-rs by @ctz in #1706
• examples: fix style w.r.t env var usage, const placement by @cpu in #1719
• Update roadmap regarding rustls-platform-verifier and ECH support by @bdaehlie in #1721
• macros: allow trailing enum_builder comma by @cpu in #1725
• msgs/handshake.rs: remove get_ fn prefixes by @cpu in #1726
• docs: provide more guidance for customizing private keys by @cpu in #1724
• Don't add empty certificate_authorities extension by @ctz in #1729
• examples: simpleserver: skip argv[0] & update doc comment by @bnjmnjrk in #1733
• client_conn: style tweaks for member/impl ordering by @cpu in #1736
• Small HPKE trait tweaks by @cpu in #1737
• handshake: derive a few more traits by @cpu in #1738
• make the decode / decrypt pipeline non-allocating (groundwork) by @japaric in #1597
• hash_hs: support cloning (forking) HandshakeHash[Buffer] by @cpu in #1739
• Update bogo version by @ctz in #1740
• Randomize ClientHello extensions by @GomesGoncalo in #1730
• Update hs.rs by @NRKirby in #1743
• deps: update Cargo lock for semver compatible dependency updates by @cpu in #1747
• docs: add more documentation on crypto providers by @cpu in #1742
• examples: minor optimization for mio client NoCertificateVerification by @cpu in #1753
• build(deps): bump h2 from 0.3.22 to 0.3.24 by @dependabot in #1755
• Update semver-compatible dependencies by @djc in #1759
• Update README.md - server auth by @elardus-erasmus in #1756
• Add config option for requiring peer must support extended_master_secret extension in TLS 1.2 by @Taowyoo in #1754
• Clarify MAX_PAYLOAD comment by @themighty1 in #1761
• Remove work-around for loading SEC1-format ECDSA keys by @ctz in #1767
• Depend on aws-lc-rs with default-features = false by @joshtriplett in #1768
• Add 'fips' cargo feature to enable to the aws-lc-rs crypto provider with the AWS-LC FIPS implementations. by @skmcgrail in #1732
• Fix cargo powerset build for ring w/o tls1.2 feature by @cpu in #1769
• build(deps): bump codecov/codecov-action from 3 to 4 by @dependabot in #1770
• Default to require_ems in FIPS mode by @ctz in #1772
• github actions: standardise on ubuntu-latest by @ctz in #1773
• Add support for FFDHE key exchange by @s-arash in #1702
• Take curve25519-dalek 4.1.2 by @ctz in #1775
• Add rustls-rustcrypto to the list of third-party providers by @stevefan1999-personal in #1763
• Introduce concept of "process default" provider by @ctz in #1766
• Improve testing when multiple built-in providers are enabled by @ctz in #1778
• provide codecov token for coverage job by @ctz in #1781
• Update dependencies by @djc in #1783
• Change crate default features to use aws-lc-rs by @ctz in #1780
• ci: add Windows aws-lc-rs build reqs to daily-tests by @cpu in #1786
• Make peer-certificates lifetime explicit by @richardpringle in #1787
• Update version of nightly for check-external-types by @ctz in #1791
• examples: ignore interrupted syscalls for mio poll by @cpu in #1790
• Limit fragmentation in write_vectored by @Keksoj in #1640
• Improve provider and FIPS documentation by @ctz in #1789
• Tidy away BorrowedPlainMessage by @ctz in #1794
• Correct kx group selection by @ctz in #1784
• Cargo: bump semver compat deps by @cpu in #1795
• Use end_entity variable when verifying CertificateVerify by @thomwiggers in #1799
• Take semver compatible updates by @ctz in #1800
• ci: skip docs deploy for forks by @cpu in #1801
• Avoid unnecessary allocation and copy in OpaqueMessage::encode by @Wonshtrum in #1774
• Another docs pass after reviewing #1774 by @ctz in #1807
• Tweaks to the enum macros by @djc in #1809
• [3/3] no-std support phase I by @japaric in #1502
• Message type tweaks by @djc in #1810
• Fix a typo by @haroldbruintjes in #1812
• server: allow acceptor to send alerts after error by @djc in #1811
• Fix new nightly warnings by @ctz in #1813
• Next steps for Quinn support (cont'd) by @cpu in #1798
• Prepare 0.23 roadmap entries by @ctz in #1802
• Cargo.toml: disentangle std/aws_lc_rs features by @ctz in #1818
• refactor: avoid pretty printing used in logging beyond debug level by @Taowyoo in #1820
• Reword no process-level CryptoProvider panic by @ctz in #1822
• Prepare 0.23.0 by @ctz in #1817

New Contributors

• @omegablitz made their first contribution in #1669
• @Geal made their first contribution in #1668
• @pvdrz made their first contribution in #1673
• @bnjmnjrk made their first contribution in #1733
• @GomesGoncalo made their first contribution in #1730
• @NRKirby made their first contribution in #1743
• @elardus-erasmus made their first contribution in #1756
• @themighty1 made their first contribution in #1761
• @joshtriplett made their first contribution in #1768
• @skmcgrail made their first contribution in #1732
• @s-arash made their first contribution in #1702
• @richardpringle made their first contribution in #1787
• @Keksoj made their first contribution in #1640
• @Wonshtrum made their first contribution in #1774
• @haroldbruintjes made their first contribution in #1812

Full Changelog: v/0.22.2...v/0.23.0