0.23.22

• Support for post-quantum-secure key exchange using X25519MLKEM768 when using the aws-lc-rs provider. This is supported by default, but offered at a low algorithm negotiation priority.

  A new crate feature prefer-post-quantum adjusts the aws-lc-rs provider's DEFAULT_KX_GROUPS order, so X25519MLKEM768 is the most preferred key exchange algorithm. This has some performance impact: handshakes which offer TLS1.3 are larger and slower.

  We expect to add this feature to the crate's default features in a future minor release.

  The rustls-post-quantum crate now depends on the core rustls crate and activates this feature.

• std::io::BufRead is now implemented for Reader, Stream, and StreamOwned. Thanks to @goffrie

What's Changed

• chore(deps): lock file maintenance by @renovate-bot in #2304
• Fix SSL 2 version constant to 0x0002 by @droe in #2305
• Incidental/preparatory parts of #2288 by @ctz in #2306
• chore: enforce taplo toml formatting by @brody4hire in #2307
• CI: deny all Clippy warnings including clippy::incompatible_msrv by @brody4hire in #2310
• chore: list rustls features near top of rustls/Cargo.toml by @brody4hire in #2314
• top-level sync::Arc alias to support fork for targets with no atomic ptr by @brody4hire in #2285
• add missing doc for default std feature by @brody4hire in #2313
• Implement BufRead for Reader, Stream, and StreamOwned by @goffrie in #2303
• Move rustls-post-quantum into the core crate by @ctz in #2288
• chore(deps): update rust crate x509-parser to 0.17 by @renovate-bot in #2320
• Detect ChunkVecBuffer::consume larger than length by @paolobarbolini in #2318
• Defensiveness improvements to ChunkVecBuffer by @ctz in #2319

New Contributors

• @droe made their first contribution in #2305
• @goffrie made their first contribution in #2303

Full Changelog: v/0.23.21...v/0.23.22

rustls-post-quantum-v/0.2.2

The functionality of this crate became part of the core rustls crate from its 0.23.22 release. This crate now sets the prefer-post-quantum feature, and maintains the same interface as before by re-exporting items from the 0.23.22 core crate.

Full Changelog: rustls-post-quantum-v/0.2.1...rustls-post-quantum-v/0.2.2

0.23.21

Added support for sending the certificate_authorities extension in the ClientHello (see #2265).

What's Changed

• improve provider-example CI testing & coverage testing by @brodycj in #2277
• Adopt benchmarking docs to new rustls-bench crate by @sbernauer in #2279
• Support certificate_authorities extension in ClientHello by @s-arash in #2265
• Clarify ordering of module items by @djc in #2271
• examples: ech-client should process all HTTPS records by @cpu in #2278
• docs: fix CONTRIBUTING.md broken link by @cpu in #2282
• Improve fuzzing coverage further by @ctz in #2267
• post-quantum key exchange writeup by @ctz in #2281
• Take aws-lc-rs 1.12 by @ctz in #2286
• Server fuzzing harness improvements by @ctz in #2294
• cleanup: use more parens when calculating ECH seed by @brodycj in #2296
• docs: update @cpu maintainer status by @cpu in #2299
• Prepare v0.23.21 release by @s-arash in #2301

0.23.20

Release notes:

• Support hybrid key exchange optimization: this improves efficiency of hybrid post-quantum key exchanges when the classical half of the hybrid is selected, which will be common during the post-quantum transition. This optimization is described in and allowed by draft-ietf-tls-hybrid-design; we plan to produce a short report soon illustrating its benefits.

This release, like 0.23.18, has an MSRV of 1.71. We are aware of a compiler bug in 1.71 that may affect rustls and recommend 1.73 or later.

What's Changed

• fix codecov.io upload by @ctz in #2236
• bench: optionally record individual handshake latencies by @ctz in #2224
• CI: enable doc tests on all CI hosts (and update CI doc test comments) by @brodycj in #2242
• replace unnecessary use of .map_or() with .is_some_and() by @brodycj in #2240
• Document a MSRV policy by @ctz in #2243
• Assorted clippy fixes by @ctz in #2245
• Normalise syntax of test_for_each_provider! by @ctz in #2222
• openssl-tests: fix clippy::zombie_processes warnings by @ctz in #2248
• performance headlines / landing page by @ctz in #2246
• multithreading benchmarking write-up by @ctz in #2207
• 2024-11-28-threading report: fix link by @ctz in #2250
• README: link to more providers by @ctz in #2251
• Port version bump to 0.23.19 to main by @djc in #2254
• Lock file maintenance by @renovate-bot in #2253
• Implement post-quantum hybrid KX optimisation by @ctz in #2136
• style.css: fix <pre> blowing out page width by @ctz in #2255
• docs: reduce permission scope by @cpu in #2261
• Lock file maintenance by @renovate-bot in #2262
• Restructure hybrid key exchange implementation by @ctz in #2259
• Improve fuzzing coverage and improve processed data tracking by @ctz in #2249
• openssl-tests: install openssl from source by @ctz in #2263
• examples: use inner hostname in ech-client HTTPS DNS query by @cpu in #2268
• server: remove ClientHello constructor by @djc in #2270
• fix rustls-provider-example hpke no-std support by @brodycj in #2269
• nit: remove trailing space from doc comments by @brodycj in #2273
• Release notes for rustls 0.23.20 & rustls-post-quantum 0.2.0 by @ctz in #2272

Full Changelog: v/0.23.18...v/0.23.20

rustls-post-quantum 0.2.1

Administrative release -- fixes the crate README. See https://github.com/rustls/rustls/releases/tag/rustls-post-quantum-v%2F0.2.0

What's Changed

• Fix rustls-post-quantum readme by @ctz in #2275

Full Changelog: rustls-post-quantum-v/0.2.0...rustls-post-quantum-v/0.2.1

rustls-post-quantum 0.2.0

Release notes:

• Move to standardized X25519MLKEM768. This removes support for the previous -- pre-standardization -- X25519Kyber768Draft00, which is a breaking change.
• Support MLKEM768 separately. Thanks to @dconnolly.

In the near future we plan to integrate rustls-post-quantum into the core rustls crate.

What's Changed

• rustls-post-quantum: correct formatting by @ctz in #1850
• Add path for rustls-post-quantum -> rustls dependency by @ctz in #1865
• docs: update ROADMAP post-quantum kex item by @cpu in #1894
• post-quantum: move from kyber768 to ML-KEM768 by @ctz in #2175
• Implement post-quantum hybrid KX optimisation by @ctz in #2136
• Release notes for rustls 0.23.20 & rustls-post-quantum 0.2.0 by @ctz in #2272

Full Changelog: rustls-post-quantum-v/0.1.0...rustls-post-quantum-v/0.2.0

0.23.19

This release is functionally equivalent to 0.23.18, except the MSRV has been relaxed back to 1.63. The next release, 0.23.20, will return to an MSRV of 1.71. This release is intended to give users with conservative MSRV requirements a release that contains the fix for RUSTSEC-2024-0399.

Note that this is a one-off; there will not be future releases with MSRV 1.63 (for future security fixes or otherwise).

What's Changed

• Prepare 0.23.19 by @ctz in #2244

Full Changelog: v/0.23.18...v/0.23.19

0.23.18

Release notes:

• Availability issue: correct a panic in the Acceptor API when a client hello is fragmented over several TLS messages. This was introduced in 0.23.13. It does not affect earlier versions. Thank you to @kvinwang for the report and fix.
• Avoid sending TLS1.2 session ticket extension for TLS1.3-only handshakes. Thank you to @link2xt for the report and fix.
• Improve TLS1.2 receive performance when using aws-lc-rs.
• Move crate minimum supported Rust version to 1.71.

What's Changed

• ci: enable bindgen feature on correct aws-lc-sys by @ctz in #2215
• fix(deps): update rust crate asn1 to 0.19 by @renovate-bot in #2216
• Upgrade hickory-resolver to alpha 3 by @djc in #2218
• Extract benchmark tool from core crate by @ctz in #2208
• raw_key_openssl_interop.rs: reformat imports by @ctz in #2219
• Avoid inefficient aws-lc-rs open_within() by @ctz in #2221
• Move MSRV to 1.71 by @ctz in #2220
• fix(deps): update rust crate asn1 to 0.20 by @renovate-bot in #2223
• chore(deps): lock file maintenance by @renovate-bot in #2217
• fix: do not send session_ticket(35) extension for TLS 1.3 by @link2xt in #2203
• tests: linearize new test code helper by @djc in #2225
• rustls-bench: fix warnings with no features by @ctz in #2226
• Manage dependencies via the workspace by @djc in #2229
• Fix panicking in Acceptor::accept() by @kvinwang in #2231
• Add reproducer for bug 2227 by @ctz in #2233
• Prepare 0.23.18 by @ctz in #2234

New Contributors

• @kvinwang made their first contribution in #2231

Full Changelog: v/0.23.17...v/0.23.18

0.23.17

• Performance improvement: by default rustls servers now send fewer TLS1.3 tickets to a client. The old default was 4 tickets, now it is 2. The number can be tuned if needed by setting ServerConfig::send_tls13_tickets.
• Performance improvement: the default ticket rotator now has improved multithreaded performance.

What's Changed

• Add note about ed25519 browser support by @ctz in #2186
• doc(no_inline) rustls::pki_types re-export by @ctz in #2188
• server: default send_tls13_tickets 4 -> 2 by @cpu in #2187
• build: bump nightly for cargo-check-external-types by @ctz in #2191
• Assorted "design" documentation, and record stance on custom TLS extension APIs by @ctz in #2189
• cancel-in-progress github action runs keyed on PR/ref by @ctz in #2197
• minor improvements to internal test imports by @brodycj in #2199
• Introduce TicketRotator, a version of TicketSwitcher with improved thread scalability by @ctz in #2193
• Support multithreaded benchmarks by @ctz in #2192
• Static site for rustls.dev, including home for performance reports by @ctz in #2201
• add arm performance results by @ctz in #2206
• StoresServerSessions: guarantee keys are high entropy by @ctz in #2209
• fix(deps): update rust crate zlib-rs to 0.4 by @renovate-bot in #2210
• chore(deps): update codecov/codecov-action action to v5 by @renovate-bot in #2211
• Prepare 0.23.17 by @ctz in #2214

Full Changelog: v/0.23.16...v/0.23.17

0.23.16

Release notes

• Add support for RFC 7250 raw public keys.

What's Changed

• ci: update ECH daily-test configuration by @cpu in #2161
• Support for Raw Public Keys (RFC 7250) by @holodorum in #2062
• ci: restore defo.ie ECH daily test by @cpu in #2164
• bench: avoid debug_assert by @ctz in #2163
• client/tls12: remove stale ref to SCT verification by @cpu in #2166
• Remove crossbuilds and coverage from merge_checks by @ctz in #2165
• bench: match default BoringSSL/OpenSSL ticket count by @ctz in #2167
• Faster TLS1.3 server resumption by @ctz in #2168
• Markdown fixes in manual by @ctz in #2169
• Change link to the NSS Key Log Format by @yedayak in #2170
• consistent APIs for connection FIPS indicator by @cpu in #2174
• Make ciphersuite enum smaller by @ctz in #2172
• automate dead link checking of documentation by @cpu in #2173
• Lychee linkcheck tweaks by @cpu in #2176
• ci: loosen lychee-action version by @cpu in #2178
• fix(deps): update rust crate asn1 to 0.18 by @renovate-bot in #2180
• post-quantum: move from kyber768 to ML-KEM768 by @ctz in #2175
• Expose ConfigBuilder::crypto_provider() by @djc in #2181
• chore(deps): lock file maintenance by @renovate-bot in #2185
• Don't warn on UserCanceled alerts by @djc in #2184
• Bump version to 0.23.16 by @djc in #2183