Trusted Firmware Logo

Mbed TLS 3.0 Release

Shebu Kuriakose| Wednesday, July 7, 2021|2 min read

Mbed TLS 3.0 Release

Mbed TLS 3.0 has been released on 2021-07-07. It is the first major release from the project since it migrated to community project in 2020. The release is available from the Mbed TLS GitHub page.

There are several changes in the release since the last release, Mbed TLS 2.26. Here are some of the changes:

  1. Removal of obsolete protocols, insecure cipher suites and algorithms

    Support for SSL 3.0, TLS1.0, 1.1 and DTLS1.0 are removed. TLS1.2 and DTLS1.2 are supported. RC4 based, 3DES and single-DES cipher suites are also removed. MD2, MD4, RC4, Blowfish and XTEA algorithms are removed.

  2. Clean up of Mbed TLS configuration options

    Some of the configs are removed. A level of indirection and versioning of config files have been introduced.

  3. Changes in function signatures and semantics

    Semantics of mbedtlsssl{get,set}_session(), signatures of SSL key export API, session cache APIs and SSL error code space have been changed.

  4. Removing functions previously marked as deprecated

    High and low level crypto functions marked as deprecated in previous releases have been removed.

The changes above make Mbed TLS easier to configure and use while also providing a good baseline to add new features and enhancements.

Refer to the change log for a complete list of changes in the release. As a major release, Mbed TLS3.0 breaks compatibility with previous releases. Users can refer to the migration guide to check how their code might need to change to make it compatible with Mbed TLS 3.0.

Looking into the future

Most of the PSA Crypto v1.0 APIs and initial work to support PSA Cryptoprocessor Driver interface have been implemented in recent releases. The remaining PSA Crypto API implementation and changes to make TLS and X.509 components use PSA Crypto APIs more exhaustively will be happening in future releases. TLS1.3 support is being worked on. A new Long Term Stable release is also expected, to be based on the final 2.x release. Subscribe to the mailing list to start participating in the design and development of the project.

Recent Posts

post image
MISRA Compliance Jumpstart

Monday, October 30, 2023

White Paper: Jumpstarting MISRA compliance via the integration of static analysis into Open Source CI systems: best practices and key elements from

post image
MCUboot v2.0.0 Release!

Monday, October 30, 2023

MCUboot v2.0.0 Release

post image
Trusted Firmware OP TEE Release 4.0.0

Friday, October 20, 2023

Trusted Firmware OP TEE: v4.0.0 Release

post image
MBed TLS 3.5.0 Released with new and smaller ECC implementation!

Thursday, October 19, 2023

Introduction The Mbed TLS project has released version 3.5.0 in October 2023. The release includes several code size optimizations including a new small footprint secp256r1 implementation accessible via PSA Crypto APIs. 3.5.0 also includes feature enhancements, bug fixes and security fixes. 2.28.5 released from the Mbed TLS...

post image
Trusted Services 1.0.0 released!

Friday, October 13, 2023

Introduction Building on the Beta version of the Trusted Services release, v1.0.0 is the first stable release of the project. The release comprises PSA Services that can be deployed on Cortex-A devices to meet PSA Certified requirements and, necessary build and test infrastructure and documentation.