Trusted Firmware Logo

Mbed TLS 3.0 Release

logo
Shebu Kuriakose| Wednesday, July 7, 2021|2 min read

Mbed TLS 3.0 Release

Mbed TLS 3.0 has been released on 2021-07-07. It is the first major release from the project since it migrated to Trustedfirmware.org community project in 2020. The release is available from the Mbed TLS GitHub page.

There are several changes in the release since the last release, Mbed TLS 2.26. Here are some of the changes:

  1. Removal of obsolete protocols, insecure cipher suites and algorithms

    Support for SSL 3.0, TLS1.0, 1.1 and DTLS1.0 are removed. TLS1.2 and DTLS1.2 are supported. RC4 based, 3DES and single-DES cipher suites are also removed. MD2, MD4, RC4, Blowfish and XTEA algorithms are removed.

  2. Clean up of Mbed TLS configuration options

    Some of the configs are removed. A level of indirection and versioning of config files have been introduced.

  3. Changes in function signatures and semantics

    Semantics of mbedtlsssl{get,set}_session(), signatures of SSL key export API, session cache APIs and SSL error code space have been changed.

  4. Removing functions previously marked as deprecated

    High and low level crypto functions marked as deprecated in previous releases have been removed.

The changes above make Mbed TLS easier to configure and use while also providing a good baseline to add new features and enhancements.

Refer to the change log for a complete list of changes in the release. As a major release, Mbed TLS3.0 breaks compatibility with previous releases. Users can refer to the migration guide to check how their code might need to change to make it compatible with Mbed TLS 3.0.

Looking into the future

Most of the PSA Crypto v1.0 APIs and initial work to support PSA Cryptoprocessor Driver interface have been implemented in recent releases. The remaining PSA Crypto API implementation and changes to make TLS and X.509 components use PSA Crypto APIs more exhaustively will be happening in future releases. TLS1.3 support is being worked on. A new Long Term Stable release is also expected, to be based on the final 2.x release. Subscribe to the mailing list to start participating in the design and development of the project.

Recent Posts

post image
MBed TLS v3.6.0 Long Term Support(LTS) Release

Tuesday, April 16, 2024

MBed TLS v3.6.0 Long Term Support(LTS) Release

post image
Trusted Firmware OP-TEE v4.2.0 Release

Sunday, April 14, 2024

Trusted Firmware OP-TEE: v4.2.0 Release

post image
Trusted Firmware-A LTS v2.10.2 released!

Tuesday, February 20, 2024

Building on the 1st TF-A LTS in 2023, Trusted Firmware-A is pleased to announce the release of the second major LTS version- LTS v2.10 \[1], its first valid tag being lts-v2.10.2. The LTS is branched out of TF-A 2.10, the second 2023 TF-A Release \[Nov’2023]

post image
Trusted Firmware OP TEE Release 4.1.0

Thursday, January 18, 2024

Trusted Firmware OP TEE: v4.1.0 Release

post image
Trusted Firmware-A v2.10 released!

Saturday, December 9, 2023

Introduction Trusted Firmware-A has come a long way since its first commit in 2013, ten years and counting! Co-incidentally, the latest official TF-A Release increments to the same number - v2.10.