Releases: aws/aws-lc
Releases · aws/aws-lc
AWS-LC-FIPS-2.0.9
What's Changed
Backporting of 2 build fixes from main:
- [Backport] Use x30 instead of lr which otherwise trip some versions of gcc by @justsmth in #1489
- [Backport] Update go.cmake to use PROJECT_SOURCE_DIR by @justsmth in #1485
Other changes
Full Changelog: AWS-LC-FIPS-2.0.8...AWS-LC-FIPS-2.0.9
Contributors
justsmth
Assets 2
Release v1.22.0
What's Changed
- Update patch for tpm2-tss by @justsmth in #1422
- Zero the stack after AVX-512 XTS by @pittma in #1415
- Add cpython integration test by @WillChilds-Klein in #1359
- Upstream merge 2024 01 29 by @torben-hansen in #1425
- Cleanup for CMAKE_ASM_FLAGS by @justsmth in #1430
- Verify contentinfo content is NULL is handled by @torben-hansen in #1428
- Disable failing MariaDB tests by @justsmth in #1436
- Speed up CodeBuild CI by @andrewhop in #1426
- Fix BIOTest.InvokeConnectCallback test. by @PiotrSikora in #1433
- CodeBuild project public artifacts by @justsmth in #1438
- Patch trousers by @justsmth in #1432
- Additional EVP_AEAD_CTX / TLS Transfer Serialization Tests by @skmcgrail in #1407
- Change sk_*_find signature to 2-arg for OpenSSL comapat by @WillChilds-Klein in #1429
- Include FIPS mode in OpenSSL_version return value by @WillChilds-Klein in #1419
- Slight tweaks and integration CI to support Bind9 by @samuel40791765 in #1423
- Upstream merge 2024 02 09 by @justsmth in #1439
- Fix mariadb CI broken by upstream by @samuel40791765 in #1443
- Upstream merge 2024 02 13 by @torben-hansen in #1440
- Reduce compiler ability to optimise to statisfy gcc 9.5 by @torben-hansen in #1442
- Fix Clang-6 FIPS static build issue by @skmcgrail in #1424
- Use OPENSSL_zalloc in more places by @justsmth in #1447
- RSA key check consolidation part 1a by @dkostic in #1349
- Fixing typo in comment in md32_common.h by @fabrice102 in #1453
- Add platform support section to README by @justsmth in #1446
- Make the clang-6 bcm-delocated.S directive behavior for start/end symbols dynamic by @skmcgrail in #1456
- Upstream merge 2024 02 23 by @samuel40791765 in #1452
- Avoid out of range pc-relative fixup value by @justsmth in #1454
- Android 14: Don't set execute-only on FIPS .text segment by @justsmth in #1460
- Use x30 instead of lr which otherwise trip some versions of gcc by @torben-hansen in #1464
- Add misc. x509 un/lock and set1 functions by @WillChilds-Klein in #1449
- Add support for s390x architecture. by @PiotrSikora in #1431
- Upstream merge 2024-02-28 by @dkostic in #1459
- Convert ERR_LIB_* from enum to macros by @WillChilds-Klein in #1470
- Staging v1.22.0 release by @justsmth in #1471
New Contributors
- @pittma made their first contribution in #1415
- @fabrice102 made their first contribution in #1453
Full Changelog: v1.21.0...v1.22.0
Contributors
PiotrSikora, skmcgrail, and 8 other contributors
Assets 2
AWS-LC-FIPS v2.0.8
What's Changed
Backporting of 2 build fixes from main
- [Backport] Make the clang-6 bcm-delocated.S directive behavior for start/end symbols dynamic by @skmcgrail in #1457
- [Backport] Android 14: Don't set execute-only on FIPS .text segment by @justsmth in #1461
Other changes
Full Changelog: AWS-LC-FIPS-2.0.7...AWS-LC-FIPS-2.0.8
Contributors
skmcgrail and justsmth
Assets 2
AWS-LC-FIPS v2.0.7
What's Changed
Backporting of 3 build fixes from main:
- Fix Clang-6 FIPS static build issue (#1424) by @skmcgrail in #1450
- Fix delocator and FIPS static build prefixing behaviors (#1342) by @skmcgrail #1451
- Mark bcm_redirector functions as local (#1352) by @skmcgrail #1451
Other changes
Full Changelog: AWS-LC-FIPS-2.0.6...AWS-LC-FIPS-2.0.7
Contributors
skmcgrail and justsmth
Assets 2
Release v1.21.0
What's Changed
- Shorten cmake test names so they fit in GitHub by @andrewhop in #1394
- Turn off flaky MariaDB test main.ssl_crl by @andrewhop in #1396
- Update all integration targets to use RelWithDebInfo and increase size of ARM OpenSSH test host by @andrewhop in #1393
- Update base ec2 test framework by @andrewhop in #1395
- Use system allocator for thread-local values by @justsmth in #1397
- Implement AES-CCM by @geedo0 in #1373
- Upstream merge 2024 01 05 by @justsmth in #1385
- Implement SSL_MODE_AUTO_RETRY by @WillChilds-Klein in #1333
- Turn off Graviton 3 test by @andrewhop in #1399
- temporarily turn off 32-bit Windows SDE CI by @samuel40791765 in #1406
- allow HMAC via EVP_PKEY raw privkey functions by @samuel40791765 in #1338
- Only build the grpc tests that we're going to run to save time by @andrewhop in #1412
- Update CDK docs/dependencies by @justsmth in #1392
- Update Formal Verification section in README to match latest status by @pennyannn in #1413
- Upstream merge 2024 01 12 by @andrewhop in #1402
- Skip another MariaDB test that appears to be flaky. P112867839 by @andrewhop in #1411
- Integration with tpm2-tss by @justsmth in #1361
- Fix issue with iOS FIPS builds. Requires -DCMAKE_SYSTEM_NAME=iOS by @skmcgrail in #1416
- Add socat integration test by @andrewhop in #1387
- Use standard CMake options to specify C/C++ language standard, add BoringSSL to speed test by @andrewhop in #1410
- Upstream merge 2024 01 17 by @skmcgrail in #1414
- More test coverage for AWSLC_thread_local_clear by @justsmth in #1409
- Staging v1.21.0 release by @torben-hansen in #1421
Full Changelog: v1.20.0...v1.21.0
Contributors
skmcgrail, WillChilds-Klein, and 6 other contributors
Assets 2
AWS-LC-FIPS v2.0.6
What's Changed
- Backport: Fix issue with iOS FIPS builds. Requires -DCMAKE_SYSTEM_NAME=iOS by @skmcgrail in #1417
- FIPS 2.0.6 release version number update by @justsmth in #1418
Full Changelog: AWS-LC-FIPS-2.0.5...AWS-LC-FIPS-2.0.6
Contributors
skmcgrail and justsmth
Assets 2
AWS-LC-FIPS v2.0.5
Contributors
justsmth
Assets 2
Release v1.20.0
What's Changed
- TrouSerS integration by @justsmth in #1364
- Fix delocator and FIPS static build prefixing behaviors by @skmcgrail in #1342
- Add HMAC init benchmark by @andrewhop in #1370
- Add option to run speed for specified milliseconds by @andrewhop in #1368
- Add assertions and unify tmpfile uniqueptr by @samuel40791765 in #1372
- Add DH groups from RFC 7919 to support MySQL 8.1 by @samuel40791765 in #1371
- Add back support for EVP_PKEY_HMAC by @samuel40791765 in #1324
- Update poly_compress and polyvec_compress to prevent the compiler from using DIV by @brian-jarvis-aws in #1376
- Fix memory leaks in speed.cc by @andrewhop in #1377
- Fix case issue with sha-224 in speed tool by @torben-hansen in #1379
- Fix speed tool timeout flag by @justsmth in #1382
- check/assert hmac_update success by @justsmth in #1383
- Upstream merge 2024 01 02 by @nebeid in #1374
- Add an integration test for NTP by @andrewhop in #1369
- Add an additional test that HAProxy is built with AWS-LC by @andrewhop in #1386
- Add CMake GitHub Actions CI by @skmcgrail in #1367
- Always run 'apt-get update' before 'installing' by @andrewhop in #1391
- Initialize ECCurveTest values to null instead of relying on uninitialized value from default constructor by @andrewhop in #1389
- Staging v1.20.0 release by @andrewhop in #1390
Full Changelog: v1.19.0...v1.20.0
Contributors
skmcgrail, samuel40791765, and 5 other contributors
Assets 2
AWS-LC-FIPS v2.0.4
What's Changed
- Apply patch from Kyber reference code which updates poly_compress and… by @geedo0 in #1381
- [Backport] Provide a compile option to disable AVX512-specific optimizations. by @skmcgrail in #1380
- FIPS 2.0.4 release version number update by @andrewhop in #1388
Full Changelog: AWS-LC-FIPS-2.0.3...AWS-LC-FIPS-2.0.4
Contributors
skmcgrail, geedo0, and andrewhop
Assets 2
Release v1.19.0
What's Changed
- Implement support for EVP_chacha20_poly1305 by @geedo0 in #1311
- Read fips scope marker addresses using adrp instead of adr to increase reach by @torben-hansen in #1332
- Expand PEM/X509 test coverage by @justsmth in #1327
- Update OCSP responder integration test timeout by @samuel40791765 in #1341
- Relax test pinging unauthorized OCSP responder by @samuel40791765 in #1343
- Factor out the machine-optimised backend for 25519 algorithms by @torben-hansen in #1340
- Add support and CI for building with librelp by @samuel40791765 in #1317
- Dockerfile and structure change for SAW proofs on X86_64 by @pennyannn in #1345
- Enable 25519 s2n-bignum backend for FIPS build by @torben-hansen in #1344
- More caution with 'rm -rf' by @justsmth in #1346
- Upstream merge 2023-11-30 by @dkostic in #1331
- Mark bcm_redirector functions as local by @skmcgrail in #1352
- Enable Arm SHA384 proofs in AWS-LC CI by @pennyannn in #1348
- Initialize min/max use_default values in SSL_CTX by @WillChilds-Klein in #1350
- Add EVP_chacha20_poly1305() to speed.cc by @geedo0 in #1339
- Improve tcpdump support + integ test by @justsmth in #1351
- Fix accidental deletion in f3e49b0 by @WillChilds-Klein in #1357
- Add gRPC integration tests by @andrewhop in #1265
- Add helper functions needed for NTP by @andrewhop in #1355
- Add print helper functions for RSA and DSA by @andrewhop in #1354
- Update function to avoid division by @WillChilds-Klein in #1360
- tcpdump CI - 'apt-get update' before install by @justsmth in #1363
- Upstream merge 2023 12 11 by @nebeid in #1356
- Bump AWSLC_API_VERSION for EVP_chacha20_poly1305 by @andrewhop in #1358
- Fix issue with older CMake when building FIPS static using Ninja buid system by @skmcgrail in #1362
Full Changelog: v1.18.0...v1.19.0
Contributors
skmcgrail, WillChilds-Klein, and 8 other contributors