Release v1.6.2

Release Summary

• Add a new public API, s2n_client_hello_get_random(), and move client_random storage from the connection to the s2n_client_hello struct so applications can retrieve the client random from a parsed ClientHello.
• Allow multiple application contexts to be set on a s2n-tls connection.
• Warning level TLS alerts may now be non-fatal prior to version negotiation
• Added support for Security Policies to have "strongly preferred" SupportedGroups.

What's Changed

• feat: add client hello random getter by @kaukabrizvi in #5620
• chore: Rust bindings release 0.3.30 by @dougch in #5633
• chore: s2n-tls-hyper version bump by @jouho in #5636
• build(deps): bump the all-gha-updates group across 1 directory with 2 updates by @dependabot[bot] in #5640
• feat: add rfc9151 compat policies by @jouho in #5615
• feat: improve performance of getting validated cert chain from libcrypto by @CarolYeh910 in #5622
• feat: additional rfc9151 compat policy without sha1 hmac by @jouho in #5645
• test: add test certs for cert intent validation by @CarolYeh910 in #5630
• test(integv2): remove dynamic record sizing test and related cleanup by @kaukabrizvi in #5644
• feat: add additional application context into Connection by @boquan-fang in #5637
• chore(bindings-release): s2n-tls v0.3.31 release by @boquan-fang in #5649
• fix: allow for warning level TLS alerts prior to version negotiation by @WesleyRosenblum in #5646
• test(integration): add mTLS integration tests by @kaukabrizvi in #5638
• feat: Ability to set "strongly preferred" groups by @alexw91 in #5634
• refactor(tls-harness): use single test pair IO to allow for decryption by @jmayclin in #5648

Full Changelog: v1.6.1...v1.6.2

Release v1.6.1

Weekly release for Nov 17, 2025

Release Summary:

• Adds pure ML-KEM-1024 support: s2n_pure_mlkem_1024 KEM group is now negotiable.

What's Changed

• test: add memory profiler test by @jmayclin in #5329
• docs: comments for blob, stuffer methods by @jmayclin in #5326
• refactor: remove unused s2n_socket_set_read_size method by @lrstewart in #5594
• chore: Rust bindings release 0.3.29 by @maddeleine in #5595
• feat(integration): enable CodeBuild and Nix for rust integration tests by @kaukabrizvi in #5578
• fix: update action user name by @jmayclin in #5600
• docs: update pull request template by @jmayclin in #5591
• fix: update memory usage test assertions by @jmayclin in #5592
• Revert "feat: basic security policy builder interface (#5493)" by @lrstewart in #5599
• docs: add dev docs on handshake and io by @lrstewart in #5596
• ci: PR conventional commit lint GHA by @dougch in #5603
• fix(ci): add build to the validate-pr-title CI job by @CarolYeh910 in #5610
• build(deps): bump the all-gha-updates group across 1 directory with 2 updates by @dependabot[bot] in #5605
• test(integration): add dynamic record sizing test by @kaukabrizvi in #5608
• ci: update cmake version by @CarolYeh910 in #5612
• ci: exclude validate-pr-title from merge queue by @CarolYeh910 in #5613
• feat: add pure ML-KEM support by @CarolYeh910 in #5586
• fix(ci): check Amazon copyright statement by @CarolYeh910 in #5611
• ci: move the integnix job to us-west-2 by @dougch in #5604
• fix: replace uint8_t in for loops by @CarolYeh910 in #5619
• refactor(harness): Extend handshake logic to support TLS 1.2 by @kaukabrizvi in #5614
• test: require both MLKem and MLDsa capabilities for pure MLKEM tests by @kaukabrizvi in #5621
• ci: add rust integration test to codebuild start script by @kaukabrizvi in #5623
• docs: Adds note about serialization error case by @maddeleine in #5617
• fix: enable -Wcast-qual flag for libcrypto=awslc by @boquan-fang in #4735

Full Changelog: v1.6.0...v1.6.1

Release: v1.6.0

Weekly release for October 30 2025

Release Summary:

• Multiple changes to the s2n-tls default policy:
  1. Added TLS13 support
  2. Added Post-Quantum key exchange
  3. Removed CBC ciphersuites
• Changes to the RFC9151 policy: Removes RSA key exchange and DHE cipher suites. Use the numbered version of this policy instead (20250429) to maintain the current preferences.
• Adds support for PQ only policies, which should not include classical ECC curves. This feature only works on libcryptos that support TLS 1.3 and PQ kem groups.
• Fixed a validation issue in s2n_connection_deserialize() where malformed protocol version bytes could result in invalid connection state and inconsistent TLS behavior.
• Add a synchronous rust binding API for s2n_cert_validation_callback
• Upgrades MSRV for extended crates (s2n-tls-sys, s2n-tls, s2n-tls-tokio) from 1.63 to 1.72

What's Changed

• docs: Small doc changes for KTLS by @maddeleine in #5521
• ci: install missing rust component for gitthub action workflows by @jouho in #5528
• refactor(aws-kms-tls-auth): add hmac based psk derivation by @jmayclin in #5519
• chore: bindings release 0.3.27 by @jouho in #5526
• fix(usage-guide): Update book.toml for mdbook 0.5 release by @goatgoose in #5535
• bindings(rust): bump extended crates MSRV to 1.72.0 by @jouho in #5534
• feat(bindings): expose cert validation callback by @CarolYeh910 in #5357
• chore: bindings release 0.3.28 by @goatgoose in #5540
• chore: add new team member by @kaukabrizvi in #5542
• fix: validate protocol version during connection deserialization by @jouho in #5523
• chore(bindings): revert dependency pins by @jmayclin in #5544
• refactor(aws-kms-tls-auth): psk provider using HMAC psks by @jmayclin in #5530
• chore: update bindgen version to v0.69.0 by @boquan-fang in #5396
• refactor 1/2: Fix security policy version in tests to numbered string by @maddeleine in #5549
• refactor: add psk receiver by @jmayclin in #5552
• build(deps): update rtshark requirement from 3.1.0 to 4.0.0 in /tests/pcap in the all-cargo-updates group across 1 directory by @dependabot[bot] in #5555
• fix(aws-kms-tls-auth): supress logging & version bump by @jmayclin in #5554
• refactor 2/2: Fix security policy version in tests to numbered string by @maddeleine in #5553
• fix(test): Reduce s2n_security_policies_test duration by @goatgoose in #5558
• docs: update nix integration test instructions for uvinteg function by @kaukabrizvi in #5550
• build(deps): bump the all-gha-updates group across 1 directory with 4 updates by @dependabot[bot] in #5548
• build(deps): update zeroize requirement from =1.7.0 to =1.8.2 in /bindings/rust/extended by @dependabot[bot] in #5537
• build(deps): update regex requirement from =1.9.6 to =1.12.1 in /bindings/rust/extended by @dependabot[bot] in #5556
• feat: Improve supported cipher suites in RFC9151 policy by @goatgoose in #5559
• ci: pin to older kissat version to unblock CBMC by @lrstewart in #5581
• fix: update test broken by Openssl dhe generation change by @lrstewart in #5580
• feat: output utility for security policy by @jouho in #5502
• feat: add PQ only policy support by @CarolYeh910 in #5545
• fix: update test_pq_only policy snapshot by @CarolYeh910 in #5583
• refactor: Adds tls13 ciphersuites to default/default_fips policy by @maddeleine in #5560
• build(deps): bump the all-gha-updates group in /.github/workflows with 2 updates by @dependabot[bot] in #5585
• ci: scope down GitHub Token permissions by @AdnaneKhan in #5570

New Contributors

• @AdnaneKhan made their first contribution in #5570

Full Changelog: v1.5.27...v1.6.0

Release: v1.5.27

Weekly release for September 25 2025

Release Summary:

• Our kTLS feature can now perform key updates, meaning that kTLS is now safe to turn on in TLS1.3 when using the newest version of the linux kernel (6.14+).

What's Changed

• docs(usage guide): description connection serialization by @jmayclin in #5504
• test(integv2): trim bloated cases by @jmayclin in #5453
• test: Adds test for serializing a previously-serialized connection by @maddeleine in #5495
• chore: bindings release 0.3.26 by @CarolYeh910 in #5509
• build(deps): bump the all-gha-updates group in /.github/workflows with 4 updates by @dependabot[bot] in #5497
• ci: fix clippy by @CarolYeh910 in #5516
• chore(ci): Update older integ job to prep for deprecation by @dougch in #5501
• chore: delete files in preparation for refactor by @jmayclin in #5517
• ci: pin libloading which requires MSRV 1.71 by @jouho in #5520
• chore(ci): add sanitizer jobs for openssl-1.0.2-fips by @dougch in #5508
• chore(ci): add openssl-1.0.2-fips gcc-4.8 job by @dougch in #5512
• ci: remove duplicate buildspec by @dougch in #5228
• feat: Add key update to ktls feature by @maddeleine in #5484

Full Changelog: v1.5.26...v1.5.27

v1.5.26

Release Summary

• Adds async public key support: s2n_pkey_verify() can be performed asynchronously through the async offloading callback.
• Add new s2n_connection_get_signature_scheme method to retrieve the IANA description of the server signature scheme

What's Changed

• chore(nix): Move nix integ jobs to ec2 fleets by @dougch in #5461
• chore: Adds build file to get new codebuild project running in CI by @maddeleine in #5476
• build(deps): bump the all-gha-updates group across 1 directory with 3 updates by @dependabot[bot] in #5479
• chore(nix): switch to nixpkgs libressl by @dougch in #5467
• chore(release): release s2n-tls v0.3.25 by @boquan-fang in #5486
• ci: tweak ruff ci failure message by @lrstewart in #5485
• refactor: signature scheme name adjustment by @lrstewart in #5472
• feat: add method to get signature scheme name by @lrstewart in #5471
• Fix HKDF on big-endian by @sertonix in #5478
• refactor(tls-harness): avoid implicit shutdown of ossl connection by @jmayclin in #5474
• fix: no server signature scheme expected with rsa kex by @lrstewart in #5481
• feat: add pure mlkem_1024 definition by @johubertj in #5468
• feat(integration): add utilities for capability assertions by @jmayclin in #5475
• build(deps): bump nixbuild/nix-quick-install-action from 32 to 33 in /.github/workflows in the all-gha-updates group by @dependabot[bot] in #5487
• feat: 'latest' option for strict policy by @lrstewart in #5488
• chore: pin to older pytest-rerunfailures by @dougch in #5494
• refactor: move new default policies to separate file by @lrstewart in #5492
• feat: basic security policy builder interface by @lrstewart in #5493
• chore: bump instance size for Valgrind by @dougch in #5500
• chore(nix): Flip awslc to upstream flake. by @dougch in #5317
• ci: only use git fetch for nix jobs by @jmayclin in #5506
• feat: add async public key support by @CarolYeh910 in #5473

New Contributors

• @sertonix made their first contribution in #5478

Full Changelog: v1.5.25...v1.5.26

Release: v1.5.25

Weekly release for August 25 2025

Release Summary

• Add a copy of the rfc9151 policy (20250429) which pins all of the policy parts to the current version.
• Adds new TLSv1.3-enabled security policies for CloudFront's outbound ("upstream") connections to origin servers. We also add similar policies with PQ enabled.

What's Changed

• chore: bindings release 0.3.24 by @johubertj in #5455
• chore: apply clippy fixes by @johubertj in #5459
• Add fixed version of the rfc9151 policy by @Mark-Simulacrum in #5277
• test(integration): add record padding test by @jmayclin in #5451
• refactor(stuffer): Rename s2n_stuffer_has_pem_encapsulated_block by @alice-aws in #5465
• ci: don't include tls/extensions in SAW build by @lrstewart in #5466
• ci: fix wikipedia network test + better error message by @lrstewart in #5470
• refactor: setup replacement default policies by @lrstewart in #5464
• Add TLSv1.3 (classical + PQ) policies for CloudFront Upstream by @WillChilds-Klein in #5460

New Contributors

• @alice-aws made their first contribution in #5465

Full Changelog: v1.5.24...v1.5.25

Release: v1.5.24

Weekly release for August 04 2025

Release Summary

• Adds new PQ security policies with ML-KEM for the CRT.

What's Changed

• refactor(bench): unify IO methods by @jmayclin in #5434
• test(bench): add api for mutual auth handshake by @jmayclin in #5437
• chore: bindings release 0.3.23 by @CarolYeh910 in #5439
• ci: document how to manually run the codebuild jobs by @lrstewart in #5441
• chore: add Awslc fips next to CI by @dougch in #5349
• feat: add integration test for secp384r1_mlkem_1024 by @johubertj in #5438
• fix(typo): fix a typo in codebuild.yml by @boquan-fang in #5445
• build(deps): update criterion requirement from 0.6 to 0.7 in /bindings/rust/standard by @dependabot[bot] in #5442
• chore(ci): tell crt to not check submodule version by @dougch in #5450
• Add AWS-CRT-SDK-TLSv1.0-2025-PQ by @WillChilds-Klein in #5403
• chore(ci): once a week, clean the nix store for the kTLS job. by @dougch in #5430
• refactor(tls-harness): separate benchmark abstractions by @jmayclin in #5444

Full Changelog: v1.5.23...v1.5.24

Release: v1.5.23

Weekly release for July 24 2025

Release Summary

• The aws-kms-tls-auth crate is now available, which provides utilities to do TLS-PSK based authentication using IAM and KMS.
• Created a new hybrid KEM group s2n_secp384r1_mlkem_1024.
• Updated the default_pq security policy to include the secp384r1_mlkem_1024 hybrid KEM group.

What's Changed

• fix(ci): adding set -e to prevent nix develop to hide failing tests by @boquan-fang in #5393
• chore: release 0.3.22 by @boquan-fang in #5397
• docs: note that s2n_shutdown may keep reading by @lrstewart in #5370
• feat(aws-kms-tls-auth): add codec and parsing by @jmayclin in #5398
• ci: start codebuild jobs from github actions by @lrstewart in #5383
• ci: Migrate Duvet GitHub Action to duvet-action repo by @johubertj in #5400
• feat(aws-kms-tls-auth): add psk identity by @jmayclin in #5402
• feat: add ML-KEM-1024 kem definition by @johubertj in #5367
• Flip Nix integration tests to use uv/pytest by @dougch in #5352
• feat(aws-kms-tls-auth): add provider & receiver structs by @jmayclin in #5408
• ci: require repo write permissions for codebuild by @lrstewart in #5421
• docs(aws-kms-tls-auth): add readme by @jmayclin in #5409
• docs(aws-kms-tls-auth): clarify security impact of failure modes by @jmayclin in #5424
• ci: run rustfmt/clippy on standard crates by @jmayclin in #5333
• feat: add secp384r1_mlkem_1024 kem group by @johubertj in #5395
• feat(bench): add generic shutdown functionality by @jmayclin in #5426
• chore: Nix Corretto version bump/upstream by @dougch in #5427
• feature: update default_pq to support secp384r1_mlkem_1024 by @johubertj in #5433
• build(deps): bump cross-platform-actions/action from 0.28.0 to 0.29.0 in /.github/workflows in the all-gha-updates group by @dependabot[bot] in #5435

Full Changelog: v1.5.22...v1.5.23

Release: v1.5.22

Weekly release for July 07 2025

Release Summary

• Add a new security policy for CRT that supports FIPS and TLS1.2.
• The fmt::Debug message for application errors in the Rust bindings now use the application error's fmt::Debug implementation, rather than a generic message.

What's Changed

• chore(ci): add a cargo timing buildspec by @dougch in #5176
• build(deps): update pprof requirement from 0.14 to 0.15 in /bindings/rust/standard by @dependabot in #5334
• refactor(examples): remove connection pool by @jmayclin in #5353
• ci: Fix the sslyze test for nix by @dougch in #5283
• Include application message in Debug impl by @Mark-Simulacrum in #5359
• build: prevent needless rebuild with S2N_INTERN_LIBCRYPTO=ON and Ninja by @kou in #5356
• build(deps): bump baptiste0928/cargo-install from 3.3.0 to 3.3.1 in /.github/workflows in the all-gha-updates group by @dependabot in #5361
• tests(integv2): fix flaky session resumption test by @lrstewart in #5362
• tests(integ): add more debug logging by @lrstewart in #5363
• build(deps): bump nixbuild/nix-quick-install-action from 30 to 31 in /.github/workflows in the all-gha-updates group by @dependabot in #5366
• build(deps): bump nixbuild/nix-quick-install-action from 31 to 32 in /.github/workflows in the all-gha-updates group by @dependabot in #5371
• fix: policy util should ignore deprecated TLS1.2 kems if missing by @lrstewart in #5372
• chore: apply clippy and fmt fixes by @boquan-fang in #5386
• feature: new TLS1.2 + FIPS CRT security policy by @lrstewart in #5375

Full Changelog: v1.5.21...v1.5.22

Release: v1.5.21

Weekly release for Jun 04 2025

Release Summary

• Fixed bug preventing use of ML-DSA with mainline AWSLC built in FIPS mode

What's Changed

• feat(bindings): expose custom critical extension API by @CarolYeh910 in #5337
• tests(integ): fix nondeterministic ocsp test shutdown behavior by @lrstewart in #5340
• chore: Bindings release 0.3.21 by @dougch in #5344
• ci: workaround for nix + gnutls + ubuntu24 issue by @lrstewart in #5345
• fix: do not use "digest and sign" for ML-DSA in FIPS mode by @lrstewart in #5348

Full Changelog: v1.5.20...v1.5.21