Versions 4.8.1 and 5.6.1 — Improved TLS support with mbedTLS and more
The first release for this year comes with a big step up for security and support for TLS connections, along with the usual building upgrades, a new option for Android deploy and reduced application size after a new year's cleanup.
mbedTLS support
TotalCross has been using axTLS library for X.509 certificate manipulation and SSL/TLS support since day one, but the time has come for us to look for an alternative better suited for today's needs.
Mbed TLS is a C library that implements cryptographic primitives, X.509 certificate manipulation and the SSL/TLS and DTLS protocols. Its small code footprint makes it suitable for embedded systems.
The main benefit of using mbedTLS is the support of additional cryptographic algorithms, some of them being the industry standard for security and performance on mobile devices, like the ChaCha20-Poly1305 authenticated encryption.
This first release does not support certificate chain validation yet, this will be implemented in a later release.
Android deploy specific command line options
Android applications no longer include the REQUEST_INSTALL_PACKAGES permission on their manifest by default. In order to have this permission included on the application, the command line option /android_request_install_packages must be used. This permission is only required if your application uses Vm.exec to install another application during runtime.
This change was necessary to comply with the latest Play Store restrictions, therefore, usage of this feature by applications distributed by the Play Store is subject to their approval.
The deploy command line option /force_android_storage_access was renamed to /android_manage_external_storage for consistency with the newly added option. This is the option that lets you ask the user for full access to the device's storage.
Spring cleaning, code refactor and build tools update
Many changes to list here, starting with a major code refactor with CMake and removal of deprecated stuff to trim the size of the final application. Litebase was removed from all platforms, while Scandit support was only dropped on iOS (for now).
On iOS, the minimal supported OS version was raised to 12.1 (from 10.0) and armv7 binaries were removed — from now on only arm64 devices are supported. (The last released device without arm64 support was roughly 10 years ago!)
Win32 binaries are now built using Visual Studio 2022 (17), up from Visual Studio 2008 which has been used practically since day one. This is a big step up that should improve overall performance on this platform.
Android now uses NDK version 25.1.8937393 and the latest Android Gradle Tools.
Full detailed changelog available at GitLab for versions 4.8.1 and 5.6.1.
What's next?
This first release is also a stepping stone for a new development cycle with faster iterations this year, with at least a new release every month.
WinCE support has been a hindrance to achieve this, that's why it has been demoted to a second class level, and may not be included with every release or have all the features included for the other platforms. For example, WinCE will still use axTLS for the time being.
Our next minor release will feature a new graphical backend engine for improved performance and better graphics! Closing the gap between the proprietary releases (versions 4 and 5) and the open source (version 7).
This will finally enable us to have a single code source to work on and resume the release of the open sourced version. \o/
