1.1.0
Main features delivered
- Add generate random support into TPM and PKCS11 providers
- Implement configurable exclusion of deprecated primitives
- Allow binary PIN values for PKCS11 provider
- Recognise a PKCS11 hardware token with its serial number instead of slot number
For a more comprehensive view of the release see the changelog below.
Changelog
1.1.0 (2022-09-13)
1.1.0-rc2 (2022-09-13)
Merged pull requests:
- Update change log for release candidate 1.1.0-rc2 #639 (mohamedasaker-arm)
- Release candidate prep 1.1.0 rc2 #638 (mohamedasaker-arm)
1.1.0-rc1 (2022-09-07)
Implemented enhancements:
- Update PKCS11 dependency #604
- Allow binary PIN values for PKCS11 providers #603
- Implement get_random in the PKCS11 provider #594
- Implement get_random in TPM provider #593
- Create script for Quickstart package #534
- Recognise a PKCS11 hardware token with its serial number instead of slot number #481
- Implement configurable exclusion of deprecated primitives #119
Fixed bugs:
- RSA padding oracle issue #619
- PKCS11 provider serial_number configuration #615
- Export of public EC key fails with PKCS#11 back-end on NXP Layerscape #599
- Wrong permissions on KIM files #598
- Send back PsaErrorInvalidPadding when needed #620 (ionut-arm)
Security fixes:
- Update Spiffe dependency #602
Closed issues:
- Add key persistence tests for TS provider #568
- Create stability tests for SQLite KIM #519
- Change default socket path for E2E tests #463
Merged pull requests:
- Update Change log and service version no. #637 (mohamedasaker-arm)
- Update maintainers list #636 (mohamedasaker-arm)
- Fix spiffy issue #635 (gowthamsk-arm)
- Add sqlite stability tests #634 (gowthamsk-arm)
- Feature/119 implement configurable exclusion of deprecated primitives #633 (mohamedasaker-arm)
- Feature/603 allow binary pin values for pkcs11 #631 (mohamedasaker-arm)
- Add
Eqto the types withPartialEq#630 (ionut-arm) - build and share docker image across jobs #628 (mohamedasaker-arm)
- Kim file permissions #627 (gowthamsk-arm)
- Testing/568 add key persistence tests for ts provider #625 (mohamedasaker-arm)
- Fix problem reported by Clippy (rust 1.62) #624 (mohamedasaker-arm)
- Validate hash sign operation before execution. #623 (gowthamsk-arm)
- Fix Hugues' email address #622 (hug-dev)
- Compare trimmed token serial numbers (PKCS11 provider) #621 (mohamedasaker-arm)
- Added some context to error messages. #618 (fredrik-jansson-se)
- Implement get_random in the PKCS11 provider #613 (gowthamsk-arm)
- Add a script to create the Quickstart package #612 (mohamedasaker-arm)
- Change default socket path for E2E tests #610 (gowthamsk-arm)
- Fix
cargo-auditTOML config #609 (ionut-arm) - Recognise a PKCS11 hardware token with its serial number instead of slot number #608 (mohamedasaker-arm)
- Bump version of cryptoki #605 (ionut-arm)
- Fix issue #599 - allow EC_POINT public key data to omit ASN.1 structure wrapping #600 (paulhowardarm)
- Add generate random support into TPM provider #595 (anta5010)