Skip to content

v0.2.8

Latest
Latest

Choose a tag to compare

View all tags
@ansasaki ansasaki released this 08 Aug 16:38
· 68 commits to master since this release
v0.2.8
cd0838d

What's Changed

  • dist: Enable logging for keylime library in the service by @ansasaki in #922
  • build(deps): bump tokio from 1.42.0 to 1.43.0 by @dependabot[bot] in #913
  • build(deps): bump openssl from 0.10.68 to 0.10.70 by @dependabot[bot] in #926
  • scripts: Fix coverage information downloading script by @ansasaki in #934
  • Allow agent to start without root privileges by @sgebauer in #935
  • build(deps): bump tempfile from 3.14.0 to 3.17.1 by @dependabot[bot] in #938
  • build(deps): bump thiserror from 2.0.9 to 2.0.11 by @dependabot[bot] in #906
  • build(deps): bump serde_json from 1.0.135 to 1.0.138 by @dependabot[bot] in #924
  • build(deps): bump uuid from 1.11.0 to 1.13.2 by @dependabot[bot] in #937
  • packit: Add compatibility/api_version_compatibility test by @ansasaki in #948
  • Add capabilities_negotiation structures by @sarroutbi in #945
  • build(deps): bump uuid from 1.13.2 to 1.15.1 by @dependabot[bot] in #950
  • build(deps): bump openssl from 0.10.70 to 0.10.71 by @dependabot[bot] in #940
  • keylime-agent.conf: only mention ecdsa and rsassa for signing by @THS-on in #952
  • packit: Add identifier for each copr_build job by @ansasaki in #943
  • build(deps): bump serde_json from 1.0.138 to 1.0.140 by @dependabot[bot] in #954
  • Update push model structures to latest values by @sarroutbi in #961
  • Recover key_class field and set it as "asymmetric" by @sarroutbi in #966
  • Add support for ek certificate chain (stored in TPM NVRAM), resolves #1552 by @ematery in #951
  • Push model prototype by @sarroutbi in #964
  • Code refactoring: Include AgentIdentity by @sarroutbi in #925
  • build(deps): bump tokio from 1.43.0 to 1.44.2 by @dependabot[bot] in #973
  • Move SymmKey from common to the keylime library by @ansasaki in #975
  • build(deps): bump openssl from 0.10.71 to 0.10.72 by @dependabot[bot] in #972
  • Move AuthTag and EncryptedData from the common.rs to the Keylime library by @ansasaki in #976
  • Do not use certificate on insecure mode by @sarroutbi in #980
  • Add logging to the push attestation prototype by @ansasaki in #981
  • Cargo: bump url crate to version 2.5.4 by @ansasaki in #982
  • Add client certificates to push-attestation prototype by @ansasaki in #984
  • Add mockoon test scenario by @sarroutbi in #979
  • Define EvidenceHandling structures by @sarroutbi in #971
  • Fix minor README.md issue by @sarroutbi in #988
  • Add auth(sessions) structures by @sergio-correia in #987
  • build(deps): bump serde from 1.0.217 to 1.0.219 by @dependabot[bot] in #955
  • build(deps): bump reqwest from 0.12.12 to 0.12.15 by @dependabot[bot] in #960
  • build(deps): bump actix-web from 4.9.0 to 4.10.2 by @dependabot[bot] in #958
  • build(deps): bump assert_cmd from 2.0.16 to 2.0.17 by @dependabot[bot] in #992
  • build(deps): bump log from 0.4.25 to 0.4.27 by @dependabot[bot] in #991
  • build(deps): bump signal-hook from 0.3.17 to 0.3.18 by @dependabot[bot] in #993
  • build(deps): bump thiserror from 2.0.11 to 2.0.12 by @dependabot[bot] in #995
  • build(deps): bump uuid from 1.15.1 to 1.16.0 by @dependabot[bot] in #994
  • Integrate Evidence Handling/Authentication messages to push attestation prototype by @sarroutbi in #990
  • build(deps): bump libc from 0.2.169 to 0.2.172 by @dependabot[bot] in #996
  • build(deps): bump pest from 2.7.15 to 2.8.0 by @dependabot[bot] in #998
  • build(deps): bump pest_derive from 2.7.15 to 2.8.0 by @dependabot[bot] in #1000
  • Move structure filling and URL selection related code to specific modules by @sarroutbi in #999
  • Refactor code: move error and registration to lib by @sarroutbi in #1004
  • build(deps): bump tempfile from 3.17.1 to 3.20.0 by @dependabot[bot] in #1003
  • build(deps): bump chrono from 0.4.40 to 0.4.41 by @dependabot[bot] in #1001
  • build(deps): bump tokio from 1.44.2 to 1.45.0 by @dependabot[bot] in #1006
  • Add registration for Push Model client by @sarroutbi in #1005
  • build(deps): bump clap from 4.5.23 to 4.5.38 by @dependabot[bot] in #989
  • Avoid duplicated call to ctx.create_ek by @sarroutbi in #1010
  • Enable different key sizes and curves for EK and AK by @THS-on in #846
  • Remove configuration file trailing whitespaces by @sarroutbi in #1012
  • Add Quote related structures to Keylime library by @sarroutbi in #1013
  • Unify Push Model structures time formats to UTC by @sarroutbi in #1016
  • build(deps): bump tokio from 1.45.0 to 1.45.1 by @dependabot[bot] in #1008
  • build(deps): bump clap from 4.5.38 to 4.5.39 by @dependabot[bot] in #1011
  • Move Agent identity information from the RegistrarClient structure to the new structure AgentIdentity by @ansasaki in #1017
  • build(deps): bump uuid from 1.16.0 to 1.17.0 by @dependabot[bot] in #1007
  • build(deps): bump wiremock from 0.6.2 to 0.6.3 by @dependabot[bot] in #977
  • Extract Capabilities Negotiation info from TPM by @sarroutbi in #1014
  • Move reusable code from keylime-agent to the keylime library by @ansasaki in #1018
  • build(deps): bump once_cell from 1.19.0 to 1.21.3 by @dependabot[bot] in #1019
  • Push Model: Add IMA log parser to send correct entry count by @sarroutbi in #1026
  • Add UEFI log handler, use it to send UEFI count by @sarroutbi in #1022
  • Fix race conditions in tests by @ansasaki in #1028
  • tests: Do not assume /var/lib/keylime exists by @ansasaki in #1030
  • Use singleton to avoid multiple Context allocation by @sarroutbi in #1029
  • Add Keylime push model binary to root GNUmakefile by @sarroutbi in #1031
  • Push Model: Persist Attestation Key to file by @sarroutbi in #1032
  • Send correct 'key_algorithm' in certification_keys by @sarroutbi in #1035
  • Send Content-Type:application/json on request by @sarroutbi in #1039
  • Fix pcr_bank function to send all slots by @sarroutbi in #1036
  • config: Unify configuration for pull and push agents by @ansasaki in #1037
  • Add disallowed_signing_algorithms, avoid ecschnorr by @sarroutbi in #1034
  • Push Model: Perform attestation (quote, uefi and ima logs) by @sarroutbi in #1038
  • Fix clippy warnings about uninlined format arguments by @ansasaki in #1042
  • context_info_handler: Do not assume /var/lib/keylime exists by @ansasaki in #1044
  • Fix UEFI test to check file access in all cases by @sarroutbi in #1045
  • Add Capabilities Negotiations resp. missing fields by @sarroutbi in #1046
  • Increase coverage in evidence handling structure by @sarroutbi in #1047
  • Add resilient_client for exponential backoff by @sarroutbi in #1048
  • keylime/structures: Rename ShaValues to PcrBanks by @ansasaki in #1049
  • Integrate exponential backoff to registration by @sarroutbi in #1052
  • Allow custom content-type/accept headers by @sarroutbi in #1054
  • tpm: Add method to extract signing scheme and hash algorithm from AK by @ansasaki in #1053
  • Log ResilientClient errors/response status codes by @sarroutbi in #1055
  • Fix body sending by allowing serializing strings by @sarroutbi in #1057
  • push-model: refactor attestation logic into a state machine by @sergio-correia in #1050
  • Refactor evidences collection in push attestation agent by @ansasaki in #1056
  • tpm: Avoid running code example during documentation tests by @ansasaki in #1059
  • Fix exponential backoff (10secs, 4xx accepted) by @sarroutbi in #1060
  • Groom code (remove dead code, increase coverage) by @sarroutbi in #1061
  • Align exp.backoff to current configuration format by @sarroutbi in #1062
  • Add Verifier URL to configuration by @sarroutbi in #1063
  • Retry registration forever in the state machine by @sarroutbi in #1064
  • push-model: implement continuous attestation with configurable intervals by @sergio-correia in #1066
  • rpm: Add subpackage for push-attestation agent by @ansasaki in #1067
  • Bump version to 0.2.8 by @ansasaki in #1070

New Contributors

Full Changelog: v0.2.7...v0.2.8

Contributors

sarroutbi, sgebauer, and 5 other contributors
Assets 2
Loading