Age | Commit message (Collapse) | Author |
|
am: e6373090c6
Change-Id: Ia53370f2096b11a3184b280f23318387d1ec6d91
|
|
Change-Id: Ib32730edd5e909b8a2923b77c776d16a0d758c90
BUG: 129345239
|
|
CVE-2018-12155. am: 10cdf58422 am: 07de51c7e8
am: 732e2109f1
Change-Id: I4390b3ee2d3083255edb29f4a29eee0b375056aa
|
|
CVE-2018-12155. am: 10cdf58422
am: 07de51c7e8
Change-Id: Iaed2254185a76e8d78c887d117c0aba8b22ff400
|
|
CVE-2018-12155.
am: 10cdf58422
Change-Id: I5a10e544717f80660e294c28c37204b5b192024a
|
|
CVE-2018-12155.
Bug: 128988865
Test: Unit tests passing
Change-Id: I84730b2a7e997c32bff7734c6a021cd30c3bb934
|
|
am: 3d0cccb29c -s ours
am skip reason: subject contains skip directive
Change-Id: I4baa11c19d8a1bdb05e3cc45df7f379319eeae6b
|
|
Bug: 120848293
Change-Id: Iffef6003c12764c747d643487d3b9d82e3181791
|
|
am: 08e7a593f7
Change-Id: I312c6160daa439d6ee16cf4d911ddd4115ba1a29
|
|
am: e3e76a72c7
Change-Id: Icb947dd35112bc0e6ce694292073108365e77b5c
|
|
am: a610fd9ba0
Change-Id: Idcf3123f72c7023e9e09e40147955b1e348cee50
|
|
Test: m checkbuild
Bug: 72331524
Change-Id: Ib7293c02aec0cbde89168702830a7613bc49dc06
|
|
am: 03f25d72f9
Change-Id: I8491baae5198acd912639ba8ea5c78ff4f37b4e2
|
|
am: 60effc3726
Change-Id: I36419db074d27860ccbde51408195cb9def50cc0
|
|
am: 4809d28afc
Change-Id: I74b796548c437097df863ee087d3007d6b61c3ec
|
|
|
|
f69ba93887 am: eaf9f1afd3
am: 6127aaa6b5
Change-Id: I84cf2a6d600ffe7fa82acb56d346f22ee05bb7fb
|
|
am: eaf9f1afd3
Change-Id: I73223b4b37d469f99ff9e0cb8752e5dcb9f16f36
|
|
am: f69ba93887
Change-Id: I9ba164aa2e70bff6d003f6c5a816ccd9a51a030e
|
|
am: cd507720cc
Change-Id: I26d978d61a90cdcb69f1072088aa0893c9d949af
|
|
|
|
Include external/epid_sdk when building dependent module
Tested: passed epid sdk unit tests
Bug: 110495054
Change-Id: If1f27fed05478f93e4d68e95959d025939202ed2
|
|
am: b41368f24a
Change-Id: I155aa8012c5f15962247320250fc1ab6623ce248
|
|
am: bc739798f4
Change-Id: I97b311e86eabbae9eedfdc1e9b288e23967f845e
|
|
am: 6e4aec865f
Change-Id: Ibb9ec77736df5f342185b7c1e5afeff14138e5c0
|
|
am: d50335fb26
Change-Id: I52523596ec83af7821ee2c609efdc37598d5217c
|
|
Change-Id: I63fee2e94317d60c31b21fd77b74fc79c9e602c5
|
|
am: fbabbe64ac
Change-Id: Ia8312e160c2d776d1a4198632e86f3ee0c19a57f
|
|
am: fa32e7e7e8
Change-Id: Ia04088cc14edbb104dd166d45bc502b80bb186e5
|
|
am: 9f48ff9be2
Change-Id: Id0254417fa89a467aed6d789160567d87a1f27b3
|
|
am: 807f26b911
Change-Id: I2cda5ddf443e44e87993a25da85080f6736d536e
|
|
fix a few typos
Test: epid unit tests can run through on host
Bug: 110495054
Change-Id: I2b48ba5e327bcbd9b71fd3277dccfd542dffb4ca
|
|
am: 2dc6e80ae4
Change-Id: Ib67dafb7df7e257042c11ca4260e6a8da534b1cf
|
|
am: df695912a3
Change-Id: Id868e9c7189a91bbc48f95e60b48990352efa6f8
|
|
am: efcd97e0ba
Change-Id: I0b49b4421c620df5cb309d35e695024d2aea1974
|
|
am: 9101fea97c
Change-Id: I8fdbc851da008b530a57592d2cb4fb3ecee4944f
|
|
Bug: 111799497
Test: None
Change-Id: I91c1c3a2a1557069d04d9d2799b4d745f0858b28
|
|
Bug: 111799497
Test: None
Change-Id: I51cc42c8ffb82955149e718511ec800559fc071c
|
|
|
|
Changed
-------
- Updated Intel(R) IPP Cryptography library to version 2018 (Update
2.1).
Fixed
-----
- The member library now includes the tpm2 subcomponent when built
using SCons, instead of requiring a separate member.tpm2 library.
Known Issues
------------
- Only the SHA-256 hash algorithm is supported when using the SDK with
the IBM TPM simulator due to a defect in version 532 of the
simulator.
- Basenames are limited to 124 bytes in TPM mode.
- Scons build will not work natively on ARM. You can still build using
`make` or cross compile.
|
|
Added
-----
- The member can now be built with a substantially reduced code size
using a compilation option.
- New context lifetime management APIs have been added to member to
give callers more control of memory allocation.
- New member API `EpidClearRegisteredBasenames` has been added to
clear registered basenames without recreating the member.
Changed
-------
- `EpidRegisterBaseName` was renamed to `EpidRegisterBasename` because
basename is a single word.
- Command-line parsing library used by samples and tools has been
replaced by Argtable3.
Deprecated
----------
- `EpidMemberCreate` has been deprecated. This API has been superseded
by `EpidMemberGetSize` and `EpidMemberInit`.
- `EpidMemberDelete` has been deprecated. This API has been superseded
by `EpidMemberDeinit`.
Removed
-------
- `size_optimized_release` build configuration has been removed.
Use the compilation option to build member with reduced code size.
Known Issues
------------
- Only the SHA-256 hash algorithm is supported when using the SDK with
the IBM TPM simulator due to a defect in version 532 of the
simulator.
- Basenames are limited to 124 bytes in TPM mode.
- Scons build will not work natively on ARM. You can still build using
`make` or cross compile.
|
|
Added
* The member implementation now has the option to support signing
using a TPM, using the ECDAA capabilities of TPM 2.0.
Changed
* Member API updated to unify HW and SW use cases.
* Added
* `ProvisionKey`
* `ProvisionCompressed`
* `ProvisionCredential`
* `Startup`
* Parameters changed
* `MemberCreate`
* `RequestJoin`
* Removed or made private
* `WritePrecomp`
* `SignBasic`
* `NrProve`
* `AssemblePrivKey`
* `EpidRequestJoin` was renamed to `EpidCreateJoinRequest` to make it
clear that it is not directly communicating with the issuer.
Fixed
* `EpidCreateJoinRequest` creates valid join requests. This fixes a
regression in `EpidRequestJoin` introduced in 4.0.0.
Known Issues
* Only the SHA-256 hash algorithm is supported when using the
SDK with the IBM TPM simulator due to a defect in version
532 of the simulator.
* Basenames are limited to 124 bytes in TPM mode.
|
|
Added
* The member implementation now provides an internal interface that
gives guidance on partitioning member operations between highly
sensitive ones that use f value of the private key, and less
sensitive operations that can be performed in a host environment.
* New member API `EpidAssemblePrivKey` was added to help assemble and
validate the new member private key that is created when a member
either joins a group (using the join protocol) or switches to a new
group (as the result of a performance rekey).
Changed
* Updated Intel(R) IPP Cryptography library to version 2017 (Update 2).
* The mechanism to set the signature based revocation list (SigRL)
used for signing was changed. `EpidMemberSetSigRl` must be used to
set the SigRL. The SigRL is no longer a parameter to `EpidSign`.
This better models typical use case where a device stores a
revocation list and updates it independently of signing operations.
Removed
* Removed `EpidWritePreSigs` API. Serialization of pre-computed
signatures is a risky capability to provide, and simply expanding
the internal pool via `EpidAddPreSigs` still provides most of the
optimization benefits.
* The `EpidIsPrivKeyInGroup` API is no longer exposed to clients. It
is no longer needed because the new member API `EpidAssemblePrivKey`
performs this check.
Fixed
* When building with commercial version of the Intel(R) IPP
Cryptography library, optimized functions are now properly invoked,
making signing and verification operations ~2 times faster
* SHA-512/256 hash algorithm is now supported.
* README for compressed data now correctly documents the number of
entries in revocation lists.
* The `verifysig` sample now reports a more clear error message for
mismatched SigRLs.
* The default scons build will now build for a 32-bit target on a
32-bit platform.
Known Issues
* Scons build will not work natively on ARM. You can still build using
`make` or cross compile.
|
|
New in This Release
* Support for verification of EPID 1.1 members.
* Make-based build system support.
* Sample material includes compressed keys.
* Enhanced documentation, including step-by-step walkthroughs of
example applications.
* Validated on additional IoT platforms.
- Ostro Linux
- Snappy Ubuntu Core
Changes:
* A new verifier API has been added to set the basename to be used for
verification. Verifier APIs that used to accept basenames now use
the basename set via EpidVerifierSetBasename.
* The verifier pre-computation structure has been changed to include
the group ID to allow detection of errors that result from providing
a pre-computation blob from a different group to EpidVerifierCreate.
Fixes:
* The kEpidxxxRevoked enums have been renamed to be consistent with
other result return values.
Known Issues:
* SHA-512/256 hash algorithm is not supported.
|
|
New in This Release:
* Signed binary issuer material support.
- Binary issuer material validation APIs.
- Updated sample issuer material.
- Updated samples that parse signed binary issuer material.
* Compressed member private key support.
* Validated on additional IoT platforms.
- Windows 10 IoT Core
- WindRiver IDP
Changes:
* The default hash algorithm has changed. It is now SHA-512.
* Functions that returned `EpidNullPtrErr` now return `EpidBadArgErr`
instead.
Fixes:
* Updated build flags to work around GCC 4.8.5 defect.
Known Issues:
* SHA-512/256 hash algorithm is not supported.
* Compressed key sample material is not included in the package.
|
|
|