Home | History | Annotate | Download | only in epid-sdk 
      1 # Intel(R) EPID SDK ChangeLog                                   {#ChangeLog}
      2 
      3 ## [6.0.1] - 2018-05-04
      4 
      5 ### Changed
      6 
      7 - Updated Intel(R) IPP Cryptography library to version 2018 (Update
      8   2.1).
      9 
     10 ### Fixed
     11 
     12 - The member library now includes the tpm2 subcomponent when built
     13   using SCons, instead of requiring a separate member.tpm2 library.
     14 
     15 ### Known Issues
     16 
     17 - Only the SHA-256 hash algorithm is supported when using the SDK with
     18   the IBM TPM simulator due to a defect in version 532 of the
     19   simulator.
     20 
     21 - Basenames are limited to 124 bytes in TPM mode.
     22 
     23 - Scons build will not work natively on ARM. You can still build using
     24   `make` or cross compile.
     25 
     26 ## [6.0.0] - 2017-12-15
     27 
     28 ### Added
     29 
     30 - The member can now be built with a substantially reduced code size
     31   using a compilation option.
     32 
     33 - New context lifetime management APIs have been added to member to
     34   give callers more control of memory allocation.
     35 
     36 - New member API `EpidClearRegisteredBasenames` has been added to
     37   clear registered basenames without recreating the member.
     38 
     39 ### Changed
     40 
     41 - `EpidRegisterBaseName` was renamed to `EpidRegisterBasename` because
     42   basename is a single word.
     43 
     44 - Command-line parsing library used by samples and tools has been
     45   replaced by Argtable3.
     46 
     47 
     48 ### Deprecated
     49 
     50 - `EpidMemberCreate` has been deprecated. This API has been superseded
     51   by `EpidMemberGetSize` and `EpidMemberInit`.
     52 
     53 - `EpidMemberDelete` has been deprecated. This API has been superseded
     54   by `EpidMemberDeinit`.
     55 
     56 ### Removed
     57 
     58 - `size_optimized_release` build configuration has been removed.
     59   Use the compilation option to build member with reduced code size.
     60 
     61 ### Known Issues
     62 
     63 - Only the SHA-256 hash algorithm is supported when using the SDK with
     64   the IBM TPM simulator due to a defect in version 532 of the
     65   simulator.
     66 
     67 - Basenames are limited to 124 bytes in TPM mode.
     68 
     69 - Scons build will not work natively on ARM. You can still build using
     70   `make` or cross compile.
     71 
     72 
     73 ## [5.0.0] - 2017-09-15
     74 
     75 ### Added
     76 
     77 - The member implementation now has the option to support signing
     78   using a TPM, using the ECDAA capabilities of TPM 2.0.
     79 
     80 
     81 ### Changed
     82 
     83 - Member API updated to unify HW and SW use cases.
     84     - Added
     85         - `ProvisionKey`
     86         - `ProvisionCompressed`
     87         - `ProvisionCredential`
     88         - `Startup`
     89     - Parameters changed
     90         - `MemberCreate`
     91         - `RequestJoin`
     92     - Removed or made private
     93         - `WritePrecomp`
     94         - `SignBasic`
     95         - `NrProve`
     96         - `AssemblePrivKey`
     97 
     98 - `EpidRequestJoin` was renamed to `EpidCreateJoinRequest` to make it
     99   clear that it is not directly communicating with the issuer.
    100 
    101 
    102 ### Fixed
    103 
    104 - `EpidCreateJoinRequest` creates valid join requests. This fixes a
    105   regression in `EpidRequestJoin` introduced in 4.0.0.
    106 
    107 
    108 ### Known Issues
    109 
    110 - Only the SHA-256 hash algorithm is supported when using the
    111   SDK with the IBM TPM simulator due to a defect in version
    112   532 of the simulator.
    113 
    114 - Basenames are limited to 124 bytes in TPM mode.
    115 
    116 
    117 ## [4.0.0] - 2017-04-25
    118 
    119 ### Added
    120 
    121 - The member implementation now provides an internal interface that
    122   gives guidance on partitioning member operations between highly
    123   sensitive ones that use f value of the private key, and less
    124   sensitive operations that can be performed in a host environment.
    125 
    126 - New member API `EpidAssemblePrivKey` was added to help assemble and
    127   validate the new member private key that is created when a member
    128   either joins a group (using the join protocol) or switches to a new
    129   group (as the result of a performance rekey).
    130 
    131 
    132 ### Changed
    133 
    134 - Updated Intel(R) IPP Cryptography library to version 2017 (Update 2).
    135 
    136 - The mechanism to set the signature based revocation list (SigRL)
    137   used for signing was changed. `EpidMemberSetSigRl` must be used to
    138   set the SigRL. The SigRL is no longer a parameter to `EpidSign`.
    139   This better models typical use case where a device stores a
    140   revocation list and updates it independently of signing operations.
    141 
    142 
    143 ### Removed
    144 
    145 - Removed `EpidWritePreSigs` API. Serialization of pre-computed
    146   signatures is a risky capability to provide, and simply expanding
    147   the internal pool via `EpidAddPreSigs` still provides most of the
    148   optimization benefits.
    149 
    150 - The `EpidIsPrivKeyInGroup` API is no longer exposed to clients. It
    151   is no longer needed because the new member API `EpidAssemblePrivKey`
    152   performs this check.
    153 
    154 
    155 ### Fixed
    156 
    157 - When building with commercial version of the Intel(R) IPP
    158   Cryptography library, optimized functions are now properly invoked,
    159   making signing and verification operations ~2 times faster
    160 
    161 - SHA-512/256 hash algorithm is now supported.
    162 
    163 - README for compressed data now correctly documents the number of
    164   entries in revocation lists.
    165 
    166 - The `verifysig` sample now reports a more clear error message for
    167   mismatched SigRLs.
    168 
    169 - The default scons build will now build for a 32-bit target on a
    170   32-bit platform.
    171 
    172 
    173 ### Known Issues
    174 
    175 - Scons build will not work natively on ARM. You can still build using
    176   `make` or cross compile.
    177 
    178 
    179 ## [3.0.0] - 2016-11-22
    180 
    181 ### Added
    182 
    183 - Support for verification of Intel(R) EPID 1.1 members.
    184 
    185 - Make-based build system support.
    186 
    187 - Sample material includes compressed keys.
    188 
    189 - Enhanced documentation, including step-by-step walkthroughs of
    190   example applications.
    191 
    192 - Validated on additional IoT platforms.
    193 
    194   - Ostro Linux
    195 
    196   - Snappy Ubuntu Core
    197 
    198 
    199 ### Changes
    200 
    201 - A new verifier API has been added to set the basename to be used for
    202   verification. Verifier APIs that used to accept basenames now use
    203   the basename set via `EpidVerifierSetBasename`.
    204 
    205 - The verifier pre-computation structure has been changed to include
    206   the group ID to allow detection of errors that result from providing
    207   a pre-computation blob from a different group to
    208   `EpidVerifierCreate`.
    209 
    210 
    211 ### Fixes
    212 
    213 - The kEpidxxxRevoked enums have been renamed to be consistent with
    214   other result return values.
    215 
    216 
    217 ### Known Issues
    218 
    219 - SHA-512/256 hash algorithm is not supported.
    220 
    221 
    222 ## [2.0.0] - 2016-07-20
    223 
    224 ### Added
    225 
    226 - Signed binary issuer material support.
    227 
    228   - Binary issuer material validation APIs.
    229 
    230   - Updated sample issuer material.
    231 
    232   - Updated samples that parse signed binary issuer material.
    233 
    234 - Compressed member private key support.
    235 
    236 - Validated on additional IoT platforms.
    237 
    238   - Windows 10 IoT Core
    239 
    240   - WindRiver IDP
    241 
    242 
    243 ### Changed
    244 
    245 - The default hash algorithm has changed. It is now SHA-512.
    246 
    247 - Functions that returned `EpidNullPtrErr` now return `EpidBadArgErr`
    248   instead.
    249 
    250 
    251 ### Fixed
    252 
    253 - Updated build flags to work around GCC 4.8.5 defect.
    254 
    255 
    256 ## [1.0.0] - 2016-03-03
    257 
    258 ### Added
    259 
    260 - Basic sign and verify functionality
    261 
    262 - Dynamic join support for member
    263 
    264 - Apache 2.0 License
    265