All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
- Add the libcurl integration
- Added verification of MASA output.
- Added certificate serial number logging. By default the registrar logs to
/var/log/brski-registrar.log.
- Added get certificate serial command
- The registrar doesn't check the pledge certificate
- Added BRSKI tool port and address
The voucher ABI has breaking changes.
- Added BRSKI flow with registrar certificate check
- add sign cert REST API for registrar and MASA. The certificate is signgned with the ldevid.
The voucher ABI has breaking changes.
- Added github CI for debian package release
-
add
not_after_absolutefield tostruct crypto_cert_meta. Unlike the existingnot_afterfield, which represents an offset from the current time, thenot_after_absolutefield represents an absolute time. It can be set to"99991231235959Z"for a [long-lived pledge certificate][rfc8995#2.6.2]. -
add
init_binary_array(), which initializes a new emptystruct BinaryArray.
- add
BUILD_JSMNCMake option. Set this toOFFin case you want to use your system's jsmn lib, instead of downloading it automatically.
The voucher ABI has breaking changes.
- Voucher artifact implementation as per RFC8366,
- Pledge-Registrar voucher request implementation with CMS signatures,
- Registrar-MASA voucher request implementation with CMS signatures,
- MASA-Pledge voucher request implementation with CMS signatures and
- CMS signatures dependency on OpenSSL or WolfSSL libraries.