| [ba6027a] | 1 | = 0.2.2 = |
|---|
| [b92a620] | 2 | 2012-08-XX |
|---|
| [ba6027a] | 3 | * Added support for accepting encrypted private key with passphrase |
|---|
| 4 | for principal credential creation and for attribute rule creation |
|---|
| 5 | * API is expanded to allow specifying private key file and passphrase |
|---|
| 6 | file |
|---|
| 7 | * creddy attribute and generate options are expanded to accept |
|---|
| 8 | a specific private key and allowing passphrase option |
|---|
| 9 | * a new keycheck option is added to creddy to do access check on |
|---|
| 10 | a key file (encrypted and none encrypted) |
|---|
| 11 | * add examples for encryption/passphrase |
|---|
| 12 | * migrate the sample scripts that used to be under swig directory to |
|---|
| 13 | examples directory and setup as part of regression test suite |
|---|
| [2485307] | 14 | * add examples for timing/performance runs |
|---|
| 15 | * change the proof buffer allocation to YAP_AllocSpaceFromYap and sizing |
|---|
| 16 | the buffer repeatedly and progressively if the initial size is too small |
|---|
| [b92a620] | 17 | * tested with Yap 6.2.3 but not required |
|---|
| [ba6027a] | 18 | |
|---|
| [888df49] | 19 | = 0.2.1 = |
|---|
| [ba6027a] | 20 | 2012-07-06 |
|---|
| [888df49] | 21 | * The API visible to programmers is much richer and should make |
|---|
| 22 | development simpler. As part of this, the libcreddy/libabac |
|---|
| 23 | distinction has disappeared. All libcreddy functions are now |
|---|
| 24 | available through libabac. |
|---|
| 25 | * updated to use strongswan 4.6.4. Strongswan 4.4.0 had become very |
|---|
| 26 | outdated. |
|---|
| 27 | * Added more examples and documentation. |
|---|
| 28 | * add a new '--subject-link' option to creddy --attribute to hold the |
|---|
| 29 | linking role |
|---|
| 30 | * add --dbdump option to abac_prover_yap to retrieve all prolog clauses |
|---|
| 31 | stored in the db |
|---|
| [a0c1772] | 32 | |
|---|
| 33 | WARNING |
|---|
| 34 | - There are occasional spurious error messages originated |
|---|
| 35 | from Strongswan during access of the attribute credentials. Those |
|---|
| 36 | messages are due to libstrongswan mishandling certain values of |
|---|
| 37 | authorizedKeyIdentifier in a non-destructive way. While we are |
|---|
| 38 | working with the strongswan developers to remove these messages, they |
|---|
| 39 | should not affect ABAC in any way. |
|---|
| 40 | |
|---|
| 41 | Here are sample messages: |
|---|
| [2efdff5] | 42 | |
|---|
| 43 | L6 - keyIdentifier: length of ASN.1 object invalid or too large |
|---|
| 44 | L6 - authorityCertSerialNumber: length of ASN.1 object invalid or too large |
|---|
| 45 | |
|---|
| [888df49] | 46 | Do report to us if your ABAC is not behaving as |
|---|
| [2efdff5] | 47 | expected and messages like above seem to be a factor.. |
|---|
| 48 | |
|---|
| [888df49] | 49 | = 0.2.0 = |
|---|
| [9b43fc3] | 50 | 2012-02-27 |
|---|
| [888df49] | 51 | * '''API-breaking change''': libcreddy ID and attribute cert creation validity |
|---|
| 52 | periods are now measured in seconds |
|---|
| 53 | * significant performance improvements on Linux, see [source:doc/INSTALL] for |
|---|
| 54 | configure flags |
|---|
| 55 | * [CredPrinterDocs credential printer] |
|---|
| 56 | * several bugs and segfaults fixed |
|---|
| 57 | |
|---|
| 58 | = 0.1.3 = |
|---|
| 59 | 2011-03-30 |
|---|
| 60 | * native Java support |
|---|
| 61 | * many, many bugfixes |
|---|
| 62 | |
|---|
| 63 | = 0.1.2 = |
|---|
| 64 | 2010-10-01 |
|---|
| 65 | * libcreddy extracted |
|---|
| 66 | * credddy rewritten to use libcreddy |
|---|
| 67 | * sample code for libcreddy in python |
|---|
| 68 | |
|---|
| 69 | = 0.1.1 = |
|---|
| 70 | 2010-09-17, updated 2010-09-20 |
|---|
| 71 | * Support for intersection rules |
|---|
| 72 | * Support for encrypted private keys |
|---|
| 73 | * Build issues on FreeBSD addressed |
|---|
| 74 | |
|---|
| [549656e] | 75 | |
|---|
