Most of the updates in this release are geared towards FIPS related improvements and code refactorings that improve maintainability. With the usual crop of bugfixes and a few new features
What's Changed
- Fix session validity check in SeedRandom/GenerateRandom by @satoqz in #382
- Improve length lookups in DecryptFinal/EncryptFinal by @satoqz in #383
- Check minimum entropy length values by @simo5 in #384
- Really update to edition 2024 by @simo5 in #187
- Ed25519ctx is not fips approved by @simo5 in #388
- Add support for C_[Get|Set]OperationState functions by @simo5 in #389
- Update to rust-cryptoki 0.11 by @Jakuje in #390
- Update constant_time_eq from 0.3.0 to 0.4.2 by @musicinmybrain in #393
- Update rusqlite to 0.38 with fallible_uint by @Jakuje in #394
- storage: Use explicit casts to avoid fallible_uint feature of rusqlite by @Jakuje in #396
- Update CI to use OpenSSL 4.0 branch by @simo5 in #397
- Mark restored hash operations as in use by @simo5 in #400
- Minor TLS improvements by @ilie-halip-nxp in #399
- Add integration test for PKCS#11 module by @simo5 in #385
- Disable SLH-DSA in FIPS builds without ossl400 by @simo5 in #403
- Update actions/checkout to v6 in workflows by @simo5 in #401
- Set CKA_PUBLIC_KEY_INFO for EC private keys by @simo5 in #402
- Add ECDH key re-import integration test by @simo5 in #404
- docs: fix misc typos in storage encryption doc by @berrange in #406
- packaging: stop duplicating the license list in comments by @berrange in #407
- Pull pyca SHA3 OIDs by @Jakuje in #329
- ossl/build.rs: support OSSL_BINDGEN_CLANG_ARGS by @numinit in #386
- Update rust-cryptoki 0.12.0 by @Jakuje in #408
- Handle hmac state saving by @simo5 in #410
- Move FIPS Known Answer Tests in a single file by @simo5 in #411
- accelerate FIPS builds by @keldonin in #412
- Use standard CKR_TOKEN_NOT_INITIALIZED error by @simo5 in #413
- Move some test from unit test to integration tests by @simo5 in #414
- R.I.P Memory backend by @simo5 in #415
- Add common EC flags to mechanism info by @simo5 in #419
- Add CKO_MECHANISM objects and add CKA_UNIQUE_ID to all objects by @simo5 in #421
- Refactor object module to split it in smaller digestible chunks by @simo5 in #422
- Fips defer tests by @simo5 in #423
- Release 1.5.0 by @simo5 in #426
New Contributors
- @satoqz made their first contribution in #382
- @musicinmybrain made their first contribution in #393
- @ilie-halip-nxp made their first contribution in #399
- @berrange made their first contribution in #406
- @numinit made their first contribution in #386
- @keldonin made their first contribution in #412
Full Changelog: v1.4.0...v1.5.0
Contributors
numinit, keldonin, and 6 other contributors