rust-keylime/rust-keylime.changes

-------------------------------------------------------------------
Mon Jan 10 13:06:42 UTC 2022 - aplanas@suse.com

- Update to version 0.1.0+git.1641587454.1248597:
  * quotes_handler: send TPM2 event log for measured boot
  * serialization: move serialization into separate module
  * try to load AK from disk instead of always creating a new one
  * update Cargo.lock file
  * make hash, encryption and signing algorithm configurable
  * tpm: remove get_sig_scheme(..) function
  * hash: rename to algorithms and implement tss conversions
  * cmd_exec: remove cmd_exec module
  * secure_mount: fix mount of tmpfs for secure directory
  * common: change default WORK_DIR to /var/lib/keylime
  * tpm: remove special handling for PCR10

-------------------------------------------------------------------
Mon Dec 13 15:53:39 UTC 2021 - aplanas@suse.com

- Update to version 0.1.0+git.1639176416.fc90088:
  * Code refactor to use updated tss-esapi
- Drop add_property_tag_variant_for_maxcapbuffer.patch, included in
  the upstream crate

-------------------------------------------------------------------
Wed Nov 24 13:48:07 UTC 2021 - Alberto Planas Dominguez <aplanas@suse.com>

- Conflict with keylime-agent, keylime-config and keylime-firewalld
- Add keylime_ima_emulator tool
- Add patch add_property_tag_variant_for_maxcapbuffer.patch

-------------------------------------------------------------------
Fri Nov 19 13:02:48 UTC 2021 - aplanas@suse.com

- Update to version 0.1.0+git.1637095429.d5a3191:
  * Run Fedora tests on unified Keylime test container
  * ima_emulator: Print error message when TCTI envvar is not set
  * Add keylime_ima_emulator executable for testing
  * Fix 0mq problem
  * ci: Check unit test coverage with cargo tarpaulin (#216)
  * config: merge with Python keylime.conf and remove unused entries
  * Add support for contact ip and port
  * common: move get env or from config into sperate function
  * keys_handler: Add unit tests
  * quotes_handler: Add unit tests (#265)
  * Fix bugs that occur after a delete and re-add from the tenant
  * Retain the main loop running after payload execution (#249)
  * keys_handler: verify HMAC in constant-time (#248)
  * build: Adjust package dependencies to compile in Fedora (#245)
  * Generate Cargo.lock file
  * Add Ueno as a maintainer and set codeowners
  * Fix clippy errors, update to newest TSS-ESAPI
- Drop generate-cargo-lock-file.patch (already in upstream)

-------------------------------------------------------------------
Mon Aug 16 14:23:13 UTC 2021 - aplanas@suse.com

- Update to version 0.1.0+git.1629114992.890e8c9:
  * Add "v1.0" prefix to agent APIs
- Update generate-cargo-lock-file.patch

-------------------------------------------------------------------
Wed Jul 28 08:56:33 UTC 2021 - Alberto Planas Dominguez <aplanas@suse.com>

- Add generate-cargo-lock-file.patch to fix the build system in OBS
- Add keylime.conf.diff to adjust the default config file
- Adjust build requirements
- Add firewalld XML rules
- Add systemd keylime_agent.service
- Fix license tag

-------------------------------------------------------------------
Thu Jul 22 09:20:38 UTC 2021 - aplanas@suse.com

- Update to version 0.0.1+git.1626706730.a009476:
  * libarchive-devel is needed to build on Fedora
  * Accept sets of U and V keys; use new Key types
  * Output mask info
  * Fix for race condition bug
  * Do not resend pubkey to CV after attestation
  * Run payload script from a shell
  * Write out data and run payload
  * Decrypt payload after key handlers find symm key
  * Add handler for U and V keys
  * Add helper functions for handling U and V keys
  * Some TPM fixes for IMA PCR validation
  * Do not flush AK context as this causes an error
  * Fix bug in revocation service
  * Drop references to vmask
  * Better documentation of consts
  * Do not fail if EK cert is not present in TPM NV
  * Add more verbose logging to better match Python agent
  * Remove verify stub as we are not using it
  * tests: Don't pass --allow-signing to swtpm_setup
  * Fix typos
  * Add dependency for libzmq3-dev / zeromq-devel
  * Fix new clippy lints
  * Add handling for Identity and Integrity quotes
  * Add Quote functionality
  * Add marshaling functions for TPM structs

-------------------------------------------------------------------
Tue Jun 08 11:59:11 UTC 2021 - aplanas@suse.com

- Update to version 0.0.1+git.1620935374.4df2148:
  * Add function to read PCR mask
  * Small fixes in TPM functions
  * Send quote data to actixweb handlers

-------------------------------------------------------------------
Tue May 04 12:23:18 UTC 2021 - aplanas@suse.com

- Update to version 0.0.1+git.1618949271.f609525:
  * Add more TPM helper functions
  * Use PKeys consistently
  * Rebase on tss-esapi 5.0
  * Pass a PKeyRef to asym_verify
  * Use #[[from] from thiserror
  * Fix uppercase acronyms
  * Add testing feature
  * Remove port bindings for agent
  * More verbose TPM and revocation error, verbose success
  * Fix docker networking
Accepting request 945322 from home:aplanas:branches:security - Update to version 0.1.0+git.1641587454.1248597: * quotes_handler: send TPM2 event log for measured boot * serialization: move serialization into separate module * try to load AK from disk instead of always creating a new one * update Cargo.lock file * make hash, encryption and signing algorithm configurable * tpm: remove get_sig_scheme(..) function * hash: rename to algorithms and implement tss conversions * cmd_exec: remove cmd_exec module * secure_mount: fix mount of tmpfs for secure directory * common: change default WORK_DIR to /var/lib/keylime * tpm: remove special handling for PCR10 OBS-URL: https://build.opensuse.org/request/show/945322 OBS-URL: https://build.opensuse.org/package/show/security/rust-keylime?expand=0&rev=8 2022-01-10 13:35:41 +00:00			`-------------------------------------------------------------------`
			`Mon Jan 10 13:06:42 UTC 2022 - aplanas@suse.com`

			`- Update to version 0.1.0+git.1641587454.1248597:`
			`* quotes_handler: send TPM2 event log for measured boot`
			`* serialization: move serialization into separate module`
			`* try to load AK from disk instead of always creating a new one`
			`* update Cargo.lock file`
			`* make hash, encryption and signing algorithm configurable`
			`* tpm: remove get_sig_scheme(..) function`
			`* hash: rename to algorithms and implement tss conversions`
			`* cmd_exec: remove cmd_exec module`
			`* secure_mount: fix mount of tmpfs for secure directory`
			`* common: change default WORK_DIR to /var/lib/keylime`
			`* tpm: remove special handling for PCR10`

Accepting request 940292 from home:aplanas:branches:security - Update to version 0.1.0+git.1639176416.fc90088: * Code refactor to use updated tss-esapi - Drop add_property_tag_variant_for_maxcapbuffer.patch, included in the upstream crate OBS-URL: https://build.opensuse.org/request/show/940292 OBS-URL: https://build.opensuse.org/package/show/security/rust-keylime?expand=0&rev=7 2021-12-13 16:09:07 +00:00			`-------------------------------------------------------------------`
			`Mon Dec 13 15:53:39 UTC 2021 - aplanas@suse.com`

			`- Update to version 0.1.0+git.1639176416.fc90088:`
			`* Code refactor to use updated tss-esapi`
			`- Drop add_property_tag_variant_for_maxcapbuffer.patch, included in`
			`the upstream crate`

Accepting request 933782 from home:aplanas:branches:security - Conflict with keylime-agent, keylime-config and keylime-firewalld - Add keylime_ima_emulator tool - Add patch add_property_tag_variant_for_maxcapbuffer.patch OBS-URL: https://build.opensuse.org/request/show/933782 OBS-URL: https://build.opensuse.org/package/show/security/rust-keylime?expand=0&rev=6 2021-11-25 15:22:45 +00:00			`-------------------------------------------------------------------`
			`Wed Nov 24 13:48:07 UTC 2021 - Alberto Planas Dominguez <aplanas@suse.com>`

			`- Conflict with keylime-agent, keylime-config and keylime-firewalld`
			`- Add keylime_ima_emulator tool`
			`- Add patch add_property_tag_variant_for_maxcapbuffer.patch`

Accepting request 932540 from home:aplanas:branches:security - Update to version 0.1.0+git.1637095429.d5a3191: * Run Fedora tests on unified Keylime test container * ima_emulator: Print error message when TCTI envvar is not set * Add keylime_ima_emulator executable for testing * Fix 0mq problem * ci: Check unit test coverage with cargo tarpaulin (#216) * config: merge with Python keylime.conf and remove unused entries * Add support for contact ip and port * common: move get env or from config into sperate function * keys_handler: Add unit tests * quotes_handler: Add unit tests (#265) * Fix bugs that occur after a delete and re-add from the tenant * Retain the main loop running after payload execution (#249) * keys_handler: verify HMAC in constant-time (#248) * build: Adjust package dependencies to compile in Fedora (#245) * Generate Cargo.lock file * Add Ueno as a maintainer and set codeowners * Fix clippy errors, update to newest TSS-ESAPI - Drop generate-cargo-lock-file.patch (already in upstream) OBS-URL: https://build.opensuse.org/request/show/932540 OBS-URL: https://build.opensuse.org/package/show/security/rust-keylime?expand=0&rev=5 2021-11-19 13:51:44 +00:00			`-------------------------------------------------------------------`
			`Fri Nov 19 13:02:48 UTC 2021 - aplanas@suse.com`

			`- Update to version 0.1.0+git.1637095429.d5a3191:`
			`* Run Fedora tests on unified Keylime test container`
			`* ima_emulator: Print error message when TCTI envvar is not set`
			`* Add keylime_ima_emulator executable for testing`
			`* Fix 0mq problem`
			`* ci: Check unit test coverage with cargo tarpaulin (#216)`
			`* config: merge with Python keylime.conf and remove unused entries`
			`* Add support for contact ip and port`
			`* common: move get env or from config into sperate function`
			`* keys_handler: Add unit tests`
			`* quotes_handler: Add unit tests (#265)`
			`* Fix bugs that occur after a delete and re-add from the tenant`
			`* Retain the main loop running after payload execution (#249)`
			`* keys_handler: verify HMAC in constant-time (#248)`
			`* build: Adjust package dependencies to compile in Fedora (#245)`
			`* Generate Cargo.lock file`
			`* Add Ueno as a maintainer and set codeowners`
			`* Fix clippy errors, update to newest TSS-ESAPI`
			`- Drop generate-cargo-lock-file.patch (already in upstream)`

Accepting request 912429 from home:aplanas:branches:security - Update to version 0.1.0+git.1629114992.890e8c9: * Add "v1.0" prefix to agent APIs - Update generate-cargo-lock-file.patch OBS-URL: https://build.opensuse.org/request/show/912429 OBS-URL: https://build.opensuse.org/package/show/security/rust-keylime?expand=0&rev=4 2021-08-16 14:40:34 +00:00			`-------------------------------------------------------------------`
			`Mon Aug 16 14:23:13 UTC 2021 - aplanas@suse.com`

			`- Update to version 0.1.0+git.1629114992.890e8c9:`
			`* Add "v1.0" prefix to agent APIs`
			`- Update generate-cargo-lock-file.patch`

Accepting request 908894 from home:aplanas:branches:security - Add generate-cargo-lock-file.patch to fix the build system in OBS - Add keylime.conf.diff to adjust the default config file - Adjust build requirements - Add firewalld XML rules - Add systemd keylime_agent.service - Fix license tag - Update to version 0.0.1+git.1626706730.a009476: * libarchive-devel is needed to build on Fedora * Accept sets of U and V keys; use new Key types * Output mask info * Fix for race condition bug * Do not resend pubkey to CV after attestation * Run payload script from a shell * Write out data and run payload * Decrypt payload after key handlers find symm key * Add handler for U and V keys * Add helper functions for handling U and V keys * Some TPM fixes for IMA PCR validation * Do not flush AK context as this causes an error * Fix bug in revocation service * Drop references to vmask * Better documentation of consts * Do not fail if EK cert is not present in TPM NV * Add more verbose logging to better match Python agent * Remove verify stub as we are not using it * tests: Don't pass --allow-signing to swtpm_setup * Fix typos * Add dependency for libzmq3-dev / zeromq-devel * Fix new clippy lints * Add handling for Identity and Integrity quotes * Add Quote functionality * Add marshaling functions for TPM structs OBS-URL: https://build.opensuse.org/request/show/908894 OBS-URL: https://build.opensuse.org/package/show/security/rust-keylime?expand=0&rev=3 2021-07-28 13:39:06 +00:00			`-------------------------------------------------------------------`
			`Wed Jul 28 08:56:33 UTC 2021 - Alberto Planas Dominguez <aplanas@suse.com>`

			`- Add generate-cargo-lock-file.patch to fix the build system in OBS`
			`- Add keylime.conf.diff to adjust the default config file`
			`- Adjust build requirements`
			`- Add firewalld XML rules`
			`- Add systemd keylime_agent.service`
			`- Fix license tag`

			`-------------------------------------------------------------------`
			`Thu Jul 22 09:20:38 UTC 2021 - aplanas@suse.com`

			`- Update to version 0.0.1+git.1626706730.a009476:`
			`* libarchive-devel is needed to build on Fedora`
			`* Accept sets of U and V keys; use new Key types`
			`* Output mask info`
			`* Fix for race condition bug`
			`* Do not resend pubkey to CV after attestation`
			`* Run payload script from a shell`
			`* Write out data and run payload`
			`* Decrypt payload after key handlers find symm key`
			`* Add handler for U and V keys`
			`* Add helper functions for handling U and V keys`
			`* Some TPM fixes for IMA PCR validation`
			`* Do not flush AK context as this causes an error`
			`* Fix bug in revocation service`
			`* Drop references to vmask`
			`* Better documentation of consts`
			`* Do not fail if EK cert is not present in TPM NV`
			`* Add more verbose logging to better match Python agent`
			`* Remove verify stub as we are not using it`
			`* tests: Don't pass --allow-signing to swtpm_setup`
			`* Fix typos`
			`* Add dependency for libzmq3-dev / zeromq-devel`
			`* Fix new clippy lints`
			`* Add handling for Identity and Integrity quotes`
			`* Add Quote functionality`
			`* Add marshaling functions for TPM structs`

Accepting request 898380 from home:aplanas:branches:security - Update to version 0.0.1+git.1620935374.4df2148: * Add function to read PCR mask * Small fixes in TPM functions * Send quote data to actixweb handlers OBS-URL: https://build.opensuse.org/request/show/898380 OBS-URL: https://build.opensuse.org/package/show/security/rust-keylime?expand=0&rev=2 2021-06-08 12:06:30 +00:00			`-------------------------------------------------------------------`
			`Tue Jun 08 11:59:11 UTC 2021 - aplanas@suse.com`

			`- Update to version 0.0.1+git.1620935374.4df2148:`
			`* Add function to read PCR mask`
			`* Small fixes in TPM functions`
			`* Send quote data to actixweb handlers`

Accepting request 890792 from home:aplanas:keylime Alternative keylime-agent written in Rust. This is a WIP software fetched from git (see _service). Seems that this will replace the keylime agent written in Python in some future. If accepted, I would like to be co-maintainer, as this will change for a long time until it reach a stable release. OBS-URL: https://build.opensuse.org/request/show/890792 OBS-URL: https://build.opensuse.org/package/show/security/rust-keylime?expand=0&rev=1 2021-05-06 15:06:32 +00:00			`-------------------------------------------------------------------`
			`Tue May 04 12:23:18 UTC 2021 - aplanas@suse.com`

			`- Update to version 0.0.1+git.1618949271.f609525:`
			`* Add more TPM helper functions`
			`* Use PKeys consistently`
			`* Rebase on tss-esapi 5.0`
			`* Pass a PKeyRef to asym_verify`
			`* Use #[[from] from thiserror`
			`* Fix uppercase acronyms`
			`* Add testing feature`
			`* Remove port bindings for agent`
			`* More verbose TPM and revocation error, verbose success`
			`* Fix docker networking`