Skip to content

Releases: microsoft/CCF

4.0.22

26 Sep 16:47
ccf-4.0.22
c8d5d71
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
4.0.22

Base image

  • Updated container base image.
Loading

6.0.0-dev0

24 Sep 11:47
@github-actions github-actions
ccf-6.0.0-dev0
e213df0
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
6.0.0-dev0 Pre-release
Pre-release

Changed

  • The set_jwt_issuer governance action has been updated, and no longer accepts key_filter or key_policy arguments (#6450).
  • Nodes started in Join mode will shut down if they receive an unrecoverable condition such as StartupSeqnoIsOld or InvalidQuote when attempting to join (#6471, #6489).
  • In configuration, attestation.snp_endorsements_servers can specify a max_retries_count. If the count has been exhausted without success for all configured servers, the node will shut down (#6478).
  • When deciding which nodes are allowed to join, only UVM roots of trust defined in public:ccf.gov.nodes.snp.uvm_endorsements are considered (#6489).

Removed

  • SGX Platform support.

Added

  • Provided API for getting COSE signatures and Merkle proofs (#6477).
  • Exposed COSE signature in historical API via TxReceiptImpl.
  • Introduced ccf::describe_merkle_proof_v1(receipt) for Merkle proof construction in CBOR format.
  • Added COSE signatures over the Merkle root to the KV (#6449).
  • Signing is done with service key (different from raw signatures, which remain unchanged and are still signed by the node key).
  • New signature reside in public:ccf.internal.cose_signatures.
Loading

5.0.6

24 Sep 15:37
@github-actions github-actions
ccf-5.0.6
4e49001
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
5.0.6

Bug fixes

  • Added COSE signature verification to consume signature transactions from upgraded primary (#6495).
Loading

5.0.5

18 Sep 17:13
@github-actions github-actions
ccf-5.0.5
4ecd88f
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
5.0.5

Bug fix

  • Nodes can be started in recovery mode from a snapshot alone (#6472)
Loading

4.0.21

29 Aug 18:49
ccf-4.0.21
599eadb
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
4.0.21

Base image

  • Updated container base image.
Loading

5.0.4

15 Aug 21:19
@github-actions github-actions
ccf-5.0.4
bb25588
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
5.0.4

Bug fix

  • JWT authentication correctly parses certificates that contain other certificates (#6440)
Loading

5.0.3

13 Aug 20:20
@github-actions github-actions
ccf-5.0.3
423f918
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
5.0.3

Changed

  • Improved JWT authentication error messages (#6427).

Bug fix

  • In GET gov/service/javascript-app, openApi now correctly returns the schema set for the endpoint (#6430)
Loading

5.0.2

05 Aug 16:15
@github-actions github-actions
ccf-5.0.2
9217756
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
5.0.2

Developer API

C++

  • RSAKeyPair::sign and RSAKeyPair::verify now use RSA-PSS instead of RSASSA-PKCS1-v1_5.
  • Users can specify salt_length (defaulted to 0).

TypeScript/JavaScript

  • ccfapp.crypto.sign() and ccfapp.crypto.verifySignature() no longer support RSASSA-PKCS1-v1_5, instead RSA-PSS has been added.
  • SigningAlgorithm has been extended with optional saltLength, defaulted to 0 if not passed.

Bug Fixes

  • The /tx endpoint returns more accurate error messages for incorrectly formed transactions ids (#6359).
Loading

4.0.20

30 Jul 10:32
ccf-4.0.20
20a5e00
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
4.0.20

Base image

  • Updated container base image.
Loading

5.0.1

26 Jul 12:45
@github-actions github-actions
ccf-5.0.1
bd45f54
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
5.0.1

Bug Fixes

  • All public headers now correctly set pragma once (#6388, #6389)

Dependencies

  • Base image refresh for containers (#6394, #6395)
  • Python cryptography package requirement raised to 43.* (#6385)
Loading