CHANGELOG.md - Android社区 - https://www.androidos.net.cn/

# Intel(R) EPID SDK ChangeLog                                   {#ChangeLog}

## [6.0.1] - 2018-05-04

### Changed

- Updated Intel(R) IPP Cryptography library to version 2018 (Update
  2.1).

### Fixed

- The member library now includes the tpm2 subcomponent when built
  using SCons, instead of requiring a separate member.tpm2 library.

### Known Issues

- Only the SHA-256 hash algorithm is supported when using the SDK with
  the IBM TPM simulator due to a defect in version 532 of the
  simulator.

- Basenames are limited to 124 bytes in TPM mode.

- Scons build will not work natively on ARM. You can still build using
  `make` or cross compile.

## [6.0.0] - 2017-12-15

### Added

- The member can now be built with a substantially reduced code size
  using a compilation option.

- New context lifetime management APIs have been added to member to
  give callers more control of memory allocation.

- New member API `EpidClearRegisteredBasenames` has been added to
  clear registered basenames without recreating the member.

### Changed

- `EpidRegisterBaseName` was renamed to `EpidRegisterBasename` because
  basename is a single word.

- Command-line parsing library used by samples and tools has been
  replaced by Argtable3.

### Deprecated

- `EpidMemberCreate` has been deprecated. This API has been superseded
  by `EpidMemberGetSize` and `EpidMemberInit`.

- `EpidMemberDelete` has been deprecated. This API has been superseded
  by `EpidMemberDeinit`.

### Removed

- `size_optimized_release` build configuration has been removed.
  Use the compilation option to build member with reduced code size.

### Known Issues

- Only the SHA-256 hash algorithm is supported when using the SDK with
  the IBM TPM simulator due to a defect in version 532 of the
  simulator.

- Basenames are limited to 124 bytes in TPM mode.

- Scons build will not work natively on ARM. You can still build using
  `make` or cross compile.

## [5.0.0] - 2017-09-15

### Added

- The member implementation now has the option to support signing
  using a TPM, using the ECDAA capabilities of TPM 2.0.

### Changed

- Member API updated to unify HW and SW use cases.
    - Added
        - `ProvisionKey`
        - `ProvisionCompressed`
        - `ProvisionCredential`
        - `Startup`
    - Parameters changed
        - `MemberCreate`
        - `RequestJoin`
    - Removed or made private
        - `WritePrecomp`
        - `SignBasic`
        - `NrProve`
        - `AssemblePrivKey`

- `EpidRequestJoin` was renamed to `EpidCreateJoinRequest` to make it
  clear that it is not directly communicating with the issuer.

### Fixed

- `EpidCreateJoinRequest` creates valid join requests. This fixes a
  regression in `EpidRequestJoin` introduced in 4.0.0.

### Known Issues

- Only the SHA-256 hash algorithm is supported when using the
  SDK with the IBM TPM simulator due to a defect in version
  532 of the simulator.

- Basenames are limited to 124 bytes in TPM mode.

## [4.0.0] - 2017-04-25

### Added

- The member implementation now provides an internal interface that
  gives guidance on partitioning member operations between highly
  sensitive ones that use f value of the private key, and less
  sensitive operations that can be performed in a host environment.

- New member API `EpidAssemblePrivKey` was added to help assemble and
  validate the new member private key that is created when a member
  either joins a group (using the join protocol) or switches to a new
  group (as the result of a performance rekey).

### Changed

- Updated Intel(R) IPP Cryptography library to version 2017 (Update 2).

- The mechanism to set the signature based revocation list (SigRL)
  used for signing was changed. `EpidMemberSetSigRl` must be used to
  set the SigRL. The SigRL is no longer a parameter to `EpidSign`.
  This better models typical use case where a device stores a
  revocation list and updates it independently of signing operations.

### Removed

- Removed `EpidWritePreSigs` API. Serialization of pre-computed
  signatures is a risky capability to provide, and simply expanding
  the internal pool via `EpidAddPreSigs` still provides most of the
  optimization benefits.

- The `EpidIsPrivKeyInGroup` API is no longer exposed to clients. It
  is no longer needed because the new member API `EpidAssemblePrivKey`
  performs this check.

### Fixed

- When building with commercial version of the Intel(R) IPP
  Cryptography library, optimized functions are now properly invoked,
  making signing and verification operations ~2 times faster

- SHA-512/256 hash algorithm is now supported.

- README for compressed data now correctly documents the number of
  entries in revocation lists.

- The `verifysig` sample now reports a more clear error message for
  mismatched SigRLs.

- The default scons build will now build for a 32-bit target on a
  32-bit platform.

### Known Issues

- Scons build will not work natively on ARM. You can still build using
  `make` or cross compile.

## [3.0.0] - 2016-11-22

### Added

- Support for verification of Intel(R) EPID 1.1 members.

- Make-based build system support.

- Sample material includes compressed keys.

- Enhanced documentation, including step-by-step walkthroughs of
  example applications.

- Validated on additional IoT platforms.

- Ostro Linux

- Snappy Ubuntu Core

### Changes

- A new verifier API has been added to set the basename to be used for
  verification. Verifier APIs that used to accept basenames now use
  the basename set via `EpidVerifierSetBasename`.

- The verifier pre-computation structure has been changed to include
  the group ID to allow detection of errors that result from providing
  a pre-computation blob from a different group to
  `EpidVerifierCreate`.

### Fixes

- The kEpidxxxRevoked enums have been renamed to be consistent with
  other result return values.

### Known Issues

- SHA-512/256 hash algorithm is not supported.

## [2.0.0] - 2016-07-20

### Added

- Signed binary issuer material support.

- Binary issuer material validation APIs.

- Updated sample issuer material.

- Updated samples that parse signed binary issuer material.

- Compressed member private key support.

- Validated on additional IoT platforms.

- Windows 10 IoT Core

- WindRiver IDP

### Changed

- The default hash algorithm has changed. It is now SHA-512.

- Functions that returned `EpidNullPtrErr` now return `EpidBadArgErr`
  instead.

### Fixed

- Updated build flags to work around GCC 4.8.5 defect.

## [1.0.0] - 2016-03-03

### Added

- Basic sign and verify functionality

- Dynamic join support for member

- Apache 2.0 License

普通文本 | 265行 | 6.5 KB

# Intel(R) EPID SDK ChangeLog                                   {#ChangeLog}

## [6.0.1] - 2018-05-04

### Changed

- Updated Intel(R) IPP Cryptography library to version 2018 (Update
  2.1).

### Fixed

- The member library now includes the tpm2 subcomponent when built
  using SCons, instead of requiring a separate member.tpm2 library.

### Known Issues

- Only the SHA-256 hash algorithm is supported when using the SDK with
  the IBM TPM simulator due to a defect in version 532 of the
  simulator.

- Basenames are limited to 124 bytes in TPM mode.

- Scons build will not work natively on ARM. You can still build using
  `make` or cross compile.

## [6.0.0] - 2017-12-15

### Added

- The member can now be built with a substantially reduced code size
  using a compilation option.

- New context lifetime management APIs have been added to member to
  give callers more control of memory allocation.

- New member API `EpidClearRegisteredBasenames` has been added to
  clear registered basenames without recreating the member.

### Changed

- `EpidRegisterBaseName` was renamed to `EpidRegisterBasename` because
  basename is a single word.

- Command-line parsing library used by samples and tools has been
  replaced by Argtable3.


### Deprecated

- `EpidMemberCreate` has been deprecated. This API has been superseded
  by `EpidMemberGetSize` and `EpidMemberInit`.

- `EpidMemberDelete` has been deprecated. This API has been superseded
  by `EpidMemberDeinit`.

### Removed

- `size_optimized_release` build configuration has been removed.
  Use the compilation option to build member with reduced code size.

### Known Issues

- Only the SHA-256 hash algorithm is supported when using the SDK with
  the IBM TPM simulator due to a defect in version 532 of the
  simulator.

- Basenames are limited to 124 bytes in TPM mode.

- Scons build will not work natively on ARM. You can still build using
  `make` or cross compile.


## [5.0.0] - 2017-09-15

### Added

- The member implementation now has the option to support signing
  using a TPM, using the ECDAA capabilities of TPM 2.0.


### Changed

- Member API updated to unify HW and SW use cases.
    - Added
        - `ProvisionKey`
        - `ProvisionCompressed`
        - `ProvisionCredential`
        - `Startup`
    - Parameters changed
        - `MemberCreate`
        - `RequestJoin`
    - Removed or made private
        - `WritePrecomp`
        - `SignBasic`
        - `NrProve`
        - `AssemblePrivKey`

- `EpidRequestJoin` was renamed to `EpidCreateJoinRequest` to make it
  clear that it is not directly communicating with the issuer.


### Fixed

- `EpidCreateJoinRequest` creates valid join requests. This fixes a
  regression in `EpidRequestJoin` introduced in 4.0.0.


### Known Issues

- Only the SHA-256 hash algorithm is supported when using the
  SDK with the IBM TPM simulator due to a defect in version
  532 of the simulator.

- Basenames are limited to 124 bytes in TPM mode.


## [4.0.0] - 2017-04-25

### Added

- The member implementation now provides an internal interface that
  gives guidance on partitioning member operations between highly
  sensitive ones that use f value of the private key, and less
  sensitive operations that can be performed in a host environment.

- New member API `EpidAssemblePrivKey` was added to help assemble and
  validate the new member private key that is created when a member
  either joins a group (using the join protocol) or switches to a new
  group (as the result of a performance rekey).


### Changed

- Updated Intel(R) IPP Cryptography library to version 2017 (Update 2).

- The mechanism to set the signature based revocation list (SigRL)
  used for signing was changed. `EpidMemberSetSigRl` must be used to
  set the SigRL. The SigRL is no longer a parameter to `EpidSign`.
  This better models typical use case where a device stores a
  revocation list and updates it independently of signing operations.


### Removed

- Removed `EpidWritePreSigs` API. Serialization of pre-computed
  signatures is a risky capability to provide, and simply expanding
  the internal pool via `EpidAddPreSigs` still provides most of the
  optimization benefits.

- The `EpidIsPrivKeyInGroup` API is no longer exposed to clients. It
  is no longer needed because the new member API `EpidAssemblePrivKey`
  performs this check.


### Fixed

- When building with commercial version of the Intel(R) IPP
  Cryptography library, optimized functions are now properly invoked,
  making signing and verification operations ~2 times faster

- SHA-512/256 hash algorithm is now supported.

- README for compressed data now correctly documents the number of
  entries in revocation lists.

- The `verifysig` sample now reports a more clear error message for
  mismatched SigRLs.

- The default scons build will now build for a 32-bit target on a
  32-bit platform.


### Known Issues

- Scons build will not work natively on ARM. You can still build using
  `make` or cross compile.


## [3.0.0] - 2016-11-22

### Added

- Support for verification of Intel(R) EPID 1.1 members.

- Make-based build system support.

- Sample material includes compressed keys.

- Enhanced documentation, including step-by-step walkthroughs of
  example applications.

- Validated on additional IoT platforms.

  - Ostro Linux

  - Snappy Ubuntu Core


### Changes

- A new verifier API has been added to set the basename to be used for
  verification. Verifier APIs that used to accept basenames now use
  the basename set via `EpidVerifierSetBasename`.

- The verifier pre-computation structure has been changed to include
  the group ID to allow detection of errors that result from providing
  a pre-computation blob from a different group to
  `EpidVerifierCreate`.


### Fixes

- The kEpidxxxRevoked enums have been renamed to be consistent with
  other result return values.


### Known Issues

- SHA-512/256 hash algorithm is not supported.


## [2.0.0] - 2016-07-20

### Added

- Signed binary issuer material support.

  - Binary issuer material validation APIs.

  - Updated sample issuer material.

  - Updated samples that parse signed binary issuer material.

- Compressed member private key support.

- Validated on additional IoT platforms.

  - Windows 10 IoT Core

  - WindRiver IDP


### Changed

- The default hash algorithm has changed. It is now SHA-512.

- Functions that returned `EpidNullPtrErr` now return `EpidBadArgErr`
  instead.


### Fixed

- Updated build flags to work around GCC 4.8.5 defect.


## [1.0.0] - 2016-03-03

### Added

- Basic sign and verify functionality

- Dynamic join support for member

- Apache 2.0 License

登录后可以享受更多权益