v0.6.10

What's Changed

• Allow ECDSA P256 for TPM certificates: IDevID and IAK by @gscert in #207

New Contributors

• @gscert made their first contribution in #207

Full Changelog: v0.6.9...v0.6.10

v0.6.8

What's Changed

• add support to verify cert chains longer than 1 by @gh4683 in #204
• remove deprecated proto fields from enrollz by @gh4683 in #205

Full Changelog: v0.6.7...v0.6.8

v0.6.7

What's Changed

• send 2B structs instead of T structs in ChallengeReq by @gh4683 in #202
• allow ek cert to be parsed as TPMT_PUBLIC by @gh4683 in #203

Full Changelog: v0.6.6...v0.6.7

v0.6.6

What's Changed

• fix verify IAK function by @gh4683 in #197
• extract TPMS_ATTEST from iak certify info before verifying HMAC by @gh4683 in #198
• fix comment for iak_certify_info_signature by @gh4683 in #199
• add tests using test vectors by @gh4683 in #200
• fix fetch EK request by @gh4683 in #201

Full Changelog: v0.6.5...v0.6.6

v0.6.5

What's Changed

• unexport functions that do not need to be exported by @gh4683 in #193
• add verifyIdentityWithVendorCerts function by @gh4683 in #191
• refactor EnrollControlCard and RotateOiakCert to take in multiple control cards by @gh4683 in #192
• add TestVerifyIdentityWithVendorCerts by @gh4683 in #195
• add TestEnrollSwitchWithHMACChallenge and refactor stub by @gh4683 in #196
• add serial number validation to hmac flow by @gh4683 in #194

Full Changelog: v0.6.4...v0.6.5

v0.6.4

What's Changed

• add helper function issueOwnerIakCert by @gh4683 in #185
• add issueOwnerIDevIDCert helper function by @gh4683 in #186
• add helper function rotateOIakCert by @gh4683 in #187
• Atomic rotate func by @gh4683 in #188
• Refactor EnrollControlCard and RotateOwnerIakCert to use new IssueAndRotateOwnerCerts function by @gh4683 in #190
• Call IssueAndRotateOwnerCerts in EnrollSwitchWithHmacChallenge by @gh4683 in #189

Full Changelog: v0.6.3...v0.6.4

v0.6.3

• Added verify TPMTSignature functionality for RSA and ECDSA in PR #182

v0.6.2

What's Changed

• implement VerifyIdevidKey and add tests by @gh4683 in #173
• Adding proper PEM encoding for the AIK Public Key by @muntazirsal in #179
• implement verifyIAKKey and add tests by @gh4683 in #169
• Implement function WrapHMACKeytoRSAPublicKey and its test. by @Chounoki in #178
• implement VerifyIdevidAttributes and add tests by @gh4683 in #180
• Implement VerifyHMAC function and its tests. by @Chounoki in #181

Full Changelog: v0.6.1...v0.6.2

v0.6.1

What's Changed

• add skeleton identity verification flow for tpm 2.0 without idevid by @gh4683 in #166
• implement verifyHMAC and add tests by @gh4683 in #168
• implement verifyCertifyInfo and add test by @gh4683 in #170
• Implement the function GenerateRestrictedHMACKey() and its test. by @Chounoki in #171
• reorganize verifyIdenity by @gh4683 in #174
• leftover from previous renaming of the VerifySignature() by @muntazirsal in #176
• Implement function RSAEKPublicKeyToTPMTPublic and its test. by @Chounoki in #175
• Fixing bug with extra bytes being appended to the Identity Request on device side by @muntazirsal in #177

New Contributors

• @Chounoki made their first contribution in #171

Full Changelog: v0.6.0...v0.6.1

v0.6.0

What's Changed

• Fix generated pb files to be consistent with the proto definitions by @dsiganos in #71
• enrollz: add getIdevidCsr and challenge to enrollz proto by @gh4683 in #70
• enrollz: add nonce verification logic and tests by @gh4683 in #72
• Revert "enrollz: add nonce verification logic and tests" by @betuls in #73
• enrollz: add nonce verfication logic and tests by @gh4683 in #74
• add parsing of TCG-CSR-IDevID contents by @gh4683 in #76
• Adding space for TEST by @muntazirsal in #79
• Revert "Adding space for TEST" by @muntazirsal in #81
• add stubs for RotateAIK() by @gh4683 in #80
• complete idevid parser logic by @gh4683 in #78
• add key enum to proto message GetIdevidCsrRequest by @gh4683 in #83
• add streaming messages and app identity req structures to enrollz_biz by @gh4683 in #82
• implement ParseSymmetricKeyParms and add related structs by @gh4683 in #84
• implement ParseRSAKeyParms by @gh4683 in #86
• chore: Configure Renovate by @renovate-bot in #87
• Adding ROT client to the logic for RotateAIKCert logic for TPM1.2 with no IDevID by @muntazirsal in #85
• implement ParseKeyParms by @gh4683 in #88
• chore(deps): update com_google_googleapis digest to f410c8c by @renovate-bot in #89
• chore(deps): update openconfig/common-ci digest to 004dd5f by @renovate-bot in #90
• Revert "chore(deps): update openconfig/common-ci digest to 004dd5f" by @marcushines in #105
• fix(deps): update module github.com/golang/glog to v1.2.5 by @renovate-bot in #92
• Update go.yml by @marcushines in #103
• make a new interface for TPM 1.2 enrollment infra deps by @gh4683 in #104
• update go.sum to fix mismatch on go mod tidy by @marcushines in #108
• chore(deps): update com_google_googleapis digest to bc9d698 by @renovate-bot in #95
• chore(deps): update dependency bazel to v8.3.1 by @renovate-bot in #96
• chore(deps): update dependency bazel_features to v1.33.0 by @renovate-bot in #97
• chore(deps): update dependency bazel_gazelle to v0.44.0 by @renovate-bot in #98
• chore(deps): update protobuf monorepo to v29.5 by @renovate-bot in #112
• fix(deps): update module google.golang.org/protobuf to v1.36.6 by @renovate-bot in #93
• chore(deps): update dependency bazel_skylib to v1.8.1 by @renovate-bot in #99
• chore(deps): update dependency com_github_grpc_grpc to v1.74.0 by @renovate-bot in #100
• chore(deps): update dependency gazelle to v0.44.0 by @renovate-bot in #101
• chore(deps): update dependency grpc to v1.74.0 by @renovate-bot in #102
• chore(deps): update dependency io_bazel_rules_go to v0.56.0 by @renovate-bot in #109
• Update Renovate config by @bstoll in #118
• chore(all): update protobuf monorepo to v31 (major) by @renovate-bot in #117
• chore(all): update deps by @renovate-bot in #119
• make tpm 12 utils an interface by @gh4683 in #94
• implement DecryptWithPrivateKey by @gh4683 in #121
• chore(all): update actions/checkout action to v5 by @renovate-bot in #125
• Implementing ParseSymmetricKey by @muntazirsal in #123
• implement ParseIdentityRequest by @gh4683 in #122
• add serialize functions to support construction of TPM_IDENTITY_CONTENTS by @gh4683 in #127
• removing ROTDBClient from the EnrollzInfraDeps by @muntazirsal in #131
• chore(all): update protobuf monorepo to v32 (major) by @renovate-bot in #133
• implement ConstructIdentityContents by @gh4683 in #128
• convert AIK key bytes to pem and add to issueAikCertReq by @gh4683 in #134
• Implement helper functions for ParseIdentityProof() by @muntazirsal in #129
• use tink to create AES key and encrypting with it by @gh4683 in #135
• Adding in the ParseIdentityProof() by @muntazirsal in #130
• chore(all): update deps by @renovate-bot in #120
• change aes key generation and encryption to cbc by @gh4683 in #137
• Refactoring tpm_utils_test.go by @muntazirsal in #132
• implement construction and serialization of AsymCaContents by @gh4683 in #141
• Implementing VerifySignatureWithRSAKey() by @muntazirsal in #143
• Implement EncryptWithPublicKey() by @muntazirsal in #144
• Add check and test for empty data bytes by @muntazirsal in #145
• Add key to challenge request by @adityasingh-anet in #138
• chore(all): update deps by @renovate-bot in #142
• Allow writing to status for CI checks by @bstoll in #148
• added edge cases for SerializeKeyParms and refactored test by @gh4683 in #146
• use SymCAAttestation in RotateAIK by @gh4683 in #147
• chore(all): update module google.golang.org/grpc to v1.75.1 by @renovate-bot in #150
• Add test vector for EncryptWithAES() by @muntazirsal in #149
• DecryptWithSymmetricKey with crypto/aes by @seal6363 in #139
• Add/Correct comments for tpm12_utils.go by @gh4683 in #152
• Remove WORKSPACE files by @swufygoog in #151
• Fix for DecryptWithSymmetricKey() by @muntazirsal in #155
• chore(all): update dependency protobuf to v32.1 by @renovate-bot in #154
• Fixing bug for malformed ConstructIdentityContents() by @muntazirsal in #156
• fixing exponent assignment for PubKey construction by @muntazirsal in #159
• add proto changes for TPM 2.0 w/o IDevID enrollment by @gh4683 in #158
• adding error handling for exponent=0 and undoing previous fix by @muntazirsal in #160
• fixing comment for DER Scheme by @muntazirsal in #163
• add workaround for IV bug by @gh4683 in #164
• add GetControlCardVendorID RPC by @gh4683 in #161
• add changes to RotateOIakCertRequest proto to support atomic rotation by @gh4683 in #167

New Contributors

• @dsiganos made their first contribution in #71
• @betuls made their first contribution in #73
• @muntazirsal made their first contribution in #79
• @renovate-bot made their first contribution in #87
• @adityasingh-anet made their first contribution in #138
• @seal6363 made their first contribution in #139
• @swufygoog made their first contribution in #151

Full Changelog: v0.5.0...v0.6.0