6.0.15

Added

• Improved logging of snapshot digests (#7300)
• Node will now retry when fetching snapshots. This is controlled with command.join.fetch_snapshot_max_attempts and command.join.fetch_snapshot_retry_interval. (#7317)
• Remove pyopenssl (#7297)
• Fix missing -devel package dependencies (#7345)

Changed

• The submit_recovery_share.sh script will no longer try to create a virtual environment and install the CCF Python package on every call. Instead it will return an error if the package is not installed (specifically if the ccf_cose_sign1 tool it relies on cannot be found) (#7306)
• Snapshot fetching attempts to re-use the TLS sessions whenever possible (#7321)

7.0.0-dev4

Added

• Added verify_uvm_attestation_and_endorsements binary. This tests that the authentication of the startup files during start and join would succeed. Usage on C-ACI: verify_uvm_attestation_and_endorsements /security-context-xxxx/host-amd-cert-base64 /security-context-xxxx/reference-info-base64 /security-context-xxxx/security-policy-base64

6.0.14

Added

• Improved handling of socket errors in curlm callbacks (#7308)
• Accept UVM endorsements with SVNs encoded as integers, and use integer comparison for UVM (#7316)

7.0.0-dev3

Added

• Added ccf.gov.validateConstitution function to JS API, which can be used to confirm some basic properties of a proposed constitution (it is a string, parseable by our JS interpreter, exporting functions named validate, resolve and apply with the correct number of arguments). This is called in the default sample constitution's set_constitution.validate.
• Added logging of the initial node attestation value ("Initial node attestation...") (#7256).
• Improved handling of socket errors in curlm callbacks (#7308)
• Accept UVM endorsements with SVNs encoded as integers (#7316)

Fixed

• Correctly validate the full AMD ASK endorsement chain (#7233)
• Validate endorsement metadata (tcb version and chip id) against attestation (#7240)

Changed

• The submit_recovery_share.sh script will no longer try to create a virtual environment and install the CCF Python package on every call. Instead it will return an error if the package is not installed (specifically if the ccf_cose_sign1 tool it relies on cannot be found) (#7306)

Removed

• Removed ccf::crypt::openssl_sha256_init() and ccf::crypt::openssl_sha256_shutdown() interface, as it's now implicitly called by the crypto implementation (#7251).
• Removed support for v2 attestations as the corresponding firmware is know to be insecure (#7282)

6.0.13

Added

• Better logging of invalid snapshots (#7302)
• Improved handling of socket errors in curlm callbacks (#7308)

5.0.23

Added

• Better logging of invalid snapshots (#7302)
• Logging of snapshot digests

6.0.12

Added

• Validate endorsement metadata (tcb version and chip id) against attestation (#7240)
• Curl multi based fetching of quote endorsements and snapshots

Fixed

• Fixed quote endorsements retry logic

Removed

• Removed support for v2 attestations as the corresponding firmware is know to be insecure (#7282)

6.0.11

Added

• Added ccf.gov.validateConstitution function to JS API, which can be used to confirm some basic properties of a proposed constitution (it is a string, parseable by our JS interpreter, exporting functions named validate, resolve and apply with the correct number of arguments). This is called in the default sample constitution's set_constitution.validate.
• Added logging of the initial node attestation value ("Initial node attestation...") (#7256).

Fixed

• Correctly validate the full AMD ASK endorsement chain (#7233)

5.0.22

Added

• Added support for validating Genoa attestations (#7051).
• Added support for fetching Genoa endorsements (#7054).

7.0.0-dev2

Added

• Allow changing the constitution during disaster recovery via the command.recover.constitution_files entry in cchost. (#7155)
• Added toArrayBuffer to ccfapp/utils which converts ArrayBufferLike to ArrayBuffer. (#7171)
• ccf/crypto/openssl_init.h header exposing ccf::crypt::openssl_sha256_init() and ccf::crypto::openssl_sha256_shutdown() for unit tests using ccfcrypto.a. (#7118)

Changed

• cchost is removed, and each application now provides its own executable:
• CCF nodes no longer contain a separate cchost executable and enclave library (.so) file. Each former enclave library is now its own executable, currently sharing the same set configuration format as the previous cchost.
• The js_generic sample app is no longer a library installed at /ccf/lib/libjs_generic.so, it is now an executable installed at /ccf/bin/js_generic.
• The add_ccf_app function in CMake now builds an executable rather than a library. The caller should provide a main function, and call ccf::run() from include/ccf/run.h to start the node (see samples/apps/main.cpp for a minimal example).
• Application logging no longer traverses the ringbuffer. As current target platforms do not require distinct enclave and host components, what was previously "in-enclave" logging that was deferred via the ringbuffer can now be immediately sent to stdout.
• CA certificates issued by CCF (ie - service_cert.pem) now include a keyUsage extension, to comply with RFC5280 (#7134).

Removed

• CCF no longer publishes a "run" package (cchost + runtime dependencies). Instead, only the -devel package is published, which has to be used by CCF application developers. CCF also provides ccfapp CPack settings to pull in all CCF runtime dependencies. Check Packaging your C++ app for documentation (#7187).

Dependencies

• Updated snmalloc to 0.7.1.