Changelog
App Login
Back to All

TSM Release 64.0.0

August 23rd, 2024 by Thomas P. Jakobsen

Changelog

Database:
  - migrate key data for RSA to a new format
  - migrate key data for symmetric key protocols MRZ15 and WRK17 to new format
Node Communication:
  - Changed protocol implementation for RSA (removed SEPH20RSA)
Node Configuration:
  - Support for the following crypt algorithms when hashing API keys: MD5, SHA256, SHA512, bcrypt, Argon2i, Argon2id
  - Renamed SEPH20RSA to ADN06 to reflect the new RSA implementation
  - Removed KeySize for the MRZ15 protocol
Client API:
  - Java/C SDKv2: Added support for RSA, AES and HMAC
  - Go SDKv2: Renamed some static finalize methods to match other methods
  - Go SDKv2: Added support for RSA signing, decryption, export and import
  - Go SDKv2: New methods for AES and HMAC operations
  - SDKv1 (Go, Node.js, Java, C): The AES CTR Keystream method now accepts key stream lengths that are not multiples of 16 bytes
  - SDKv1 (Go, Node.js, Java, C): The AES CTR Encrypt and Decrypt methods now accept ciphertext/plaintexts with lengths that are not multiples of 16 bytes
  - SDKv1 (Go, Node.js, Java, C): A new max of 16384 bytes in introduced for plaintexts and ciphertexts in the AES-CTR, AES-CBC, and AES-GCM encrypt/decrypt methods
  - SDKv1 (Go, Node.js, Java, C): A new max of 16384 bytes for the AES-GCM additional data is introduced
  - SDKv1 (Go, Node.js, Java, C): The AES GCMEncrypt/GCMDecrypt methods now require a nonce of 12 bytes (previously, any nonce length of 1-16 bytes was accepted)
  - SDKv1 (Go, Node.js, Java, C): The RFC5649 Blob length is limited to 8192 bytes.
  - Node.js SDKv2: Add method sdkVersion() and tsmVersion() to TSMClient
  - Node.js SDKv2: Add method copyKey() to ECDSA and Schnorr
  - Node.js SDKv2: Add util method privateKeyToPKIXPublicKey()
  - Node.js SDKv2: Add util method shamirRecombine()
Client Communication:
  - Changed endpoints for RSA
  - Change to endpoints and transport types for symmetric operations (AES, HMAC, CMAC, AN10922, RFC5649)
Patch changes (no effect on compatibility):
  - SDKv2 logs warning on major client communication mismatch between sdk and node
  - Update dependencies
  - OIDC Access Token Authentication: Now supports arrays in audience of tokens (https://openid.net/specs/openid-connect-core-1_0-35.html#IDToken)

Mobile frameworks have been built using: golang.org/x/mobile v0.0.0-20240806205939-81131f6468ab

Versions

Database: 7.10.0  
Node Communication: 32.0 (!)  
Node Configuration: 20.1 (!)  
Client API: 54.0 (!)  
Client Communication: 29.0 (!)