Patch changes (no effect on compatibility):
- Change release to depend on libmpc version from go.mod
- Update dependencies
Mobile frameworks have been built using golang.org/x/mobile v0.0.0-20240806205939-81131f6468abDatabase: 7.8.0
Client API: 51.6
Client Communication: 27.0
Node Communication: 31.1
Node Configuration: 18.2Database:
- migrate key data for RSA to a new format
- migrate key data for symmetric key protocols MRZ15 and WRK17 to new format
Node Communication:
- Changed protocol implementation for RSA (removed SEPH20RSA)
Node Configuration:
- Support for the following crypt algorithms when hashing API keys: MD5, SHA256, SHA512, bcrypt, Argon2i, Argon2id
- Renamed SEPH20RSA to ADN06 to reflect the new RSA implementation
- Removed KeySize for the MRZ15 protocol
Client API:
- Java/C SDKv2: Added support for RSA, AES and HMAC
- Go SDKv2: Renamed some static finalize methods to match other methods
- Go SDKv2: Added support for RSA signing, decryption, export and import
- Go SDKv2: New methods for AES and HMAC operations
- SDKv1 (Go, Node.js, Java, C): The AES CTR Keystream method now accepts key stream lengths that are not multiples of 16 bytes
- SDKv1 (Go, Node.js, Java, C): The AES CTR Encrypt and Decrypt methods now accept ciphertext/plaintexts with lengths that are not multiples of 16 bytes
- SDKv1 (Go, Node.js, Java, C): A new max of 16384 bytes in introduced for plaintexts and ciphertexts in the AES-CTR, AES-CBC, and AES-GCM encrypt/decrypt methods
- SDKv1 (Go, Node.js, Java, C): A new max of 16384 bytes for the AES-GCM additional data is introduced
- SDKv1 (Go, Node.js, Java, C): The AES GCMEncrypt/GCMDecrypt methods now require a nonce of 12 bytes (previously, any nonce length of 1-16 bytes was accepted)
- SDKv1 (Go, Node.js, Java, C): The RFC5649 Blob length is limited to 8192 bytes.
- Node.js SDKv2: Add method sdkVersion() and tsmVersion() to TSMClient
- Node.js SDKv2: Add method copyKey() to ECDSA and Schnorr
- Node.js SDKv2: Add util method privateKeyToPKIXPublicKey()
- Node.js SDKv2: Add util method shamirRecombine()
Client Communication:
- Changed endpoints for RSA
- Change to endpoints and transport types for symmetric operations (AES, HMAC, CMAC, AN10922, RFC5649)
Patch changes (no effect on compatibility):
- SDKv2 logs warning on major client communication mismatch between sdk and node
- Update dependencies
- OIDC Access Token Authentication: Now supports arrays in audience of tokens (https://openid.net/specs/openid-connect-core-1_0-35.html#IDToken)
Mobile frameworks have been built using: golang.org/x/mobile v0.0.0-20240806205939-81131f6468abDatabase: 7.10.0
Node Communication: 32.0 (!)
Node Configuration: 20.1 (!)
Client API: 54.0 (!)
Client Communication: 29.0 (!)Node Communication:
- Added support for copying a key for DKLS19, SEPH18S and SEPD19S
Client API:
- Go SDKv2: Add method SDKVersion() and TSMVersion() to get the version of the SDK and TSM.
- Go SDKv2: Add method method CopyKey() to ECDSA and Schnorr
- Go SDKv2: Add private key derivation for ECDSA and Schnorr
- Go SDKv2: go-tsm-sdkv2 (gitlab release) now uses proper Go versioning i.e. vNN.OO.PP (prefixed 'v')
Client Communication:
- Added endpoints for KeyCopy to DKLS19, SEPH18S and SEPD19S
Patch changes (no effect on compatibility):
- Fix segmentation fault error when doing hardened bip32 derivation using Node.js SDKv2
- Set custom HTTP response headers in configuration
Mobile frameworks have been built using golang.org/x/mobile v0.0.0-20240520174638-fa72addaaa1bClient API: 52.3 (!)
Client Communication: 27.1
Database: 7.8.0
Node Communication: 31.2
Node Configuration: 18.2Node Communication:
- Added support for node communication over Redis
- Added support for load balancing when using AMQP for node communication
Node Configuration:
- Added configuration for Redis communication
- Added DynamicQueues parameter to AMQP configuration
Client API:
- Go SDKv2: Add util method to compute public key from private key
- Go SDKv2: Added static tsmutils.ShamirRecombine() method
Patch changes (no effect on compatibility):
- Improved error handling for Go SDKv2 tsmutils.ShamirSecretShare() method
Mobile frameworks have been built using golang.org/x/mobile v0.0.0-20240404231514-09dbf07665edClient API: 51.6
Client Communication: 27.0
Database: 7.8.0
Node Communication: 31.1
Node Configuration: 18.2Client API:
- Java/C/Node.JS: Removed embedded nodes from clients
- Java/C SDKv2: Added EC package for various EC related operations
- Mobile SDKv1: Added RecoverKeyEdDSA for ERS
Patch changes (no effect on compatibility):
- Reduced size of mobile libraries, build with newer gomobile to avoid XCode 15.3 framework error.
Build with golang.org/x/mobile v0.0.0-20240404231514-09dbf07665edDatabase: 7.8.0
Node Communication: 31.0
Node Configuration: 18.1
Client API: 51.4
Client Communication: 27.0Node Communication:
- Multi-instance optimizations. This breaks compatibility with older multi-instance versions.
Node Configuration:
- Log configuration parser moved to viper and internal go-toml upgraded to go-toml/v2. Configuration now uses a custom Duration struct for proper unmarshalling
- Configuration parser moved from go-toml to viper, allowing multiple configuration files to be parsed as one and overriding configuration values with environment variables
Client API:
- Node.js SDKv2
- C SDKv2: Removed a output parameter from sign that was never used.
Patch changes (no effect on compatibility):
- Fixed a bug in the s3 audit logger location
- Upgraded to Go 1.22.0 (<https://go.dev/doc/devel/release#go1.22.minor>)
- Added cosign to pipeline, signing our docker images pushed to the ECR and Nexus registries.
- Fixed an issue with empty structs in configuration
- Fixed some memory issues that could appear when running under high load in C and Java SDKs.
- Fix README example for gitlab.com/Blockdaemon/go-tsm-sdkv2Client API: 51.1 (!)
Client Communication: 27.0
Database: 7.8.0
Node Communication: 31.0 (!)
Node Configuration: 18.1 (!) Node Communication:
- Added BIP-340 signature support to SEPD19S
Client API:
- C and Java SDKv2: Added methods for TsmUtils utility methods from the Go SDK.
- OIDC Access Token Authentication: Added the posibility to use static public key
- C and Java SDKv2: Added Embedded client with encryptor and configuration with OIDC authentication
- Java SDKv2: Changed names on SessionConfig creation to align with Go SDK, and changed Embedded Client creation to match Go.
- Go SDKv2: Generalized EdDSA to other schnorr variants. Renamed all EdDSA methods in SDKv2 to Schnorr and added support for BIP-340 signatures
Client Communication:
- EdDSA signatures are now identified as Schnorr signatures
Patch changes (no effect on compatibility):
- Added build tag to Go mobile, to fix error introduced in Go 1.20
- Upgraded to Go 1.21.6 (<https://go.dev/doc/devel/release#go1.21.minor>)
- When API keys are enabled, create the applications on startup instead of on demandDatabase: 7.8.0
Client API: 50.2 (!)
Client Communication: 27.0 (!)
Node Communication: 30.1
Node Configuration: 17.0 Client API:
- Go SDKv2: OIDC Access token authentication
- Go SDKv2: GenerateECDSAKeyPair() now returns pointer
Patch changes (no effect on compatibility):
- Fixed migration from versions prior to 55.0.0 with BIP-32 hard derived keys in the database
- Android and iOS SDKv2: Added TSM utilities (tsmutils)Database: 7.8.0
Node Communication: 30.0
Node Configuration: 17.0
Client API: 48.1 (!)
Client Communication: 26.0Patch changes (no effect on compatibility):
- Fixed security issue with DKLS19
- Fix bug in tsmcli preventing it from working with a single MCP node
- Go SDKv1: Un-deprecate keyClient.Delete()Database: 7.8.0
Node Communication: 30.0
Node Configuration: 17.0
Client API: 47.0
Client Communication: 26.0