-
sss_openssl_cipher_one_go() api modified to use EVP calls for AES (ECB, CBC, CTR)
-
sss_se05x_cipher_update() api modified to use block size of 256 to enhance performance.
-
Extended kSSS_KeyPart_Default for other objectType.
-
Earlier: Object type
kSSS_KeyPart_Default
is used for Binary Files, Certificates, Symmetric Keys, PCR and HMAC-key. -
Now: UserID and Counter are added for
kSSS_KeyPart_Default
. This means objectType of UserID and Counter will bekSSS_KeyPart_Default
after calling :cpp:type:sss_key_object_get_handle
. Comment for enumsss_key_part_t
is updated accordingly.
-
-
Added new API :cpp:func:
Se05x_API_WritePCR_WithType
with support to write transient PCR objects also. -
Deprecated API :cpp:func:
Se05x_API_WritePCR
. Added macro :c:macro:ENABLE_DEPRECATED_API_WritePCR
to enable compilation of deprecated API :cpp:func:Se05x_API_WritePCR
. Support will be removed by Q1 2022. -
Bugfix - Handling of result tag in case of failure in :cpp:func:
Se05x_API_AeadOneShot
, :cpp:func:Se05x_API_AeadFinal
and :cpp:func:Se05x_API_AeadCCMFinal
-
Bugfix - KVN12 key can be used for PlatformSCP authentication now in SE051.
-
SE05x APDU - Response length set to 0 in error condition - :cpp:func:
tlvGet_u8buf
. -
Created separate library (
mwlog
) for logging framework. See :numref:stack-logging
:ref:stack-logging
-
Order of log level reversed. Current log level is -
{"ERROR", "WARN ", "INFO ", "DEBUG"}
. -
Mbedtls ALT is extended with ECDSA verify operation using
MBEDTLS_ECDSA_VERIFY_ALT
define. (Disabled by default). Using this all EC public key verify operations can be performed using SE05x. -
Changed files under BSD3 License with NXP Copyright to Apache2 License.
-
Changed files under Proprietary license to Apache 2 License.
-
smCom_Init: return type is now U16 instead of void. Return value indicates success/failure to create mutex/semophore.
-
The enumerated type SE05x_EDSignatureAlgo_t contained a value kSE05x_EDSignatureAlgo_ED25519PH_SHA_512. The mnemonic name of the value was misleading as it actually corresponded to the
Pure EDDSA algorithm
not thePrehashed (PH) EDDSA algorithm
. This has now been corrected. This will require corresponding update in the application code.-
EDDSA signature algorithm enumerated value kSE05x_EDSignatureAlgo_ED25519PH_SHA_512 is changed into kSE05x_EDSignatureAlgo_ED25519PURE_SHA_512.
-
EDDSA attestation algorithm enumerated value kSE05x_AttestationAlgo_ED25519PH_SHA_512 is changed into as kSE05x_AttestationAlgo_ED25519PURE_SHA_512.
-
-
Fixed typo in example code API: ex_sss_kestore_and_object_init() is now ex_sss_key_store_and_object_init()
-
Added support for SE051 type
-
Extended SE051 specific APDU command and response buffer size to match SE051's capabilities.
-
SSS API blocks SHA512 attestation, signing and verification for RSA512 key
-
Bug Fix : Fix for attestation read of symmetric objects which have no read policy.
-
Added Platform SCP03 keys for SE051 (Variant A2 and C2).
-
T1oI2C:
-
Fixed: potential null pointer dereference
-
Fixed: RSYNC _ + CRC error results in saving response to uninitialised buffer.
-
-
hostlib/hostLib/platform/linux/i2c_a7.c
: A call toaxI2CTerm()
now closes the I2C file descriptor associated with the I2C communication channel.
-
Initial commit
-
Plug & Trust middleware to use secure element SE050