-
Notifications
You must be signed in to change notification settings - Fork 13
/
NEWS
125 lines (94 loc) · 3.03 KB
/
NEWS
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
Version 0.7.0
=============
Released: 2018-09-06
- Rebased to tpm2-tss 2.0
Version 0.6.2
=============
Released: 2018-02-16
- Rebased to tpm2-tss 1.3.0
Version 0.6.1
=============
Released: 2017-11-30
- Sync up with upstream for the recent tpm2-tss changes.
- Re-licensed under BSD 3-clause.
- Support to talk with the new resource manager tpm2-tabrmd.
Version 0.6.0
=============
Released: 2017-05-09
- Disable DA protection in luks-setup.sh.
- Support to set the secret info for the primary key and passphrase secret
in luks-setup.sh.
- Support to specify owner authentication and lockout authentication in
luks-setup.sh.
- Add the test cases for noDA and DA recovery.
- Add --interactive option to enable the prompt of typing authentications
if necessary.
- Add --key-secret and --passphrase-secret options used to set the
secret info for the primary key and passphrase.
- Improve prompting the user to type owner and lockout authentications.
- Add --no-da option for seal command in order to create the objects
without causing DA lockout.
- Add --owner-auth and --loutout-auth options used to specify the secret
info of owner authentication and lockout authentication.
- Implement automatic DA lockout recovery.
- Improve startup reliability in init.cryptfs and luks-setup.sh.
Version 0.5.2
=============
Released: 2017-04-26
- Add new tool tcti-probe used to await resourcemgr
- Add support for mapping/unmapping crypto disks
- Improve mounting reliability
Version 0.5.1
=============
Released: 2017-04-09
- Fix the criticial issues in init.cryptfs.
Version 0.5.0
=============
Released: 2017-03-25
- Completely support auto PCR bank selection.
- Resolve TPM_RC_ATTRIBUTES issue for the sealed data from root cause.
Version 0.4.4
=============
Released: 2017-03-23
- Support to specify PCR bank with "auto" to use the highest strength
digest algorithm.
Version 0.4.3
=============
Released: 2017-03-22
- Secure the secrets for accessing the primary key and passphrase.
- Add the workaround for tpm2_create() with Intel fTPM.
Version 0.4.2
=============
Released: 2016-12-14
- init.cryptfs: fix boot failures
- Report build failure if failing to compile in a subdirectory.
Version 0.4.1
=============
Released: 2016-11-30
- Don't allow to unseal the passphrase without policy session if the
created passphrase requires a policy session.
- script: support to use PCR binding
Version 0.4.0
=============
Released: 2016-11-29
- Add -P option for seal/unseal command to specify the digest algorithm
for PCR bank selection.
- Implement PCR binding (index 7) for sealing/unsealing the passphrase.
Version 0.3.0
=============
Released: 2016-11-16
- Add the initramfs helper script init.cryptfs.
Version 0.2.1
=============
Released: 2016-11-14
- Fix unsealing failure.
Version 0.2.0
=============
Released: 2016-11-04
- Allow to input passphrase externally.
- Fix make clean failure.
- Add the LUKS setup helper script luks-setup.sh.
Version 0.1.0
=============
Released: 2016-11-02
- Initial implementation providing cryptfs-tpm2 and libcryptfs-tpm2.so.