CHANGELOG.md

Changelog

The following lists the changes CHARRA received over time.

Changelog 2024-06-12

• Adjustments to cli_util

  • Splitted the logic into cli_util, cli_util_attester, and cli-util_verifier

  • Prefixed DTLS-RPK and DTLS_PSK options with rpk/psk

  • fixed undefined behavior while parsing command line error when using option -h

• Adjustments to --attestation-key

  • an attestation key can now be loaded with a TPM handle

  • --attestation-key will now require a FORMAT. Available are: context and handle

• --pcr-selection will now require a list of PCR banks as with the tpm2-tools

  • there is currently only support for sha256 (other pcr banks will be ignored)

• Adjustments to verifier

  • Added option -g/--hash-algorithm to set the hash-algorithm which was used to digest the tpm quote

  • The verifier is now able to verify signatures with different rsa signing schemes:

    • TPM2_ALG_RSASSA
    • TPM2_ALG_RSAPSS

Changelog 2024-04-03

• Implemented CHARRA remote attestation using the TAP information model

  • New data transfer objects

  • Removed event log (the functionality to request logs will be added in one of the next versions)

  • reference: https://trustedcomputinggroup.org/wp-content/uploads/TNC_TAP_Information_Model_v1.00_r0.36-FINAL.pdf

• Improved interoperability with tpm2-tools

  • Added bash script to generate an attestation key using tpm2-tools

  • Attester and verifier can deserialize tpm key files generated by tpm2-tools

• Adjustments to Verifier

  • --attestation-public-key is a new mandatory cli argument

• Adjustments to Attester

  • --attestation-key is a new mandatory cli argument

Changelog 2024-03-05

• Adjustments to charra_rim_mgr and parser_util:

  • Updated parser to parse the PCR reference file in a YAML format.

  • Implemented stricter parsing rules

  • Fixed minor bugs

• Adjustments to Verifier

  • -f or --pcr-file argument is mandatory to run the verifier

  • The specified PCR reference file has to be in this format: FORMAT:PATH

  • The following formats are currently available: yaml

• Replaced reference-pcrs.txt with reference-pcrs.yml

Changelog 2024-02-20

• Improved charra_marshaling with QCBOR spiffy decoding

• Removed cbor_util

Changelog 2023-11-30

• Adjustments to Dockerfile:

  • Updated dependencies to latest stable versions

  • Created necessary systems folders for the tpm2-tss Feature API (FAPI)

  • Added tpm2-pytss

  • Disabled TSS2 log messages that were producing (unnecessary and) confusing error messages and warnings

  • Added Bash configuration including aliases and a history (saves time typing the commands to build and run CHARRA by simply using the up/down arrow keys to cycle through the commands)

• Added TPM2 code examples under ~/code-examples, showcasing the use of the TSS2 ESAPI and FAPI with tpm2-tss (C programming language) and tpm2-pytss (Python programming language)

• Added a script in ~/./test-charra-and-tpm2-tss.sh for compiling and running CHARRA as well as all code examples.

Changelog 2023-05-20

• Fixed Makefile

• Fixed Docker Compose

• Externalized building and installation instructions into INSTALL.md and the changelog into CHANGELOG.md.

• Minor adjustments

Changelog 2021-03-17

• Dynamic memory allocation for QCBOR encoded data using malloc(). Thanks, @laurencelundblade.

• Fixed some bugs

• Introduced macros for free()'ing heap data.

Changelog 2021-03-16 (v2)

• Added random nonce generation with mbed TLS in Verifier. Made it configurable whether to use the TPM or mbed TLS to generate the nonce.

• Added media type CBOR to attestation request in Verifier. Credits go to @mrdeep1.

Changelog 2021-03-16 (v1)

• Updated README.md to include building tpm2software/tpm2-tss Docker image which CHARRA uses as a basis Reason: recently, the official tpm2software/tpm2-tss Docker images were removed from Docker Hub

• Added Docker Compose file and description on how to use it to README.md

• Added .editorconfig file

• Using most recent stable versions of tpm2-tss and tpm2-tools

• Added compressed CHARRA SVG logo (*.svgz). See charra-logo.svgz

Changelog 2021-03-10

• Added support for CoAP large/block-wise data transfers, utilizing latest features of libcoap. This enables CHARRA to send and receive data of arbitrary size. Many thanks to @mrdeep1 for developing and fixing block-wise transfers in libcoap!

• Console output/logging can be entirely disabled with the disable-log Make switch. Colored logging can be disabled with the disable-log-color Make switch. This allows CHARRA to be used in embedded systems. Example:

  make disable-log=1
  make disable-log-color=1
  

• For debugging purposes a Make flag address-sanitizer was introduced. Example:

  make address-sanitizer=1
  

• For TPM operations a custom TCTI module can be used. For this purpose, the Make flag with-tcti was introduced. If not specified, the default is mssim. Use it like:

  make with-tcti=device
  

• To reduce the binary size, a Make flag strip was introduced. It invokes strip --strip-unneeded on the resulting binaries. Example:

  make strip=1
  

• Log levels of CHARRA and libcoap can now be specified at runtime, e.g.:

  env LOG_LEVEL_CHARRA=TRACE LOG_LEVEL_COAP=DEBUG bin/verifier
  

  • Supported CHARRA log levels are: TRACE, DEBUG, INFO, WARN, ERROR, and FATAL.

  • Supported libcoap log levels are: EMERG, ALERT, CRIT, ERR, WARNING, NOTICE, INFO, and DEBUG.

• CHARRA Dockerfile now uses Ubuntu 20.04 instead of Ubuntu 18.04 as its base image.

• Added tools for debugging to Dockerfile (tmux, gdb, cgdb, and clang-tools).

• Graceful exit using SIGINT handlers.

• Simplified CoAP handling by introducing wrapper functions for libcoap.

• Updated README.md.

• CHARRA now has a logo, see charra-logo.svg, charra-logo.png, and charra-logo_small.png.

Changelog 2019-09-19

• Initial version