Skip to content

v3.2.0

Latest

Choose a tag to compare

@iadgovuser26 iadgovuser26 released this 17 Jun 16:35
9aa0fa3

The v3.2.0 HIRS release requires that the HIRS Provisioner be updated to V.3.2.0 in order to work with the ACA V 3.2.0
PC Client RIM files previously created with either the tcg_rim_tool or the RIM Tool v1.0 will need to be recreated using Rim Tool v1.1 due to a bug that both tools had with saving the Base RIM with extra white spacing.

ACA:

New Features:

  • New table column sorting and data export options on the ACA portal:
    • Can search on specific table columns
    • Can now search dates
    • Can select/delete multiple certificates/rims from tables.
    • Export to exel, csv, pdf
    • Print
  • Links added to RIM detials page if embedded certificate is present
  • Added a policy setting for enhanced logging collection
  • Added new help pages

Updates:

  • Removed the tcg_rim_tool in favor of the RIM Tool app (https://github.com/nsacyber/RIM-Tool)
  • Updated to Java 25 and Bootstrap 5
  • Migrated from JSP to Thymeleaf
  • Updated various support libraries/dependencies
  • updated TCG Event Log processing to inlcude new events details

Provisioner:

  • Updated HIRS Provisioner to DOTNET 10

Bug Fixes/Error processing improvements:

  • Fixed a bug with whitespaces being erronously removed from Swidtag/Base RIM files prior to signature verification
  • Fixed a bug with Certificate DNs comma processing when matching DNs
  • Fixed a bug with Provisioner handshakes to the ACA
  • Fixed log when RIMs have incorrect Manuacturer or Model and RIMs are not matched to TCG Event Logs for provisioning
  • Update TCG Eventlog processsing to ignore content data parsing issues as long as Event Digests are valid.
  • Shows embedded certificates on the RIM details page
  • Checks for embedded certificates within swidtag's/Base RIM files
  • Handles missing RIM Bundle from provisioning process
  • EK Certificate detials page shows TPM Security Assertions properly
  • Updated use of AKI for certificate validation during validation
  • Fixed RIM updates when updated RIM sent from provisioner
  • Allow PEM files with extra text to be uploaded
  • Handles detection of non-unique Root CA SKI's