OpenBao Rust Crate 1.0.2

OpenBao Rust SDK 1.0.2 Release Notes

Version

• Version: 1.0.2
• Release date: 2026-06-10
• Git tag: v1.0.2
• Git commit: see the signed v1.0.2 tag object
• License: MIT OR Apache-2.0

Summary

1.0.2 is a source-compatible maintenance release for the stable 1.0.x line.
It refreshes reviewed dependencies and CI tooling, and trims the crates.io
README so it focuses on current SDK support instead of pre-1.0 release
history.

This release does not change OpenBao endpoint coverage or the public typed SDK
API surface.

Changed

• Updated base64-ng to 1.0.8.
• Refreshed semver-compatible transitive dependencies in Cargo.lock,
  including bitflags, http, log, wasm-bindgen packages, web-sys,
  js-sys, and zerocopy.
• Updated pinned taiki-e/install-action CI action to v2.81.9.
• Shortened README.md for crates.io by removing historical “Delivered in”
  release narration and keeping current support in Implemented now.
• Updated migration, release plan, API stability, and release metadata checks
  for the 1.0.2 candidate.

Compatibility

• Normal 1.0.1 callers should not need code changes.
• The dependency update keeps the same public features and APIs.
• Historical release details remain available in CHANGELOG.md and older
  release-note files.

Validation

• scripts/checks.sh
• cargo fmt --all
• cargo test --all-targets --all-features
• cargo clippy --all-targets --all-features -- -D warnings
• cargo deny check
• cargo package --locked --allow-dirty --list
• scripts/validate-release-metadata.sh

v1.0.2 was tagged after GitHub CI and CodeQL were green for the release
commit.

OpenBao Rust Crate 1.0.1

OpenBao Rust SDK 1.0.1 Release Notes

Version

• Version: 1.0.1
• Release date: 2026-06-09
• Git tag: v1.0.1
• Git commit: see the signed v1.0.1 tag object
• License: MIT OR Apache-2.0

Summary

1.0.1 is a source-compatible hardening patch for the stable 1.0.x line. It
does not add endpoint families or change the public typed OpenBao API surface.

The release addresses post-1.0.0 audit findings around TLS downgrade
configuration, root-only trust preservation, bootstrap comparison discipline,
and documented residual HTTP-stack memory behavior.

Security

• TLS floors below TLS 1.2 now fail before an HTTP client is built.
• TLS 1.2 configurations now require the tls12-acknowledged feature even when
  configured through the generic OpenBaoConfig::min_tls_version setter.
• OpenBaoConfig::add_root_certificate now preserves root-only trust mode when
  called after OpenBaoConfig::only_root_certificates, avoiding silent trust
  expansion back to platform roots.
• KV v2 bootstrap secret convergence now compares every desired key instead of
  short-circuiting on the first mismatch.
• SECURITY.md now explicitly records that token and namespace header values
  are copied into HTTP-stack header structures that are not zeroized on drop.
• deny.toml now documents why rand/getrandom duplicate-version warnings remain
  visible instead of being skipped.

Compatibility

• Normal 1.0.0 callers should not need code changes.
• Applications that intentionally set min_tls_version(TLS_1_2) must enable
  tls12-acknowledged.
• Applications that previously relied on calling add_root_certificate after
  only_root_certificates to re-enable platform roots must choose that wider
  trust mode explicitly by not entering root-only mode.

Validation

• cargo fmt --all
• cargo check
• cargo test --all-targets
• cargo test --all-targets --all-features
• cargo clippy --all-targets --all-features -- -D warnings
• cargo deny check
• scripts/validate-release-metadata.sh

OpenBao Rust Crate 1.0.0

OpenBao Rust SDK 1.0.0 Release Notes

Version

• Version: 1.0.0
• Release date: 2026-06-04
• Git tag: v1.0.0
• Git commit: see the signed v1.0.0 tag object
• License: MIT OR Apache-2.0

Summary

1.0.0 is the first stable release of the openbao Rust SDK. It freezes the
public API surface trialed through 0.15.0 and keeps the OpenBao 2.5.x
endpoint matrix at zero planned and zero decision rows.

This release does not add a new endpoint family beyond 0.15.0. It promotes
the stable-candidate API, documentation, security posture, release gates, and
residual-risk register to the stable line.

Stable Scope

• Strict typed or operator-gated coverage: 597/643 documented OpenBao 2.5.x
  endpoint rows (92.8%).
• Addressed coverage: 643/643 rows (100.0%) through typed, gated, partial,
  raw, external, or rejected policy.
• No endpoint row remains planned or decision.
• Background token renewal, background lease tracking, request-level
  back-pressure, runtime HTTP/2 knobs, OpenTelemetry SDK dependencies, leaf
  certificate pinning, ACL parameter-constraint generation, and per-engine
  wrapped-response method duplication remain rejected for stable scope.

Documentation

• README install snippets now use openbao = "1".
• README includes a compact crates.io-facing quick-start example.
• Migration guide now includes 0.15 to 1.0 guidance.
• API stability audit records the stable freeze.
• Release plan and API coverage docs now describe the 1.0.0 stable line.

Security Notes

• HTTPS remains required by default. Plain HTTP requires explicit numeric
  loopback opt-in, and sensitive requests still require HTTPS.
• TLS 1.3 remains the default minimum. TLS 1.2 requires
  tls12-acknowledged.
• Production operator APIs remain behind operator-ops plus
  operator-ops-acknowledged.
• Legacy RADIUS remains behind radius-auth plus
  radius-auth-acknowledged.
• Software Transit BYOK wrapping remains behind transit-import plus
  transit-import-acknowledged and is not an HSM, FIPS, certification,
  post-quantum, or security-boundary claim.
• Transport request payloads are zeroized only up to the serialization buffer
  controlled by the crate. reqwest, TLS, kernel, device, allocator, swap, and
  crash-dump buffers remain accepted residual risks.
• AdminBootstrap remains a convergence helper, not a distributed lock.
  Multi-runner workflows must use external serialization.
• Retry jitter remains non-cryptographic timing only.

Security And Stability Gate

• Release gate script: scripts/release_1_0_gate.sh
• OpenBao integration command: scripts/openbao_integration.sh
• Do not tag v1.0.0 until local validation, external pentest feedback, and
  GitHub CI are green.

OpenBao Rust Crate 0.15.0

OpenBao Rust SDK 0.15.0 Release Notes

Version

• Version: 0.15.0
• Status: in development
• Git tag: pending
• Git commit: pending
• License: MIT OR Apache-2.0

Summary

0.15.0 is the final substantial pre-stable release line before 1.0.0.
It focuses on stable-scope ergonomics and final closure work rather than new
OpenBao endpoint coverage. The OpenBao 2.5.x endpoint matrix already records
zero planned and zero decision rows.

Added

• Started the 0.15.0 release line.
• Added the 0.15.0 release gate script and metadata checks.
• Added runtime-neutral Sys::wait_until_unsealed_with_delay and the
  tokio-helpers-gated Sys::wait_until_unsealed convenience helper for
  bounded startup and recovery polling.
• Added Client::wrapping, WrappingContext, and WrappedResponse<T> for
  typed response-wrapped JSON requests and typed unwrap of the original
  response shape.
• Added ACL policy-builder wrapping TTL constraints through
  allow_path_with_wrapping and helper variants that require response
  wrapping on common KV v2 and Transit paths.
• Added selective AdminBootstrap convergence for PKI, database, and SSH mounts,
  dynamic/static database roles, and SSH roles.
• Updated the migration guide and bootstrap example to show the new 0.15.0
  stable-candidate helpers.
• Updated the pinned taiki-e/install-action CI action to the latest v2 tag
  enforced by the local check script.
• Added rustls-backed static PEM CRL configuration for OpenBao server
  certificate checks when using a root-only trust store.
• Added final pentest hardening for RADIUS user policy validation, Transit
  import wrapping-key validation, token and user-agent header validation,
  retry jitter fallback visibility, Transit batch invariants, and bootstrap
  contention classification.
• Renamed the legacy Transit SHA-1 opt-in to allow-sha1-acknowledged, added
  allow-weak-jitter-fallback-acknowledged, and rotated CI cache keys on
  toolchain or lockfile changes.

Finalization

• Local release-gate validation, external pentest feedback, documentation
  review, and GitHub CI passed on the release candidate before tagging.
• This is the final substantial pre-stable release before the 1.0.0
  stabilization pass.

Security Notes

• Request-level seal back-pressure remains rejected because retry, queueing,
  and concurrency policy belong to application middleware.
• Unseal polling is bounded and caller-initiated only; the crate does not
  install background seal polling or delay unrelated requests.
• Wrapped response metadata keeps wrapping tokens and accessors in
  SecretString and redacts them from Debug; delivery and recipient policy
  remain caller-owned.
• ACL parameter-constraint HCL generation remains rejected for typed builder
  scope because correct output requires a full HCL value serializer.
• PKI CA setup, database connection configuration, SSH CA setup, KV v1
  convergence, and ACL parameter-constraint HCL generation remain rejected for
  stable bootstrap/builder scope.
• The deprecated production Client::with_token path was removed; use
  try_with_token so token header validity is checked at construction time.
• LDAP auth and LDAP secrets-engine config now reject non-ASCII LDAP path names
  and plaintext ldap:// URLs unless StartTLS or the insecure LDAP
  acknowledgment feature is used. Even with the acknowledgment feature,
  insecure_tls=true is rejected when LDAP credentials would cross an
  unverified TLS connection.
• Transit batch requests now expose checked try_push builders and a named
  MAX_TRANSIT_BATCH_ITEMS limit; methods still reject empty or oversized
  batches before dispatch.
• TLS 1.2 compatibility now has an explicit tls12-acknowledged feature and
  build warning. TLS 1.3 remains the default and recommended floor.
• Legacy Transit SHA-1 selection now requires allow-sha1-acknowledged.
• Default builds skip retry jitter if OS randomness fails rather than using a
  weak timing-derived fallback.
• AdminBootstrap KV v2 secret values are now bounded at plan construction, and
  secret convergence comparisons use a fixed-iteration comparison over that
  bound instead of variable-length slice comparison.
• AdminBootstrap ACL policy documents are bounded to the typed policy builder
  limit, and policy convergence uses the same padded bounded comparison helper
  to avoid copying weaker comparison patterns into secret-bearing paths.
• Static PEM CRLs can now be enforced for OpenBao server certificates when
  using only_root_certificates; callers still own CRL refresh, client rebuild
  timing, and OCSP/automatic revocation-discovery policy.
• RADIUS remains prohibited for classified and new high-assurance deployments
  despite legacy compatibility support; use certificate auth, Kerberos, or LDAP
  over TLS instead.
• transit-import remains a software wrapping helper only; classified or
  high-assurance key wrapping must use an HSM or equivalent audited boundary.
  OpenSSL-managed temporary key buffers, swap, crash dumps, and allocator free
  lists remain outside this crate's zeroization control.
• Error::BootstrapContention remains a best-effort post-write verification
  signal. It is not a distributed lock; multi-runner bootstrap workflows must
  still use external serialization.
• Request payloads are zeroized only up to the serialization buffer controlled
  by the crate. After handoff to reqwest::Body, non-zeroizing transport, TLS,
  kernel, and device buffers remain an accepted residual pending upstream body
  support for zeroize-on-drop buffers.
• Direct runtime randomness stays on getrandom 0.4.2 and rand 0.10.1.
  Older duplicate getrandom/rand lock entries are transitive
  optional/build-dependency surface and remain monitored by cargo deny.
• Retry jitter remains non-cryptographic timing only; the modulo operation is
  accepted for retry spreading and the weak fallback remains feature-gated.

Security And Stability Gate

• Release gate script: scripts/release_0_15_gate.sh
• OpenBao integration command: scripts/openbao_integration.sh
• Local validation, external pentest feedback, and GitHub CI were green before
  tagging v0.15.0.

OpenBao Rust Crate 0.14.0

OpenBao Rust SDK 0.14.0 Release Notes

Version

• Version: 0.14.0
• Status: in development
• Git tag: pending
• Git commit: pending
• License: MIT OR Apache-2.0

Summary

0.14.0 is the system backend completion line. It adds operator-gated
generate-root, generate-recovery-token, decode-token, legacy recovery-key
rekey, and in-flight request inspection helpers, plus ungated password policy
and resultant ACL helpers.

Added

• Started the 0.14.0 release line.
• Added generate-root, generate-recovery-token, decode-token, and legacy
  recovery-key rekey helpers behind operator-ops plus
  operator-ops-acknowledged.
• Added password policy list/read/write/delete/generate helpers without a
  feature gate. Generated passwords return SecretString.
• Added resultant ACL inspection without a feature gate, with a documented
  internal-endpoint stability caveat and conservative capability maps.
• Added in-flight request inspection as a typed operator-gated diagnostic
  helper with SecretString token accessors and bounded response maps.
• Added the new system request/response types to the prelude where appropriate,
  with operator ceremony types still gated by operator-ops.
• Kept sys/config/ui, sys/monitor streaming, internal router inspection,
  internal counters, and internal request inspection rejected for stable scope.
• Regenerated the OpenBao 2.5.x endpoint matrix. It now records 643
  documented rows, 597/643 strict typed or operator-gated coverage, and zero
  planned or decision rows.

Security Notes

• Operator ceremony helpers must stay behind operator-ops plus
  operator-ops-acknowledged.
• Root tokens, recovery tokens, OTP values, encoded tokens, key shares,
  generated passwords, and token accessors must be stored as SecretString
  and redacted from Debug.
• Internal endpoints that are kept for practical automation must carry explicit
  stability caveats.
• Pentest follow-up hardened retry jitter conversion, CORS origin validation,
  lease count query validation, Raft snapshot request bounds, and Raft peer path
  construction. The local PENTEST.md report was deleted before commit.
• Transit import software wrapping docs now call out the OpenSSL-managed heap
  residual for the ephemeral AES key; HSM or audited-boundary wrapping remains
  the recommended path for high-assurance deployments.
• Second pentest follow-up redacted optional tracing span paths, removed JSON
  decode categories from user-facing errors, tightened RADIUS host validation,
  and added post-write verification for non-CAS bootstrap convergence paths.
  The local second PENTEST.md report was deleted before commit.
• Third pentest follow-up sanitizes OpenBao response warnings before exposing
  them to callers, moves retry jitter to direct OS randomness, adds
  acknowledgment gates for transit-import and sensitive-http-test-only, and
  strengthens documentation for TLS revocation limits, RADIUS suitability,
  tracing path-shape metadata, Transit request-body residuals, and BYOK
  software wrapping residuals. The local third PENTEST.md report was deleted
  before commit.

Security And Stability Gate

• Release gate script: scripts/release_0_14_gate.sh
• OpenBao integration command: scripts/openbao_integration.sh
• Local validation, external pentest feedback, and GitHub CI are green for
  tagging v0.14.0.

OpenBao Rust Crate 0.13.0

OpenBao Rust SDK 0.13.0 Release Notes

Version

• Version: 0.13.0
• Release date: 2026-06-04
• Git tag: v0.13.0
• Git commit: see the signed v0.13.0 tag object
• License: MIT OR Apache-2.0

Summary

0.13.0 is the PKI specialized-flow line. The implemented scope is
revocation/CRL management, CEL role and CEL issue/sign helpers,
named-issuer hierarchy signing, delta-CRL rotation, and operator-gated
cross-certification helpers.

Remaining 0.13.0 planned work: none. The local release-gate components pass
locally, and the external pentest plus GitHub CI are green for the v0.13.0
tag.

Added

• Started the 0.13.0 release line.
• Named-issuer PKI sign-intermediate helpers for multi-issuer hierarchy
  workflows.
• Revoked certificate list, revocation queue list, and detailed certificate
  list helpers.
• Issuer CRL resign and delta CRL rotation helpers.
• PKI CEL role list/read/write/patch/delete plus CEL issue/sign helpers, with
  a version-stability note for this newer OpenBao feature.
• Operator-gated sign-self-issued, intermediate cross-sign, and
  sign-revocation-list helpers.
• Endpoint matrix update for the implemented 0.13.0 PKI rows, bringing
  strict typed coverage to 572/643 (89.0%).

Planned Scope

• No remaining 0.13.0 PKI specialized-flow implementation rows are open.
• OCSP GET/POST rows documented as external OCSP responder protocol endpoints
  for OCSP/TLS client tooling.

Security Notes

• Cross-certification and sign-verbatim style hierarchy operations remain
  operator-only workflows and must stay behind the existing operator feature
  gates where they can bypass ordinary role constraints.
• CEL support should stay typed and bounded, but should carry a stability note
  because CEL roles are newer OpenBao PKI functionality.
• Public CA/certificate/CRL distribution and OCSP protocol endpoints stay
  outside the authenticated SDK boundary.

Security And Stability Gate

• Release gate script: scripts/release_0_13_gate.sh
• OpenBao integration command: scripts/openbao_integration.sh
• External pentest feedback and GitHub CI are green for v0.13.0.

OpenBao Rust Crate 0.12.0

OpenBao Rust SDK 0.12.0 Release Notes

Version

• Version: 0.12.0
• Release date: 2026-06-04
• Git tag: v0.12.0
• Git commit: see the signed v0.12.0 tag object
• License: MIT OR Apache-2.0

Summary

0.12.0 is the PKI Tier 1 multi-issuer and authority lifecycle line. The
implemented scope is default issuer/key configuration, named-issuer
issue/sign, root rotation and replacement, standalone key generation,
sign-verbatim operator helpers, revoke-with-key, cluster and auto-tidy config,
and current-doc PKI struct-field expansion.

Remaining 0.12.0 planned work: none. The local release-gate components and
the OpenBao 2.5.4 integration smoke test pass locally, and the external
pentest plus GitHub CI are green for the v0.12.0 tag.

Added

• PKI default issuer and default key configuration read/write helpers for
  /pki/config/issuers and /pki/config/keys.
• Named-issuer PKI issue/sign helpers for
  /pki/issuer/:issuer_ref/issue/:name and
  /pki/issuer/:issuer_ref/sign/:name.
• PKI authority lifecycle helpers for root rotation, root replacement,
  multi-issuer root/intermediate generation, and standalone key generation.
• PKI cluster config, auto-tidy config, and revoke-with-key helpers.
• Operator-gated PKI sign-verbatim helpers for default and explicit issuers.
• Current OpenBao field expansion for PKI role, URL, root/intermediate
  generation, CRL config, and tidy request/status types.
• Endpoint matrix regeneration for the implemented default issuer/key config
  rows, named-issuer issue/sign rows, authority lifecycle rows, config rows,
  revoke-with-key row, and gated sign-verbatim rows, bringing strict typed
  coverage to 555/643 (86.3%).
• Binary raw-byte response content-type validation when callers supply an
  expected Accept header.

Planned Scope

• No remaining 0.12.0 PKI Tier 1 implementation rows are open. Remaining
  planned endpoint rows are assigned to later releases in the endpoint matrix.

Security Notes

• Sign-verbatim helpers must remain behind operator-ops plus
  operator-ops-acknowledged because they bypass normal role constraints.
• Raw private key material must remain SecretString when any PKI response or
  request field can carry it.
• Public certificate, CSR, and CA material may remain String or byte buffers
  when OpenBao documents it as public material.
• The existing Pki::delete_root(PkiRootDeletion::confirm()) decision remains
  the destructive default-root deletion boundary.
• radius-auth is no longer part of default features and now requires
  radius-auth-acknowledged because legacy RADIUS relies on MD5-based
  authenticators.
• Explicit retry backoff now includes bounded jitter by default to avoid
  synchronized retry waves after temporary OpenBao outages.
• LDAP auth path names reject spaces and LDAP filter metacharacters before
  request dispatch.
• Release metadata validation fails if tracked files contain PEM private-key
  headers, and build.rs warns when sensitive-http-test-only is compiled.

Security And Stability Gate

• Release gate script: scripts/release_0_12_gate.sh
• OpenBao integration command: scripts/openbao_integration.sh
• Local validation completed for dependency freshness, formatting, release
  metadata, clippy default/all-features, tests default/all-features, doctests,
  docs, package verification, dependency policy, RustSec audit, SBOM
  generation, and the pinned OpenBao 2.5.4 dev instance smoke test.
• External pentest feedback was reviewed and GitHub CI was green before the
  v0.12.0 tag.

OpenBao Rust Crate 0.11.0

openbao 0.11.0 Release Notes

Status: in development.

Readiness: implementation complete locally and local release gates pass; wait
for external pentest and CI validation before tagging.

Version

• Version: 0.11.0
• Release date: pending
• Git tag: pending
• Git commit: pending
• License: MIT OR Apache-2.0

Summary

0.11.0 is the Transit advanced key-management line. It focuses on BYOK/import
endpoint wrappers, reversible Transit key soft deletion, global/cache
configuration, and certificate/CSR helpers while keeping raw private or
symmetric key material out of the default endpoint wrappers.

Remaining 0.11.0 planned work: none. The local release-gate components and
the OpenBao 2.5.4 integration smoke test pass locally; this candidate is
waiting for external pentest feedback and GitHub CI validation before the
v0.11.0 tag.

Added

• Transit wrapping-key helper for reading the RSA BYOK wrapping public key PEM.
• Transit import and import-version request types that accept pre-wrapped BYOK
  ciphertext as SecretString, reject empty ciphertext constructors, and redact
  ciphertext/context fields from Debug.
• Public-key-only Transit import and import-version constructors for imported
  verification/encryption keys that do not carry private key material.
• Optional transit-import software wrapping helper that follows OpenBao's
  documented AES-KWP/RSA-OAEP flow and returns the import ciphertext as
  SecretString.
• Transit BYOK export helper that returns destination-wrapped ciphertext blobs
  as redacted SecretString values.
• Transit soft-delete and soft-delete-restore helpers.
• Transit global key configuration and cache configuration helpers.
• Transit CSR generation and certificate-chain install helpers.

Security Notes

• Pentest feedback for this release line tightened retry, Transit, bootstrap,
  path-validation, and secret-encoding behavior before tagging.
• Client::request_json_with_retry now accepts RetryableMethod instead of
  arbitrary reqwest::Method, preventing accidental retries of non-idempotent
  OpenBao write operations.
• AdminBootstrap uses KV v2 CAS for secret-value convergence where OpenBao
  supports it, and the security policy now states that all bootstrap plans
  still require external serialization for ACL policies, AppRole settings, and
  other read-compare-write operations.
• OpenBao path validation rejects non-ASCII and percent characters to avoid
  visually ambiguous or percent-encoded path input.
• Transit BYOK export and normal export reject version 0 locally. BYOK export
  now takes Option<u64> for version selection.
• Transit sign responses expose returned public keys as public String data
  while keeping signatures secret-aware and redacted.
• TOTP SHA-1 remains available for legacy RFC 4226 compatibility but is
  deprecated; use SHA-256 or SHA-512 for new deployments.
• Base64 secret helpers now move the single exposed base64 allocation directly
  into SecretString, avoiding an unnecessary duplicate plaintext copy while
  relying on SecretString zeroization on drop.
• Retryable LIST request conversion no longer uses an impossible
  unreachable! panic path.
• Policy HCL string escaping removed the now-dead %{ branch because policy
  path validation rejects percent characters before serialization.
• Raw private or symmetric key bytes must not be passed to the default endpoint
  wrappers. For private/symmetric imports, callers fetch the wrapping key, wrap
  key material externally through an HSM, OpenSSL, or a reviewed crypto
  library, and pass only the base64 BYOK ciphertext blob. Public-key-only import
  constructors carry public material.
• The transit-import helper is non-default and software-only. It is an
  ergonomic helper for audited development and automation use; it depends on an
  audited OpenSSL 1.1.1+ runtime baseline and is not an OpenBao, HSM, FIPS,
  certification, or post-quantum security claim.
• BYOK export blobs are ciphertext, but the crate treats them as secret-aware
  values because leakage may enable unintended import workflows.
• PEM CSRs and certificate chains are documented as public certificate material;
  private key material remains inside Transit.

Security And Stability Gate

• Gate command: OPENBAO_SKIP_INTEGRATION=1 scripts/release_0_11_gate.sh
• OpenBao integration command: scripts/openbao_integration.sh
• Local validation completed for dependency freshness, formatting, release
  metadata, clippy default/all-features, tests default/all-features, doctests,
  docs, package verification, dependency policy, RustSec audit, SBOM
  generation, and the pinned OpenBao 2.5.4 dev instance smoke test.
• Do not tag until external pentest feedback is reviewed and GitHub CI is
  green.

OpenBao Rust Crate 0.10.0

openbao 0.10.0 Release Notes

Status: in development.

Readiness: implementation complete locally; ready for external pentest and CI
validation.

Summary

0.10.0 is the Identity and auth completion line. The current slices add typed
Identity OIDC token/provider administration, Identity MFA management, and the
system MFA validation step while preserving the crate's secret-handling rules:
generated ID tokens, token introspection inputs, MFA provider credentials, TOTP
QR/URL outputs, MFA passcodes, returned client tokens, and accessors use
SecretString, debug output is redacted, and list-like responses remain
bounded.

Added

• Identity OIDC token backend config read/write helpers.
• Identity OIDC signing key create/read/list/delete/rotate helpers.
• Identity OIDC role create/read/list/delete helpers.
• Signed ID token generation and token introspection helpers.
• OIDC discovery metadata and public JWKS read helpers.
• OIDC provider, scope, client, and assignment admin helpers.
• Named-provider OIDC discovery metadata and public JWKS read helpers.
• Identity MFA Duo, Okta, PingID, and TOTP method management helpers.
• TOTP MFA secret generation, administrative generation, and administrative
  destroy helpers.
• Identity MFA login-enforcement create/read/list/delete helpers.
• /sys/mfa/validate helper for completing MFA-enforced login flows.
• Mock HTTP tests for the documented Identity OIDC token backend paths.
• Mock HTTP tests for the documented Identity OIDC provider admin paths.
• Mock HTTP tests for the documented Identity MFA management paths.
• Mock HTTP test for the documented system MFA validation path.

Security Notes

• Signed Identity OIDC tokens are returned as SecretString.
• OIDC introspection requests expose the token only while serializing the
  request body.
• Confidential OIDC client secrets returned by OpenBao are stored as
  SecretString and redacted from Debug.
• Duo secret/integration keys, Okta API tokens, PingID settings-file payloads,
  and generated TOTP QR/URL outputs are stored as SecretString and redacted
  from Debug.
• MFA validation passcodes, returned client tokens, and token accessors are
  stored as SecretString and redacted from Debug.
• JWKS, list, and provider/client metadata map responses are bounded during
  deserialization.
• Identity OIDC introspection/discovery extra claim maps are bounded during
  deserialization, and oversized JWKS key lists now fail without draining the
  full sequence.
• Identity OIDC bounded JSON map and discovery string-list checks run before
  parsing or converting the first oversized entry.
• JSON object string validation now rejects oversized inputs before parsing, and
  ACL policy string generation escapes HCL template interpolation starts.
• Bootstrap convergence docs now warn at the top-level API that ensure_*
  operations require external serialization when concurrent runners target the
  same cluster.

Release Readiness

• Local release checks pass as of this development snapshot.
• Wait for the external pentest report and GitHub CI before tagging v0.10.0.

OpenBao Rust Crate 0.9.0

OpenBao Rust SDK 0.9.0 Release Notes

Version

• Version: 0.9.0
• Release date: Unreleased
• Git tag: v0.9.0 planned
• Git commit: tag target for v0.9.0
• License: MIT OR Apache-2.0

Scope

• Stable modules carried from 0.8.0: client configuration, direct token auth,
  AppRole login and administration, LDAP/RADIUS/Kerberos auth, Kubernetes auth,
  TLS certificate auth, Userpass auth, JWT/OIDC helpers, token lifecycle and
  token-role helpers, KV v1/v2, Transit, PKI, database, SSH, TOTP, Cubbyhole,
  Kubernetes secrets, RabbitMQ secrets, Identity, LDAP secrets, sys backend
  helpers, loopback-only dev bootstrap, admin bootstrap, policy builders,
  audit devices, lease helpers, plugin catalog helpers, production operator
  APIs behind explicit gates, optional Transit byte helpers, optional timestamp
  parsing, and advisory FIPS posture helpers.
• New 0.9.0 work currently implemented: release-line version bump,
  stabilization audit documentation, migration guidance, release-note skeleton,
  the known-limitations decision register, RenewalHint, lease tidy, safe
  custom plugin wrapper building blocks, optional tracing instrumentation,
  optional HTTP/2 transport support, token create-orphan and
  renew-accessor helpers, AppRole delegated role-property helpers, and the
  operator-gated PKI default root deletion helper, plus explicit
  RetryPolicy/request_json_with_retry exponential-backoff ergonomics and
  shared ListPageOptions pagination for non-secret string-list endpoints,
  AdminBootstrap convergence for PKI roles and Identity entities/groups,
  representative serde response fixtures, fuzz target scaffolding, and the
  advisory quantum-readiness design note; the 0.9.0 release gate script is
  also present.
• Remaining 0.9.0 planned work: final local and GitHub release gates,
  package inspection, pentest review, and tag preparation.
• Finalization rule: the OpenBao 2.5.x endpoint matrix expanded the
  pre-1.0 plan through 0.15.0. 0.9.0 handles stabilization foundations;
  0.10.0 through 0.14.0 handle Identity/auth, Transit, PKI, and System
  completion; 0.15.0 is the endpoint-closure release where no matrix row may
  remain classified as planned or decision.
• Minimum supported Rust: 1.90.0.

Security Notes

• The 0.9.0 line is the API stabilization candidate. New public API should be
  added only when it is expected to survive into 1.0 or when the release
  notes clearly document why it remains experimental.
• Retry helpers are explicit and call-site scoped. Default typed helpers remain
  single-shot, and callers must not use retry policies for non-idempotent writes
  unless the application owns the duplicate-operation risk.
• Token and lease renewal helpers avoid background tasks that silently keep
  secret material alive longer than caller-owned handles require.
• ListPageOptions bounds list page size and validates cursors. Token
  accessors, lease IDs, and other secret-bearing lists stay out of generic
  pagination ergonomics.
• Optional tracing emits only method, validated path, and response status. It
  must never emit full URLs, headers, request bodies, response bodies, tokens,
  namespaces, or raw transport-error strings.
• Migration guidance must not recommend disabling TLS verification, using
  root tokens in application services, logging token accessors, or using
  loopback-only dev bootstrap outside fresh local development instances.
• Quantum-readiness guidance is advisory only until OpenBao exposes stable
  upstream primitives. It must not claim post-quantum safety for current
  OpenBao deployments. See docs/QUANTUM_READINESS.md.

Security And Stability Gate

• Gate command: scripts/release_0_9_gate.sh
• Result: passed locally on 2026-06-03, with cargo audit rerun separately
  outside the sandbox because the RustSec advisory database lock path is under
  ~/.cargo.
• Pentest report: reviewed locally on 2026-06-03; actionable findings were
  remediated, and the temporary PENTEST.md file was deleted before commit.
• cargo audit result: passed locally on 2026-06-03.
• cargo deny check result: passed locally on 2026-06-03.
• CodeQL result: pending.
• Podman OpenBao integration result: passed locally on 2026-06-03.
• SBOM generation result: passed locally on 2026-06-03.
• Reproducible package result: passed locally on 2026-06-03.

Pentest remediations in this candidate:

• Transit key creation validates direct auto_rotate_period field assignment.
• CIDR validation now rejects host-bit-set network values.
• Public BoundedStringList no longer exposes its inner vector for unchecked
  mutation and has a checked constructor for caller-provided values.
• Retry-temporary classification no longer treats HTTP 501 or 505 as
  retryable.
• The unreachable Error::Http(reqwest::Error) variant was removed so future
  code cannot expose reqwest URL-bearing error chains through source().
• LDAP auth Debug redacts certificate PEM fields as operationally sensitive
  topology material.
• OpenBao mount/endpoint path validation rejects spaces.
• Duration builder helpers reject Duration::ZERO before formatting it as
  0s.
• The response-size default remains 32 MiB for compatibility with snapshot and
  raw-byte workflows; small-response clients should lower
  OpenBaoConfig::max_response_bytes.

Known Limitations And Decisions

• Committed 0.9.0 work, no owner decision required unless implementation or
  pentest risk changes: explicit opt-in retry policy, shared pagination for
  non-secret string lists, PKI role and Identity entity/group bootstrap
  convergence, public response fixtures, fuzz targets for path validation/API
  error decoding/response envelopes, public API audit, migration guide
  completion, and an advisory quantum-readiness design note.
• Rejected for stable scope: background token auto-renewal, background lease
  tracking, and LeaseHandle wrappers. Applications own the renewal loop,
  renewal-failure policy, and shutdown ordering; use RenewalHint for timing
  and increment guidance.
• Rejected for stable scope: generic Plugin/SecretEngine traits, codegen,
  and macro approaches. Deployment-specific plugin wrappers should use
  PluginMount, public path validators, and bounded list helpers instead.
• Implement in 0.10.0: Identity OIDC admin/discovery/token/introspection
  rows, MFA method and login-enforcement rows, and sys/mfa/validate; classify
  named-provider OIDC /authorize, /token, and /userinfo as external
  browser protocol flows.
• Implement in 0.11.0: Transit wrapping-key, import/import-version, BYOK
  export, soft-delete/restore, cache/global config, CSR generation, and
  certificate install rows. wrapping_key returns a public PEM string; import
  wrappers accept only pre-wrapped SecretString ciphertext, reject empty
  ciphertext constructors, redact ciphertext/context in Debug, and document
  that raw key bytes must not be passed to endpoint wrappers. BYOK export
  returns wrapped ciphertext as SecretString. A pre-1.0.0 optional
  client-side wrapping helper is planned behind transit-import with
  feature-gated rsa and aes-gcm dependencies, secret-aware inputs, redacted
  output handling, and no security-certification claims.
• Implement in 0.12.0: PKI default issuer/key config, named-issuer
  issue/sign, root rotate/replace, standalone key generation, sign-verbatim
  behind operator gates, revoke-with-key, cluster/auto-tidy config, and
  current-doc field expansion for role/generation/CRL/tidy structs. Destructive
  DELETE /pki/root is resolved in 0.9.0 as Pki::delete_root behind
  operator-ops plus operator-ops-acknowledged, requiring
  PkiRootDeletion::confirm() at the call site.
• Implement in 0.13.0: PKI revocation/CRL management, CEL roles and
  issue/sign, named-issuer sign-intermediate/sign-self-issued, delta CRL
  rotation, and cross-sign rows. Unauthenticated public CA/certificate/CRL
  reads and OCSP responder endpoints are external protocol/public-distribution
  boundaries.
• Implement in 0.14.0: system generate-root/recovery-token, decode-token,
  legacy recovery-key rekey behind operator gates; password policy CRUD/list/
  generate and resultant ACL without gates; and typed operator-gated in-flight
  request inspection with SecretString token accessors and bounded response
  maps. Rejected for stable scope: sys/config/ui, sys/monitor streaming,
  internal router inspection, internal counters, and internal request
  inspection.
• Implement in 0.15.0: a bounded wait_until_unsealed helper behind an
  explicit Tokio helper feature, typed response-wrapping ergonomics with
  redacted wrapping tokens and typed unwrap, selective AdminBootstrap
  convergence for PKI mounts/roles, database mounts/dynamic and static roles,
  and SSH mounts/roles, plus ACL policy-builder wrapping-TTL constraints.
  Rejected for stable scope: request-level seal back-pressure, per-engine
  wrapped method duplication, PKI CA setup in bootstrap, database connection
  configuration in bootstrap, SSH CA setup in bootstrap, KV v1 bootstrap
  convergence, and ACL parameter-constraint HCL generation.
• Runtime HTTP/2 transport knobs are rejected; use the non-default http2
  feature for TLS ALPN HTTP/2 negotiation, and keep default builds HTTP/1.1-only.
  HTTP/3 is rejected for stable scope. Certificate and public-key pinning are
  rejected for stable scope; use root-only trust with an internal CA or
  self-signed OpenBao certificate instead. Tracing is resolved with a
  non-default tracing feature; OpenTelemetry SDK dependencies and custom
  request hooks are rejected for stable scope, and W3C traceparent
  propagation is deferred past 1.0.0.
• Reject for stable feature scope unless a pent...