Skip to content

Releases: microsoft/CCF

5.0.14

07 Mar 15:50
@github-actions github-actions
ccf-5.0.14
094ae51
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
5.0.14 Latest
Latest

Fixed

  • ccf.ledger/read_ledger.py previously enforced too strict a condition on node membership when validating ledger files (#6849).
  • Removed default value for redirection-kind parameter to start_network script (#6887).
  • Don't throw error if the ledger directory exists but is empty on node start (#6885).
  • Open Enclave logs directly to standard output, without restriction (#6888)
Assets 11
Loading

6.0.0-rc0

04 Mar 14:25
@github-actions github-actions
ccf-6.0.0-rc0
f0816b0
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
6.0.0-rc0 Pre-release
Pre-release

Note: this release candidate still includes .deb packages targeting Ubuntu 20.04, but 6.0.0 final is intended to contain only rpm files targeting Azure Linux 3.0.

Added

  • Added GET /node/attestations and GET /node/attestations/self, as aliases for the /quote endpoints.
  • Members can now be configured with an explicit recovery_role. Members without an encryption key default to NonParticipant, members with an encryption key set default to Participant and continue to receive a recovery share. A new recovery role Owner allows members to receive a full key, letting them perform a recovery single-handedly. The process and APIs remain identical (#6705).
  • RPMs for Azure Linux 3.0 are now included in releases.
  • Joining nodes can now request a snapshot from their peers at startup, rather than relying on file access. The joinee's snapshot will be fetched and used if it is more recent than the joiner has access to. This behaviour is enabled by default, but can be disabled via the command.join.fetch_recent_snapshot config option (#6758).
  • GET /gov/service/javascript-app now takes an optional ?case=original query argument. When passed, the response will contain the raw original snake_case field names, for direct comparison, rather than the API-standard camelCase projections.
  • Applications can now extend js_generic (ie - a JS app where JS endpoints are edited by governance transactions), from the public header ccf/js/samples/governance_driven_registry.h. The API for existing JS-programmability apps using DynamicJSEndpointRegistry should be unaffected.
  • Expose ccf:http::parse_accept_header() and ccf::http::AcceptHeaderField (#6706).
  • Added ccf::cose::AbstractCOSESignaturesConfig subsystem to expose COSE signature configuration to application handlers (#6707).
  • Package build_bundle.ts under npx ccf-build-bundle to allow javascript users to build a ccf schema bundle (#6704).
  • Added a ccf::any_cert_auth_policy (C++), or any_cert (JS/TS), implementing TLS client certificate authentication, but without checking for the presence of the certificate in the governance user or member tables. This enables applications wanting to do so to perform user management in application space, using application tables (#6608).
  • Added OpenAPI support for std::unordered_set (#6634).
  • Added "cose_signatures" entry in the configuration, which allows setting "issuer" and "subject" at network start or recovery time (#6637).
  • Updated ccf::cose::edit::set_unprotected_header() API, to allow removing the unprotected header altogether (#6607).
  • Updated ccf.cose.verify_receipt() to support checking the claim_digest against a reference value (#6607).
  • ccf.cose.verify_receipt() to support verifiying draft COSE receipts (#6603).
  • Introduced ccf::describe_cose_endorsements_v1(receipt) for COSE-endorsements chain of previous service identities (#6500).
  • Ignore time when resolving did:x509 against x5chain, resolution establishes a point-in-time endorsement, not ongoing validity (#6575).
  • Provided API for getting COSE signatures and Merkle proofs (#6477).
  • Exposed COSE signature in historical API via TxReceiptImpl.
  • Introduced ccf::describe_merkle_proof_v1(receipt) for Merkle proof construction in CBOR format.
  • Added COSE signatures over the Merkle root to the KV (#6449).
  • Signing is done with service key (different from raw signatures, which remain unchanged and are still signed by the node key).
  • New signature reside in public:ccf.internal.cose_signatures.

Changed

  • Nodes in Start and Recovery modes no longer enforce specific UVM descriptors, and will instead derive one from UVM endorsements if found. The consortium must check that the value is acceptable, record their agreement by opening the network (#6869).
  • nghttp2 is now picked up from the OS rather than vendored to enable libcurl usage
  • Misc dependency updates (#6725)
  • The read_ledger.py tool now has a --quiet option which avoids printing anything per-transaction, as well as other performance improvements, which should make it more useful in verifying the integrity of large ledgers.
  • COSE signatures now set a kid that is a hex-encoded SHA-256 of the DER representation of the key used to produce them (#6703).
  • All definitions in CCF's public headers are now under the ccf:: namespace. Any application code which references any of these types directly (notably StartupConfig, http_status, LoggerLevel), they will now need to be prefixed with the ccf:: namespace.
  • cchost now requires --config.
  • JWT authentication now supports raw public keys along with certificates (#6601).
  • Public key information ('n' and 'e', or 'x', 'y' and 'crv' fields) now have a priority if defined in JWK set, 'x5c' remains as a backup option.
  • Has same side-effects as #5809 does please see the changelog entry for that change for more details. In short:
  • stale JWKs may be used for JWT validation on older nodes during the upgrade.
  • old tables are not cleaned up, #6222 is tracking those.
  • A deprecated GET /gov/jwt_keys/all has been altered because of #6601, as soon as JWT certificates are no longer stored in CCF. A new "public_key" field has been added, "cert" is now left empty.
  • ccf::http::get_query_value() now supports bool types with "true" and "false" as values.
  • Service certificates and endorsements used for historical receipts now have a pathlen constraint of 1 instead of 0, reflecting the fact that there can be a single intermediate in endorsement chains. Historically the value had been 0, which happened to work because of a quirk in OpenSSL when Issuer and Subject match on an element in the chain.
  • Set VMPL value when creating SNP attestations, and check VMPL value is in guest range when verifiying attestation, since recent updates allow host-initiated attestations (#6583).
  • Added ccf::cose::edit::set_unprotected_header() API, to allow easy injection of proofs in signatures, and of receipts in signed statements (#6586).
  • Output of ccf::describe_merkle_proof_v1(receipt) has been updated, and is now described by ccf-tree-alg schema.
  • Improved error message when attempting to obtain receipts for a past epoch during a recovery (#6507).
  • Nodes started in Join mode will shut down if they receive an unrecoverable condition such as StartupSeqnoIsOld or InvalidQuote when attempting to join (#6471, #6489).
  • In configuration, attestation.snp_endorsements_servers can specify a max_retries_count. If the count has been exhausted without success for all configured servers, the node will shut down (#6478).
  • When deciding which nodes are allowed to join, only UVM roots of trust defined in public:ccf.gov.nodes.snp.uvm_endorsements are considered (#6489).

Fixed

  • ccf.ledger/read_ledger.py previously enforced too strict a condition on node membership when validating ledger files (#6849).
  • Restore low CPU usage on idle nodes, which had increased in dev20 (#6816).
  • CA certificate bundles used for JWT refresh and containing more than one certificate are now handled correctly (#6817).
  • Memory leak during EC key creation is fixed (#6845).
  • Fixed thread-safety issues when CCF nodes attempted to contact non-TLS servers. This previously could cause errors when running SNP builds with multiple worker threads (#6836).
  • SNP nodes will no longer crash when run on firmware returning v3 attestations (#6841).
  • CCF now defaults to using libstdc++ rather than libc++, and no longer builds with LTO, to improve compatibility with other C++ libraries.
  • cose_signatures configuration (issuer/subject) is now correctly preserved across disaster recovery (#6709).

Removed

  • SGX Platform support.
  • SECP256K1 support as a part of the migration to Azure Linux (#6592).
  • The function ccf::get_js_plugins() and associated FFI plugin system for JS is removed. Similar functionality should now be implemented through a js::Extension returned from DynamicJSEndpointRegistry::get_extensions().
  • The key_filter or key_policy arguments to set_jwt_issuer have been removed (#6450).
Loading

5.0.13

21 Feb 11:15
@github-actions github-actions
ccf-5.0.13
89b5368
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
5.0.13

  • Memory leak during EC key creation is fixed (#6845).
  • Fixed thread-safety issues when CCF nodes attempted to contact non-TLS servers. This previously could cause errors when running SNP builds with multiple worker threads (#6836).
  • Add config option in start-network.py to choose redirection kind (#6732, #6755)
  • SNP nodes will no longer crash when run on firmware returning v3 attestations (#6841).
Loading

6.0.0-dev20

21 Feb 15:42
@github-actions github-actions
ccf-6.0.0-dev20
a65040b
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
6.0.0-dev20 Pre-release
Pre-release

Added

  • Added GET /node/attestations and GET /node/attestations/self, as aliases for the /quote endpoints. These return attestations on every platform, not only SGX quotes.

Fixed

  • CA certificate bundles used for JWT refresh and containing more than one certificate are now handled correctly (#6817).
  • Memory leak during EC key creation is fixed (#6845).
  • Fixed thread-safety issues when CCF nodes attempted to contact non-TLS servers. This previously could cause errors when running SNP builds with multiple worker threads (#6836).
  • SNP nodes will no longer crash when run on firmware returning v3 attestations (#6841).
Loading

5.0.12

07 Feb 16:57
@github-actions github-actions
ccf-5.0.12
6348b53
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
5.0.12

Fixed

  • CA certificate bundles used for JWT refresh and containing more than one certificate are now handled correctly (#6817).
Loading

6.0.0-dev19

04 Feb 16:42
@github-actions github-actions
ccf-6.0.0-dev19
66a93ab
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
6.0.0-dev19 Pre-release
Pre-release

Fixed

Container dependencies.

Loading

6.0.0-dev18

04 Feb 07:44
@github-actions github-actions
ccf-6.0.0-dev18
b5435a9
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
6.0.0-dev18 Pre-release
Pre-release

Fixed

Container dependencies.

Loading

6.0.0-dev17

03 Feb 18:22
@github-actions github-actions
ccf-6.0.0-dev17
aeb1e77
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
6.0.0-dev17 Pre-release
Pre-release

Fixed

Container dependencies.

Loading

6.0.0-dev16

03 Feb 17:22
@github-actions github-actions
ccf-6.0.0-dev16
e377492
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
6.0.0-dev16 Pre-release
Pre-release

Added

  • Members can now be configured with an explicit recovery_role. Members without an encryption key default to NonParticipant, members with an encryption key set default to Participant and continue to receive a recovery share. A new recovery role Owner allows members to receive a full key, letting them perform a recovery single-handedly. The process and APIs remain identical (#6705).
Loading

6.0.0-dev15

31 Jan 15:55
@github-actions github-actions
ccf-6.0.0-dev15
c384f5a
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
6.0.0-dev15 Pre-release
Pre-release

Fixed

  • All containers now include the correct version of libstdc++/libstdc++-dev, and the Debian package captures the runtime requirement as well.
  • RPMs for Azure Linux 3.0 are now included in releases.
Loading