Releases: google/go-tpm-tools
Releases · google/go-tpm-tools
Release v0.3.9
Breaking Changes
New Features
- Add cloudbuild config and scripts by @jkl73 in #189
- Add task/container restartability by @jkl73 in #194
- Add support for fetching impersonated tokens to launcher by @jessieqliu in #193
- Add Cloud Logging; Update the service file for launcher by @jkl73 in #196
- Write the container output to both stdout/err and the logger by @jkl73 in #199
- Introduce shim verifier client to the launcher by @alexmwu in #203
- Add overridden_args and overridden_env_vars by @jkl73 in #208
- Add GrubState to ParseMachineState by @alexmwu in #143
- Add REST-based verifier.Client by @josephlr in #216
- Update launcher flags and launcher_spec by @jkl73 in #220
- Update ContainerRunner to use REST verifier by @alexmwu in #219
- Add security-hardened Confidential Space image by @alexmwu in #232
- Add Kernel cmdline parser by @alexmwu in #144
Bug Fixes
- Fix golint issues and typos by @alexmwu in #207
- Properly handle empty TCG Eventlog by @josephlr in #211
- Update VerifyAttestation logic by @jkl73 in #209
- Fix new test with parsePCClientEventLog change by @alexmwu in #213
Other Changes
- Add launch policy for cmd and env vars by @jkl73 in #195
- Upgrade containerd and other OCI dependencies by @jkl73 in #201
- Add gopkg.in/yaml.v3 dependency by @jkl73 in #202
- Update keys.go documentation by @alexmwu in #204
- Bump github.com/containerd/containerd from 1.6.4 to 1.6.6 in /launcher by @dependabot in #205
- Add licenses to the final image by @jkl73 in #206
- Hex encode PCR values in error by @brandonweeks in #210
- Move AttestationAgent code to its own package by @josephlr in #212
- Move verifier from internal and grpc to subpackage by @alexmwu in #214
- Improve rest.NewClient error handling. by @josephlr in #218
- Print OIDC token payload by @jkl73 in #222
- Pin golangci-lint by @josephlr in #227
New Contributors
- @brandonweeks made their first contribution in #210
Full Changelog: v0.3.8...v0.3.9
Contributors
brandonweeks, alexmwu, and 4 other contributors
Assets 2
Release v0.3.8
Release v0.3.7
v0.3.6
What's Changed
- Add the launcher submodule by @jkl73 in #173
- Change crypto/x509 dependencies to ct/x509 by @jessieqliu in #175
Full Changelog: v0.3.5...v0.3.6
Contributors
jkl73 and jessieqliu
Assets 2
v0.3.5
10000
Breaking Changes
- cmd: Move to separate go module by @josephlr in #166
- Change FetchCertChain bool option to HTTP client by @jessieqliu in #171
What's Changed
- Automatically use attestation intermediates for AK cert verification by @jessieqliu in #172
Full Changelog: v0.3.4...v0.3.5
Contributors
josephlr and jessieqliu
Assets 2
v0.3.4
What's Changed
- Add AK certificate chain retrieval by @jessieqliu in #164
- Add OverrideEnvType and OverrideArgType for cel event by @jkl73 in #161
- Add Key.SetCert() function by @jessieqliu in #167
- client: Have client.Attest return an error on bad certs by @josephlr in #168
New Contributors
- @jessieqliu made their first contribution in #164
Full Changelog: v0.3.3...v0.3.4
Contributors
josephlr, jkl73, and jessieqliu
Assets 2
v0.3.3
What's Changed
- build(deps): bump github.com/google/go-attestation from 0.3.2 to 0.4.0 by @dependabot in #160
- Update dependancies by @josephlr in #163
- Fix tests for physical TPMs by @jkl73 in #165
New Contributors
- @dependabot made their first contribution in #160
Full Changelog: v0.3.2...v0.3.3
Contributors
josephlr, jkl73, and dependabot
Assets 2
v0.3.2
New Features
- Add SecureBootState to ParseMachineState by @alexmwu in #139
- Add basic Canonical Event Log(CEL) operations by @jkl73 in #140, #145
- Add COS measurements to MachineState by @alexmwu in #147
- Add CEL replay and TPM extension in AppendEvent by @alexmwu in #148
- proto: Add rest of AttestedCosState measurements by @alexmwu in #150
- Add cos_tlv and ability to parse CEL to MachineState by @jkl73 in #146, #151
- Add AK cert support in VerifyAttestation by @alexmwu in #149
Bug Fixes
- proto: Change RestartPolicy variants to use CamelCase by @josephlr in #152
- server: Fix AK Cert checking bug by @josephlr in #153
Other Changes
- internal/test: add GetSimulatorWithLog by @josephlr in #156
- server: Support all public key types in pubKeysEqual by @josephlr in #157
- Fix CGO warnings and add CI checks to prevent regression by @josephlr in #158
Full Changelog: v0.3.1...v0.3.2
Contributors
alexmwu, josephlr, and jkl73
Assets 2
Minor Documentation and bug fixes
Support Attestation Generation and Verification
Breaking Changes
- #97 - Rename
tpm2toolspackage toclient, to better contrast with the existingserverpackage - #90 - Rename methods containing
AIK(a TPM 1.2 term) toAK(the corresponding TPM 2.0 term) - #104 - Update minimum Go version to 1.16
- #117 #133 - Changed sealing/unsealing options:
SealOptinterface is now aclient.SealOptsstructureCertifyOptinterface is now aclient.UnsealOptsstructure
New features
- #53 - Add
client.Quoteandinternal.VerifyQuote - #100 - Add
client.GetEventLogandserver.ParseMachineState - #105 - Add
client.ReadAllPCRsand use it ingotpm read pcr - #106 - Add
client.Attest - #108 - Add GCE-specific methods:
client.GceAttestationKeyECCandclient.GceAttestationKeyRSA - #103 - Add
server.VerifyAttestation,server.EvaluatePolicy, andserver.ParseMachineState
Bug fixes
- #123 - Use
/dev/tpmrm0by default - #106 - Have
simulator.Getblock instead of failing