2.9. Release v03.01.00
¶
2.9.1. File/Folder relocation¶
N.A.
2.9.2. Build system changes¶
Updated build tools installation for rpi build.
2.9.3. APIs & enum/types Changes¶
Extended kSSS_KeyPart_Default for other objectType.
Earlier: Object type
kSSS_KeyPart_Default
is used for Binary Files, Certificates, Symmetric Keys, PCR and HMAC-key.Now: UserID and Counter are added for
kSSS_KeyPart_Default
. This means objectType of UserID and Counter will bekSSS_KeyPart_Default
after callingsss_key_object_get_handle
. Comment for enumsss_key_part_t
is updated accordingly.
Added new API
Se05x_API_WritePCR_WithType()
with support to write transient PCR objects also.Deprecated API
Se05x_API_WritePCR()
. Added macroENABLE_DEPRECATED_API_WritePCR
to enable compilation of deprecated APISe05x_API_WritePCR()
. Support will be removed by Q1 2022.Bugfix - Handling of result tag in case of failure in
Se05x_API_AeadOneShot()
,Se05x_API_AeadFinal()
andSe05x_API_AeadCCMFinal()
2.9.4. Functional Changes¶
Cleanup for heap management macros. Added support to redirect macros to FreeRTOS APIs. Section 3.19 SSS Heap Management.
Changed from Heap_3 to Heap_4 for Section 11.5.3 Freedom K64F and Section 11.5.4 i.MX RT 1060
Bugfix - KVN12 key can be used for PlatformSCP authentication now in SE051.
Access manager will send “READY=1” start up notification to systemd. (Enabled by default on iMX and Rpi platforms)
AKM - Improved error handling
SE05x APDU - Response length set to 0 in error condition -
tlvGet_u8buf()
.Created separate library (
mwlog
) for logging framework. See Section 3.7 LoggingOrder of log level reversed. Current log level is -
{"ERROR", "WARN ", "INFO ", "DEBUG"}
.Added reserved commands for access manager -
hostlib/hostLib/accessManager/inc/accessManager.h
.
// For future use
#define RESERVED_ID1 0x60
#define RESERVED_ID2 0x61
#define RESERVED_ID3 0x62
#define RESERVED_ID4 0x63
#define RESERVED_ID5 0x70
#define RESERVED_ID6 0x71
#define RESERVED_ID7 0x72
#define RESERVED_ID8 0x73
2.9.5. New platform support¶
N.A.
2.9.6. New feature support¶
Mbedtls ALT is extended with ECDSA verify operation using
MBEDTLS_ECDSA_VERIFY_ALT
define. (Disabled by default). Using this all EC public key verify operations can be performed using SE05x.
2.9.7. SEMSLite¶
N.A.
2.9.8. SSSCLI Changes¶
N.A.
2.9.9. Documentation Changes¶
N.A.
2.9.10. Examples / DEMO updates¶
Added Secure Boot demo for LPC55S. Refer Section 3.20 Secure Boot.
2.9.11. Communication Layer Changes¶
New smcom option
-DSMCOM:STRING=JRCP_V1_AM
added for client (using access manager) build. When using multiple clients with user authentication, this will ensure the user session is established in an atomic way per client connect.
2.9.12. EdgeLock 2GO agent¶
Updated RTP server demo example to support RSA keys and Static Public Key for offline remote trust provisioning.
2.9.13. User Interface Changes¶
N.A.
2.9.14. External modules Changes¶
N.A.
2.9.15. Other Miscellaneous Changes¶
Changed files under BSD3 License with NXP Copyright to Apache2 License.
Changed files under Proprietary license to Apache 2 License.