Developer's Guide
 All Classes Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
Release Notes
==========================================================================
RELEASE NOTES FOR
The P6R KMIP Server Library (Version 2018.1.21326)
Copyright 2004-2017 P6R Inc.
==========================================================================
==========================================================================
Contact Information
==========================================================================
* Sales 1.888.452.2580 (USA)
* Fax 1.831.476.7490
* Web https://www.p6r.com
* Technical Support https://support.p6r.com
* Blog https://www.p6r.com/articles/
==========================================================================
Known Issues
==========================================================================
Openssl
~~~~~~~~~~~~~~~~~
This software has been compiled against OpenSSL 1.x.x releases.
If you require compatibility with a different version of OpenSSL
please let us know. Also depending on how your version of OpenSSL
was compiled, it may not contain all the symbols used by this
software. If you run into undefined symbol errors, please let us
know and we can provide you a build that will be compatible with
your specific options.
==========================================================================
Change Log
==========================================================================
- bugfix
+ feature addition
* improved/changed feature
! removed/depricated feature
2018.1.21326
- Worked around a Linux linker bug that was not properly detecting
dependencies and leaving out symbols as a result.
- JNI wrapper for KSL was missing the implementations for Certify and
Re-Certify KMIP operations.
- JNI wrapper around KSL did not implement support for PGP keys.
This has now been fixed.
- Fixed typo in error message
- GetSplitKeyResponse caused a seg fault because it resulted in code
being executed that improperly freed memory without testing for
NULL pointers. This has been fixed.
- GetSplitKeyResponse was generating a response for an Opaque object
not a Split Key object, as well as not allowing the setting of
crypto algorithm or length on the response. This is now fixed.
+ Added some basic examples on how to use KSL in C++.
+ Adding KMIP 2.0 attribute support to parser and message generator.
This is just part of the KMIP 2.0 additions. In KMIP 2.0 the way
attributes are encoded are completely different from 1.x protocol
versions. This update deals with the change mostly invisible from
the application. Also added new KMIP only attribute support.
2018.1.0.20652
- Worked around a Linux linker bug that was not properly detecting
dependencies and leaving out symbols as a result.
+ Added some basic examples on how to use KSL in C++.
2018.1.0.20620
+ Adding KMIP 1.4 support in the JNI, also supporting the Byte String
extension Credential used by the Db2 KMIP client.
2018.1.0.20503
+ To finish off KMIP 1.3 support Query Response JNI now supports the
server returning an array of Validation Information.
2018.1.0.20406
- Fixed an issue where the Cryptographic Parameters attribute always
appeared to be in client requests of which it was defined as
possible. An additional field was added to the Crypto Params
structure to indicate if the attribute was present or not. The
JNI was fixed not to create the corresponding Java object if the
attribute was not present.
- Message Extension fields are available to the user for Create KMIP
operation. The VendorExtension structure is just available in TTLV
messages. This will be added to all operations in the next
release
- Application Specific Information attribute is not supported in the
JNI, and the Offset field for ReKey and ReKeyPair is now set to -1
if not provided by the client request message.
- Crytographic Length, and Cryptgraphic algorithm where not properly
included in the Get response message for a wrapped key. This has
been fixed.
- Issue with properly parsing KMIP XML and JSON message whenever an
ISO8601 timestamp string was used. Parse failed incorrectly.
- Version Responses can now be empty, that is do not list a set of
protocol versions supported.This is the proper response to a
client Discover Versions request of an unsupported version.
- To support general error responses an Error Response does not need
to provided a valid KMIP operation.
- Fixed an issue where single batch items always needed to have a
Unique Batch Id. This is not what the KMIP spec defines. For
requests with only a single batch item that batch item does not
need a batch id and so its response will not have a batch id.
- Fixed a bug where the type field for the attributes Name,
Alternative Name, and Key Value Location where not being
serialized properly via the JNI.
- Fixed an issue with the proper generation of a Get response of a
Secret or Opaque data object.
- A bug in the JNI layer would prevent any
RegisterPublicKeyBatchItem objects from being created in Java.
- Simple function missing in Java class RegisterSplitKeyBatchItem to
extract attributes that where encoded with the key material.
- Erroneous error returned with trying to parse a Derive Key
operation with no "iteration count". This error is an internal
code that should not have been pushed out to the rest of the parser.
- JNI did not recognize the MACREsponse and MACVerifyResponse Java
classes due to an oversight. Code has been added to properly
detect this derived classes.
+ JNI API now supports streaming Cryptographic operations that where
added to KMIP 1.3.
2018.1.0.20284
- Fixed crash in JNI glue trying to access a field that did not exist
in the required Java object.
2018.1.0.20255
- The GetWrappedKeyResponse in the JNI did not properly handle a null
for the sign wrapped key UID resulting in an exception. This has
been fixed.
- Add the JNI to expose all the KMIP Version 1.2 non-streaming crypto
functions: Encrypt, Decrypt, Sign, Signature Verify, MAC, MAC
Verify, Hash, RNG Retrieve, RNG Seed.
- Adding JNI support for the following managed objects: Secret Data
Object, wrapped Secret Data Object, opaque object, raw encoded
public / private keys, transparent EC keys, split keys
+ Added support for the KMIP operations: Create key pair, Derive key,
and Re-key key pair in the JNI wrappers for KSL.
2017.1.19887
- The KSL parser produces an enumerator for all batch items in a KMIP
request. The destructor in that enumerator was not properly free
allocated memory thus causing a memory leak.
+ Added RegisterCerficateBatchItem so that incoming certificates can
be parsed and returned to the application
+ Added most of the Response API with additions of
P6KMIPServerLib.startResponseMessage, addBatchItem, and
endResponseMessage
Added most but not all of the needed Response classes, including:
ActivateResponse, AddAttributeResponse, CreateResponse,
DeleteAttributeResponse, DestroyResponse, GetAttributeListResponse,
GetAttributeResponse, LocateResponse, RegisterResponse,
RekeyResponse, RevokeResponse, VersionResponse
In supporting GetAttributeResponse added the ability to pass in
the Response about 1/2 of the needed attribute types. The
currently supported attribute types can be seen at the bottom of
KMIPConstants.java, Section "Codes identify the attribute in use"
This includes adding 3 new JUNIT tests to show how to use these
classes: JNIResponse1Kmip, JNIResponse2Kmip, and JNIResponse3Kmip
+ Update the Javadoc, this is a work in progress and will take a
couple more releases to finish
2017.1.19327
Alpha 1
==========================================================================
Notices
==========================================================================
KSL, P6R and "Project 6 Research" are trademarks of P6R Inc. All other
products, brands and company names referred to here are used for
identification purposes and are the property of their respective
trademark holders.