4.22.1

[4.22.1] - 2025-02-04

🧪 CI

• Fix rhel9 artifact name

4.22.0

[4.22.0] - 2025-02-03

🚀 Features

• Utimaco General Purpose HSMs support (#367)

🐛 Bug Fixes

• Fixed HSM base code dangling pointer issue in release mode
• Fixed unwanted ValueEnum in cosmian sym encrypt
• Remove ckms linux packages in favor of cosmian packages (#366)
• Rename binary cosmian_kms_server to cosmian_kms - reuse same name as marketplace images

📚 Documentation

• Clarified installation documentation
• Improved database configuration
• Improved HSM integration documentation

4.21.2

[4.21.2] - 2025-01-21

📚 Documentation

• Add how to release doc (#361)
• Change default port of KMS package from 8080 to 9998 (#364)
• VM marketplace guide examples (#365)
• (google_cse) Update authentication section (#363)

Ci

• Allow continue on error (#362)

4.21.1

[4.21.1] - 2025-01-16

🚀 Features

• Loading server conf with default sytem conf. fallback (#360)
• Update crate config_utils (#358)

📚 Documentation

• (google_cse) Typos in configuring .well-known file (#359)

⚙️ Miscellaneous Tasks

• Fix publish on package.cosmian.com

4.21.0

[4.21.0] - 2025-01-07

🚀 Features

• Add server param to disable (if needed) Google CSE JWT token validation (#349)
• Add remove option to Destroy + Object not found error message fix (#357)

🐛 Bug Fixes

• Save configuration file outside of clap actions (#351
• Fix an incorrect message on 'object not found' (#353)

📚 Documentation

• Fix bad links and mkdocs formatting
• Simple review (#358
• Explain default KMS configuration on CVM (#359
• Better build with mkdocs; faster mermaid support and better Katex support

4.20.1

[4.20.1] - 2024-12-09

🚀 Features

• Add CLI bench command (#348)

🚜 Refactor

• Re-expose clap actions for other CLIs (cosmian, ckms_gui) (#339)

📚 Documentation

• Revisit the mkdocs documentation (#339)

4.20.0

[4.20.0] - 2024-11-30

🚀 Features

• HSM support (#344)
  • support for the Proteccio HSM that provides both
    • the ability to perform the Create, Destroy, Export, Encrypt, and Decrypt operations on the HSM
    • the ability to create keys in the KMS which are wrapped by a key in the HSM
  • the database components are now in a separate crate server_database. They are now split in 2 implementations:
    Objects store and Permissions store
  • a new interfaces crate gathers interfaces to be implemented by new external components. Interfaces include:
    • Object Store
    • Permissions Store
    • Encryption Oracle
  • key unique identifiers now support prefixes. Object Stores, Permissions stores, and Encryption Oracles can be
    registered against the prefixes.
  • support for the Sensitive Attribute in addition to the ability to wrap a key by another key has been added to all
    keys creations
• Make keys non revocable on server (#341)
• Docker for Linux ARM and keep support for MacOS Intel (#343)

🐛 Bug Fixes

• The macOS-12 environment is now deprecated
• Better permissions checking on wrapping and unwrapping

📚 Documentation

• Add benchmarks on simultaneous encryptions/decryptions

4.19.3

[4.19.3] - 2024-10-29

🐛 Bug Fixes

• Launch encrypted GMeet through GCal (#334)
• MacOS-maturin:
  • Upgrade python version from 3.12 to 3.13 (#333)
  • force forward compatibility (#336)
• Dont panic on indexing slicing (#331)

📚 Documentation

• ckms installation - specifically for Windows (#332)

4.19.1

[4.19.1] - 2024-10-11

🚀 Features

• Client ckms: merge attributes handling (set/get/delete) under attributes subcommand (#329)

🐛 Bug Fixes

• Guard on size of ciphertexts for BulkData (#330)
• KMIP Attributes: fix deletion on Links and Vendor Attributes (#329)

4.19.0

[4.19.0] - 2024-10-09

🚀 Features

• Google Workspace Client-Side-Encryption (CSE)
  updates (#319)
  • Generate Google S/MIME key-pairs and identities and upload them to Gmail API from ckms
    CLI (#270)
  • Server-side, export cert at PKCS7 format
  • Implement missing CSE endpoints
  • Wrap/unwrap CSE elements with authenticated encryption
  • Export wrapped keys from KMS specifying the cipher mode
  • Handle auth for guest users (#271)
• Add SetAttribute/DeleteAttribute KMIP operations (#303)
• Re-enable wrap/unwrap on ckms by linking statically on openssl (#317)
• Added AES GCM-SIV and AES XTS (#328)
• Added the ability to client side encrypt files with ckms and a hybrid scheme (#328)
• Add bulk encrypt / decrypt facility (#318)
• Create Symmetric Key / Private keys with custom unique id (#326)
• Replace Debug derive trait of KMIP Object by a custom Display impl (#327)

Documentation

• Documentation: Migrating emails to Gmail CSE (#316)
• Update CSE documentation (Gmail S/MIME) (#316)
• Update KMS build instructions (#320)

🧪 Testing

• Add test on database backends (#311)
• Reduce CI pipeline duration in debug (#315)
• Add CSE endpoints testing (#319)

⚙️ Miscellaneous Tasks

• Clippy hardening in crate kmip (#304)