Skip to content

v3.0.0

Latest
Compare
Choose a tag to compare
@leroxyl leroxyl released this 01 Dec 20:00
· 93 commits to master since this release
e84faab

With the release of v3.0.0 we introduce the support of SQLite database context management and offline functionality. This enables the client to be used as application for embedded devices, as well as servers.

Changed:

  • configuration changes:
    • renamed configuration parameter for static authentication token

      • json: registerAuth -> staticAuth
      • envconfig: UBIRCH_REGISTERAUTH -> UBIRCH_STATIC_AUTH
    • setting a static authentication token in the configuration is now optional, but mandatory if at least one of
      the following endpoints is enabled

    • endpoints that require a static authentication token, i.e. identity registration, CSR creation and key
      de-/re-activation, must be enabled explicitly via configuration parameters:

      • json: enableRegistrationEndpoint envconfig: UBIRCH_ENABLE_REGISTRATION_ENDPOINT (boolean)
      • json: enableCSRCreationEndpoint envconfig: UBIRCH_ENABLE_CSR_CREATION_ENDPOINT (boolean)
      • json: enableDeactivationEndpoint envconfig: UBIRCH_ENABLE_DEACTIVATION_ENDPOINT (boolean)
    • since SQLite database support was added, the configuration parameter for the database DSN was renamed

      • json: postgresDSN -> dbDSN
      • envconfig: UBIRCH_POSTGRES_DSN -> UBIRCH_DB_DSN
    • the database driver, i.e. "postgres" or "sqlite", has to be set in the configuration via the following
      parameter

      • json: dbDriver envconfig: UBIRCH_DB_DRIVER (string)

Added:

  • configuration additions:

    • individually configurable HTTP client timeouts for requests to upstream servers
      • json: identityServiceTimeoutMs envconfig: UBIRCH_IDENTITY_SERVICE_TIMEOUT_MS (integer)

      • json: authServiceTimeoutMs envconfig: UBIRCH_AUTH_SERVICE_TIMEOUT_MS (integer)

      • json: verifyServiceTimeoutMs envconfig: UBIRCH_VERIFY_SERVICE_TIMEOUT_MS (integer)

      • json: verificationTimeoutMs envconfig: UBIRCH_VERIFICATION_TIMEOUT_MS (integer)

      • if timeout values are not set in the configuration, the following default values will be used

        defaultIdentityServiceTimeoutMs = 10_000
        defaultAuthServiceTimeoutMs     = 2_000
        defaultVerifyServiceTimeoutMs   = 600
        defaultVerificationTimeoutMs    = 2_000
        
  • API additions

    • endpoints for offline signing and verification functionality

      • /${uuid}/offline - Offline Sealing Hashes (chained) - original data
      • /${uuid}/offline/hash - Offline Sealing Hashes (chained) - hash
      • /${uuid}/anchor/offline - Offline Sealing Hashes (no chain) - original data
      • /${uuid}/anchor/offline/hash - Offline Sealing Hashes (no chain) - hash
      • /verify/offline - Offline Verification - original data
      • /verify/offline/hash - Offline Verification - hash

      added support for persistent storage of external identities in order to verify UPPs in offline mode without need
      of retrieving public key from UBIRCH identity service

  • other

    • context migration from legacy context files to SQLite or postgres database
      • migration can be initiated by passing command-line flag --migrate
      • after successful migration, the process will exit with status 0, otherwise 1.

Removed:

  • deprecated support of database schema migration for postgres