Skip to content

Releases: ubirch/ubirch-client-go

v2.2.0

23 Nov 11:34
74bbd81
Compare
Choose a tag to compare
v2.2.0 Pre-release
Pre-release

Added:

  • endpoint for key de- and re-activation

    PUT /device/updateActive
    Header: X-Auth-Token: registerAuth
    Body: {id: ${device_uuid}, active: Boolean}
    
    • deactivation deletes public key at identity service and disables signing with corresponding private key
    • reactivation registers public key at identity service and re-enables
    • additional column in db table active [bool]
    • migration script, start with --migrate flag to upgrade db version
  • support for updating key derivation parameters of already stored password hashes "on the go":

    • if enabled, password hashes will be updated on the first incoming authorized request
    • to enable password hash update, set configuration (boolean) to true
      • json: kdUpdateParams
      • envconfig: KD_UPDATE_PARAMS
  • enhanced error logging for failed HTTP requests with additional logging of request URL path and response status code

v2.1.0

08 Nov 21:03
Compare
Choose a tag to compare
v2.1.0 Pre-release
Pre-release

Added:

  • create password hashes with argon2id key derivation for credentials stored in DB

    • optional configuration parameters:
      KdMaxTotalMemMiB   uint32            `json:"kdMaxTotalMemMiB" envconfig:"KD_MAX_TOTAL_MEM_MIB"`   // maximal total memory to use for key derivation at a time in MiB
      KdParamMemMiB      uint32            `json:"kdParamMemMiB" envconfig:"KD_PARAM_MEM_MIB"`          // memory parameter for key derivation, specifies the size of the memory in MiB
      KdParamTime        uint32            `json:"kdParamTime" envconfig:"KD_PARAM_TIME"`               // time parameter for key derivation, specifies the number of passes over the memory
      KdParamParallelism uint8             `json:"kdParamParallelism" envconfig:"KD_PARAM_PARALLELISM"` // parallelism (threads) parameter for key derivation, specifies the number of threads and can be adjusted to the number of available CPUs
      KdParamKeyLen      uint32            `json:"kdParamKeyLen" envconfig:"KD_PARAM_KEY_LEN"`          // key length parameter for key derivation, specifies the length of the resulting key in bytes
      KdParamSaltLen     uint32            `json:"kdParamSaltLen" envconfig:"KD_PARAM_SALT_LEN"`        // salt length parameter for key derivation, specifies the length of the random salt in bytes
      
    • migration script to transfer already existing credentials into password hashes
  • set maximum for open and idle database connection through optional configuration parameter:

    DbMaxConns         int               `json:"dbMaxConns" envconfig:"DB_MAX_CONNS"`                 // maximum number of open and idle connections to the database
    

    default = no limit

  • implement key and auth caches to reduce database access

  • provide endpoint for CSR creation /<uuid>/csr, secured with registration auth token

  • readiness probe checks database connection, endpoint: /readyz

  • general clean up and refactoring for better read-ability, test-ability and enhanced design

Changed:

  • integrate standard ubirch-protocol-go crypto interface
  • endpoint for liveness check changed from /healtz to /healthz
  • enhanced load test script
    • added offset between sending requests for different identities
    • measure average response time for successful requests
    • added metrics for throughput

Fixed:

  • fix prometheus metric HTTP response time observation for requests per path
  • fix recursive error handling of recoverable database errors
  • fix superfluous response header write in case of timeout
  • fix container crashloopbackoff when network yet not available at startup

v2.0.10

01 Jun 08:48
Compare
Choose a tag to compare
v2.0.10 Pre-release
Pre-release

Changed:

  • configuration for postgres database consists of only the DSN: PostgresDSN
    • deprecated DSN_InitDb, client will connect to DB if PostgresDSN is set
    • deprecated DSN_Host, DSN_User, DSN_Password, DSN_Database, replaced by PostgresDSN

Added:

  • Prometheus metrics

v2.0.9

14 May 15:06
Compare
Choose a tag to compare
v2.0.9 Pre-release
Pre-release

Changed:

  • enhanced error log in case of client timeout or cancel after successful request to niomon
  • minor refactoring, cleanup

v2.0.8

14 May 10:55
1c9336f
Compare
Choose a tag to compare
v2.0.8 Pre-release
Pre-release

Changed:

  • set up endpoint for liveliness checks as early as possible
  • set up endpoint for readiness checks when server is ready

Fixed:

  • inject tagged version during build

v2.0.7

13 May 14:08
Compare
Choose a tag to compare
v2.0.7 Pre-release
Pre-release

Fixed:

  • fixed invalid Prometheus metric name

v2.0.6

13 May 12:29
3b1335e
Compare
Choose a tag to compare
v2.0.6 Pre-release
Pre-release

Changed:

  • when a new identity is registered via the registration endpoint, the HTTP response body now contains the DER-encoded x.509 CSR in case the registration was successful
  • increased Gateway Timeout as cancellation of request should usually come from client side if request takes too long

Added:

  • audit logging for:
    • identity creation
    • hash operations:
      • chain
      • anchor
      • disable
      • enable
      • delete

Fixed:

  • added prefix to prometheus metrics: ubirch-client-go

v2.0.5

11 May 12:18
Compare
Choose a tag to compare
v2.0.5 Pre-release
Pre-release

Added:

  • prometheus metrics
  • readiness + liveliness check endpoints

Fixed:

  • concurrent read/write on auth token buffer

v2.0.4

03 May 16:25
b88908f
Compare
Choose a tag to compare
v2.0.4 Pre-release
Pre-release

Changed:

  • enhanced migration process

v2.0.3

03 May 12:03
393d191
Compare
Choose a tag to compare
v2.0.3 Pre-release
Pre-release

Changed:

  • DSN configuration format
    • file based
      "DSN_InitDb": true,
      "DSN_Host": "database-host-name",
      "DSN_User": "database-user-name",
      "DSN_Password": "database-password",
      "DSN_Database": "database-name",
    • env variables
    UBIRCH_DSN_INITDB=true
    UBIRCH_DSN_HOST=database-host-name
    UBIRCH_DSN_USER=database-user-name
    UBIRCH_DSN_PASSWORD=database-password
    UBIRCH_DSN_DATABASE=database-name