Skip to main content

AWS - MTE API Relay Released

· One min read
Joe Jeanjaquet
Senior Director of Engineering

The Eclypses MTE API Relay Container-type product is now available in the AWS Marketplace.

Eclypses MTE API Relay Server is a proxy server deployed through a docker container. Due to the success of the MTE Relay Server container for Client/Server use-cases, the decision was made to publish the MTE API Relay through the AWS marketplace for Server-to-Server network level communication for HTTP Requests between API Services.

Use Case

Network-level protection for HTTP Requests between AWS and another AWS Region, account, etc. As the product evolves, the "3rd Party Environment" could be another cloud service like Azure, or an on-premise container. Typical Use Case

Big changes:

  • Server-to-Server support
  • New usage guide

Release 4.1

· One min read
Joe Jeanjaquet
Senior Director of Engineering @ Eclypses

Version 4.1

note

The license key has NOT changed

  • New Client / Server Licensed Build Types.
  • Dropped MteSdr support for client / server builds.
  • Many improvements for the demo projects and their ReadMe files.
  • Documentation improvements regarding MKE compatibility, missing functions in MinSizeRel builds and the usage of “C” macros.

AWS - MTE Relay Server v4

· One min read
Joe Jeanjaquet
Senior Director of Engineering

The Eclypses MTE Relay Server Container-type product is now available in the AWS Marketplace.

MTE Relay Server in AWS has been updated to include MTE 4.0 library and features.

Other changes:

  • Added Kyber algorithm for the handshake
  • Fixed bugs
  • Support for streaming requests and responses
  • Consolidated MTE-Relay Header

More information is available here.

AWS - MTE Relay Server v3

· One min read
Joe Jeanjaquet
Senior Director of Engineering

The Eclypses MTE Relay Server Container-type product is now available in the AWS Marketplace.

Eclypses MTE Relay Server is a proxy server deployed through a docker container, and is ideal for companies that want to protect their Web application data, credentials, and other critical data. Originally, the Relay was designed as a one-size-fits-most implementation for MTE Web customers. Due to the success of the container, the decision was made to publish the MTE Relay through the AWS marketplace.

Big changes:

  • Built-in support for AWS Services
    • ECS, Elasticache, CloudWatch
  • Streaming support for pass-through routes

More information is available here.

Release 4.0

· 2 min read
Joe Jeanjaquet
Senior Director of Engineering @ Eclypses

Version 4.0

note

Since this is a major version, the license key for your build will have changed

for private Eclypses NPM Registry users

If you're installing MTE using the private Eclypses NPM registry, you may use the following commands to specify the version of MTE you're downloading.

  • npm i mte@npm:@eclypses/[my-mte-library]
    • Downloads the latest version; currently v4.0.0.
  • npm i mte@npm:@eclypses/[my-mte-library]@^3
    • Downloads the latest v3 version; v3.1.2
  • npm view @eclypses/[my-mte-library] versions
    • Returns a list of all available version of your package.

Note: Before sending CLI commands to the Eclypses NPM registry, ensure you are in a directory with an .npmrc file with credentials for the Eclypses NPM registry. If you don't have this, you can find it in the Eclypses Developer Portal, on the page for your specific configuration.

A few things to consider:

  • MTE Relay v3 does work with MTE v4!
  • Your MTE v4 library has a different license key so you will have to update the license key in your code (if you choose to upgrade to v4).
  • Jailbreak Add-on removed - both Android and iOS operating systems have made our previous detection techniques obsolete. iOS cannot be jailbroken anymore for several releases now. Android that is jailbroken with “Magisk” tools cannot be detected, therefore it rendered our jailbreak useless.

  • New Add-on: Elliptic Curve Diffie-Hellman (ECDH)

  • New Add-on: Kyber

  • New Kyber Hash Algorithms: SHA3_STD and SHA2_90S

  • New Random Number utility to seed the ECDH and Kyber add-ons

  • Added the 'Paired Licenses' capability, which means that only paired-licensed MTE Builds will be able to communicate with one another.

  • MKE now supports compatibility between non-chunked and chunked

  • MKE no longer supports "ECB" and "CBC" cipher algorithms

  • Fixed C struct macros that started to fail on certain C++ compilers under certain build configurations.

Release 3.1

· One min read
Matthew Cushing
Software Engineer @ Eclypses

Version 3.1

note

The license key has NOT changed

  • Added build support for the nRF52833 microcontroller, including AES hardware acceleration.
  • Demo improvements.
  • Language interface improvements.
  • Documentation improvements.
  • Removed unnecessary interfaces in WASM language interface when add-ons are not used.

Release 3.0

· One min read
Matthew Cushing
Software Engineer @ Eclypses

Version 3.0.0

  • Refactored C API for efficiency and size.
  • Internal improvements to reduce library size and improve performance.
  • Added thin wrapper API for language interfaces that cannot use the new C API.
  • Removed C "supplemental" API.
  • Updates to language interfaces to handle minimum-size release build changes and edge cases.
  • Renamed Vault to Secure Data Replacement (SDR).
  • Added build support for the 24FJ128GA204 microcontroller.
  • Added build support for the ATMEGA2560 microcontroller.
  • Added build support for the AVR128DA48 microcontroller.
  • Added demos for WASM/JS SDR.
  • Set minimum iOS/macOS target to avoid linker warnings.
  • Set minimum Android target.
  • Simplified WASM/JS APIs to use fewer stringified numbers where possible.
just so you know

MTE 3.x encoded messages are completely compatible with 2.x, so any combination of 2.x and 3.x encoder and decoder will work fine, easing the transition.

licensing

Licensed versions of the library will require new license codes for 3.x, as license codes are tied to the major version.

Release 2.2.0

· One min read
Matthew Cushing
Software Engineer @ Eclypses

Version 2.2.0

  • Add WASM/JS MTE Vault implementation
  • Support Java Exception serialization
  • Pin all internal buffers in C# language interfaces to work around a bug in at least some C# compiler/runtime combinations that move buffer location without copying contents
  • Update MKE C# interface to support strings more efficiently
  • Redesign the WASM/JS SDK to create a single package that supports CommonJS modules, ECMAScript modules, and Typescript
  • Fix an issue with WASM/JS where the saved state array would become invalid if the encoder/decoder was deleted
  • Clarify Swift exception throwing in MTE Vault

Release 2.1.2

· One min read
Matthew Cushing
Software Engineer @ Eclypses

Version 2.1.2

  • Zero the async saved state when not using async to allow the state to be used with async.
  • Added build support for the 32MM0064GPL036 microcontroller.
  • Added build support for the Apple M1.
  • Changed Java MteVault exception handling to use a custom exception class that is checked so it cannot be accidentally ignored.
  • Fixed issue with iOS SHA-512 ARM64 PAA detection.