Skip to main content

21 posts tagged with "change log"

View All Tags

Release 4.1

· One min read
Joe Jeanjaquet
Senior Director of Engineering @ Eclypses

Version 4.1

note

The license key has NOT changed

  • New Client / Server Licensed Build Types.
  • Dropped MteSdr support for client / server builds.
  • Many improvements for the demo projects and their ReadMe files.
  • Documentation improvements regarding MKE compatibility, missing functions in MinSizeRel builds and the usage of “C” macros.

Release 4.0

· 2 min read
Joe Jeanjaquet
Senior Director of Engineering @ Eclypses

Version 4.0

note

Since this is a major version, the license key for your build will have changed

for private Eclypses NPM Registry users

If you're installing MTE using the private Eclypses NPM registry, you may use the following commands to specify the version of MTE you're downloading.

  • npm i mte@npm:@eclypses/[my-mte-library]
    • Downloads the latest version; currently v4.0.0.
  • npm i mte@npm:@eclypses/[my-mte-library]@^3
    • Downloads the latest v3 version; v3.1.2
  • npm view @eclypses/[my-mte-library] versions
    • Returns a list of all available version of your package.

Note: Before sending CLI commands to the Eclypses NPM registry, ensure you are in a directory with an .npmrc file with credentials for the Eclypses NPM registry. If you don't have this, you can find it in the Eclypses Developer Portal, on the page for your specific configuration.

A few things to consider:

  • MTE Relay v3 does work with MTE v4!
  • Your MTE v4 library has a different license key so you will have to update the license key in your code (if you choose to upgrade to v4).
  • Jailbreak Add-on removed - both Android and iOS operating systems have made our previous detection techniques obsolete. iOS cannot be jailbroken anymore for several releases now. Android that is jailbroken with “Magisk” tools cannot be detected, therefore it rendered our jailbreak useless.

  • New Add-on: Elliptic Curve Diffie-Hellman (ECDH)

  • New Add-on: Kyber

  • New Kyber Hash Algorithms: SHA3_STD and SHA2_90S

  • New Random Number utility to seed the ECDH and Kyber add-ons

  • Added the 'Paired Licenses' capability, which means that only paired-licensed MTE Builds will be able to communicate with one another.

  • MKE now supports compatibility between non-chunked and chunked

  • MKE no longer supports "ECB" and "CBC" cipher algorithms

  • Fixed C struct macros that started to fail on certain C++ compilers under certain build configurations.

Release 3.1

· One min read
Matthew Cushing
Software Engineer @ Eclypses

Version 3.1

note

The license key has NOT changed

  • Added build support for the nRF52833 microcontroller, including AES hardware acceleration.
  • Demo improvements.
  • Language interface improvements.
  • Documentation improvements.
  • Removed unnecessary interfaces in WASM language interface when add-ons are not used.

Release 3.0

· One min read
Matthew Cushing
Software Engineer @ Eclypses

Version 3.0.0

  • Refactored C API for efficiency and size.
  • Internal improvements to reduce library size and improve performance.
  • Added thin wrapper API for language interfaces that cannot use the new C API.
  • Removed C "supplemental" API.
  • Updates to language interfaces to handle minimum-size release build changes and edge cases.
  • Renamed Vault to Secure Data Replacement (SDR).
  • Added build support for the 24FJ128GA204 microcontroller.
  • Added build support for the ATMEGA2560 microcontroller.
  • Added build support for the AVR128DA48 microcontroller.
  • Added demos for WASM/JS SDR.
  • Set minimum iOS/macOS target to avoid linker warnings.
  • Set minimum Android target.
  • Simplified WASM/JS APIs to use fewer stringified numbers where possible.
just so you know

MTE 3.x encoded messages are completely compatible with 2.x, so any combination of 2.x and 3.x encoder and decoder will work fine, easing the transition.

licensing

Licensed versions of the library will require new license codes for 3.x, as license codes are tied to the major version.

Release 2.2.0

· One min read
Matthew Cushing
Software Engineer @ Eclypses

Version 2.2.0

  • Add WASM/JS MTE Vault implementation
  • Support Java Exception serialization
  • Pin all internal buffers in C# language interfaces to work around a bug in at least some C# compiler/runtime combinations that move buffer location without copying contents
  • Update MKE C# interface to support strings more efficiently
  • Redesign the WASM/JS SDK to create a single package that supports CommonJS modules, ECMAScript modules, and Typescript
  • Fix an issue with WASM/JS where the saved state array would become invalid if the encoder/decoder was deleted
  • Clarify Swift exception throwing in MTE Vault

Release 2.1.2

· One min read
Matthew Cushing
Software Engineer @ Eclypses

Version 2.1.2

  • Zero the async saved state when not using async to allow the state to be used with async.
  • Added build support for the 32MM0064GPL036 microcontroller.
  • Added build support for the Apple M1.
  • Changed Java MteVault exception handling to use a custom exception class that is checked so it cannot be accidentally ignored.
  • Fixed issue with iOS SHA-512 ARM64 PAA detection.

Release 2.1.1

· One min read
Matthew Cushing
Software Engineer @ Eclypses

Version 2.1.1

  • Fixed issue with missing enum strings for cipher and hash in Trial mode.
  • Minor comment cleanup.
  • Minor updates to Java language interface to address Android Studio warnings.

Release 2.1.0

· One min read
Joe Jeanjaquet
Senior Director of Applied Technology @ Eclypses

Version 2.1.0

  • Fixed alignment issue in increment DRBG.
  • ESP32 hardware acceleration is now optional in case the hardware is used by other tasks.
  • Changed C# namespace to Eclypses.MTE for the main language interface and Eclypses.MTE.Interop for the internal interop classes.
  • Added C# interfaces to define the classes' interfaces.
  • Added MTE Vault in Swift and Java.

Release 2.0.1

· One min read
Joe Jeanjaquet
Senior Director of Applied Technology @ Eclypses

Version 2.0.1

  • Language interface improvements.
  • Fixed issue with C# constructor exceptions.
  • Fixed C# warnings.
  • Fixed issue with MKE chunk encryption and unaligned buffers.
  • Fixed issues with Go's handling of zero-length buffers.
  • Fixed Go MKE decrypt chunking issue.
  • Changed naming of Go cgo functions.
  • Fixed issue with Python initializer exceptions.
  • Fixed issue with WASM Jailbreak nonce mutator.

Release 2.0.0

· 3 min read
Joe Jeanjaquet
Senior Director of Applied Technology @ Eclypses

Version 2.0.0

  • The ECL library's implementations of AES, SHA, and DRBGs is now used instead of MTE's original implementation.
  • The ECL library's ESP32 implementation uses the ESP32's hardware cryptographic modules instead of software to the extent possible.
  • The MTE algorithm has changed to add additional security. MTE 2.x outputs are not compatible with MTE 1.x outputs.
  • The developer's guides have been updated extensively.
  • The ARM64 functions and classes have been removed. The ARM64 PAA is now automatically enabled when available.
  • The self-test functions have been removed.
  • A new global init function is now required to be called in all cases. The language interfaces other than C take care of this automatically.
  • The status codes have been rearranged to align with ECL. Some new codes were added as well.
  • Save/restore state functions now return status which should be checked like all other status returns. The status may return an error when certain DRBG implementations are used.
  • The language interfaces no longer claim to zeroize the nonce, since that never happened and was never a requirement.
  • The language interfaces now zeroize the entropy in all cases where the language allows it for consistent security and to avoid confusion about when it happens or doesn't. The languages that do not allow it are commented to warn you about it not being zeroized.
  • The core and fixed-length limited input range feature has been removed. All APIs that took the input byte range have changed to remove those options. All possible inputs are now supported in all cases.
  • The MKE interface has been changed to remove the minToEncrypt option and always do encryption.
  • MKE encrypt and decrypt chunk now return a status which must be checked.
  • The MKE encrypt chunk interface changed to use state like decrypt.
  • The Base64 state restore API has been improved to not overwrite the input.
  • The entropy, nonce, and timestamp callbacks are no longer virtual (or equivalent). There are now callback interfaces to allow you to use a plugin to override any or all of the callbacks instead of deriving from an encoder or decoder class. This allows for more reuse and is easier to use.
  • The jailbreak detection classes have been condensed down to use the new nonce plugin.
  • There are now Node.js command line WASM demos in addition to the browser demos.
  • Language interfaces have added default constructors/initializers/factory methods which should be used in most cases. The default constructors take care of build-time options and will default to reasonable runtime options. Only in cases where you have runtime options you need to control fully should you use the constructors/initializers that take all options.
  • Language interfaces are now versioned to match the MTE version and check for a match against the library to ensure compatibility.
  • The C# language interface has been tweaked to support older .NET versions. The developer's guide lists the supported versions.
  • Added additional documentation files describing how to set up MTE-capable projects in Android Studio and Xcode.