Breaking changes
New
ca::idexchange::Error
now implsstd::error::Error
. (#297)- Re-export
bcder
asdep::bcder
if it is enabled. (#299) - Added
PublisherRequest::set_publisher_handle
. (#300) - Added
uri::{Rsync,Https}::path_into_dir
(#302) - Added
Ipv4Block
andIpv6Block
andFromIterator
impls forIpv4Blocks
andIpv6Blocks
. (#298) - Made
AddressRange
public and added methods to convert ranges into a set of prefixes. (#306) - Updated the ASPA RTR PDU to conform with version -14 of draft-ietf-sidrops-8210bis. (#309)
- Exposed
ca::idcert::TbsIdCert::validity
. (#310); - The ASPA
ProviderAsSet
now keeps track of its length and exposes it via the newlen
method. (#315)
Bug fixes
- Do not allow backslashes in idexchange handles. (#304)
Other changes
- The minimum supported Rust version is now 1.70. (#303)
Released 2024-06-21.
Bug fixes
- Correctly encode a CRL with empty revokedCertificates. (#295)
Released 2024-06-10.
New
- Added
rrdp::NotificationFile::parse_limited
that allows parsing while limiting the length of the list of deltas. (#293)
Released 2024-05-29.
New
Serial
can now be converted from and to[u8; 20]
. (#285)- Added
uri::Https::eq_authority
andrrdp::NotificationFile::has_matching_origin
to check for same origin rules in RRDP. (#287)
Released 2024-01-17.
Bug fixes
- The RTR server now returns the expected protocol version in the version negotiation error message rather than the requested version. (#280)
- The RTR server does not accept protocol version 2 for now to avoid sending illegal ASPA PDUs. This is a workaround until the final format of the PDU is specified. (#281)
- Fixed protocol version negotiation in the RTR client. It will now error out if the server responds with a version greater than the requested one rather just accepting it. (#282)
Released 2023-11-30.
Breaking changes
- Upgraded ring to 0.17 and quick-xml to 0.31. ([#278])
Released 2023-09-21
Bug fixes
- Upgraded the dependency on bcder to at least 0.7.3 to avoid a number of decoding issues described in CVE-2023-39914. (#272)
Released 2023-07-06.
New
- Added a new method
write_encoded_slice
toutil::base64::Slurm
. (#269)
Bug fixes
- Correctly rejects ASPA objects that have a version of 0. (#270)
Released 2023-07-05.
Breaking changes
- Dropped dependency on routecore again and moved all used types into
rpki-rs. The new module
resources
contains the AS and IP address resources. The BGPsec key identifier is now an actual type incrypto::keys
. (#261) - Changed the implementation of ASPA objects to conform with version 15 of the profile draft. (#264, #265)
- Changed the ASPA RTR PDU to not use the AFI flags any more and always set it to 0. (#264)
New
- Made
rtr::server::NotifyReceiver
public. (#259) - Added an exclusion check to SLURM’s router key filters and provided type-specific check methods for the other types. (#260)
- Added a new module
util::base64
that provides Base 64 encoding of data for various scenarios. (#263)
Released 2023-04-25
New
- Added implementations for the
arbitrary::Arbitrary
trait to ASN and IP resource types. (#255) - Added more strict checks to validation of ASPA objects in accordance with draft-ietf-sidrops-aspa-profile12. (#256)
Other changes
- Downgraded the minimum Rust version to 1.63. (#257)
Released 2023-04-17.
Breaking changes
- The minimal supported Rust version is now 1.65.
- Changes the type of ASNs as arguments and return types in the
rtr::pdu
module toAsn
. (#250) - Changes the RTR server traits to use a new
PayloadRef
type that allows a user to keep the various payload types separatedly. (#252)
New
- Adds support for protocol version 2 of RTR. Specifically, adds support for ASPA PDUs and payload. (#250, #251, #252)
- Added some useful methods to
AsBlocks
. (#252) - The CA repository URI of a CSR is now forced to end with a trailing slash. (#253)
Bug fixes
- Fixes a bug in the RTR server where it would include router key PDUs even if the negotiated protocol version was 0. (#250)
Released 2023-02-28.
New
- Added
RoaIpAddress::max_length
. (#245) - Added
content
methods toRoa
andAspa
allowing access to the content before validation. (#248 by @digizeph)
Released 2023-01-16.
Bug Fixes
- RTR server: Report the right type of query in
Socket::update
. (#239) - Allow
pathLenConstraint
in Basic Constraints extension in ID certificates. (#241)
Released 2022-10-11.
Bug fixes
- Accept all options for the Authority Key Identifier extension in ID certificates. (#236)
Released 2022-09-14.
Bug Fixes
- Allow and ignore extension in CRLs and CRL entries used in the
ca
module. Handling of CRLs for the RPKI in therepository
module is unchanged. (#234)
Released 2022-09-10.
Bug Fixes
- Include all
resource_set_*
types in Resource Class List Response. (#232)
Released 2022-09-08.
Bug Fixes
- Accept missing trailing slash in RFC 8183 XML namespaces. (#230)
Released 2022-08-29.
Bug Fixes
- Fix missing conditional compilation attributes that caused errors and warnings for certain combinations of features. (#228)
Released 2022-08-26.
New
- Added a associated function
all
to types describing certificate resources – most prominentlyIpBlocks
andAsBlocks
– in order to create values covering all available resources. (#226)
Bug Fixes
- When creating certificate IP resources, ranges that can be expressed as prefixes are now converted into prefixes as required by RFC 3779. (#225)
Released 2022-08-18.
Bug Fixes
- The XML encoder doesn’t insert an initial line feed before any other data anymore. (#222)
Released 2022-07-22.
Bug Fixes
- Don’t produce or allow empty Subject Information Access certificate extensions. (#220)
Released 2022-07-18.
Breaking Changes
- Multiple changes to support BGPsec CSRs (#210):
- Moved
repository::crypto
into its own top-level module and added a separatecrypto
feature. - Added separate signature algorithm types for RPKI and BGPsec and added a
SignatureAlgorithm
trait so the two can be used in parallel. - Made
crypto::signature::Signature
generic over the signature algorithm. - Changed the
Signer
trait and soft-signer implementation to be able to deal with both signature algorithm types via an intermediarySigningAlgorithm
enum. - Made
repository::x509::SignedData
generic over the signature algorithm type so it can be used for both RPKI and BGPsec objects. - Moved
repository::oid
into its own top-level module and made it depend on thebcder
feature. - Moved
repository::csr
toca::csr
. - Changes the
ca::csr
’s types to be generic over the signature algorithms and CSR attributes. - Changed the type of the Extended Key Usage attribute of certificates and CSRs into a newtype around the wrapping capture.
- Add missing functionality to
TbsCert
andCertBuilder
to be able to generate router certificates.
- Moved
- Completely redesigned error handling (#211):
- Switch decoding errors to the new errors defined in bcder 0.7.
- Define dedicated error types for the inspection and verification
phases of object validation with
ValidationError
an umbrella type for all three phases. - All errors now format into an explanation of the issue.
- In the
repository
module, renamed various methods fromvalidate_*
to eitherinspect_*
orverify_*
for consistency. (#211)
New
- Added support for RFC 8183 out-of-band XML exchanges between CAs, their parents, and their publication server. (#208)
- Added support for RFC 8181 Publication Protocol exchanges. (#208)
- Added support for RFC 6492 exchanges between issuer and subject of resources. (#208)
- RSA public keys can now be created from their components and raw key bits. (#212)
Other Changes
Released 2022-02-10.
New
- Added
Display
impl tortr::pdu::RouterKeyInfo
. It outputs the key in Base 64 as used by RFC 8416 local exception files. (#187) - Added
repository::roa::RouteOriginAttestation::iter_origins
that iterates over the content asrtr::payload::RouteOrigins
. (#188) - Dropped the
non_exhaustive
attribute fromrtr::payload::Payload
. (#189) - Added
repository::crypto::keys::PublicKey::bit_bytes
which returns the key’s bits as a shareableBytes
value. (#193) - Added iterators over individual ASNs to
repository::resources::AsBlock
andrepository::resources::AsBlocks
. (#194)
Bug Fixes
- Added a check to manifest validation that thisUpdate is before nextUpdate as mandated by RFC 6486. (#191)
rtr::payload::RouteOrigin
now compares considering a missing max length equal to a max length set to the prefix length. This is necessary to filter out duplicates in RTR where max len is always given. (#195)- The RTR client and server now flush their sockets before waiting. This is necessary for TLS support where data is buffered. (#196)
Released 2022-01-11.
Bug Fixes
- Removed a left over debug println. (#185)
Released 2022-01-10. Yanked from crates.io on 2022-01-11.
Breaking Changes
- The type for autonomous system numbers has been renamed from
AsId
toAsn
. In addition, theAsn
type from routecore is used rather than defining a separate type. It is, however, being re-exported at the old location. (#175) - The Serde serialization format for
Asn
has changed: it now serializes as number rather than a string. The type exposes methods for use with Serde’s field attributes to retain the old formatting. - The type for public key identifier,
KeyIdentifer
, has moved to routecore but is exposed at its old location. As a consequence of the move,KeyIdentifier::from_public_key
has been removed. Please usePublicKey::key_identifier
instead. (#175) - The RTR payload types have been revised to use types from routecore. Support for BGPsec router keys was added. (#177)
New
- Added parsing and generation of local exception files defined in RFC 8416
via the new
slurm
module, available if the"slurm"
feature is enabled. (#178)
Released 2021-11-17.
No changes since 0.13.1-rc2.
Released 2021-11-10.
Other Changes
- ASPA: Switch to final content type OID. (#173)
Released 2021-11-05.
Other Changes
- ASPA: support empty sequences of provider ASes. (#171)
Released 2021-11-01.
Breaking Changes
- The minimal supported Rust version is now 1.47. (#158)
- All methods of the
repository::crypto::signer::Signer
trait are now taking a&self
(some required a&mut self
before). (#162) - The subject name generated by
repository::crypto::keys::PublicKeyCn
is now the hex encoded key identifier rather then the full key to confirm with length requirements. As a side effect, the type is now static and copy. ([#165])
New
- Access methods for the signing time in signed objects and RTA multi-signed objects. (#169)
- Experimental support for ASPA objects. (#166)
Released 2021-08-02.
New
- Strict checking for address and prefix lengths in certificates, and for prefix and max-length in ROAs. (#154, based on an error report by @job)
Released 2021-07-26.
Bug Fixes
rtr
: Corrected the PDU type of the Cache Reset PDU from 7 to 8. (#151)
Released 2021-07-18.
Breaking
- Added the ability to create and write the various RRDP files. This results in various changes to the types for handling RRDP files. (#144)
New
Bug Fixes
- Accept empty
<publish>
elements in RRDP snapshot and delta files. While publishing empty files doesn’t make all that much sense, the standard formally allows it, so we shouldn’t reject updates because of it. ([#148)]
Released 2021-07-08.
This version was yanked 2021-07-18 and re-published as 0.12.0 because it contained breaking changes.
Released 2021-05-17.
Breaking
- Restructured content by moving all modules related to processing RPKI
repository objects to a new
repository
module. (#119) - Introduced features for selecting which parts of the crate are required.
For the content previously included, these are:
repository
for processing of RPKI repository objects,rrdp
for RRDP support, andserde
for adding serde support to repository objects. (#119) - Restructured handling of rsync URIs: There is now only a single type
uri::Rsync
for both rsync module URIs and URIs below module level. The typeuri::RsyncModule
has been dropped. Instead,uri::Rsync
now allows access to the URI’s content as a single bytes slice. (#124) - The
rrdp
module now provides access to object content via a reader rather then decoding it into a vec. In addition,rrdp::DigestHex
has been renamed to the more clearrrdp::Hash
and turned into a wrapper around a fixed-size array. (#129) SignedObject::process
andRoa::process
now also return the EE certificate on success. (#131)RoaIpAddress
andFriendlyRoaIpAddress
are nowCopy
. (#131)- Upgrade
bytes
andtokio
to 1.0. (#121) - The minimum required Rust version is now 1.43. (#121)
New
- New module
rtr
, enabled via the featurertr
that contains what was previously available via the separatedrpki-rtr
crate. (#120) ManifestHash
now allows access to its components via thealgorithm
andas_slice
methods. (#126) It also implementsHash
,PartialEq
, andEq
. (#128)DigestAlgorithm
instances can now be created for the SHA-256 algorithm and values can be checked whether they in fact represent the SHA-256 algorithm. Values now also provide the associated digest length via the newdigest_len
method. (#126)- Certificate and signed object validation (strictly speaking: inspection) now follow OpenSSL’s practice of refusing certificates with mismatching encoding of the signature algorithm inside and outside the signed portion. ([#130])
Bug Fixes
Validity::from_duration
now correctly deals with negative durations. (#131)
Other Changes
Released 2021-05-10.
New
resources::AsBlocks::difference
andresources::IpBlocks::difference
. (#138)
Released 2020-10-07.
Breaking
crypto::key::PublicKeyFormat
has been changed into an enum in order to be able to deal with two different possible public key algorithms. It andcrypto::key::PublicKey
also received functions to determine whether the algorithms and keys are allowed in regular RPKI certificates or router certificates. (#113)- The type for RRDP serial numbers has been changed to
u64
fromusize
. This affects the various traits in therrdp
module. (#111) crl::CrlStore
has been deprecated. The new rules for manifest handling have clarified that there must only ever be one CRL for each CA. TheCrlStore
was designed to make it easier to deal with cases where there are multiple CRLs and is therefore not necessary any more. (#112)- The minimum required Rust version is now 1.42. (#108)
New
cert::Cert
can now decode, inspect, and verify BGPSec router certificates. (#113)- Module
rta
for handling Resource Tagged Assertions. (#108) crypto::DigestAlgorithm::digest_file
allows calculating the digest value of an entire file. (#108)IpBlock
can now be displayed via helper types to select IPv4 or IPv6. (#108)SignedObject::process
to validate generic signed objects and return their content on success. (#108)- The various steps in certificate validation are now available as separate methods. (#108)
- New methods:
resources::AsBlock::is_whole_range
([#110)]resources::IpBlock::is_slash_zero
([#110)]resources::IpBlocks::contains_block
andintersects_block
([#110)]roa::FriendlyRoaIpAddress::prefix
andis_v4
([#110)]
Bug Fixes
- Don’t refuse an rpkiNotify SIA in EE certificates in strict validation mode. The spec is somewhat contradictory on whether they are allowed or now, so we should allow them. (#105)
- Do not include a parameter to the algorithm identifier of the SHA-256 digest algorithm. (#109)
New
- The new method
Tal::prefer_https
reorders the URIs of a TAL so that the HTTPS URIs appear first. (#106)
New
Tal
s can now be created with an explicit name for theirTalInfo
instead of deriving the name from the path. ([#102)]- All types from the
uri
module now have aauthority
method that provides access to the authority portion of the URI (a.k.a., the hostname). [(#103)] - All types from the
uri
module now have a methodunshare
that causes to value to use its own memory, possibly freeing up the shared memory block they were taken out of earlier and saving memory. [(#103)]
Dependencies
Breaking
Bug Fixes
Dependencies
- Upgrade to bytes 0.5 and bcder 0.5. (#99)
Bug Fixes
- Fix an issue in resource range calculation that could result in a range added in parts being encoded in multiple ranges. (#93)
Bug Fixes
New
uri::Https::join
(#87)
Bug Fixes
- Fix order of signed attributes in created signed objects. (New versions of Bouncy Castle insist on that.) (#88)
Breaking
- Encoding of
x509::Time
values changed since in some cases it needs to encode as either UTCTime or GeneralizedTime depending on the year. Thus, there is no simpleencode
method anymore but rather, there now isencode_utc_time
,encode_generalized_time
, orencode_varied
to make the choice explicit. (#84)
Bug Fixes
- Stop refusing to make IPv6-only ROAs (this wasn’t on purpose, honest). (#82)
- Empty
IpBlocks
andAsBlocks
where equal to everything. (#83) - Don’t include the values that are at their default value in the DER encoding. (#85)
Breaking
- Dot segments (‘.’ and ‘..’) and empty segments (except for the final
segment) are not allowed anymore in rsync URIs and will lead to URIs being
rejected. The
uri::Error
enum has received new variants for these cases. (#77)
New
- Added access to signing time and binary signing time in signed object builder. (#80)
Bug Fixes
- Fixed a decoding and encoding error in manifests’ version field which caused certain manifests (which don’t seem to be existing in the wild currently) to be rejected and produced manifests to be invalid. (#78)
- Don’t include empty address families in a produced ROA. (#79)
Other Changes
- Optional versions are not included in encoded ROAs and manifests anymore. This fixes some interoperability issues. (#78)
Breaking
- Hashes in the
rrdp
module are now of a new typeDigestHex
and are automatically converted from their hex representation. (#62) - Removed
uri::Http
. (#63) tal::Tal::uris
now returns an iterator overtal::TalUri
s, which can be either an rsync or HTTPS URI. (#63)- Removed the ARIN tal workaround. (#63)
- Removed the
to_string
methods from URI types as these are available via theToString
trait which is implemented viaDisplay
. (#67) - Renamed
IpBlocks::contains
toIpBlocks::contains_roa
. [(#72)]
New
- Add set operations
union
,intersection
, andcontains
toIpBlocks
andAsBlocks
. [(#72)] - Add various useful impls of
From
forx509::Time
. (#69)
Bug Fixes
- Various improvements to the RRDP implementation. (#62)
- Fix a endless loop and an off-by-one error in Chain::trim. (#64)
- The
version
field of a ROA’sRouteOriginAttestation
structure was parsed and constructed as implicitly tagged whereas the standard demands explicit tagging. This would have lead to a parse error for all ROAs that actually contain the (optional) version field. (#70) - Fix encoding of CRLs. (#73)
Breaking
- Moved
x509::KeyIdentifier
tocrypto::key::KeyIdentifier
. It also contains a byte array and isCopy
. Subsequently,Cert::subject_key_identifier
andCert::authority_key_identifier
return values instead of references now. (#51) - Explicitly set issuer name in
SignedObjectBuilder
. Dropcert
argument fromSignedObjectBuilder::finalize
,RoaBuilder::finalize
, andManifest::finalize
. (#54)
New
- Add
CrlEntry::new
so these can actually be created. (#49) Manifest
now derefs toManifestContent
which adds accessors for its attributes.Manifest
also allows access to the EE certificate via thecert
method. (#50).- Implement serialization for
crypto::keys::KeyIdentifier
,x509::Serial
,x509::Time
, andx509::Validity
. (#51) - Add
impl Sub<Duration> for Time
. (#56) - Add
mkrpki
, a command line tool for creating RPKI objects. (#54) - Parse, validate, construct, (de-)serialize
Csr
. [(#58)] - Parse decimal string format used by RFC6492 for
AsId
. [(#60)]
Bug Fixes
- IP address prefixes (
resources::Prefix
) were encoded wrongly if their length was not divisible by 8. ([#55)]
Dependencies
Breaking
- The minimum supported Rust version is now 1.34.0. (#34)
- Restructured how certificate’s SubjectAccessInfo is parsed and accessed. It now keeps the first mandatory URI of the four relevant access methods readily available. (#34)
Cert
has completely changed,CertBuilder
is gone and has been replaced byTbsCert
which can be used for building. [(#39)]- Similarly,
Crl
has completely changed,CrlBuilder
is gone and has been replaced byTbsCertList
which can be used for building. [(#39)] - How
SignedObject
,Manifest
, andRoa
are being built has completely changed. [(#39)] crl::Crl
,x509::Name
,x509::SignedData
:encode
renamed toencode_ref
to comply with standard naming scheme. [(#39)]DigestAlgorithm
,PublicKeyFormat
, andSignatureAlgorithm
are not unit structs anymore. They implDefault
which should be used to get the recommended (read: only available) values. This is so we can transparently change them into enums later on if necessary. [(#39)]cert::Validity
is nowCopy
and isn’t returned or used by reference anymore. [(#39)]Signer
has gained another mandatory methodrand
that can be used to generate random data. (#41)Crl::next_update
field is now mandatory as per RFC 5280. (#44)
New
- Conversion from strings and formatting for the various forms of IP and AS resources. (#32)
uri::Rsync
anduri::Https
now compare the authority part ignoring ASCII-case. (#34)- New modules
xml
with support for XML parsing andrrdp
with support for RRDP parsing. (#34) - Implement serde traits for URI types. (#37)
- Implement serde traits, equality comparison,
FromStr
andDisplay
for resources. (#38) - New constant size type
Serial
wrapping serial numbers. [(#39)] - Added
serde
traits for certificates, CRLs, manifests, and ROAs via a base64 encoded string. (#42) - More convenience for dealing with
x509::Time
. (#43)
Bug Fixes
- Add
CertBuilder::ca_repository
for the CA Repository Subject Information Access value in order to be able to build valid CA certificates. (#34) - Fix
uri::Https::encode_general_name
anduri::Https::encode_general_name
to not wrap the URI in a sequence. [(#39)]
Bug Fixes
- Fix an unwrap on
Option
inChain::is_encompassed
when the other chain ends before this block. (#30)
Dependencies
- Require bcder of at least 0.2.1. This was required already but not
reflected in
Cargo.toml
.
New
SignedObject::take_from
will now return a malformed error if the certificate in the signed object is of any other choice than a plain certificate. This was a not implemented error before.RoaBuilder
for making ROAs. (#25)ManifestBuilder
for making manifests. (#26)
Bug Fixes
- Decoding manifest and ROAs now checks that the content type field in the signed object has the correct object identifier. (#27)
Breaking Changes
-
New module
crypto
includes the now removed modulesigner
and all crypto-related types. The latter have been re-designed as well. -
Resource handling in modules
asres
andipres
entirely redesigned and moved to a sharedresources
module. (#17) -
IP resources in
Cert
andResourceCert
broken up intov4_resources
andv6_resources
handled independently. (#17) -
roa::RoaStatus::Valid
now contains the complete resource certificate of the ROA. This change is reflected in the methods ofroa::RouteOriginAttestation
that deal with the ROA status. -
uri::Rsync::from_str
anduri::Http::from_str
moved toFromStr
implementations. (#21) -
uri::Scheme::to_string
replaced withinto_string
. (#21) -
Drop use of failure crate. Error types now provide a
Display
implementation only. (#22)
New
-
DigestAlgorithm
allows digesting,PublicKeyFormat
allows checking signatures. -
cert::CertBuilder
for making certificates. (#16) -
uri::Rsync::relative_to
for finding a relative path. -
Added methods:
-
cert::ResourceCertificate::into_tal
,signed_object_uri
,validity
. -
cert::Validity::not_before
andnot_after
, -
Manifest::is_stale
andCrl::is_stale
. (#19) -
uri::Rsync::is_parent
.
-
-
x509::Time
now derefs tochrono::DateTime<chrono::Utc>
.
Breaking Changes
cert::Cert::validate_ta
: new argument for the newtal::TalInfo
struct containing information about the TAL this trust anchor is based on.
New
-
cert::ResourceCert
now provides information about the trust anchor this certificate is derived from. This can be used to present the trust anchor name in validated output.The name will be based on the stem of the file name of the TAL file.
-
roa::RouteOriginAttestation`` now has a
statusfunction that returns a reference to a
RoaStatus` enum with information about the ROA’s status. -
Crl
can now cache the list of serials speeding up itscontain
function from O(n) to O(1)~ at the price of preparing a hash set. -
Manifest
can now tell you how many files there are. -
cert::ext::UriGeneralName
now implementsDisplay
.
Initial public release.