- Initial version of multiple enclave support with session management.
- Created the packages for windows (.msi installer) and linux (.deb and .rpm files).
- Support for installation of CLI using homebrew on MacOS.
- Added cookie headers as part of request headers.
- Updated oblv cli configuration file storage location for all platforms.
- Trailing slash removal from destination url in the proxy.
Content-Type
header in the response always shows octet-stream
as the value.- Bug fix for URLs with multiple parameters.
- New
keygen
subcommand added to oblv CLI to generate public/private RSA key pair. - Added encryption of URL query parameters in an HTTP request method.
- Capability to make multiple outbound calls from inside the enclave to external endpoints.
- Allowlisting of external endpoints that are allowed to be contacted from the client application running within the enclave.
- Integration of AWS KMS with cryptographic attestation as part of the
kms-decrypt
NSM API. - Added
user role
in the header as part of the request forwarded to the client application running inside the enclave. - Updated the oblv CLI to a single static binary with pre-packaged OpenSSL.
- Integrated the required AWS root certificate and the TLS certificate into oblv binary.
- Added
key name
and output directory
of generated key pair as separate flags for the keygen subcommand in oblv CLI.
- Creation of separate symmetric keys for each user making a request to an enclave.
- Enhance stability. Updated 3rd party dependent libraries to the latest versions.
- Fixed error handling occurring when AWS certificate is not present.
- Fixed issue where PCRs were required as arguments even when disable-pcr-check flag was specified by the user.
- Http status code in the response indicating a successful response or an error.
- Payload containing a
{status_code, error_message}
in case of an error response from the server. - Generating separate symmetric key for each client connection.
- Minor update to log statements.
- Updated error handling for client-server communication.
- Added error-handling for encrypt and decrypt.
- Updated attestation document error messages to provide more clarity.
- Fixed error fallback during PKI authorization.
- CLI command parameter validation.
- Trust store verification updated.
- Alpha release and our first publicly shipped version! ๐
- CLI supported on all 3 platforms - MacOS, Windows and Linux.