Skip to content

Releases: notaryproject/notary

v0.6.1

10 Apr 18:52
d6e1431
Compare
Choose a tag to compare
  • Fixed bug where CLI requested admin privileges for all metadata operations, including listing targets on a repo #1315
  • Prevented notary signer from being dumpable or ptraceable in Linux, except in debug mode #1327
  • Bumped JWT dependency to fix potential Invalid Curve Attack on NIST curves within ECDH key management #1334
  • If the home directory cannot be found, log a warning instead of erroring out #1318
  • Bumped go version and various dependencies #1323 #1332 #1335 #1336
  • Various internal and documentation fixes #1312 #1313 #1319 #1320 #1324 #1326 #1328 #1329 #1333

SHA256

notary-Darwin-amd64          9593cc0a341e7fe1d01e6834e9964558318a8679c058b6da755b8608dbeac3de
notary-Linux-amd64           73353b2b4b85604c738a6800465133cb3a828dff0aa26f3c0926dd9a73e19879
notary-Windows-amd64.exe     9d736f9b569b6a6a3de30cbfa3c60a764acdd445cf4ced760efa9d370bcad64f

v0.6.0

01 Mar 00:22
Compare
Choose a tag to compare

v0.6.0

  • The project has been moved from https://github.com/docker/notary to https://github.com/theupdateframework/notary, as it has been accepted into the CNCF. Downstream users should update their go imports.
  • Removed support for RSA-key exchange ciphers supported by the server and signer and require TLS >= 1.2 for the server and signer. #1307
  • libykcs11 can be found in several additional locations on Fedora. #1286
  • If a certificate is used as a delegation public key, notary no longer warns if the certificate has expired, since notary should be relying on the role expiry instead. #1263
  • An error is now returned when importing keys if there were invalid PEM blocks. #1260
  • Notary server authentication credentials can now be provided as an environment variable NOTARY_AUTH, which should contain a base64-encoded "username:password" value. #1246
  • Changefeeds are now supported for RethinkDB as well as SQL servers. #1214
  • Notary CLI will now time out after 30 seconds if a username and password are not provided when authenticating to anotary server, fixing an issue where scripts for the notary CLI may hang forever. #1200
  • Fixed potential race condition in the signer keystore. #1198
  • Notary now no longer provides the option to generate RSA keys for a repository, but externally generated RSA keys can still be imported as keys for a repository. #1191
  • Fixed bug where the notary client would ioutil.ReadAll responses from the server without limiting the size. #1186
  • Default notary CLI log level is now warn, and if the -v option is passed, it is at info. #1179
  • Example Postgres config now includes an example of mutual TLS authentication between the server/signer and Postgres. #1160 #1163
  • Fixed an error where piping the server authentication credentials via STDIN when scripting the notary CLI did not work. #1155
  • If the server and signer configurations forget to specify parseTime=true when using MySQL, notary server and signer will automatically add the option. #1150
  • Custom metadata can now be provided and read on a target when using the notary client as a library (not yet exposed on the CLI). #1146
  • notary init now accepts a --root-cert and --root-key flag for use with privately generated certificates and keys. #1144
  • notary key generate now accepts a --role flag as well as a --output flag. This means it can generate new targets or delegation keys, and it can also output keys to a file instead of storing it in the default notary key store. #1134
  • Newly generated keys are now stored encrypted and encoded in PKCS#8 format. This is not forwards-compatible against notary<0.6.0 and docker<17.12.x. Also please note that docker>=17.12.x is not forwards compatible with notary<0.6.0.. #1130 #1201
  • Added support for wildcarded certificate IDs in the trustpinning configuration #1126
  • Added support using the client against notary servers which are hosted as subpath under another server (e.g. https://domain.com/notary instead of https://notary.com) #1108
  • If no changes were made to the targets file, you are no longer required to sign the target #1104
  • Added support for wildcard suffixes for root certificates CNs for root keys, so that a single root certificate would be valid for multiple repositories #1088
  • Root key rotations now do not require all previous root keys sign new root metadata. #942.
    • New keys are trusted if the root metadata file specifying the new key was signed by the previous root key/threshold
    • Root metadata can now be requested by version from the server, allowing clients with older root metadata to validate each new version one by one up to the current metadata
  • notary key rotate now accepts a flag specifying which key to rotate to #942
  • Refactoring of the client to make it easier to use as a library and to inject dependencies:
    • References to GUN have now been changed to "imagename". #1081
    • NewNotaryRepository can now be provided with a remote store and changelist, as opposed to always constructing its own. #1094
    • If needed, the notary repository will be initialized first when publishing. #1105
    • NewNotaryReository now requires a non-nil cache store. #1185
    • The "No valid trust data" error is now typed. #1212
    • TUFClient was previously mistakenly exported, and is now unexported. #1215
    • The notary client now has a Repository interface type to standardize client.NotaryRepository. #1220
    • The constructor functions NewFileCachedNotaryRepository and NewNotaryRepository have been renamed, respectively, to NewFileCachedRepository and NewRepository to reduce redundancy. #1226
    • NewRepository returns an interface as opposed to the concrete type NotaryRepository it previously did. NotaryRepository is also now an unexported concrete type. #1226
    • Key import/export logic has been moved from the utils package to the trustmanager package. #1250

SHA256

cross/notary-Darwin-amd64            a58af6a845160d36c650a6d4441ed76d4ca7776a6676bfc5a54658bb275fad8d 
cross/notary-Linux-amd64             f4e421b3bb3c32c39372f7f02fbe80c67580cccd381f9722b1c702b3ab63a1c7
cross/notary-Windows-amd64.exe       9f5e419adbeb19c655f3229ecc5922fe2934b0098d6207089baa679f64949787  

v0.4.3

05 Jan 23:21
Compare
Choose a tag to compare

v0.4.3

  • Fix build tags for static notary client binaries in linux #1039
  • Fix key import for exported delegation keys #1067

Checksums

Sha256

notary-Darwin-amd64        1e32aad049d2835b0c5b4805f9abc39b88c4de90b9743775c33c9faaf6c6c383
notary-Linux-amd64         06cd02c4c2e7a3b1ad9899b03b3d4dde5392d964c675247d32f604a24661f839
notary-Windows-amd64.exe   a9d4dd661072fc428af7d832efc5bdccf9f230b6f5547d61e2833b1d6f35709c  

v0.4.2

01 Oct 00:54
Compare
Choose a tag to compare

v0.4.2

v0.4.1 (Superseded by v0.4.2)

  • Preliminary Windows support for notary client #970
  • Output message to CLI when repo changes have been successfully published #974
  • Improved error messages for client authentication errors and for the witness command #972
  • Support for finding keys that are anywhere in the notary directory's private directory, not just under private/root_keys or private/tuf_keys #981
  • Previously, on any error updating, the client would fall back on the cache. Now we only do so if there is a network error or if the server is unavailable or missing the TUF data. Invalid TUF data will cause the update to fail - for example if there was an invalid root rotation. #982

v0.4.0 (Superseded by v0.4.2)

  • Server-managed key rotations #889
  • Remove timestamp_keys table, which stored redundant information #889
  • Introduce notary delete command to delete local and/or remote repo data #895
  • Introduce notary witness command to stage signatures for specified roles #875
  • Add -p flag to offline commands to attempt auto-publish #886 #912 #923
  • Introduce notary reset command to manage staged changes #959 #856
  • Add --rootkey flag to notary init to provide a private root key for a repo #801
  • Introduce notary delegation purge command to remove a specified key from all delegations #855
  • Removed HTTP endpoint from notary-signer #870
  • Refactored and unified key storage #825
  • Batched key import and export now operate on PEM files (potentially with multiple blocks) instead of ZIP #825 #882
  • Add full database integration test-suite #824 #854 #863
  • Improve notary-server, trust pinning, and yubikey logging #798 #858 #891
  • Warn if certificates for root or delegations are near expiry #802
  • Warn if role metadata is near expiry #786
  • Reformat CLI table output to use the text/tabwriter package #809
  • Fix passphrase retrieval attempt counting and terminal detection #906
  • Fix listing nested delegations #864
  • Bump go version to 1.6.3, fix go1.7 compatibility #851 #793
  • Convert docker-compose files to v2 format #755
  • Validate root rotations against trust pinning #800
  • Update fixture certificates for two-year expiry window #951

Checksums

Sha256

notary-Darwin-amd64        0a7aa1356cc3f291844ecbd4632dc508a341dc15a2097deaa0d393ec37f95b54
notary-Linux-amd64         2ac583805c49a50e4b71003597f7fbee48393e836e9a0701671e079d1cd9c96d
notary-Windows-amd64.exe   bc2d527c41738bb4efaa4b7745e546cae4621a0752c72958648e8250fd365855  

v0.3

12 May 01:09
Compare
Choose a tag to compare

v0.3

  • Root rotations
  • RethinkDB support as a storage backend for Server and Signer
  • A new TUF repo builder that merges server and client validation
  • Trust Pinning: configure known good key IDs and CAs to replace TOFU.
  • Add --input, --output, and --quiet flags to notary verify command
  • Remove local certificate store. It was redundant as all certs were also stored in the cached root.json
  • Add environment variable for automating delegation key passphrase entry
  • Update formatting for delegation list output to be multiline for keys and paths
  • Update delegation behavior to not fallback to parent roles if specified role does not exist
  • Further restrict JWT token permissions to remove unnecessary actions
  • Cleanup of dead code in client side key storage logic
  • Update project to Go 1.6.1
  • Reorganize vendoring to meet Go 1.6+ standard. Still using Godeps to manage vendored packages
  • Add targets by hash, no longer necessary to have the original target data available
  • Active Key ID verification during signature verification
  • Switch all testing from assert to require, reduces noise in test runs
  • Use alpine based images for smaller downloads and faster setup times
  • Clean up out of data signatures when re-signing content
  • Set cache control headers on HTTP responses from Notary Server
  • Add sha512 support for targets
  • Move SQLite dependency to tests only so it doesn't get built into official images
  • Fixed asking for password to list private repositories
  • Enable using notary client with username/password in a scripted fashion
  • Fix static compilation of client
  • Enforce TUF version to be >= 1, previously 0 was acceptable although unused
  • json.RawMessage should always be used as *json.RawMessage due to concepts of addressability in Go and effects on encoding

Checksums

Sha256

notary-Darwin-amd64             dfca69606e920142611209e50aa14124b83ac6af54473bf0102d2ceea2355140
notary-Linux-amd64              1cb85573282dd38657dc2af86fd403ceea5cd7440ac7f418f8d898fa5a9d071a
notary-Linux-static-amd64       66e7fbfb03dc88c0b592b0492ff66b8c325a204738c4c9447239fcaeb47be635

v0.2

25 Feb 02:09
Compare
Choose a tag to compare

v0.2

  • Add support for delegation roles in notary server and client
  • Add notary CLI commands for managing delegation roles: notary delegation
    • add, list and remove subcommands
  • Enhance notary CLI commands for adding targets to delegation roles
    • notary add --roles and notary remove --roles to manipulate targets for delegations
  • Support for rotating the snapshot key to one managed by the notary server
  • Add consistent download functionality to download metadata and content by checksum
  • Update docker-compose configuration to use official mariadb image
    • deprecate notarymysql
    • default to using a volume for data directory
    • use separate databases for notary-server and notary-signer with separate users
  • Add notary CLI command for changing private key passphrases: notary key passwd
  • Enhance notary CLI commands for importing and exporting keys
  • Change default notary CLI log level to fatal, introduce new verbose (error-level) and debug-level settings
  • Store roles as PEM headers in private keys, incompatible with previous notary v0.1 key format
    • No longer store keys as <KEY_ID>_role.key, instead store as <KEY_ID>.key; new private keys from new notary clients will crash old notary clients
  • Support logging as JSON format
  • Support mutual TLS between notary client and notary server

Checksums

Sha256

notary-v0.2_darwin-amd64.zip    c3e78a9d037fa040cf0b97d1f1c587cfe37eeb993b182002d2cd8322642d649c
notary-v0.2_linux-amd64.zip     5ab2dab6deaffa7ea8261b35c88996bd2b53c311a6036a27e90eb73bd048ebe2
notary-v0.2_darwin-amd64.tar.gz 5e2d9fb5626cf64f9ea616ba89eff8dfef171451068a23465c967e6cf7e7b4c3
notary-v0.2_linux-amd64.tar.gz  15edcc66b604ecd73780848a64841371847c4b85951a09ae0b9734459fc7db53

v0.1

16 Nov 02:27
Compare
Choose a tag to compare

Notary Client

The first release of the notary client supports the following features:

  • Basic TUF operations against an instance of Notary Server.
    • Initialization of a TUF repository with a set of TUF keys.
      • Root, targets and snapshot keys generated locally.
      • Timestamp public key requested from Notary Server.
    • Adding and removing targets.
    • Publishing the repository to Notary Server.
    • Listing targets in repositories hosted by Notary server.
    • Rotating the targets and snapshots keys.
    • Verifying data in the trusted collection
  • Self signed per collection certificates as the public trust anchors (root keys)
  • Hardware signing with Yubikeys (only ECDSA keys with the root role currently supported)
  • Configuration to set custom Notary Server location and local directory containing keys and cache:
    • via via the -s and -d flags respectively
    • via a configuration file specified with the -c flag
    • via a configuration file located at the default location ~/.notary/config.json
  • Private key management
    • Backup and restore keys across machines.
    • Remove keys from Yubikeys and disk.
    • List currently available signing keys.
  • Certificate management
    • List currently trusted certificates
    • Remove trusted certificates

Checksums

MD5

notary-v0.1_darwin-amd64.zip        90019e80390c8e514861fa34af4ad009
notary-v0.1_linux-amd64.zip         818413c06ac00c7ef8a393769a66eec3
notary-v0.1_darwin-amd64.tar.gz     173f8020e1e8a8b5d15c3be18f58cf36
notary-v0.1_linux-amd64.tar.gz      47ba6374daefea6abcf9e7505ed8c4a6

Sha256

notary-v0.1_darwin-amd64.zip        804b367e9e7b0896748c32ccf52c3a46255149a258322f3d1346e80bca55e859
notary-v0.1_linux-amd64.zip         760c449b7005f348863e43deb922ee7926f5f8018824cc40046e1a742bf3b5ee
notary-v0.1_darwin-amd64.tar.gz     2d6968e01927157c8bd0165088b7b59c389c6d9b0752e7608e724b2afdc745ec
notary-v0.1_linux-amd64.tar.gz      a33c6541733a38aa63b2e0581503381547e0a2bd181891b016f1ffada726ce45

docker-v1.9.0

03 Nov 23:24
Compare
Choose a tag to compare
Merge pull request #218 from endophage/update_gotuf

updating gotuf in godeps

docker-v1.8.3

03 Nov 23:24
Compare
Choose a tag to compare
Merge pull request #176 from dmcgowan/update-copyright

Update license to set copyright holder