Downloads HSM API

Release Notes

5.0.38.0 - Validation Program

2024/02/26

Features

  • Validation Program (BR)

5.0.37.0 - New blockchain sigs and add full AEAD support

2024/02/26

Features

  • add mod_Blockchain Stellar support

  • add mod_Blockchain Cardano support

  • add mod_Blockchain Terra Classic support

  • add mod_Blockchain blake2b-224 support

  • add mod_Blockchain SS58 support

  • add mod_Blockchain Polkadot support

  • add mod_Blockchain blake2b-256 support

  • add mod_Blockchain Tezos support

  • add mod_Blockchain Toncoin support

  • add mod_Blockchain Ed25519 SLIP10 key derivation support

  • add mod_Blockchain Ed25519 FPRV1 key derivation support

  • add curve alt_bn128 support

  • add mod_Blockchain Cosmos support

  • improve local console SNMP config editor

  • add "raw" RSA-enc OAEP/sha256 auto-detection support

  • add full AEAD support

  • improve OEM logs

  • optimize syslog usage

  • disable remote SNMP config on DMP builds

  • improve local console remote-management GUI

  • optimize storage/cache layers

Fixes

  • local console fault on SVMK mismatches

  • a-token cache invalidation on partition removal

  • erase syslog config on HSM db resets

  • OEM log with duplicated audit msgs

  • locale setup edge-case

  • mod_Blockchain key-type validation

5.0.36.0 - Add new blockchain networks

2023/09/15

Features

  • add mod_Blockchain get-addr BTC P2SH support

  • add mod_Blockchain BIP32-Ed15519 key type support

  • add mod_Blockchain Fireblocks bip32 "fprv" extension support

  • add mod_Blockchain Hathor Network bip32 "htpr/tnpr" extension support

  • add mod_Blockchain bip32 xpub export support

  • add mod_Blockchain XRP Ledger support

  • simplify mod_SafeKeeping model

  • add mod_Blockchain Solana support

  • add mod_Blockchain Litecoin support

  • improve mod_Blockchain bip32-ed25519 xpub encoding

  • add mod_Blockchain "fprv" signing support

Fixes

  • mod_SafeKeeping custody type handling

  • Algorand address case-sensitivity handling

  • enforce documented max blob size creation limit

5.0.35.0 - add suppor for Azure BYOK

2023/08/08

Features

  • add mod_Blockchain TRON support

  • optimize mod_Blockchain BIP32 CK handling

  • add mod_Blockchain RFC 6979 (Deterministic ECDSA) support

  • add kek-(un)wrap SP800-38F / RFC5649 KWP support

  • introduce mod_SafeKeeping

Fixes

  • add ds-agent to OEM log dep report

  • local console m-of-n generation error handling edge-case

5.0.34.0 - Add remote config support

2023/07/05

Features

  • improve web console layout

  • add SNMP remote config setup support

  • improve cloud TLM binding replication logs

  • add remote NTP config management support

  • add syslog remote config setup support

  • add mod_SPB SOLUTI v5 CIP1 CA auto detection

  • add AAP kek-wrap RSAOAEP-SHA256

  • improve local console and service log integration

  • add local console fatal-faulting log

Fixes

  • mod_core hash segment err handling

  • cloud TLM state management

  • missing SP800-57/KMIP AUP/umask emulation

  • missing AUP/pkcs11 virtualization

  • net-tools error msg

  • remote management buffer overflow

5.0.33.0 - EFT ANSI X9.24-2004 AES - Export support

2023/04/10

Features

  • add mod_EFT ANSI X9.24-2004 AES-Export support

  • add remote-management session-list tracking

  • audit log local console remote-management processed cmds

  • log remote-management connection TLS cipher-suite

  • improve RSA raw EMV padding handling

Fixes

  • mod_EFT ANSI X9.24-2004 AES-Import HTTP bridge attr handling

  • (legacy) RSA signing core PSS SHA2/3 padding validation

  • missing EdDSA SP800-57/KMIP umask emulation

  • service infinite recursion (full log/SNMP bad interaction)

5.0.32.0 - Key monitor for usage stats

2023/03/18

Features

  • web console keys monitor page

  • enable rsa4k in RM2

  • enable Edwards/Montgomery ECC in RM2

  • obsoleted SNMP privateKeyAccess trap

  • improve storage-layer performance

  • introduce obj usage stats

  • introduce global obj usage stats

  • decrease mod_core m-of-n split/recover usage cap

  • add partition obj count support

  • log sys uptime on local console exit

  • add specialized mod_EFT KCV calculation support

  • add mod_Blockchain Algorand support

Fixes

  • rare trail subsystem state corruption

  • SNMP traps' tty corruption

  • global obj usage stats HTTP bridging

  • fix web console certificate import in .cer format

5.0.31.0 - Syslog hot setup

2023/01/18

Features

  • enable rebootless Syslog setup

  • add hot Syslog config support

5.0.30.0 - add pkcs#7 generator

2023/01/10

Features

  • add log authentication code (LAC) support

  • add ScReader to p11-info json

  • improve local console replication domain GUI

  • implement replication subsystem SNMP traps

  • improve local console invalid PIN error messages

  • add replication domain propagation support

  • add pkcs#7 generator in web console (for use in chains of pix apis)

  • improve user OATH interface in web console

Fixes

  • set repl-domain on live-syncs

  • cloud TLM agent tampering handling

5.0.29.0 - Pix independent certificate multichain support

2022/11/29

Features

  • change HTTP console listing pages

  • improve HSM info pages on HTTP console

  • add Remote p11-info attribute

  • add DSA support

  • add DH support

  • add Syslog support

  • add Pix independent certificate multichain support

  • increase HTTP bridge PKCS#12 import memory capacity

  • add bonding mode info to HTTP bridge

  • disable backup and upack processing on unacknowledged boots

Fixes

  • mod_Blockchain BIP32 XPRV TEST-NET key importing

  • add missing bond net-mask to mod_stat management notification

  • Pix SPB-certificate expiration validation

5.0.28.0 - Add ANSI X9.24-2004 AES-Import support

2022/09/09

Features

  • add mod_EFT ANSI X9.24-2004 AES-Import support

5.0.27.0 - EFTd configuration and opt-in

2022/08/15

Features

  • add mod_SPB raw encode/decode support

  • introduce remote eftd configuration and opt-in

5.0.26.0 - Add ARC5 support

2022/06/27

Features

  • remove get-info remote permission restrictions

  • add arc5 support

5.0.25.0 - Introduce module Blockchain

2022/05/10

Features

  • enable legacy RSA op on RM1

  • introduce module Blockchain

Fixes

  • HTTP bridge repl-cross-check json generation

5.0.24.0 - Improve TLS setup

2022/04/29

Features

  • improve service TLS setup

  • add Soluti to mod_SPB valid CA list (SecManual v5.03)

Fixes

  • add missing KMIP kpair creation SNMP trap

5.0.23.0 - SPB v3 ms 5.01

2022/01/21

Features

  • add mod_EFT TR31 support

  • implement SPB SecV3 GCM IV/Nonce v5.01

  • improve ds-agent policy-manager stats

  • improve mod_PIX certificate/chain/pkcs7 handling

5.0.22.0 - OATH legacy fqn support

2021/12/06

Features

  • workaround module OATH legacy max-obj-id (SC FQN support)

Fixes

  • module core HSM mode cache initialization/usage

  • module SPB SecV3 GCM tag handling edge-case

5.0.21.0 - Tune log flushing

2021/11/09

Features

  • tune log flushing

  • increase SBP v3 GCM IV

5.0.20.0 - Fix ICC certificate handling

2021/09/09

Fixes

  • EMV Book 2 ICC Public Key Certificate recovered data handling

5.0.19.0 - Improve EMV Book 2 ICC Public Key Certificate support

2021/08/05

Features

  • add RSA-1536 and RSA-1976

Fixes

  • EMV Book 2 ICC Public Key Certificate generation

5.0.18.0 - Add EMV Book 2 v4.3 SP #208 support

2021/08/02

Features

  • deprecate MOD_EFT_KEK_EXPORT_LMK operation

  • implement EMV Book 2 v4.3 Specification Bulletin No 208

Fixes

  • MOD_EFT_KEK_IMPORT key length calculation regression

5.0.17.0 - Improve RSA Sign PSS handling

2021/07/22

Features

  • add RSA sign PSS salt-len-md support

5.0.16.0 - Add suport for SPB v3

2021/07/15

Features

  • implement GEN6R1 certificate auto-updating

  • add mod_SPB SecV3/AES support

  • New GUI layout for web console.

  • improve mod_SPB CIP1 CA detection

Fixes

  • master usr ERR_CANNOT_DEMOTE_MASTER sys ACLs handling

5.0.15.0 - Fix JWS check

2021/05/10

Features

  • operate JWS check up to rsa8k

Fixes

  • JWS-CHECK base64-url special chars' handling

5.0.14.0 - Add new CIP AKID

2021/05/10

Features

  • add CIP1 AC VALID BRASIL v5 AKID

5.0.13.0 - Module OpenBanking

2021/05/06

Features

  • new mode KW (SP800-38F / RFC3394)

  • enable KMIP secret data registering predicate

  • add CSP native resource type

  • add DPK function

  • add mod_OpenBanking ISO20022

Fixes

  • master account demode

  • enable approved brainpool ECC PBKs in RM2

5.0.12.0 - Add new CIP AKID

2021/02/25

  • add CIP1 SERASA Certificadora Digital v5 AKID

  • fix net tools name resolution

  • fix pkcs#12 hardening import

  • fix master demoting

  • fix 10GB fiber interface config

5.0.11.0 - Net Tools and Replication Cross Check

2021/01/21

  • Add Net Tools and Replication Cross Check

  • Fix web console GUI minor glitches

  • Fix PIX APIs memory management

  • Remove Shared Tracing System in Local Console

5.0.10.0 - SVault module

2021/01/15

  • implement SVault module

  • add ds-agent policy-manager log file size publishing

  • implement DNS editor/viewer

  • implement dmesg telemetry tracing

  • implement API for Net Tools and Repl Cross Check

  • add specialized memory vars and session counter to MIB

  • workaround snmp/log/pipeline/tracing deadlocks

5.0.9.0 - PIX JWS fix

2020/11/02

  • harden backup image restore with network info

  • fix mod_PIX in-place/optimized JWS base64 handling

PreviousFirmwareNextInstalação Física

Last updated