build: prepare release 4.13.0

Cosmian · Mar 8, 2024 · 9106060 · 9106060
1 parent 4da4327
commit 9106060
Show file tree

Hide file tree

Showing 12 changed files with 36 additions and 25 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -6,14 +6,25 @@ All notable changes to this project will be documented in this file.
 
 ### Features
 
-- Save KMIP Attributes in a proper column of `Objects` table [#166](https://github.com/Cosmian/kms/pull/166).:
+- Save KMIP Attributes in a proper column of `Objects` table [#166](https://github.com/Cosmian/kms/pull/166):
   - Remove all custom tags `_cert_spki`, `_cert_cn`, `_cert_issuer` and `_cert_sk`
-- Add support for CoverCrypt `rekey`, `prune`, and `Policy` editing methods
+- Add support for CoverCrypt `rekey`, `prune`, and `Policy` editing methods [#179](https://github.com/Cosmian/kms/pull/179):
   - Add CLI commands to perform these actions
+- Accurate CryptographicUsageMask for KMIP creation (RSA and EC keys) [#189](https://github.com/Cosmian/kms/pull/189) and [#187](https://github.com/Cosmian/kms/pull/187).
 
-### Bug Fixes
+### Refactor
+
+- Rework utils/crypto [#178](https://github.com/Cosmian/kms/pull/178).
+
+### Ci
+
+- Add build on RHEL9 [#196](https://github.com/Cosmian/kms/pull/196).
+
+### Bug fixes
 
-- Move internal KMIP Objects into `Box` to avoid stack memory overflow
+- Fixing inconsistent crypto consts [#190](https://github.com/Cosmian/kms/pull/190).
+- Fix interpolation in error macros [#184](https://github.com/Cosmian/kms/pull/184).
+- Move internal KMIP Objects into `Box` to avoid stack memory overflow [#200](https://github.com/Cosmian/kms/pull/200).
 
 ## [4.12.0] - 2024-02-08
 

diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Dockerfile b/Dockerfile
@@ -1,6 +1,6 @@
 FROM ubuntu:22.04 as builder
 
-LABEL version="4.12.0"
+LABEL version="4.13.0"
 LABEL name="Cosmian KMS docker container"
 
 ARG FEATURES

diff --git a/crate/client/Cargo.toml b/crate/client/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "cosmian_kms_client"
-version = "4.12.0"
+version = "4.13.0"
 authors = ["Bruno Grieder <[email protected]>"]
 edition = "2021"
 license-file = "../../LICENSE.md"

diff --git a/documentation/docs/authentication.md b/documentation/docs/authentication.md
@@ -26,7 +26,7 @@ The server must be started using TLS, and the certificate used to verify the cli
 !!! info "Example client TLS authentication."
 
     ```sh
-    docker run -p 9998:9998 --name kms ghcr.io/cosmian/kms:4.12.0 \
+    docker run -p 9998:9998 --name kms ghcr.io/cosmian/kms:4.13.0 \
         --https-p12-file kms.server.p12  --https-p12-password password \
         --authority-cert-file verifier.cert.pem
     ```
@@ -65,7 +65,7 @@ The KMS server JWT authentication is configured using three command line options
 Below is an example of a JWT configuration for the KMS server using Google as the authorization server.
 
 ```sh
-docker run -p 9998:9998 --name kms ghcr.io/cosmian/kms:4.12.0 \
+docker run -p 9998:9998 --name kms ghcr.io/cosmian/kms:4.13.0 \
     --jwt-issuer-uri=https://accounts.google.com \
     --jwks-uri=https://www.googleapis.com/oauth2/v3/certs \
     --jwt-audience=cosmian_kms

diff --git a/documentation/docs/cli/cli.md b/documentation/docs/cli/cli.md
@@ -1,7 +1,7 @@
 The `ckms` binary is a command line interface (CLI) used to manage cryptographic objects inside the KMS.
 
 !!! info "Download ckms"
-    Please download the latest version of the CLI for your Operating System from the [Cosmian public packages repository](https://package.cosmian.com/kms/4.12.0/)
+    Please download the latest version of the CLI for your Operating System from the [Cosmian public packages repository](https://package.cosmian.com/kms/4.13.0/)
 
 #### Configuration
 
@@ -45,4 +45,4 @@ Many usage examples are provided with descriptions of the various KMIP 2.1 [oper
 The [KMS GUI](https://github.com/Cosmian/ckms_gui) offers a graphical tool to configure and use the KMS CLI binary.
 
 !!! info "Download ckms_gui"
-    Please download the latest version of the KMS GUI for your Operating System from the [Cosmian public packages repository](https://package.cosmian.com/kms/4.12.0/)
+    Please download the latest version of the KMS GUI for your Operating System from the [Cosmian public packages repository](https://package.cosmian.com/kms/4.13.0/)
diff --git a/documentation/docs/google_cse/google_cse.md b/documentation/docs/google_cse/google_cse.md
@@ -44,7 +44,7 @@ Assuming Google is the Identity Provider, the KMS should be started with the fol
 For example, if you are using the docker image, you can run the following command:
 
 ```sh
-docker run -p 9998:9998 --name kms ghcr.io/cosmian/kms:4.12.0 \
+docker run -p 9998:9998 --name kms ghcr.io/cosmian/kms:4.13.0 \
     --jwt-issuer-uri=https://accounts.google.com \
     --jwks-uri=https://www.googleapis.com/oauth2/v3/certs \
     --google-cse-kacls-url=https://cse.example.com/google_cse
@@ -73,7 +73,7 @@ Finalize the configuration. The Client Side Encryption page should now show the
 For example, if you are using the docker image, you can run the following command:
 
 ```sh
-docker run -p 9998:9998 --name kms ghcr.io/cosmian/kms:4.12.0 \
+docker run -p 9998:9998 --name kms ghcr.io/cosmian/kms:4.13.0 \
     --jwt-issuer-uri=https://[email protected] \
     --jwks-uri=https://www.googleapis.com/service_accounts/v1/jwk/[email protected] \
     --jwt-audience=cse-authorization

diff --git a/documentation/docs/high_availability_mode.md b/documentation/docs/high_availability_mode.md
@@ -46,7 +46,7 @@ e.g.
 
 ```sh
 docker run --rm -p 9998:9998 \
-  --name kms ghcr.io/cosmian/kms:4.12.0 \
+  --name kms ghcr.io/cosmian/kms:4.13.0 \
   --database-type=postgresql \
   --database-url=postgres://kms_user:kms_password@pgsql-server:5432/kms
 
@@ -61,7 +61,7 @@ Example:
 
 ```sh
 docker run --rm -p 9998:9998 \
-  --name kms ghcr.io/cosmian/kms:4.12.0 \
+  --name kms ghcr.io/cosmian/kms:4.13.0 \
   --database-type=redis-findex \
   --database-url=redis://localhost:6379 \
   --redis-master-password password \
@@ -98,7 +98,7 @@ Say the certificate is called `cert.p12` and is in a directory called `/certific
 
 ```sh
 docker run --rm -p 9998:9998 \
-  --name kms ghcr.io/cosmian/kms:4.12.0 \
+  --name kms ghcr.io/cosmian/kms:4.13.0 \
   -v /certificate/cert.p12:/root/cosmian-kms/cert.p12 \
   --database-type=mysql \
   --database-url=mysql://mysql_server:3306/kms \

diff --git a/documentation/docs/index.md b/documentation/docs/index.md
@@ -10,7 +10,7 @@ using confidential VMs and a fully application-level encrypted database.
     To quick-start a Cosmian KMS server on `http://localhost:9998` that stores its data inside the container, simply run
 
     ```sh
-    docker run -p 9998:9998 --name kms ghcr.io/cosmian/kms:4.12.0
+    docker run -p 9998:9998 --name kms ghcr.io/cosmian/kms:4.13.0
     ```
 
     Check the Cosmian KMS server version
@@ -19,7 +19,7 @@ using confidential VMs and a fully application-level encrypted database.
     curl http://localhost:9998/version
     ```
 
-    Alternatively KMS binaries are also available on [Cosmian packages](https://package.cosmian.com/kms/4.12.0/).
+    Alternatively KMS binaries are also available on [Cosmian packages](https://package.cosmian.com/kms/4.13.0/).
 
 <!-- toc -->
 
@@ -128,7 +128,7 @@ The KMS server is available as a Docker image on
 the [Cosmian public Docker repository](https://github.com/Cosmian/kms/pkgs/container/kms).
 
 Raw binaries for multiple operating systems are also available on
-the [Cosmian public packages repository](https://package.cosmian.com/kms/4.12.0/)
+the [Cosmian public packages repository](https://package.cosmian.com/kms/4.13.0/)
 
 #### Integrated with Cloudproof libraries
 
@@ -146,7 +146,7 @@ Just like the [`ckms` Command Line Interface](./cli/cli.md), the KMS server has
 that can be accessed using the `--help` command line option.
 
 ```sh
-docker run --rm ghcr.io/cosmian/kms:4.12.0 --help
+docker run --rm ghcr.io/cosmian/kms:4.13.0 --help
 ```
 
 The options are enabled on the docker command line or using the environment variables listed in the options help.

diff --git a/documentation/docs/single_server_mode.md b/documentation/docs/single_server_mode.md
@@ -9,7 +9,7 @@ This configuration also supports user encrypted databases, a secure way to store
 To run in single server mode, using the defaults, run the container as follows:
 
 ```sh
-docker run -p 9998:9998 --name kms ghcr.io/cosmian/kms:4.12.0
+docker run -p 9998:9998 --name kms ghcr.io/cosmian/kms:4.13.0
 ```
 
 The KMS will be available on `http://localhost:9998`, and the server will store its data inside the container in the `/root/cosmian-kms/sqlite-data` directory.
@@ -21,7 +21,7 @@ To persist data between restarts, map the `/root/cosmian-kms/sqlite-data` path t
 ```sh
 docker run --rm -p 9998:9998 \
   -v cosmian-kms:/root/cosmian-kms/sqlite-data \
-  --name kms ghcr.io/cosmian/kms:4.12.0
+  --name kms ghcr.io/cosmian/kms:4.13.0
 ```
 
 ### Using user encrypted databases
@@ -31,7 +31,7 @@ To start the KMS server with user encrypted SQLite databases, pass the `--databa
 ```sh
 docker run --rm -p 9998:9998 \
   -v cosmian-kms:/root/cosmian-kms/sqlite-data \
-  --name kms ghcr.io/cosmian/kms:4.12.0 \
+  --name kms ghcr.io/cosmian/kms:4.13.0 \
   --database-type=sqlite-enc
 ```
 

diff --git a/documentation/docs/tls.md b/documentation/docs/tls.md
@@ -23,7 +23,7 @@ Say the certificate is called `server.mydomain.com.p12`, is protected by the pas
 ```sh
 docker run --rm -p 443:9998 \
   -v /certificate/server.mydomain.com.p12:/root/cosmian-kms/server.mydomain.com.p12 \
-  --name kms ghcr.io/cosmian/kms:4.12.0 \
+  --name kms ghcr.io/cosmian/kms:4.13.0 \
   --database-type=mysql \
   --database-url=mysql://mysql_server:3306/kms \
   --https-p12-file=server.mydomain.com.p12 \

diff --git a/version b/version
@@ -1 +1 @@
-"4.12.0"
+"4.13.0"