|
1 | 1 | # Changelog |
2 | 2 |
|
| 3 | +## [0.0.7] - 2026-03-04 |
| 4 | + |
| 5 | +### <!-- 0 -->⛰️ Features |
| 6 | + |
| 7 | +- Add generation-scoped SSH traffic key updates |
| 8 | +- Add hostkey-blob auth signature verification |
| 9 | +- Add SSH algorithm agility extension points |
| 10 | +- Add SSH rekey lifecycle utilities |
| 11 | +- Add SSH auth signature crypto utilities |
| 12 | +- Canonicalize SSH mpint secret derivation |
| 13 | +- Add SSH KEX guards and exporter secret API |
| 14 | +- Harden SSH hostkey blob parsing |
| 15 | + |
| 16 | +### <!-- 3 -->📚 Documentation |
| 17 | + |
| 18 | +- Add comprehensive documentation |
| 19 | + |
| 20 | +### <!-- 6 -->🧪 Testing |
| 21 | + |
| 22 | +- Add SSH ECDH deterministic derivation checks |
| 23 | +- Add SSH label expansion boundary coverage |
| 24 | +- Expand SSH hostkey validator and fingerprint checks |
| 25 | +- Tighten SSH algorithm selection edge cases |
| 26 | +- Expand SSH KEX negotiation and hash guards |
| 27 | +- Add SSH rekey context and immutability checks |
| 28 | +- Expand hostkey-based SSH auth failure coverage |
| 29 | +- Strengthen TLS key schedule determinism checks |
| 30 | +- Add TLS handshake encoding edge guards |
| 31 | +- Cover TLS out-of-order extension handling |
| 32 | +- Guard TLS client state on bad server hello |
| 33 | +- Guard TLS server hello ALPN preconditions |
| 34 | +- Validate TLS processServerHello field retention |
| 35 | +- Verify TLS server cipher preference selection |
| 36 | +- Add TLS context invalid state matrix |
| 37 | +- Guard TLS local transport parameter validation |
| 38 | +- Add TLS finished verification checks |
| 39 | +- Expand engine vtable forwarding coverage |
| 40 | +- Add TLS handshake version and size guards |
| 41 | +- Add TLS ALPN boundary and no-ALPN paths |
| 42 | +- Cover TLS handshake completion secret profiles |
| 43 | +- Add TLS unsupported cipher state guards |
| 44 | +- Assert TLS server state on ALPN and TP paths |
| 45 | +- Guard TLS server hello against bad client TP |
| 46 | +- Tighten TLS ALPN contract failure coverage |
| 47 | +- Expand TLS key schedule derivation coverage |
| 48 | +- Add TLS handshake parser negative coverage |
| 49 | +- Enforce deterministic TLS adapter failure mapping |
| 50 | +- Assert adapter state invariants on failures |
| 51 | +- Cover malformed ALPN adapter failure states |
| 52 | +- Enforce TLS adapter single-use transitions |
| 53 | +- Add TLS adapter negative extension cases |
| 54 | +- Verify TLS adapter ALPN and TP exposure |
| 55 | +- Add TLS adapter state transition matrix |
| 56 | +- Add TLS adapter error mapping coverage |
| 57 | +- Expand SSH auth signature negative matrix |
| 58 | +- Add SSH zeroization coverage |
| 59 | + |
3 | 60 | ## [0.0.6] - 2026-03-04 |
4 | 61 |
|
5 | 62 | ### <!-- 0 -->⛰️ Features |
|
0 commit comments