Releases: Cosmian/kms
Release list
5.16.1
[5.16.1] - 2026-02-15
π Bug Fixes
- Add MLKEM algorithms to the predefined DEFAULT KMIP policy
5.16.0
[5.16.0] - 2026-02-04
π Features
- Add PQC hybridized KEM support via
cosmian_cover_crypt:- The Cosmian KMS supports Post-Quantum Cryptography (PQC) hybridized Key Encapsulation Mechanisms (KEM)
via the cosmian_cover_crypt crate. This crate provides
a configurable KEM framework that can operate in pure classical, pure post-quantum, or hybrid mode
by combining a pre-quantum KEM with a post-quantum KEM through a KEM combiner (using SHA-256). - Server supports
CreateKeyPairfor Configurable-KEM andEncrypt/Decryptencapsulation/decapsulation flows.
- The Cosmian KMS supports Post-Quantum Cryptography (PQC) hybridized Key Encapsulation Mechanisms (KEM)
- Add server-side KMIP algorithm policy allowlists (enforcement via
kmip.policy_idand[kmip.allowlists]) #700kmip.policy_idselects a policy (case-insensitive):DEFAULT: built-in conservative allowlists (e.g., SHA-2/3, P-256/P-384/P-521 + Curve25519/448, AEAD/wrapping modes, OAEP/PSS/PKCS5, RSA 3072/4096).CUSTOM: enforce the allowlists you set under[kmip.allowlists].
- If
kmip.policy_idis unset, the KMIP policy layer is disabled. Nonevs[]semantics (for each allowlist):Nonemeans "no restriction", while an empty list[]means "deny all" when enforcement is enabled.
- (UI) Runtime branding support via
/ui/branding.json(title, theme, and favicon resolved before React renders)- Theme asset support under
/ui/themes/<theme>/...with Ant Design token overrides - Replace the example theme favicons with neutral, non-Cosmian icons
- (docs) Add post-install UI branding / theme override guide (paths under
/usr/local/cosmian/ui/dist/) - (packaging) Include nested UI theme assets in linux packages (recursive
dist/**/*globs) - (nix) Stage and validate UI
dist/content during packaging (checksindex.html,assets/,themes/,branding.json)
- Theme asset support under
π Bug Fixes
- Fix SQL Locate request for OpenTelemetry metrics collector (#694):
- Refactored SQL Locate query building in locate_query.rs to use bound, typed parameters (LocateQuery + LocateParam) instead of interpolating values into SQL (safer + fixes type/cast handling across SQLite/Postgres/MySQL).
- Updated the SQL backends to consume the new LocateQuery API: crate/server_database/src/stores/sql/{mysql,pgsql,sqlite}.rs.
- Improved DB test error context in json_access_test.rs to make failures easier to diagnose.
- OpenTelemetry wiring updates:
- mod.rs: add OTEL resource attributes (service name/version + optional environment).
- otel_metrics.rs: ensure active_keys_count time series exists even when 0.
- cron.rs: fall back to default username if hsm_admin is empty.
- Fix regression on KMIP 1.0 (Fresh and InitialDate attributes) (#689)
- Fix Linux packaging smoke tests when the host has
/etc/cosmian/kms.tomlpresent by running with an explicit temp config. - Make OpenTelemetry export tests resilient under FIPS Nix shells by running
curlin a clean environment (avoid inherited OpenSSL/LD overrides). - (ui) Azure BYOK export (#697)
βοΈ Build
- Nix builds now target GLIBC β€ 2.34 (Rocky Linux 9 compatibility) by updating pins and building Linux OpenSSL/server outputs against a glibc 2.34 stdenv; server vendor hash expectations are split by static/dynamic on Linux.
- SBOM generation improvements:
.github/scripts/nix.sh sbomstrictly validates--target/--variant/--link, defaults to generating all combinations, and supports generating a specific server subset.- SBOM tooling runs in an isolated workdir to avoid stray repo-root artifacts, keeps only final
sbom.csv+vulns.csvreports per output directory, and deduplicates CVE rows in-place (vianix/scripts/dedup_cves.py, with optional filtering helpernix/scripts/filter_vulns.py).
- (deps) Bump jsonwebtoken in the cargo group across 1 directory (#702)
- (deps) Bump bytes in the cargo group across 1 directory (#703)
- (deps) Bump time in the cargo group across 1 directory (#706)
- (deps) Bump actix-files in the cargo group across 1 directory (#707)
π Documentation
- Update SBOM documentation to match the generator output layout and behavior.
- Update OpenSSL versions (#713)
5.15.0
[5.15.0] - 2026-01-21
π Features
-
Upgrade OpenSSL to 3.6.0 but keep 3.1.2 for FIPS crypto provider #667
-
Summary of changes:
OpenSSL Linkage FIPS NonβFIPS Static Linkage: OpenSSL 3.6.0; runtime loads FIPS provider from OpenSSL 3.1.2 Linkage: OpenSSL 3.6.0; runtime uses default/legacy providers Dynamic Linkage: OpenSSL 3.1.2; ships FIPS configs and provider OpenSSL 3.1.2 Linkage: OpenSSL 3.6.0; ships libssl/libcryptoand providers
-
-
Provide /health endpoint #690
-
Add k256 (RFC6979) curve for sign/verify for non-fips builds #671
-
Download CLI through UI #678
-
Support RFC 3394 (AESKeyWrap with no padding) #658
β οΈ WARNING about AES Key Wrap changesAny previously manually exported keys in JSON format must be manually updated if they have been previously wrapped with AES. This can be done using the following command:
sed -i 's/NISTKeyWrap/AESKeyWrapPadding/g' your_exported_key.json
π Bug Fixes
-
Remove RUSTSEC-2023-0071 about
rsadependency and handle database without sqlx #646.-
Summary of changes:
openidconnectis removed in favor of manual OIDC implementationjwt-simpleis replaced byjsonwebtoken- old crate
cloudproof_findex(->crypto_core->rsa) has been removed sqlxhas been replaced by those crates:- tokio-postgres
- deadpool-postgres
- mysql_async
- tokio-rusqlite
- rusqlite
β οΈ WARNING about Redis migration: For KMS server versions less than v5.12, first migrate KMS Redis-Findex database to 5.14 then 5.15. For KMS server versions 5.12 to 5.14, no migration needed to 5.15.
-
-
Upgrade lru and downgrade yank flat2 to 1.1.5 #680
-
Fix double hash in RSASSAPSS in raw and digest data mode for sign/verify #677
-
RSA signature/verify tests only run on non-fips #684
-
Derive session cookie encryption key from public URL and user-provided salt for load-balanced deployments #664
π Documentation
βοΈ Build
- (deps) Bump react-router from 7.5.3 to 7.12.0 in /ui in the npm_and_yarn group across 1 directory #673
βοΈ Miscellaneous Tasks
5.14.1
[5.14.1] - 2025-12-26
π Features
- Add IDP multiple audiences configuration on [idp_auth] #656. Dehardcode
kacls-migrationaudience for Google CSE migration and allow alternative audiences (e.g. for Google Decrypter use)
β οΈ WARNING
Server TOML configuration - kms.toml: The deprecated [auth] section has been fully removed in favor of [idp_auth]. Usage is:
...
[idp_auth]
jwt_auth_provider = [
"https://accounts.google.com,https://www.googleapis.com/oauth2/v3/certs,my-audience,another_client_id",
"https://auth0.example.com,,my-app",
"https://keycloak.example.com/auth/realms/myrealm,,audience_1,audience_2"
]
...π Documentation
π Bug Fixes
- Sign and verify for raw and digest data - rfc6979 (#654)
- Allow explicitly AGPL-3.0-or-later license
βοΈ Miscellaneous Tasks
- Make Github release sequential - fix cargo publish (#642)
5.14.0
[5.14.0] - 2025-12-15
π Features
- Sign and SignatureVerify support across CLI, and UI (#522, #606):
- CLI: Added
signandsignature_verifysubcommands for RSA and Elliptic Curves (crate/cli/src/actions/kms/.../sign.rs,.../signature_verify.rs). - UI: Added React pages for RSA and EC signing and verification (
ui/src/RsaSign.tsx,ui/src/RsaVerify.tsx,ui/src/ECSign.tsx,ui/src/ECVerify.tsx), and surfaced object type in Locate.
- CLI: Added
- Make DB pool max_connections configurable (#632)
- Support sign and verify on CLI/UI + issue 619 (#606)
π Refactor
- Server: Consolidate KMIP operations
SignandSignatureVerifyfor RSA and Elliptic Curves (crate/server/src/core/operations/sign.rs,signature_verify.rs; routes updated). Supported signature schemes: RSASSA-PSS, ECDSA, EdDSA (Ed25519, Ed448). - Digest (pre-hashed) mode for signing and verification (#619):
- Introduced
digested=truehandling so inputs are treated as final digests (no implicit hashing) across RSA and EC paths (crypto + server). - RSA: Added verify support using pre-hashed input, including PKCS#1 v1.5 and RSASSA-PSS flows (
crate/crypto/src/crypto/rsa/verify.rs). - EC: Added verify support using pre-hashed input (
crate/crypto/src/crypto/elliptic_curves/verify.rs).
- Introduced
- Non-FIPS EC deterministic behavior (RFC 6979-like) via RustCrypto P256 implementation in non-FIPS builds.
- RSASSA-PSS: Server respects
salt_lenwhen specified (including0) duringSign.
π§ͺ Testing
- Added CLI and crypto tests for sign/verify flows, including digested mode
π Bug Fixes
- MySQL schema missing PRIMARY KEY (#628)
- On JWT auth, token was not properly forwarded in requests (#629)
- Support COSMIAN_KMS_CONF env. variable in docker (#630)
- Support AWS ECS Fargate (#634)
- ObjectType Attribute problem (#588)
- (UI) Remove in home page the incorrect HSM comment (#639)
- Support mysql TDE while fixing the KMIP 1.x TTLV deserializer (#631)
- Cli needs snake case (#640)
π Documentation
- Rename .github/README.md
- Update installation instructions (#635)
βοΈ Build
- (deps) Bump sigstore/cosign-installer from 3.7.0 to 4.0.0 (#624)
- (deps) Bump crazy-max/ghaction-dump-context from 1 to 2 (#625)
- (deps) Bump actions/setup-node from 4 to 6 (#626)
- (deps) Bump actions/download-artifact from 4 to 6 (#627)
- (deps) Bump actions/download-artifact from 6 to 7 (#637)
- (deps) Bump actions/upload-artifact from 5 to 6 (#638)
βοΈ Miscellaneous Tasks
- Rearrange releases (#636)
5.13.0
[5.13.0] - 2025-12-07
π Features
- KMIP XML Vector Conformance (1.4 & 2.1) (see details) (#583)
- Nix: Reproducible Package Management (see details) (#596):
- Create OpenTelemetryConfig to be consumed for server metrics (#610)
π Bug Fixes
π Documentation
π§ͺ Testing
- Support official KMIP test vectors 1.4/2.1 (#583)
βοΈ Build
- Reproducible Package Management with Nix (#596)
- (deps) Bump docker/metadata-action from 4 to 5 (#613)
- (deps) Bump actions/checkout from 4 to 6 (#614)
- (deps) Bump crazy-max/ghaction-import-gpg from 5 to 6 (#615)
- (deps) Bump actions/upload-artifact from 4 to 5 (#616)
- (deps) Bump softprops/action-gh-release from 1 to 2 (#617)
β KMIP XML Vector Conformance (1.4 & 2.1)
- End-to-end alignment with the official KMIP XML test vectors across library, server routing, and CLI: Create, Query/DiscoverVersions, attribute flows, and OpaqueObject revoke/destroy are covered.
π Features
-
KMIP crate
- Operations/types/messages:
- Expanded Operation enum and message wiring to include: Interop, PKCS11, Check, RNG Retrieve, RNG Seed, GetAttributeList, MACVerify, ModifyAttribute, Log, plus responses.
- Request/Response batch items are Clone with structured Display for clearer diagnostics.
- Added Vendor OpaqueDataType; Display impls for CryptographicDomainParameters, ProtectionStorageMasks, StorageStatusMask.
- TTLV improvements:
- Deserializer coercions: Integer/Intervalβi64, Enumeration/LongIntegerβu8; ByteStringβhex for ShortUniqueIdentifier.
- Relaxed Attribute decoding supporting VendorAttribute and AttributeName+Value forms.
- deserialize_ignored_any no-op to avoid loops in permissive paths.
- Protocol alignment:
- DiscoverVersions now uses KMIP 0.x types (protocol_version_major/minor) per spec; Query advertises operations/objects supported.
- XML support:
- Added XML serializer/deserializer and parser with tests for 1.4 and 2.1 XML vectors.
- Operations/types/messages:
-
server
- New KMIP operations exposed and routed: DiscoverVersions, Query, RNG Retrieve, RNG Seed, MACVerify, GetAttributeList, ModifyAttribute, Check.
- OpaqueObject Revoke/Destroy parity with vectors; deterministic ordering for GetAttributeList.
- RNG implementation module (ANSI X9.31) with public routing.
- Optional cascade mechanism for Destroy and Revoke.
-
CLI
- New subcommands: rng (Retrieve/Seed), mac verify, discover-versions, query.
- New opaque-object subcommands: Create/Import/Export/Revoke/Destroy (no wrap/unwrap).
-
kms_client
- REST client methods added for RNG Retrieve/Seed, MACVerify, Query, DiscoverVersions, Check, GetAttributeList, attribute ops, register, and crypto ops.
-
server_database
- Deterministic GetAttributeList behavior across backends; Locate query refinements; backend adapters updated (MySQL, PostgreSQL, SQLite, Redis-Findex).
-
crypto
- Robustness and consistency improvements to RSA OAEP and wrap/unwrap paths used by KMIP flows.
-
interfaces / hsm / access / client_utils
- Minor interface refinements and HSM integration stability improvements supporting the new routes and attribute flows.
π Bug Fixes
- Export OpaqueObject Raw/Base64 returns opaque bytes (no KeyBlock).
- DiscoverVersions type/field mismatches fixed by switching to KMIP 0.x (major/minor).
- TTLV deserializer: better errors and coercions (u8 from Enumeration/LongInteger; i64 widening from Integer/Interval; vendor Attribute decoding) for XML vector compatibility.
- GetAttributeList: unified, deterministic ordering across environments.
π§ͺ Testing
- Extensive XML vector tests for 1.4 and 2.1 in the kmip crate (mandatory/optional suites, crypto coverage).
- Added CLI tests: OpaqueObject CRUD (create/import, export json/base64/raw, revoke, destroy), RNG Retrieve/Seed, MAC Verify, Query, and DiscoverVersions.
- Server TTLV tests expanded (e.g., DSA creation/get flows) and vector integrations.
π Documentation / Tooling
- Added KMIP specification scaffolding READMEs and a script to generate XML-based support tables.
- Build scripts adjusted for the new test coverage and flows.
β Nix: Reproducible Package Management
π Features
-
Reproducible builds with Nix:
- Full migration to Nix package manager for deterministic, bit-for-bit reproducible builds
- Automated hash verification system ensuring build artifact integrity across platforms
- Support for offline/air-gapped builds with complete dependency caching
- Unified build system replacing platform-specific scripts (
.sh,.ps1) - Comprehensive build variants: FIPS/non-FIPS Γ static/dynamic Γ vendor/non-vendor
- Native support for cross-platform builds (Linux x86_64/ARM64, macOS x86_64/ARM64, Windows)
-
Build infrastructure improvements:
- New
nix/directory with reproducible derivations for KMS server, OpenSSL 3.1.2, UI, and Docker images - Automated hash tracking system with 400+ expected hashes for all build artifacts and dependencies
- Deterministic OpenSSL 3.1.2 builds (both FIPS and non-FIPS variants) with static linking support
- Docker images built entirely through Nix for consistency
- Package signing infrastructure for Debian (.deb) and RPM packages
- SBOM (Software Bill of Materials) generation integrated into build process
- New
-
Testing & CI enhancements:
- Refactored GitHub workflows with comprehensive reusable components
- New test suites:
test_all.sh,smoke_test_deb.sh,smoke_test_rpm.sh,smoke_test_dmg.sh - Database-specific test scripts for MySQL, PostgreSQL, Redis, and SQLite backends
- HSM integration tests for Utimaco, Proteccio, SoftHSM2, and Crypt2pay
- Google CSE endpoint testing with HSM integration
- Systemd service file validation tests
- Docker image smoke tests with health checks
π Refactor
- CI/CD pipeline reorganization:
- New reusable workflow structure:
main.ymlβmain_base.yml/packaging.yml - Separated authentication tests by FIPS/non-FIPS variants
- Modularized test execution with dedicated scripts per component
- Common utilities consolidated in
.github/scripts/common.sh
- New reusable workflow structure:
π Documentation
- Comprehensive Nix build system documentation with visual diagrams:
- Build architecture and reproducibility guarantees
- Hash verification flow and offline build processes
- Package signing setup and verification procedures
- Troubleshooting guides and learning resources
- GitHub workflows documentation with complete execution flow diagrams
- Updated Copilot instructions for Nix-based development
- Build and test guide in
.github/copilot-instructions.md
5.12.1
5.12.0
[5.12.0] - 2025-11-19
π Features
- Azure byok UI (#597)
- Upgrade Findex from v5 to v8 (#542)
- (redis): Created a new data storage schema for Redis, using a double-index instead of the "next Keyword".
- (redis): Developed a migration algorithm to update data under KMSes prior to 5.12.x.
- (redis): Introduction of strong typing for UserId and ObjectUid to reduce string manipulation errors, and created new types inspired from legacy cloudproof components.
- Used new crypto core serializations for storage (when applicable)
π Bug Fixes
- Automatic key unwrapping depending on ObjectType (#600):
- Automatically unwrap keys (that are wrapped) when retrieving keys from database. It can be useful when server is configured with a Key Encryption Key that wraps all new keys. The unwrapped keys stay temporarily in expiring cache.
- This feature is combined to the parameter default_unwrap_type that filters the ObjectType to unwrap.
- Possible filters in server configuration are: All, Certificate, CertificateRequest, OpaqueObject, PGPKey, PrivateKey, PublicKey, SecretData, SplitKey, SymmetricKey
π Documentation
- Rework all the databases migration and represent more easy to read schemas (#542)
- Document migration flows
- Update KMS configuration TOML file with parameter
default_unwrap_type.
βοΈ Build
- (deps-dev): bump js-yaml from 4.1.0 to 4.1.1 in /ui in the npm_and_yarn group across 1 directory
π§ͺ Testing
- (redis): Add two integration tests that migrate from version 5.1.0 and 5.2.0 to (#542)
βοΈ Miscellaneous Tasks
- Refactored migration traits between the SQL databases and the Redis one (while possible)
- Deleted a lot of dead code
- Marked the Label parameter as deprecated.
- Updated the
aes_gcm_siv_not_opensslfunctions to avoid using deprecated dependencies.
β οΈ WARNING
Redis users: Starting version 5.12.0, the KMS will start operating with a new version of Findex (the SSE used with the Redis DB), and a data migration is necessary :
π¨ IMPORTANT: Back up your Redis database before upgrading to version 5.12.0. π¨
- If you're upgrading from a version prior to 5.0.0 : Please export your keys using standard formats (PKCS#8, PEM, etc.) and re-import them after clearing the redis store. Databases created with version 4.x.x are not compatible with the automated migration routine and won't start if the
db_versionkey is unset. - If you're upgrading from a 5.x DB : A transparent migration process will occur and should typically take less than a minute.
5.11.2
[5.11.2] - 2025-11-12
π Bug Fixes (#598)
- Fix key wrapping where
wrapping-keyis itself wrapped: unwrap it and then use it - Add an automatic key unwrapping for google_cse key at server startup
- Create a
OnceCellHSM instance when multiple KMS servers are use - avoiding potential startup error - Improved handling of wrapped keys, attribute propagation, and TLS cipher suite configuration
π§ͺ Testing (#598)
- Add CLI-tests on Google CSE endpoints (/wrap, /privatekeydecrypt, etc.) and on Google key pair creation - all with the google_cse key wrapped by HSM
π Documentation (#598)
- Example of configuration file: replace deprecated [auth] section with [idp_auth]