Release notes
Introduction
These release notes apply to version 7.20.0 of the Time Stamp Option Pack™ (TSOP) Software Development Kit (SDK). They contain information specific to this release such as new features, defect fixes, and known issues.
This release supports the following operating systems:
-
Microsoft Windows Server 2012 R2 x64
-
Microsoft Windows Server 2016 x64
-
Microsoft Windows Server 2019 x64
-
Oracle Enterprise Linux 7.1 x64
-
Oracle Enterprise Linux 7.6 x64
-
Oracle Enterprise Linux 8 x64
-
Red Hat Enterprise Linux 7 x64
-
Red Hat Enterprise Linux 8 x64
-
SUSE Enterprise Linux 12 x64
-
SUSE Enterprise Linux 15 x64
The Release Notes may from time to time be updated with issues that have come to light after this release has been made available. Please check Entrust nShield Support at https://nshieldsupport.entrust.com for the most up to date version of this document and the TSOP user documentation.
Access to support is available to customers under maintenance. Please contact Entrust nShield Support at nShield.support@entrust.com to request an account.
Purpose of this release
Time Stamp Option Pack™ Software Development Kit version 7.20.0 addresses a number of known issues and introduces a number of enhancements over the previous 7.10.0 release, including:
-
Updated operating system support.
-
Improved time stamp token verification.
-
Additional branding updates.
Changes in this release
The TSOP SDK 7.20.0 release introduces a number of enhancements. These are discussed in the following sections.
Updated operating system support
The following operating systems are now supported by the TSOP SDK:
-
Microsoft Windows Server 2019 x64
-
Oracle Enterprise Linux 7.6 x64
-
Oracle Enterprise Linux 8 x64
-
Red Hat Enterprise Linux 8 x64
-
SUSE Enterprise Linux 15 x64
Support for the TSOP SDK on Microsoft Windows Server 2008 R2 x64 has been deprecated and support for Oracle Solaris has been removed. |
Improved time stamp token verification
The following improvements have been made:
-
Previously, when TTI_VERIFY_ESSCERTIDV2 was set to 0, only ESSCertID would be verified. Now when TTI_VERIFY_ESSCERTIDV2 is set to 0, the first SHA-2 hash in ESSCertIDv2 is checked - and if no SHA-2 hashes are present - the first SHA-1 hash in ESSCertID is checked. The behavior when TTI_VERIFY_ESSCERTIDV2 is set to 1, or the environment variable is unset, remains as before i.e. only ESSCertIDv2 is verified.
-
It is now possible, through the use of newly introduced functions, to specify the desired mode of verification, namely: ESSCertID or ESSCertIDv2. On successful verification, the mode of verification will be returned to the caller.
-
The value of the TSS_VERIFY_ESSCERTIDV2 environment variable is no longer cached, allowing applications to change its value at run time.
The above is applicable to both the C and Java versions of the TSOP SDK. Please see the TSOP SDK Reference Guide and accompanying Javadoc documentation for details.
Important information
Before deploying the TSOP SDK, the following should be considered:
-
This release only supports the operating systems detailed in Introduction.
-
It is required that all client applications built with pre-6.20.00 versions of the TSOP SDK (both the C and Java APIs) are rebuilt to use the updated libraries in this release.
-
On Linux, applications linking with
libtti.a
must also link with thepthread
library. -
When TTI_VERIFY_ESSCERTIDV2 is set to 0, the first SHA-2 hash in ESSCertIDv2 is checked - if no SHA-2 hashes are present - the first SHA-1 hash in ESSCertID is checked. If TTI_VERIFY_ESSCERTIDV2 is set to 1, or the environment variable is unset, only ESSCertIDv2 is verified.
-
The Java SDK requires a Java Development Kit (JDK) version 1.8 installation.
-
Both the Java and C versions of the TSOP SDK include example code (the Java examples are accompanied by Javadoc documentation).
-
On Windows, the Java and C versions of the TSOP SDK software are installed, respectively, in:
-
C:\Program Files\nCipher\nfast\java\dsesdk\
-
C:\Program Files\nCipher\nfast\c\dsesdk\
-
-
On Unix-based operating systems, the Java and C versions of the TSOP SDK software are installed, respectively, in:
-
/opt/nfast/java/dsesdk/
-
/opt/nfast/c/dsesdk/
-
See the TSOP SDK Reference Guide for additional information.