v1.17.1 Crypto updates (PQKEX, ECDSA signer). Dep updates Skipped 1.17.0

What's Changed

• Seperate ca for role requesters by @cviecco in #261
• Ecdsa prep v2 by @cviecco in #260
• update version and dependencies by @cviecco in #262
• Ecdsa final multi algos by @cviecco in #265
• Enable hybrid pq key exchange by @cviecco in #264
• Client enhacements by @cviecco in #266
• Bump github.com/golang-jwt/jwt/v4 from 4.5.1 to 4.5.2 by @dependabot in #267
• updating version by @cviecco in #268

Full Changelog: v1.16.0...v1.17.1

v1.16.0 Role-Requesting certs

Summary:

• Role Requesting certs are now usable.
• Removal of old dependencies

What's Changed

• [authutil] standardize argon2 dependency by @sethyes in #244
• Bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 by @dependabot in #248
• Move towards non global logger p1 by @cviecco in #249
• wintest by @cviecco in #252
• Replace deprecated gopass with golang.org/x/term by @tuannh99 in #250
• Role requesting certs by @cviecco in #251
• cmd/keymasterd: fix comment typo. by @rgooch in #253
• Migrate testcerts by @cviecco in #254
• Fix go vet issues with unreachable code by @ph4r05 in #257

New Contributors

• @sethyes made their first contribution in #244
• @dependabot made their first contribution in #248
• @tuannh99 made their first contribution in #250

Full Changelog: v1.15.5...v1.16.0

v1.15.5

What's Changed

• Prepare fo ECDSA and Ed25519 x509 certfificates.
• simplicicaiton generation of ca, enhance test to ensure stable subject by @cviecco in #236
• keymaster: enable round-robin dialer by default. by @rgooch in #91
• Increase webauthn code coverage by @cviecco in #230
• Fix client retry on good token by @cviecco in #240
• Migrate away from square jwt to communuty jwt, including api changes by @cviecco in #243
• Fix ssh key when writing to disk by @cviecco in #246
• go depenency updates

Minor enhancements

User facing changes:

• Change client RSA key size to 3072

developer/ deployment changes

1. Version is now only specified on the makefile (specfile is a template)
2. New API call for external consumption
3. Test coverage enhacements

Server fix for broken packaging

• fixes package build side issue

Enhances ssh custom extensions and bugfixes

Enhancements:

• ssh attributes now can use defined using posix extensions (useful for github name transformations)
• client is more slient by default
• update jquery to latest (3.7.1)
• generic golang depenency updates

Fixes:

• Client: Fix webauthn on linux. Now works out of the box (1.15.1)
• Client: Bug on respecting $HOME environment variable directory for some operations (1.15.1)
• Client: Fix on fallback when fido2 keys not present.
• generic golang depenency updates

Minor Enhancements and fixes

New:

• Added ability to require agent confirmation, enabled by setting in config file only

Bugfixes:

• Client: Allow missing u2f devices to fallback on to other 2fa methods (broken when using new webauthn hostlib)
• Minor updates for october dependencies

Depencency updates

v1.13.4

updating deps, initialize migration our of duo-labs (#200)

Cli Webauthn (MacOS and Windows)

• Added compabilitu for webauthn for MacOS and Windows cli.
• Fixed issue with duplicate credentials registered in OKTA

Other fixes (from previous changes not released):

• Fixed JWKS ul on Ed25519 public keys
• Added Service Methods for smallstack compatibilty

Generic ssh extensions

Added the abiliity for keymasterd to add generic ssh extensions. With the primary goal to genertate github enterprise roles.