0.10.0

Breaking

• crypto::key::PublicKeyFormat has been changed into an enum in order to be able to deal with two different possible public key algorithms. It and crypto::key::PublicKey also received functions to determine whether the algorithms and keys are allowed in regular RPKI certificates or router certificates. (#113)
• The type for RRDP serial numbers has been changed to u64 from usize. This affects the various traits in the rrdp module. (#111)
• crl::CrlStore has been deprecated. The new rules for manifest handling have clarified that there must only ever be one CRL for each CA. The CrlStore was designed to make it easier to deal with cases where there are multiple CRLs and is therefore not necessary any more. (#112)
• The minimum required Rust version is now 1.42. (#108)

New

• cert::Cert can now decode, inspect, and verify BGPSec router certificates. (#113)
• Module rta for handling Resource Tagged Assertions. (#108)
• crypto::DigestAlgorithm::digest_file allows calculating the digest value of an entire file. (#108)
• IpBlock can now be displayed via helper types to select IPv4 or IPv6. (#108)
• SignedObject::process to validate generic signed objects and return their content on success. (#108)
• The various steps in certificate validation are now available as separate methods. (#108)
• New methods:
  • resources::AsBlock::is_whole_range ([#110)]
  • resources::IpBlock::is_slash_zero ([#110)]
  • resources::IpBlocks::contains_block and intersects_block ([#110)]
  • roa::FriendlyRoaIpAddress::prefix and is_v4 ([#110)]

Bug Fixes

• Don’t refuse an rpkiNotify SIA in EE certificates in strict validation mode. The spec is somewhat contradictory on whether they are allowed or now, so we should allow them. (#105)
• Do not include a parameter to the algorithm identifier of the SHA-256 digest algorithm. (#109)