54ca3ec · Oversight

v0.4.10: hardware-keys foundation (KeyProvider + OSGT-HW-P256-v1)

The recipient-side ECDH path is now abstracted behind the new
KeyProvider trait. A pure-Rust SoftwareP256KeyProvider ships alongside
the existing X25519 FileKeyProvider, the OSGT-HW-P256-v1 suite is
implemented end-to-end in oversight-crypto (wrap, unwrap, JSON envelope),
and oversight-container recognizes suite id 3 so hardware-backed sealed
files ride the existing header dispatch.

PivKeyProvider (PKCS#11 against PIV-compatible tokens) is the next
follow-up and slots in as another KeyProvider impl without touching
existing call sites.

Public API is purely additive. oversight-crypto 21/21,
oversight-container 12/12, workspace builds clean.

54ca3ec Zion Boggan committed on May 7, 2026 (1 month ago)

CHANGELOG.md +6 -1

		@@ -1,6 +1,11 @@
		# Oversight CHANGELOG

	-	## Unreleased
	+	## v0.4.10 - 2026-05-07 Hardware-keys foundation: KeyProvider trait + OSGT-HW-P256-v1
	+
	+	This release lands the abstraction and pure-Rust reference path that the
	+	upcoming `PivKeyProvider` (PKCS#11 against YubiKey / Nitrokey / OnlyKey)
	+	plugs into. Public API is purely additive; all existing v0.4.9 callers
	+	keep working unchanged.

		- **`oversight-container`: `OSGT-HW-P256-v1` recognized by the binary
		container (2026-05-07).** Added `SUITE_HW_P256_V1_ID = 3` and extended

README.md +18 -0

		@@ -110,6 +110,24 @@ The attribute command runs a 5-phase pipeline:
		4. Multi-layer Bayesian fusion combining all evidence into ranked candidates
		5. Content fingerprint comparison (winnowing + sentence hashing) as a last resort when all watermarks are stripped

	+	## What's new in v0.4.10
	+
	+	Hardware-keys foundation. `oversight-crypto` now exposes a
	+	`KeyProvider` trait that abstracts the recipient-side ECDH so a
	+	hardware-backed token (YubiKey / Nitrokey / OnlyKey via PIV) can plug
	+	into the open path without changing call sites. `FileKeyProvider`
	+	ships as the X25519 default. The hardware-track suite
	+	`OSGT-HW-P256-v1` is fully implemented in software:
	+	`wrap_dek_for_recipient_p256` + `WrappedDekP256` +
	+	`SoftwareP256KeyProvider` (NIST P-256 ECDH, RustCrypto's `p256`
	+	crate). `oversight-container` recognizes the new suite id (`3`) so
	+	sealed files for hardware recipients ride the existing 1-byte header
	+	dispatch without a layout change. The `PivKeyProvider` (PKCS#11)
	+	implementation is the next bounded follow-up; the trait and software
	+	reference let it ship without touching seal-side or container code.
	+	Full crate test count is 21/21 in `oversight-crypto` and 12/12 in
	+	`oversight-container`. Public API additive; v0.4.9 callers unchanged.
	+
		## What's new in v0.4.9

		Browser inspector decrypts hybrid (post-quantum) sealed files.

oversight_core/__init__.py +1 -1

		@@ -31,4 +31,4 @@ __all__ = [
		"l3_policy",
		]

	-	__version__ = "0.4.9"
	+	__version__ = "0.4.10"

pyproject.toml +1 -1

		@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"

		[project]
		name = "oversight-protocol"
	-	version = "0.4.9"
	+	version = "0.4.10"
		description = "Open protocol for cryptographic data provenance, recipient attribution, and leak detection."
		readme = "README.md"
		license = {text = "Apache-2.0"}