Secure Software Manager

New SSM Smartcard Daemon (SCD) client with tailored signing workflows for better GPG signing - GPG signing on SSM worked but it needed a design overhaul to improve the customer experience. SSM was reliant on the opensource Smartcard Daemon GnuPG-PKCS11-SCD which our users need to compile from source and was limited to Linux OS and restricted to RSA algorithm keys only. With the release of our new SSM SCD we have reinvented our GPG signing flows by coding our APIs directly to the SSM SCD, removing the dependence on PKCS11, and presenting customers with compiled versions of the SSM SCD client optimised for Windows, Linux and Mac OS's. Our new SSM GPG workflows expand support from RSA algorithm signing to also offer our customers ECDSA and EDDSA algorithm support. Finally, we have introduced support for the GPG keyring structure, so that customers can create a hierarchical structure under a GPG master key, with GPG subkeys and user IDs which natively align with the GPG ecosystem.

EdDSA key signing support SSM - We have enhanced our PKCS11 client to now support signing with EDDSA (ED25519) in order to facilitate customers who wish to use EdDSA algorithm. While at present, the EdDSA algorithm is not widely supported by most commercially available code signing tools, we have documented the instructions to cover the tools we have verified to work and will continue to grow this list as we identify and find other tools which introduce support for EdDSA algorithm in the future.