ima-evm-utils: Release version 1.3

Updated both the release and library (ABI change) versions.  See the
"Changelog" for a list of the new features, bug fixes, and code cleanup.

Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>

ChangeLog

@@ -1,3 +1,60 @@
+2020-07-21  Mimi Zohar <zohar@linux.ibm.com>
+
+	version 1.3 new features:
+	* NEW ima-evm-utils regression test infrastructure with two initial
+	  tests:
+	  - ima_hash.test: calculate/verify different crypto hash algorithms
+	  - sign_verify.test: EVM and IMA sign/verify signature tests
+	* TPM 2.0 support
+	  - Calculate the new per TPM 2.0 bank template data digest
+	  - Support original padding the SHA1 template data digest
+	  - Compare ALL the re-calculated TPM 2.0 bank PCRs against the
+	    TPM 2.0 bank PCR values
+	  - Calculate the per TPM bank "boot_aggregate" values, including
+	    PCRs 8 & 9 in calculation
+	  - Support reading the per TPM 2.0 Bank PCRs using Intel's TSS
+	  - boot_aggregate.test: compare the calculated "boot_aggregate"
+	    values with the "boot_aggregate" value included in the IMA
+	    measurement.
+	* TPM 1.2 support
+	  - Additionally support reading the TPM 1.2 PCRs from a supplied file
+	    ("--pcrs" option)
+	* Based on original IMA LTP and standalone version support
+	  - Calculate the TPM 1.2 "boot_aggregate" based on the exported
+	    TPM 1.2 BIOS event log.
+	  - In addition to verifying the IMA measurement list against the
+	    the TPM PCRs, verify the IMA template data digest against the
+	    template data.  (Based on LTP "--verify" option.)
+	  - Ignore file measurement violations while verifying the IMA
+	    measurment list. (Based on LTP "--validate" option.)
+	  - Verify the file data signature included in the measurement list
+	    based on the file hash also included in the measurement list
+	    (--verify-sig)
+	  - Support original "ima" template (mixed templates not supported)
+	* Support "sm3" crypto name
+
+	Bug fixes and code cleanup:
+	* Don't exit with -1 on failure, exit with 125
+	* On signature verification failure, include pathname.
+	* Provide minimal hash_info.h file in case one doesn't exist, needed
+	  by the ima-evm-utils regression tests.
+	* On systems with TPM 1.2, skip "boot_aggregate.test" using sample logs
+	* Fix hash_algo type comparison mismatch
+	* Simplify/clean up code
+	* Address compiler complaints and failures
+	* Fix memory allocations and leaks
+	* Sanity check provided input files are regular files
+	* Revert making "tsspcrread" a compile build time decision.
+	* Limit additional messages based on log level (-v)
+
+2019-07-30  Mimi Zohar <zohar@linux.ibm.com>
+
+	version 1.2.1 Bug fixes:
+	* When verifying multiple file signatures, return correct status
+	* Don't automatically use keys from x509 certs if user supplied "--rsa"
+	* Fix verifying DIGSIG_VERSION_1 signatures
+	* autoconf, openssl fixes
+
 
 2019-07-24  Mimi Zohar <zohar@linux.ibm.com>