forked from pool/yubico-piv-tool
9c2c224a8b
OBS-URL: https://build.opensuse.org/request/show/419765 OBS-URL: https://build.opensuse.org/package/show/security/yubico-piv-tool?expand=0&rev=18
183 lines
7.0 KiB
Plaintext
183 lines
7.0 KiB
Plaintext
-------------------------------------------------------------------
|
||
Wed Aug 17 14:03:58 UTC 2016 - t.gruner@katodev.de
|
||
|
||
- Version 1.4.2 (released 2016-08-12)
|
||
- Clarify license headers and clean up YKCS11 licensing. Now uses pkcs11.h from the Scute project.
|
||
- Don’t install ykcs11-version.h.
|
||
- No cflags in ykcs11.pc.
|
||
- Unimplemented YKCS11 functions now return CKR_FUNCTION_FAILED.
|
||
|
||
- Version 1.4.1 (released 2016-08-11)
|
||
- Documentation updates
|
||
- Add possibility to export certificates in SSH format.
|
||
- Make certificate serial number random by default.
|
||
|
||
-------------------------------------------------------------------
|
||
Tue May 17 14:55:42 UTC 2016 - t.gruner@katodev.de
|
||
|
||
- Version 1.4.0 (released 2016-05-03)
|
||
- Add attest action When used on a slot with a generated key,
|
||
outputs a signed x509 certificate for that slot showing that
|
||
the key was generated in hardware. Available in firmware 4.3.0 and newer.
|
||
- Add cached parameter for touch-policy With cached, the touch is valid
|
||
for an additional 15s. Available in firmware 4.3.0 and newer.
|
||
- Enforce a minimum PIN length of 6 characters.
|
||
- Fix a bug with list-readers action where it fell through processing into write-object.
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Apr 25 20:04:14 UTC 2016 - t.gruner@katodev.de
|
||
|
||
- Version 1.3.1 (released 2016-04-19)
|
||
- Fix a bug where unblock pin would instead change puk, introduced in 1.3.0.
|
||
- Clarifications with help texts.
|
||
|
||
- Version 1.3.0 (released 2016-02-19)
|
||
- Fixed extraction of RSA modulus and exponent for pkcs11.
|
||
- Implemented C_SetPIN for pkcs11.
|
||
- Add generic write and read object actions for the tool. Supports hex/binary/base64 formats
|
||
- Add ykpiv_change_pin(), ykpiv_change_puk() and ykpiv_unblock_pin()
|
||
- Print CCC with status action.
|
||
- Address bugs with pkcs11 on windows.
|
||
- Add --valid-days and --serial to tool for selfsign-certificate action.
|
||
- Ask for password for pkcs12 if none is given.
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Dec 11 08:12:48 UTC 2015 - t.gruner@katodev.de
|
||
|
||
- Version 1.2.2 (released 2015-12-08)
|
||
- Fix old buffer overflow in change-pin functionality.
|
||
|
||
- Version 1.2.1 (released 2015-12-08)
|
||
-Fix issue with big certificates and status.
|
||
|
||
- Version 1.2.0 (released 2015-12-07)
|
||
- On OSX use @loader_path instead of @executable_path for ykcs11.
|
||
- Add ykpiv_import_private_key to libykpiv.
|
||
- Raise buffer sizes to support bigger objects.
|
||
- Change behavior of action status, only list populated slots.
|
||
- Add retired keys to ykcs11.
|
||
- In ykcs11 support login with non null terminated pin.
|
||
- Add a new action set-ccc to yubico-piv-tool to set the CCC.
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Nov 18 20:57:56 UTC 2015 - t.gruner@katodev.de
|
||
|
||
- Version 1.1.2 (released 2015-11-13)
|
||
- Properly handle DER encoding in ECDSA signatures.
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Nov 12 14:30:09 UTC 2015 - t.gruner@katodev.de
|
||
|
||
- Version 1.1.1 (released 2015-11-11)
|
||
- Make sure SCardContext is properly acquired and released.
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Nov 6 21:05:07 UTC 2015 - t.gruner@katodev.de
|
||
|
||
- Version 1.1.0 (released 2015-11-06)
|
||
- Add support for new YubiKey 4.
|
||
- Add ykcs11.
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Oct 13 07:47:50 UTC 2015 - t.gruner@katodev.de
|
||
|
||
- Add dependencive in .spec file
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Oct 1 21:18:34 UTC 2015 - t.gruner@katodev.de
|
||
|
||
- Version 1.0.3 (released 2015-10-01)
|
||
- Correct wording on unblock-pin action.
|
||
- Show pin retries correctly.
|
||
- Use a bigger buffer for receiving data.
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Sep 15 13:32:27 UTC 2015 - t.gruner@katodev.de
|
||
|
||
- Version 1.0.2 (released 2015-09-04)
|
||
- Query for different passwords/pins on stdin if they’re not supplied.
|
||
- If a reader fails continue trying matching readers.
|
||
- Authentication failed is supposed to be 0x63cX not 0x630X.
|
||
|
||
-------------------------------------------------------------------
|
||
Sat Jul 11 14:49:43 UTC 2015 - t.gruner@katodev.de
|
||
|
||
- Version 1.0.1 (released 2015-07-10)
|
||
- Project relicensed to 2-clause BSD license
|
||
- Minor fixes found with clang scan-build
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Jul 8 21:14:24 UTC 2015 - t.gruner@katodev.de
|
||
|
||
- Version 1.0.0 (released 2015-06-23)
|
||
- Add a test-decipher action.
|
||
- Check that e is 0x10001 on importing rsa keys
|
||
- Use PCSC transactions when sending and receiving data
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Apr 27 16:22:36 UTC 2015 - cdenicolo@suse.com
|
||
|
||
- license update: GPL-3.0+
|
||
COPYING files says package is under GPL-3.0+.
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Mar 26 12:47:38 UTC 2015 - t.gruner@katodev.de
|
||
|
||
- Version 0.1.6 (released 2015-03-23)
|
||
Add a read-certificate action to the tool.
|
||
Add a status action to the tool.
|
||
Fix a library bug so NULL can be passed to ykpiv_verify()
|
||
Add a test-signature action to the tool.
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Feb 9 14:54:37 UTC 2015 - t.gruner@katodev.de
|
||
|
||
- Version 0.1.5 (released 2015-02-04)
|
||
Revert the check for parity and just set parity before the weak check.
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Feb 3 13:43:10 UTC 2015 - t.gruner@katodev.de
|
||
|
||
- Version 0.1.4 (released 2015-02-02)
|
||
Prompt for input if input is stdin.
|
||
Mark all bits of the signature as used is certs and requests.
|
||
Correct error for unblock-pin.
|
||
Fix hex decode to decode capital letters and return error.
|
||
Check parity of new management keys.
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Jan 23 07:47:58 UTC 2015 - t.gruner@katodev.de
|
||
|
||
- Version 0.1.3 (released 2014-12-18)
|
||
Add format DER for importing certificates.
|
||
Make sure diagnostic feedback ends up on stderr.
|
||
Add positive feedback for a couple of actions.
|
||
|
||
- Version 0.1.2 (released 2014-11-14)
|
||
Fix an issue where shorter component of RSA keys where not packed correctly.
|
||
|
||
- Version 0.1.1 (released 2014-11-10)
|
||
Correct broken CHUID that made windows work inconsistently.
|
||
Add support for compressed certificates.
|
||
Fix broken unblock-pin action.
|
||
Don’t try to accept to short keys for mgm key.
|
||
Only do applet authentication if needed.
|
||
Add --hash for selecting what hash to use for signatures.
|
||
Add hidden --sign command. Should probably not be used.
|
||
Fix for signature algorithm in selfsigned cert.
|
||
|
||
- Version 0.1.0 (released 2014-08-25)
|
||
Break out functionality into a library.
|
||
More testing.
|
||
|
||
- Version 0.0.3 (released 2014-05-26)
|
||
Add delete-certificate action.
|
||
Fix minor bugs.
|
||
|
||
- Version 0.0.2 (released 2014-02-19)
|
||
Fix an offset bug with CHUID.
|
||
Do full mutual auth with the applet.
|
||
|
||
- Version 0.0.1 (released 2014-02-11)
|
||
Initial release.
|