yubico-piv-tool NEWS -- History of user-visible changes. -*- outline -*- * Version 1.3.0 (unreleased) * Version 1.2.2 (released 2015-12-08) ** Fix old buffer overflow in change-pin functionality. * Version 1.2.1 (released 2015-12-08) ** Fix issue with big certificates and status. * Version 1.2.0 (released 2015-12-07) ** On OSX use @loader_path instead of @executable_path for ykcs11. ** Add ykpiv_import_private_key to libykpiv. ** Raise buffer sizes to support bigger objects. ** Change behavior of action status, only list populated slots. ** Add retired keys to ykcs11. ** In ykcs11 support login with non null terminated pin. ** Add a new action set-ccc to yubico-piv-tool to set the CCC. * Version 1.1.2 (released 2015-11-13) ** Properly handle DER encoding in ECDSA signatures. * Version 1.1.1 (released 2015-11-11) ** Make sure SCardContext is properly acquired and released. * Version 1.1.0 (released 2015-11-06) ** Add support for new YubiKey 4. ** Add ykcs11. * Version 1.0.3 (released 2015-10-01) ** Correct wording on unblock-pin action. ** Show pin retries correctly. ** Use a bigger buffer for receiving data. * Version 1.0.2 (released 2015-09-04) ** Query for different passwords/pins on stdin if they're not supplied. ** If a reader fails continue trying matching readers. ** Authentication failed is supposed to be 0x63cX not 0x630X. * Version 1.0.1 (released 2015-07-10) ** Project relicensed to 2-clause BSD license ** Minor fixes found with clang scan-build * Version 1.0.0 (released 2015-06-23) ** Add a test-decipher action. ** Check that e is 0x10001 on importing rsa keys ** Use PCSC transactions when sending and receiving data * Version 0.1.6 (released 2015-03-23) ** Add a read-certificate action to the tool. ** Add a status action to the tool. ** Fix a library bug so NULL can be passed to ykpiv_verify() ** Add a test-signature action to the tool. * Version 0.1.5 (released 2015-02-04) ** Revert the check for parity and just set parity before the weak check. * Version 0.1.4 (released 2015-02-02) ** Prompt for input if input is stdin. ** Mark all bits of the signature as used is certs and requests. ** Correct error for unblock-pin. ** Fix hex decode to decode capital letters and return error. ** Check parity of new management keys. * Version 0.1.3 (released 2014-12-18) ** Add format DER for importing certificates. ** Make sure diagnostic feedback ends up on stderr. ** Add positive feedback for a couple of actions. * Version 0.1.2 (released 2014-11-14) ** Fix an issue where shorter component of RSA keys where not packed correctly. * Version 0.1.1 (released 2014-11-10) ** Correct broken CHUID that made windows work inconsistently. ** Add support for compressed certificates. ** Fix broken unblock-pin action. ** Don't try to accept to short keys for mgm key. ** Only do applet authentication if needed. ** Add --hash for selecting what hash to use for signatures. ** Add hidden --sign command. Should probably not be used. ** Fix for signature algorithm in selfsigned cert. * Version 0.1.0 (released 2014-08-25) ** Break out functionality into a library. ** More testing. * Version 0.0.3 (released 2014-05-26) ** Add delete-certificate action. ** Fix minor bugs. * Version 0.0.2 (released 2014-02-19) ** Fix an offset bug with CHUID. ** Do full mutual auth with the applet. * Version 0.0.1 (released 2014-02-11) ** Initial release.