Changelog for yubikey-manager-2.1.0-lp18.104.22.168.noarch.rpm
* Mon Mar 11 2019 Karol Babioch - Version 2.1.0 (released 2019-03-11)
* Add --reader flag to ykman list, to list available smart card readers
* FIPS: Checking if a YubiKey FIPS is in FIPS mode is now opt-in, with the --check-fips flag
* PIV: Add commands for writing and reading arbitrary PIV objects
* PIV: Verify that the PIN must be between 6 - 8 characters long
* PIV: In import-certificate, make the verification that the certificate and private key matches opt-in, with the --verify flag
* PIV: The piv info command now shows the serial number of the certificates
* PIV: The piv info command now shows the full Distinguished Name (DN) of the certificate subject and issuer, if possible
* PIV: Malformed certificates are now handled better
* OpenPGP: The openpgp touch command now shows current touch policies
* The ykman usb/nfc config command now accepts openpgp as well as opgp as an argument
* Bugfix: Fix support for german (DE) keyboard layout for static passwords- Packaged man page
* Wed Jan 09 2019 Karol Babioch - Version 2.0.0 (released 2019-01-09)
* Add support for Security Key NFC
* Add experimental support for external smart card reader. See --reader flag
* Add a minimal manpage
* Add examples in help texts
* PIV: update CHUID when importing a certificate
* PIV: Optionally validate that private key and certificate match when importing a certificate (on by default in CLI)
* PIV: Improve support for importing certificate chains and .PEM files with comments
* Breaking API changes:
* Merge CCID status word constants into a single SW enum in ykman.driver_ccid
* Throw custom exception types instead of raw APDUErrors from many methods of PivController
* Write CLI prompts to standard error instead of standard output
* Replace function `ykman.util.parse_certificate` with `parse_certificates` which returns a list
* Mon Nov 12 2018 Karol Babioch - Added libykpers-1-1 as dependency (bsc#1115370)
* Wed Oct 10 2018 Karol Babioch - Version 1.0.1 (released 2018-10-10)
* Support for YubiKey 5A
* OATH: Ignore extra parameters in URI parsing
* Bugfix: Never say that NFC is supported for YubiKeys without NFC
* Fri Sep 28 2018 Karol Babioch - Version 1.0.0 (released 2018-09-24)
* Add support for YubiKey 5 Series
* Config: Add flag to generate a random configuration lock
* OATH: Give a proper error message when a touch credential times out
* NDEF: Allow setting the NDEF prefix from the CLI
* FIDO: Block reset when multiple YubiKeys are connected- Applied spec-cleaner- Removed explicit version dependencies
* Wed Jul 11 2018 kbabiochAATTsuse.com- Version 0.7.1 (released 2018-07-09)
* Support for YubiKey FIPS.
* OTP: Allow setting and removing access codes on the slots.
* Interfaces: set-lock-code now only accepts hexadecimal inputs.
* Bugfix: Don\'t fail to open the YubiKey when the serial is not visible.- Version 0.7.0 (released 2018-05-07)
* Support for YubiKey Preview.
* Add command to configure enabled applications over USB and NFC. See ykman config -h.
* Add command for selecting which slot to use for NDEF. See ykman otp ndef -h.- Applied spec-cleaner
* Tue Apr 17 2018 kbabiochAATTsuse.com- Version 0.6.1
* Support for YubiKeys with FIDO2. See ykman fido -h
* Report the form factor for YubiKeys that support it.
* OTP: slot command is now called otp. See ykman otp -h for all changes.
* Static password: Add support for different keyboard layouts. See ykman otp static -h
* PIV: Signatures for CSRs are now correct.
* PIV: Commands on slots with PIN policy ALWAYS no longer fail if the YubiKey has a management key protected by PIN.
* Mode: The U2F mode is now called FIDO.
* Dependencies: libu2f-host is no longer used for FIDO communication over USB, instead the python library fido2 is used.- Cleaned up spec file (spec-cleaner)
* Wed Feb 21 2018 t.grunerAATTkatodev.de- Version 0.6.0 (released 2018-02-09) - OpenPGP: Expose remaining PIN retries in info command and API. - CCID: Only try YubiKey smart card readers by default. - Handle NEO issues with challenge-response credentials better. - Improve logging. - Improve error handling when opening device over OTP. - Bugfix: Fix adding OTP data through the interactive prompt.
* Wed Jan 03 2018 t.grunerAATTkatodev.de- Version 0.5.0 (released 2017-12-15) - API breaking changes: - OATH: New API more similar to yubioath-android - CLI breaking changes: - OATH: Touch prompt now written to stderr instead of stdout - OATH: -a|--algorithm option to list command removed - OATH: Columns in code command are now dymanically spaced depending on contents - OATH: delete command now requires confirmation or -f|--force argument - OATH: IDs printed by list command now include TOTP period if not 30 - Changed outputs: - INFO: \"Device name\" output changed to \"Device type\" - PIV: \"Management key is stored on device\" output changed to \"Management key is stored on the YubiKey\" - PIV: \"All PIV data have been cleared from the device\" output changed to \"All PIV data have been cleared from your YubiKey\" - PIV: \"The current management key is stored on the device\" prompt changed to \"The current management key is stored on the YubiKey\" - SLOT: \"blank to use device serial\" prompt changed to \"blank to use YubiKey serial number\" - SLOT: \"Using device serial\" output changed to \"Using YubiKey device serial\" - Lots of failure case outputs changed - New features: - Support for multiple devices via new top-level option -d|--device - New top-level option -l|--log-level to enable logging - OATH: Support for remembering passwords locally. - OATH: New option -s|--single for code command - PIV: set-pin-retries command now warns that PIN and PUK will be reset to factory defaults, and prints those defaults after resetting - API bug fixes: - OATH: valid_from and valid_to for Code are now absolute instead of relative to the credential period - OATH: period for non-TOTP Code is now None
* Sat Dec 30 2017 jengelhAATTinai.de- Fix RPM groups.
* Wed Nov 15 2017 t.grunerAATTkatodev.de- Version 0.4.6 (released 2017-10-17) - Will now attempt to open device 3 times before failing - OpenPGP: Don’t say data is removed when not - OpenPGP: Don’t swallow APDU errors - PIV: Block on-chip RSA key generation for firmware versions 4.2.0 to 4.3.4 (inclusive) since these chips are vulnerable to CVE-2017-15631.- Version 0.4.5 (released 2017-09-14) - OATH: Don’t print issuer if there is no issuer.- Version 0.4.4 (released 2017-09-06) - OATH: Fix yet another issue with backwards compability, for adding new credentials.- Version 0.4.3 (released 2017-09-06) - OATH: Fix issue with backwards compability, when used as a library.- Version 0.4.2 (released 2017-09-05) - OATH: Support 7 digit credentials. - OATH: Support credentials with a period other than 30 seconds. - OATH: The remove command is now called delete.- Version 0.4.1 (released 2017-08-10) - PIV: Dropped support for deriving a management key from PIN. - PIV: Addded support for generating a random management key and storing it on the device protected by the PIN. - OpenPGP: The reset command now handles a device in terminated state. - OATH: Credential filtering is now working properly on Python 2.- Version 0.4.0 (released 2017-06-19) - Added PIV support. The tool and library now supports most of the PIV functionality found on the YubiKey 4 and NEO. To list the available commands, run ykman piv -h. - Mode command now supports adding and removing modes incrementally.
* Mon May 15 2017 t.grunerAATTkatodev.de- Initial Release 0.3.3