NEWS for OpenSC -- History of user visible changes Please also see doc/WhatsNew.html or http://www.opensc-project.org/opensc/wiki/WhatsNew Also see the svn changelog using svn command or doc/nonpersistent/ChangeLog. New in 0.11.7; 2009-02-26; Andreas Jellinghaus * hide_empty_slots now on by default? small logic change? * pinpad supported fixed for Mac OS X. * ruToken driver was updated. * openct virtual readers reduced to 2 by default. * link with iconv on Mac OS X for i18n support. * Security issue: Fix private data support. * Enable lock_login by default. * Disable allow_soft_keygen by default. New in 0.11.6; 2008-08-27; Andreas Jellinghaus * Improved security fix: don't match for "OpenSC" in the card label. * New support for Feitian ePass3000 bei Weitao Sun. * GemSafeV1 improved to handle key_ref other than 3 by Douglas E. Engert New in 0.11.5; 2008-07-31; Andreas Jellinghaus * Apply security fix for cardos driver and extend pkcs15-tool to test cards for the security vulnerability and update them. * Build system rewritten (NOTICE: configure options was modified). The build system can produce outputs for *NIX, cygwin and native windows (using mingw). * ruToken now supported. * Allow specifying application name for data objects. * Basic reader hotplug support. * PC/SC library is dynamic linked no longer compile time dependency. * PKCS#11 provider is now installed at LIBDIR/pkcs11 * PKCS#11 - Number of virtual slots moved into configuration. * PKCS#11 - Fix fork() compliance. * make sign_with_decrypt hack configureable for siemens cards. New in 0.11.4; 2007-09-10; Andreas Jellinghaus * Drop AC_LIB_LINKFLAGS for libltdl and aclocal/lib* files. * New configure option to disable building nsplugin. * Support Siemens CardOS initialized cards (signing with decryption) * Add Siemens CardOS M4.2B support (experimental, don't have such a card) * Support for AKIS cards added (partial so far) by Gürer Özen. * add aclocal/libassuan.m4 back so developers don't need assuan installed. New in 0.11.3; 2007-07-11; Andreas Jellinghaus * added regression test for raw rsa (crypt0007). * regression suite can now use installed binaries with --installed. * update wiki export script (add images, fix links). * look for ncurses and termcap in configure (in combination with readline). * make lots of internal functions and variables static. * fix 0 vs NULL in many places. fix ansi c style (void). * avoid variable names used also as glibc function (random etc.). * new code for deleting objects. * special hack for firefox. * suport for Athena APCOS cards added. * piv driver now supports bigger rsa keys too. New in 0.11.2; 2007-05-04; Andreas Jellinghaus * enabled pin caching by default (needed by regression suite and other apps). disable this for highest security (but that breaks some applications). * use max_send_size 255 / max_recv_size 256 bytes by default. reduce this for some readers (e.g. scm) with t=0 cards. * increase pin buffer size to allow longer pin codes. * Windows Make.rules.mak improved to work with and w/o openssl and zlib * Added --read-ssk-key option to pkcs15-tool (prints public key in ssh format) * use pkg-config for finding openct, add --enable/disable-openct option * use strlcpy function * use new pkcs11.h from scute with an open source license * add support for sha2 to pkcs15-crypt * add piv-tool for managing piv cards * add muscle driver (still work in progress) * improved oberthur driver * add support for pcsc v2 part10 (reader drivers with pinpad support) * convert source files to utf-8 New in 0.11.1; 2006-05-30; Andreas Jellinghaus * Fix version variable in win32 build files * Update for piv pkcs#15 emulation * Improved TCOS driver for Uni Giesen Card * Handle size_t printf with "%lu" and (unsigned long) cast * Add support for d-trust cards / improve micardo 2.1 driver New in 0.11.0; 2006-05-01; Andreas Jellinghaus * compile fixes/improvements for windows * document pkcs15-tool --unblock-pin option * remove old and outdated documentation * use "%lu" format for printf of size_t * add piv driver and tool by Douglas E. Engert * new threadding code in pkcs11 module * renamed "etoken" driver to "cardos", as it really is a generic driver for Siemens CardOS M4, including but not limited to Aladdin eTokens. * add code to maange unused space * support for swedish nidel cards New in 0.10.1; 2006-01-08; Andreas Jellinghaus * use sc_print_path everywhere. * silence many warnings. * add incrypto34 driver by ST Incard, Giuseppe Amato * improved TCOS driver by Peter Koch * better PINPAD handling * updated infocamere driver * updated opensc.conf with new default values * fix firefox problems (no real fix, only ugly workaround) * add cardos M4.2 support New in 0.10.0; 2005-10-31; Andreas Jellinghaus * released rc2 without changes. * Add more documentation, fix man page installtion. * New generic ATR/card matching code with atrmask support, used by all card drivers. * Much improved and unified ATR handling in the configuration file. * Support for the next generation FinEID cards with ISO/IEC 7816-15 data layout. * Preliminary code merge with the Belgian Belpic EID project. * Experimental multi-slot support for CT-API and dynamic loading support for win32. Thanks to Bernhard Froehlich * Experimental Class 2 pinpad reader support via TeleTrust compatible PC/SC interface. * Fixed OpenSSL behaviour in the configure script. * PKCS#15 emulation layer improvements and a new driver for the Italian postecert card. * New API documentation and generic documentation structure renovation to base future work on. Many thanks to Bert Vermeulen * Spanish manual translation from opensc-ceres project merged. * Several memory leaks and other bugs fixed. New in 0.9.6; 2005-04-25; Andreas Jellinghaus: * undo user_content changes to retain compatibility with 0.9.4. * add solaris/ files for easier installation on solaris. * Makefile.am: require automake 1.5 * free() fixes in some card drivers. * fix autoconf configure code. New in 0.9.5; 2005-01-11; Andreas Jellinghaus: * Big rewrite of the autoconf code for openssl. This fixes bugs on Mac OS X and we hope it doesn't break any other system. Feedback is very welcome. * The flags object attribute changed to a bitfield. * Many small bugfixes, including memory leaks. * Changes to the etoken and gpk profiles to eleminate overlapping file ids. * pinpad code by Martin Paljak * add user_consent parameter to pkcs15emu add object/add prkey functions. * estid provide user_consent parameter. * add fflush to pkcs11-spy.c * set version in configure.in, src/pkcs11/pkcs11-global.c, win32/version.rc and src/include/winconfig.h New in 0.9.4; 2004-10-31; Andreas Jellinghaus: * Library version was broken in 0.9.3. * Update library version to 1:0:0, as we are no longer compatible with the 0:*:* line, I fear. New in 0.9.3; 2004-10-31; Andreas Jellinghaus: * Fix some LDFLAGS/LDADD issues for parallel build. New in 0.9.2; 2004-07-24; Andreas Jellinghaus: * This is an beta test version. Please be careful. Do not use in production environments. * Fix sslengine, link those dynamically with libcrypto for openssl 0.9.7d and later. * Fixed small bug in pkcs11-tool * Link pkcs11-tool and pkcs15-crypt with -lcrypto * New driver for estonian ID card. * Bumped version number to opensc 0.9.2 * New card supported: Oberthur AuthentIC v5 * Pam_opensc's eid module now checks permissions, and supports several certificates in ~/.eid/authorized_certificates Thanks to Fritz Elfert * Upgrade library version to 0.9, since incompatible changes are very likely somewhere. * Merged several pkcs15 profiles into one with different options. New in 0.8.1; 2003-09-30; Olaf Kirch: * Upgrade libopensc versioning, hasn't been accidently upgraded since 0.6.0 release * MacOS X specific changes: - Allow to compile without PC/SC support - Bundle installation fixes - OpenSSL engine linking fixed - Renamed OpenSC PKCS#11.bundle to opensc-pkcs11.bundle - CT-API module loading support * libopensc: - Renamed sysdep_timestamp_t to sc_timestamp_t - Renamed debug/error functions to sc_debug/sc_error - Don't DER-en/decode the data in a pkcs15 object - Portability fixes for the OpenCT reader driver * libscconf: Fixed CRLF parsing for UNIX platforms * Added PKCS#11 spy module by Mathias Brossard * Other minor bug/build fixes and cleanups New in 0.8.0; 2003-08-15; Juha Yrjölä: * New and/or improved card drivers: Aladdin eToken, MICARDO 2 and STARCOS * New reader driver: OpenCT (Olaf's framework) * Improved support for win32 and MacOS X. * PKCS #11 stuff improved massively * Added PKCS #11 and native OpenSC engine drivers for OpenSSL * Added support for reading the PIN from the PIN keypad of a reader * New manpages * Loads of other improvements and bug-fixes New in 0.7.0; 2002-06-03; Juha Yrjölä: * Support for config files * Yet another PKCS #15 generation rewrite * PAM module rewritten for more flexibility and compatibility * OpenSC Signer merged to the main source tree * CT-API support * Support for non-native RSA and DSA keys * Improved support for MioCOS cards by Miotec (http://www.miotec.fi) * Semi-working support for Aladdin eToken PRO * First version to work with OpenSSH without any patching New in 0.6.1; 2002-03-20; Juha Yrjölä: * Fixed certificate downloading in pkcs15-init * Improved PKCS #11 module, so it works with Mozilla 0.9.9 and is capable of signing and decrypting mails in Netscape * Other various small fixes and improvements New in 0.6.0; 2002-03-13; Juha Yrjölä: * Many, many new features -- too many to list here * New cards supported: Gemplus GPK family, TCOS 2.0, MioCOS * Implemented a card reader abstraction layer * PKCS #15 generation rewritten by Olaf Kirch. So far generation is supported only on GPK and Cryptoflex. New in 0.5.0; 2002-01-24; Juha Yrjölä: * PKCS #15 generation support * PKCS #11 module almost completely rewritten * Implemented opensc-explorer; a tool for browsing and modifying the card file system * Almost complete support for Cryptoflex 16k; implemented cryptoflex-tool * Started writing some API documentation using Doxygen * Much improved object handling code in PKCS #15 framework * Lots of bugs fixed, lots of new ones introduced New in 0.4.0; 2001-12-29; Juha Yrjölä: * Finished migrating to Autotools * Rewritten ASN.1 decoder (should work better on all PKCS #15 cards) * Abstracted card handling, so adding support for new cards is a whiz, 'opensc-tool -D' will list all installed drivers. * Added colored debug and error output ;) * Fixed some memory leaks * Support for Swedish Posten eID cards * Added very preliminary support for EMV compatible cards and Multiflex cards by Schlumberger New in 0.3.5; 2001-12-15; Juha Yrjölä: * Now compiles with C++ * Added card reset detection * Fixed PIN code changing * Improved certificate caching New in 0.3.2; 2001-11-27; Juha Yrjölä: * Converted to Autotools.