File yubikey-manager.changes of Package yubikey-manager

-------------------------------------------------------------------
Mon Mar 11 15:10:02 UTC 2019 - Karol Babioch <kbabioch@suse.de>

- Version 2.1.0 (released 2019-03-11)
  * Add --reader flag to ykman list, to list available smart card readers
  * FIPS: Checking if a YubiKey FIPS is in FIPS mode is now opt-in, with the --check-fips flag
  * PIV: Add commands for writing and reading arbitrary PIV objects
  * PIV: Verify that the PIN must be between 6 - 8 characters long
  * PIV: In import-certificate, make the verification that the certificate and private key matches opt-in, with the --verify flag
  * PIV: The piv info command now shows the serial number of the certificates
  * PIV: The piv info command now shows the full Distinguished Name (DN) of the certificate subject and issuer, if possible
  * PIV: Malformed certificates are now handled better
  * OpenPGP: The openpgp touch command now shows current touch policies
  * The ykman usb/nfc config command now accepts openpgp as well as opgp as an argument
  * Bugfix: Fix support for german (DE) keyboard layout for static passwords
- Packaged man page

-------------------------------------------------------------------
Wed Jan  9 09:18:34 UTC 2019 - Karol Babioch <kbabioch@suse.de>

- Version 2.0.0 (released 2019-01-09)
  * Add support for Security Key NFC
  * Add experimental support for external smart card reader. See --reader flag
  * Add a minimal manpage
  * Add examples in help texts
  * PIV: update CHUID when importing a certificate
  * PIV: Optionally validate that private key and certificate match when importing a certificate (on by default in CLI)
  * PIV: Improve support for importing certificate chains and .PEM files with comments
  * Breaking API changes:
    * Merge CCID status word constants into a single SW enum in ykman.driver_ccid
    * Throw custom exception types instead of raw APDUErrors from many methods of PivController
    * Write CLI prompts to standard error instead of standard output
    * Replace function `ykman.util.parse_certificate` with `parse_certificates` which returns a list

-------------------------------------------------------------------
Mon Nov 12 09:15:25 UTC 2018 - Karol Babioch <kbabioch@suse.com>

- Added libykpers-1-1 as dependency (bsc#1115370)

-------------------------------------------------------------------
Wed Oct 10 08:38:58 UTC 2018 - Karol Babioch <kbabioch@suse.com>

- Version 1.0.1 (released 2018-10-10) 
  * Support for YubiKey 5A
  * OATH: Ignore extra parameters in URI parsing
  * Bugfix: Never say that NFC is supported for YubiKeys without NFC

-------------------------------------------------------------------
Fri Sep 28 09:09:20 UTC 2018 - Karol Babioch <kbabioch@suse.com>

- Version 1.0.0 (released 2018-09-24)
  * Add support for YubiKey 5 Series
  * Config: Add flag to generate a random configuration lock
  * OATH: Give a proper error message when a touch credential times out
  * NDEF: Allow setting the NDEF prefix from the CLI
  * FIDO: Block reset when multiple YubiKeys are connected
- Applied spec-cleaner
- Removed explicit version dependencies

-------------------------------------------------------------------
Wed Jul 11 09:24:55 UTC 2018 - kbabioch@suse.com

- Version 0.7.1 (released 2018-07-09)
  * Support for YubiKey FIPS.
  * OTP: Allow setting and removing access codes on the slots.
  * Interfaces: set-lock-code now only accepts hexadecimal inputs.
  * Bugfix: Don't fail to open the YubiKey when the serial is not visible.
- Version 0.7.0 (released 2018-05-07)
  * Support for YubiKey Preview.
  * Add command to configure enabled applications over USB and NFC. See ykman config -h.
  * Add command for selecting which slot to use for NDEF. See ykman otp ndef -h. 
- Applied spec-cleaner

-------------------------------------------------------------------
Tue Apr 17 07:18:29 UTC 2018 - kbabioch@suse.com

- Version 0.6.1
  * Support for YubiKeys with FIDO2. See ykman fido -h
  * Report the form factor for YubiKeys that support it.
  * OTP: slot command is now called otp. See ykman otp -h for all changes.
  * Static password: Add support for different keyboard layouts. See ykman otp static -h
  * PIV: Signatures for CSRs are now correct.
  * PIV: Commands on slots with PIN policy ALWAYS no longer fail if the YubiKey has a management key protected by PIN.
  * Mode: The U2F mode is now called FIDO.
  * Dependencies: libu2f-host is no longer used for FIDO communication over USB, instead the python library fido2 is used. 
- Cleaned up spec file (spec-cleaner)

-------------------------------------------------------------------
Wed Feb 21 21:09:42 UTC 2018 - t.gruner@katodev.de

- Version 0.6.0 (released 2018-02-09)
  -  OpenPGP: Expose remaining PIN retries in info command and API.
  -  CCID: Only try YubiKey smart card readers by default.
  -  Handle NEO issues with challenge-response credentials better.
  -  Improve logging.
  -  Improve error handling when opening device over OTP.
  -  Bugfix: Fix adding OTP data through the interactive prompt.

-------------------------------------------------------------------
Wed Jan  3 19:16:35 UTC 2018 - t.gruner@katodev.de

- Version 0.5.0 (released 2017-12-15)
  -  API breaking changes:
     -  OATH: New API more similar to yubioath-android
  -  CLI breaking changes:
     -  OATH: Touch prompt now written to stderr instead of stdout
     -  OATH: -a|--algorithm option to list command removed
     -  OATH: Columns in code command are now dymanically spaced depending on contents
     -  OATH: delete command now requires confirmation or -f|--force argument
     -  OATH: IDs printed by list command now include TOTP period if not 30
     -  Changed outputs:
         -  INFO: "Device name" output changed to "Device type"
         -  PIV: "Management key is stored on device" output changed to "Management key is stored on the YubiKey"
         -  PIV: "All PIV data have been cleared from the device" output changed to "All PIV data have been cleared from your YubiKey"
         -  PIV: "The current management key is stored on the device" prompt changed to "The current management key is stored on the YubiKey"
         -  SLOT: "blank to use device serial" prompt changed to "blank to use YubiKey serial number"
         -  SLOT: "Using device serial" output changed to "Using YubiKey device serial"
         -  Lots of failure case outputs changed
  -  New features:
     -  Support for multiple devices via new top-level option -d|--device
     -  New top-level option -l|--log-level to enable logging
     -  OATH: Support for remembering passwords locally.
     -  OATH: New option -s|--single for code command
     -  PIV: set-pin-retries command now warns that PIN and PUK will be reset to factory defaults, and prints those defaults after resetting
  -  API bug fixes:
     -  OATH: valid_from and valid_to for Code are now absolute instead of relative to the credential period
     -  OATH: period for non-TOTP Code is now None

-------------------------------------------------------------------
Sat Dec 30 09:04:16 UTC 2017 - jengelh@inai.de

- Fix RPM groups.

-------------------------------------------------------------------
Wed Nov 15 19:29:13 UTC 2017 - t.gruner@katodev.de

- Version 0.4.6 (released 2017-10-17)
  - Will now attempt to open device 3 times before failing
  - OpenPGP: Don’t say data is removed when not
  - OpenPGP: Don’t swallow APDU errors
  - PIV: Block on-chip RSA key generation for firmware versions 4.2.0 to 4.3.4 (inclusive) since these chips are vulnerable to CVE-2017-15631.

- Version 0.4.5 (released 2017-09-14)
  - OATH: Don’t print issuer if there is no issuer.

- Version 0.4.4 (released 2017-09-06)
  - OATH: Fix yet another issue with backwards compability, for adding new credentials.

- Version 0.4.3 (released 2017-09-06)
  - OATH: Fix issue with backwards compability, when used as a library.

- Version 0.4.2 (released 2017-09-05)
  - OATH: Support 7 digit credentials.
  - OATH: Support credentials with a period other than 30 seconds.
  - OATH: The remove command is now called delete.

- Version 0.4.1 (released 2017-08-10)
  - PIV: Dropped support for deriving a management key from PIN.
  - PIV: Addded support for generating a random management key and storing it on the device protected by the PIN.
  - OpenPGP: The reset command now handles a device in terminated state.
  - OATH: Credential filtering is now working properly on Python 2.

- Version 0.4.0 (released 2017-06-19)
  - Added PIV support. The tool and library now supports most of the PIV functionality found on the YubiKey 4 and NEO. To list the available commands, run ykman piv -h.
  - Mode command now supports adding and removing modes incrementally.

-------------------------------------------------------------------
Mon May 15 13:07:17 UTC 2017 - t.gruner@katodev.de

- Initial Release 0.3.3