File yubikey-manager.changes of Package yubikey-manager.29290

-------------------------------------------------------------------
Mon Dec 19 18:58:06 UTC 2022 - Torsten Gruner <simmphonie@opensuse.org>

- Keep this version until version 5.0.0 or 
  yubikey-manager-qt v1.2.4 and yubioath-desktop v5.1.0 was fixed
- Some small .spec file fixes

-------------------------------------------------------------------
Wed Oct  5 20:03:36 UTC 2022 - Torsten Gruner <simmphonie@opensuse.org>

- Update to version 4.0.9 (released 2022-06-17)
  * Dependency: Add support for python-fido2 1.x
  * Fix: Drop stated support for Click 6 as features from 7 are being used.

-------------------------------------------------------------------
Mon Mar 28 18:28:45 UTC 2022 - Torsten Gruner <simmphonie@opensuse.org>

- Update to version 4.0.8 (released 2022-01-31)
  * Bugfix: Fix error message for invalid modhex when programing a YubiOTP credential.
  * Bugfix: Fix issue with displaying a Steam credential when it is the only account.
  * Bugfix: Prevent installation of files in site-packages root.
  * Bugfix: Fix cleanup logic in PIV for protected management key.
  * Add support for token identifier when programming slot-based HOTP.
  * Add support for programming NDEF in text mode.
  * Dependency: Add support for Cryptography ⇐ 38.

-------------------------------------------------------------------
Thu Oct 14 07:03:48 UTC 2021 - pgajdos@suse.com

- version update to 4.0.7
  * Version 4.0.7 (released 2021-09-08)
   ** Bugfix release: Fix broken naming for "YubiKey 4", and a small OATH issue with
      touch Steam credentials.
  * Version 4.0.6 (released 2021-09-08)
   ** Improve handling of YubiKey device reboots.
   ** More consistently mask PIN/password input in prompts.
   ** Support switching mode over CCID for YubiKey Edge.
   ** Run pkill from PATH instead of fixed location.
  * Version 4.0.5 (released 2021-07-16)
   ** Bugfix: Fix PIV feature detection for some YubiKey NEO versions.
   ** Bugfix: Fix argument short form for --period when adding TOTP credentials.
   ** Bugfix: More strict validation for some arguments, resulting in better error messages.
   ** Bugfix: Correctly handle TOTP credentials using period != 30 AND touch_required.
   ** Bugfix: Fix prompting for access code in the otp settings command (now uses "-A -").

-------------------------------------------------------------------
Tue May 18 18:39:36 UTC 2021 - Ferdinand Thiessen <rpm@fthiessen.de>

- Update to version 4.0.3
  * Add support for fido reset over NFC.
  * Bugfix: The --touch argument to piv change-management-key was
    ignored.
  * Bugfix: Don’t prompt for password when importing PIV key/cert
    if file is invalid.
  * Bugfix: Fix setting touch-eject/auto-eject for YubiKey 4 and NEO.
  * Bugfix: Detect PKCS#12 format when outer sequence uses
    indefinite length.
  * Dependency: Add support for Click 8.

-------------------------------------------------------------------
Thu May  6 14:10:34 UTC 2021 - Ferdinand Thiessen <rpm@fthiessen.de>

- Update to version 4.0.2
  * Update device names
  * Add read_info output to the --diagnose command, and show
    exception types.
  * Bugfix: Fix read_info for YubiKey Plus.
  * Add support for YK5-based FIPS YubiKeys.
  * Bugfix: Fix OTP device enumeration on Win32.
  * Drop reliance on libusb and libykpersonalize.
  * Support the "fido" and "otp" subcommands over NFC
  * New "ykman --diagnose" command to aid in troubleshooting.
  * New "ykman apdu" command for sending raw APDUs over the smart
    card interface.
  * New "yubikit" package added for custom development and advanced
    scripting.
  * OpenPGP: Add support for KDF enabled YubiKeys.
  * Static password: Add support for FR, IT, UK and BEPO keyboard
    layouts.
- Drop now unneeded python3-six, python3-usb and
  libykpers-1-1 dependencies
- python3-pyOpenSSL is optional, so move from Requires to Recommends

-------------------------------------------------------------------
Tue Feb  4 09:58:35 UTC 2020 - Paolo Stivanin <info@paolostivanin.com>

- Update to 3.1.1
  * Add support for YubiKey 5C NFC
  * OpenPGP: set-touch now performs compatibility checks before prompting for PIN
  * OpenPGP: Improve error messages and documentation for set-touch
  * PIV: read-object command no longer adds a trailing newline
  * CLI: Hint at missing permissions when opening a device fails
  * Linux: Improve error handling when pcscd is not running
  * Windows: Improve how .DLL files are loaded, thanks to Marius Gabriel Mihai for reporting this!
  * Bugfix: set-touch now accepts the cached-fixed option
  * Bugfix: Fix crash in OtpController.prepare_upload_key() error parsing
  * Bugfix: Fix crash in piv info command when a certificate slot contains an invalid certificate
  * Library: PivController.read_certificate(slot) now wraps certificate parsing exceptions in new exception type InvalidCertificate
  * Library: PivController.list_certificates() now returns None for slots containing invalid certificate, instead of raising an exception

-------------------------------------------------------------------
Tue Dec 17 13:58:40 UTC 2019 - Martin Pluskal <mpluskal@suse.com>

- Use modern python macros for building
- Run tests

-------------------------------------------------------------------
Wed Aug 21 20:28:54 UTC 2019 - simmphonie@opensuse.org

- Version 3.1.0 (released 2019-08-20)
  * Add support for YubiKey 5Ci
  * OpenPGP: the info command now prints OpenPGP specification version as well
  * OpenPGP: Update support for attestation to match OpenPGP v3.4
  * PIV: Use UTC time for self-signed certificates
  * OTP: Static password now supports the Norman keyboard layout

-------------------------------------------------------------------
Sat Jun 29 20:32:49 UTC 2019 - Karol Babioch <kbabioch@suse.com>

- Version 3.0.0 (released 2019-06-24)
  * Add support for new YubiKey Preview and lightning form factor
  * FIDO: Support for credential management
  * OpenPGP: Support for OpenPGP attestation, cardholder certificates and
    cached touch policies
  * OTP: Add flag for using numeric keypad when sending digits 

-------------------------------------------------------------------
Wed May 29 08:52:25 UTC 2019 - Karol Babioch <kbabioch@suse.de>

- Version 2.1.1 (released 2019-05-28)
  * OTP: Add initial support for uploading Yubico OTP credentials to YubiCloud
  * Don’t automatically select the U2F applet on YubiKey NEO, it might be
    blocked by the OS
  * ChalResp: Always pad challenge correctly
  * Bugfix: Don’t crash with older versions of cryptography
  * Bugfix: Password was always prompted in OATH command, even if sent as
    argument

-------------------------------------------------------------------
Mon Mar 11 15:10:02 UTC 2019 - Karol Babioch <kbabioch@suse.de>

- Version 2.1.0 (released 2019-03-11)
  * Add --reader flag to ykman list, to list available smart card readers
  * FIPS: Checking if a YubiKey FIPS is in FIPS mode is now opt-in, with the --check-fips flag
  * PIV: Add commands for writing and reading arbitrary PIV objects
  * PIV: Verify that the PIN must be between 6 - 8 characters long
  * PIV: In import-certificate, make the verification that the certificate and private key matches opt-in, with the --verify flag
  * PIV: The piv info command now shows the serial number of the certificates
  * PIV: The piv info command now shows the full Distinguished Name (DN) of the certificate subject and issuer, if possible
  * PIV: Malformed certificates are now handled better
  * OpenPGP: The openpgp touch command now shows current touch policies
  * The ykman usb/nfc config command now accepts openpgp as well as opgp as an argument
  * Bugfix: Fix support for german (DE) keyboard layout for static passwords
- Packaged man page

-------------------------------------------------------------------
Wed Jan  9 09:18:34 UTC 2019 - Karol Babioch <kbabioch@suse.de>

- Version 2.0.0 (released 2019-01-09)
  * Add support for Security Key NFC
  * Add experimental support for external smart card reader. See --reader flag
  * Add a minimal manpage
  * Add examples in help texts
  * PIV: update CHUID when importing a certificate
  * PIV: Optionally validate that private key and certificate match when importing a certificate (on by default in CLI)
  * PIV: Improve support for importing certificate chains and .PEM files with comments
  * Breaking API changes:
    * Merge CCID status word constants into a single SW enum in ykman.driver_ccid
    * Throw custom exception types instead of raw APDUErrors from many methods of PivController
    * Write CLI prompts to standard error instead of standard output
    * Replace function `ykman.util.parse_certificate` with `parse_certificates` which returns a list

-------------------------------------------------------------------
Mon Nov 12 09:15:25 UTC 2018 - Karol Babioch <kbabioch@suse.com>

- Added libykpers-1-1 as dependency (bsc#1115370)

-------------------------------------------------------------------
Wed Oct 10 08:38:58 UTC 2018 - Karol Babioch <kbabioch@suse.com>

- Version 1.0.1 (released 2018-10-10) 
  * Support for YubiKey 5A
  * OATH: Ignore extra parameters in URI parsing
  * Bugfix: Never say that NFC is supported for YubiKeys without NFC

-------------------------------------------------------------------
Fri Sep 28 09:09:20 UTC 2018 - Karol Babioch <kbabioch@suse.com>

- Version 1.0.0 (released 2018-09-24)
  * Add support for YubiKey 5 Series
  * Config: Add flag to generate a random configuration lock
  * OATH: Give a proper error message when a touch credential times out
  * NDEF: Allow setting the NDEF prefix from the CLI
  * FIDO: Block reset when multiple YubiKeys are connected
- Applied spec-cleaner
- Removed explicit version dependencies

-------------------------------------------------------------------
Wed Jul 11 09:24:55 UTC 2018 - kbabioch@suse.com

- Version 0.7.1 (released 2018-07-09)
  * Support for YubiKey FIPS.
  * OTP: Allow setting and removing access codes on the slots.
  * Interfaces: set-lock-code now only accepts hexadecimal inputs.
  * Bugfix: Don't fail to open the YubiKey when the serial is not visible.
- Version 0.7.0 (released 2018-05-07)
  * Support for YubiKey Preview.
  * Add command to configure enabled applications over USB and NFC. See ykman config -h.
  * Add command for selecting which slot to use for NDEF. See ykman otp ndef -h. 
- Applied spec-cleaner

-------------------------------------------------------------------
Tue Apr 17 07:18:29 UTC 2018 - kbabioch@suse.com

- Version 0.6.1
  * Support for YubiKeys with FIDO2. See ykman fido -h
  * Report the form factor for YubiKeys that support it.
  * OTP: slot command is now called otp. See ykman otp -h for all changes.
  * Static password: Add support for different keyboard layouts. See ykman otp static -h
  * PIV: Signatures for CSRs are now correct.
  * PIV: Commands on slots with PIN policy ALWAYS no longer fail if the YubiKey has a management key protected by PIN.
  * Mode: The U2F mode is now called FIDO.
  * Dependencies: libu2f-host is no longer used for FIDO communication over USB, instead the python library fido2 is used. 
- Cleaned up spec file (spec-cleaner)

-------------------------------------------------------------------
Wed Feb 21 21:09:42 UTC 2018 - t.gruner@katodev.de

- Version 0.6.0 (released 2018-02-09)
  -  OpenPGP: Expose remaining PIN retries in info command and API.
  -  CCID: Only try YubiKey smart card readers by default.
  -  Handle NEO issues with challenge-response credentials better.
  -  Improve logging.
  -  Improve error handling when opening device over OTP.
  -  Bugfix: Fix adding OTP data through the interactive prompt.

-------------------------------------------------------------------
Wed Jan  3 19:16:35 UTC 2018 - t.gruner@katodev.de

- Version 0.5.0 (released 2017-12-15)
  -  API breaking changes:
     -  OATH: New API more similar to yubioath-android
  -  CLI breaking changes:
     -  OATH: Touch prompt now written to stderr instead of stdout
     -  OATH: -a|--algorithm option to list command removed
     -  OATH: Columns in code command are now dymanically spaced depending on contents
     -  OATH: delete command now requires confirmation or -f|--force argument
     -  OATH: IDs printed by list command now include TOTP period if not 30
     -  Changed outputs:
         -  INFO: "Device name" output changed to "Device type"
         -  PIV: "Management key is stored on device" output changed to "Management key is stored on the YubiKey"
         -  PIV: "All PIV data have been cleared from the device" output changed to "All PIV data have been cleared from your YubiKey"
         -  PIV: "The current management key is stored on the device" prompt changed to "The current management key is stored on the YubiKey"
         -  SLOT: "blank to use device serial" prompt changed to "blank to use YubiKey serial number"
         -  SLOT: "Using device serial" output changed to "Using YubiKey device serial"
         -  Lots of failure case outputs changed
  -  New features:
     -  Support for multiple devices via new top-level option -d|--device
     -  New top-level option -l|--log-level to enable logging
     -  OATH: Support for remembering passwords locally.
     -  OATH: New option -s|--single for code command
     -  PIV: set-pin-retries command now warns that PIN and PUK will be reset to factory defaults, and prints those defaults after resetting
  -  API bug fixes:
     -  OATH: valid_from and valid_to for Code are now absolute instead of relative to the credential period
     -  OATH: period for non-TOTP Code is now None

-------------------------------------------------------------------
Sat Dec 30 09:04:16 UTC 2017 - jengelh@inai.de

- Fix RPM groups.

-------------------------------------------------------------------
Wed Nov 15 19:29:13 UTC 2017 - t.gruner@katodev.de

- Version 0.4.6 (released 2017-10-17)
  - Will now attempt to open device 3 times before failing
  - OpenPGP: Don’t say data is removed when not
  - OpenPGP: Don’t swallow APDU errors
  - PIV: Block on-chip RSA key generation for firmware versions 4.2.0 to 4.3.4 (inclusive) since these chips are vulnerable to CVE-2017-15631.

- Version 0.4.5 (released 2017-09-14)
  - OATH: Don’t print issuer if there is no issuer.

- Version 0.4.4 (released 2017-09-06)
  - OATH: Fix yet another issue with backwards compability, for adding new credentials.

- Version 0.4.3 (released 2017-09-06)
  - OATH: Fix issue with backwards compability, when used as a library.

- Version 0.4.2 (released 2017-09-05)
  - OATH: Support 7 digit credentials.
  - OATH: Support credentials with a period other than 30 seconds.
  - OATH: The remove command is now called delete.

- Version 0.4.1 (released 2017-08-10)
  - PIV: Dropped support for deriving a management key from PIN.
  - PIV: Addded support for generating a random management key and storing it on the device protected by the PIN.
  - OpenPGP: The reset command now handles a device in terminated state.
  - OATH: Credential filtering is now working properly on Python 2.

- Version 0.4.0 (released 2017-06-19)
  - Added PIV support. The tool and library now supports most of the PIV functionality found on the YubiKey 4 and NEO. To list the available commands, run ykman piv -h.
  - Mode command now supports adding and removing modes incrementally.

-------------------------------------------------------------------
Mon May 15 13:07:17 UTC 2017 - t.gruner@katodev.de

- Initial Release 0.3.3