-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathchangelog.txt
128 lines (99 loc) · 3.47 KB
/
changelog.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
1.5.1 (to be released)
-----
- Upgrade to BC 1.76 (no changes to code)
- Mvn build using JDK 11 level
1.5.0
-----
- Add support for setting the four access rights bits reserved for future use, defined in BSI TR-03110-3, C.4.1.
1.4.15
-----
- Fix OIDField ASN.1 decoding to avoid future issues, https://github.com/primekeydevs/cert-cvc/issues/3. No functional changes.
1.4.14
-----
- Fix the validity time format of cvc certs to use only full days 00.00.00->23.59.59.
1.4.13
-----
- Enable custom CHAT (Certificate Holder Authorization Template), contributed by Max Fichtelmann of Procilon
- Upgrade to BC 1.68
1.4.12
-----
- Upgrade to BC 1.67 that removed the deprecated DEROutputStream class
1.4.11
-----
- Use the signature algorithm OID from the verifying public key when verifying certificates, if there is one, fall back to the certificate's own public keys oid.
1.4.10
-----
- Update BC to 1.61 and pom.xml to build with Java 11
- Use BC provider when verifying signatures CVCAuthenticatedRequest
1.4.9
-----
- Support for changing a subfield (algorithm OID) in CVCPublicKey
1.4.8
-----
- Support for certificate extensions in CSRs
1.4.7
-----
- Using BouncyCastle provider v1.57
- Support for certificate extensions
1.4.6
-----
- Using BouncyCastle provider v1.56
1.4.5
-----
- ECA-4379: Add additional CVC OIDs for SHA512 and SHA384
1.4.4
-----
- Using BouncyCastle provider v1.54
1.4.3
-----
- Using BouncyCastle provider v1.53
1.4.2
-----
- Using BouncyCastle provider v1.52
1.4.1
-----
- Using BouncyCastle provider v1.51
1.4.0
-----
- Added authorization roles and access rights for Authentication Terminals and Signature Terminals, which were added in the EAC 2.10 specification.
1.3.1
-----
- Using BouncyCastle provider v1.49
1.3.0
-----
- Using BouncyCastle provider v1.47, now compatible with 1.46 and 1.47.
1.2.13
------
- Fixed version number in pom.xml
- Fixed to work with latest versions of BC provider (both 1.45 and 1.46)
- ECA-2154: Fixed encoding/decoding of effective and expire date fields to always use GMT time zone
1.2.12
-----
- Code cleanup fixing PMD warnings
- Relaxed testing of country codes to allow testing with fake countries like XX
1.2.11
-----
- Fixed slight chance that EC public points would still be wrongly encoded (1 out of 2^16). Patch from Mark Baaijens of Ministerie van Binnenlandse Zaken en Koninkrijksrelaties, Netherlands.
- parseCertificate() does not throw IllegalArgumentException anymore but throws ParseException instead)
1.2.10
-----
- Fixed encoding of EC public points in the edge cases where affineX.length != affineY.length. Cone by adding the required left zero padding.
- Fixed returning of date field so returning expire date returns <day> 23.59.59, insdead of <day> 00.00.00.
When comparing dates expire date means that the CV certificate is valid for the whole of the <day> (CVC expire date only contains day resolution).
- Support for OIDs with numbers > 128.
1.2.9
-----
- Changed visibility of constructor CVCertificate(CVCertificateBody, byte[]) to public.
- Changed visibility of KeyFactory.createInstance to public.
1.2.8
-----
- Fix so CVC support works with HSM provider, tested with Sun PKCS#11 provider.
1.2.7
-----
- Support for ECC keys and signatures, need BC version 1.41 which is included in svn.
- Fix bug where outer signature in authenticated requests did not include CARef in TBS
- Don't add caRef if not passed, or passed as null, to CertificateGenerator.
- Translations of Swedish javadoc to English.
1.2.6
-----
Initial release