Detailed release information

A string #XXX-NNN-NNNNN denotes the internal ticket ID for a task.

1.1.0.37

Added

  • Old properties for ActiveX Plugin object.

  • Resource extract when both executable and library is used to store resources.

  • Internal variable {user-agent-id}.

  • Plugin property "UserAgentId".

  • Test mode for trace parsing.

  • Windows session event 'SessionQueryEnd' and 'SessionEnd' for Watch component.

  • Autoconfigure of background tasks certificate/token when SCS is enabled.

  • TPM function call trace.

  • Trace information for PKCS11 execution mode.

  • Autorelease of PKCS11 sessions when session box is full.

  • Delay if receiving CKR_OPERATION_ACTIVE for Plugin invoke result.

  • Support to migrate all soft tokens with Net iD System Service.

  • Support to load resource to executable (Windows).

  • Support to read resource from executable (Windows).

  • Trace for existing Credential Providers and Credential Provider Filters.

  • Uninstall existing Net iD Enterprise/Client for default Linux/macOS install script.

  • Support for short serial number for eToken 5110/5300.

  • More trace information for remote components data protection.

  • CSP internal netid-session-count variable.

  • Configuration TokenTPM > UseChallegeResponse.

  • Internal variable {process-id} and {parent-process-id}.

  • Internal command for running action when process terminates.

  • Profile data parameter for internal token reset command.

  • Trace application end message.

  • Skip virtual channel reconnect when session not active (remote components).

  • ATR for IDPrime 3940.

  • Variable {component-md}.

  • Support Taskbar menu using PC/SC access mode.

  • Create/remove folder for Install Package configuration (Windows).

  • Minidriver virtual file system for IDPrime MD (certify test).

  • Update of minidriver cardid file when smart card does not support update of card serial number (certify test).

  • More trace for TPM unlock PIN with challene/response.

  • More trace for Remote PKCS11 when open session fail with CKR_SESSION_COUNT.

  • New conditions to detect Citrix/RDP.

  • Configuration variable {config-value:<section>:<entry}.

  • ECC support for KSP.

  • Possibility to store certificate uncompressed on PIV token.

  • Plugin property 'TraceText'. Value will be sent to trace without any other processing.

  • Configuration to hide Windows taskbar icon Service Taskbar>IconHidden=0/1.

  • Worker threads for remote components communication.

  • Special Access icons as id 132 and 133 for Windows.

  • Minimize/maximize when using Web App for Windows (argument -resizing).

  • Parameter for Credential Provider to only activate when last used.

  • Configuration of image/text for Credential Provider change PIN scenario.

  • Custom APDU command for YubiKey InitToken blob.

  • Support for using CNG when doing ECC operations.

  • Migrate of Net iD Enterprise soft tokens (TokenVSC>MigrateOld=0/1).

  • Import PKCS#12-/PFX-file to PIV/YubiKey using command line.

  • Initial ECC support for YubiKey.

  • Redirect trace to Net iD User Service window on Windows.

  • Parameter to control custom properties for CSP certificate store.

  • Parameter SmartCard>ForceSecureMessaging=0/1/2 (force use of secure messaging).

  • File type .bmp as allowed image file.

  • Proof-of-concept support for customer specific Thales 940.

  • Variable {userid:<upn>}.

Changed

  • Restored some changes done in 1.1.0.34 for remote communication.

  • Renamed internal variable netid-session-count to netid-remote-state.

  • Switched from ANSI to UNICODE versions of Windows CredProtect/CredUnprotect.

  • Renamed remote components protocol "ica" to "wfapi".

  • Default tile image size for Windows 10 and later (0x00C00030).

  • Parameter CredentialProvider > DependService will default wait for service to start instead of starting, but may still also start service.

  • Default timeout for reconnect Cache service (10 minutes to 10 seconds).

  • Application order for trace parse.

Updated

  • Start of Net iD Service trace component as separate process.

  • Backward compability library with new Pointsharp install folder.

  • ECC implementation for ID.me smart card.

  • Show disabled taskbar menu items (earlier invisible).

  • Added autologoff when calling PKCS#11 C_InitToken.

  • Only sandboxed or unsafe applications will use low access temp folder.

  • Check for loading of connected configuration.

  • Configuration variable "SharedPrefix" (used for interprocess communication).

  • Block connected configuration during setup.

  • Company from Pointsharp Net iD AB to Pointsharp AB.

  • Registration of IDPrime 3940 smart cards.

  • Reading of card serial number for all IDPrime MD/SIS smart cards.

  • Printed system information for Command Utility.

  • IDPrime MD smart card profile, single-use of key will check PIN policy.

  • Remote components communication protection.

  • IDPrime MD smart card profile, PIN2 keys always single-use.

  • Printed system information for Command Utility.

  • Net iD Command system information (will show both local and remote).

  • Default install_pkcs11.sh script for Linux (run after install modutil).

  • PKCS11 converting hexadecimal indata at Session UnlockPIN (only if response).

  • More trace for web-extension setup on Windows.

  • More trace for VDAPI setup.

  • Trace application startup message.

  • Some minor updates on what is written to trace.

  • Some minor updates for Minidriver support.

  • Matching condition with wild-card.

  • More trace for Watch when using "-logon" flag.

  • Parameter Service>DependService to also allow wait for communication.

  • WTS/ICA session lookup to handle session 'Console'.

  • Reporting of status for background service. First 'start-pending' and 'running' when all components are active.

  • PC/SC reload on error. Earlier only token present check, now also at transmit.

  • Extended trace for Command Tool.

  • Access of local configuration when unavailable.

  • Loading of library for Registry functions on Windows.

  • Only allow search for matching key pair at generation failure for smart card profiles that support secondary certificates.

  • Internal variable %INSTALL% from current library folder to install folder.

  • Copyright to Pointsharp Net iD AB.

  • Icons to new Pointsharp Net iD logo.

  • MSI package to support "LSA-package" and additional upgrade scenarios.

Removed

  • Removed update PIN status using PKCS#11 with CP when not used PKCS#11 access mode active.

  • Reverted error handling update for 1.1.0.17 when disconnecting virtual channel.

  • Temporary directory as default application data directory when missing.

Fixed

  • Unblock of Net iD Service trace component after blocked by dead connection.

  • Default uninstall script for macOS.

  • ECC raw signature for SCS component.

  • Certificate chain for SCS component with CA certificates in internal data.

  • Access low for Plugin invoke Abort.

  • Enroll YubiKey using macOS smart card reader implementation.

  • Unsafe location, will consider C:\Windows safe again.

  • Potenital crash for Net iD System Service.

  • Enroll YubiKey with "retired keys".

  • Load of extra resource data from executable when used from KSP.

  • Running Net iD Client in TS connected from client using Citrix with Net iD Enterprise.

  • Loading of global configuration for macOS/Linux.

  • Mix of RDP/Citrix virtual channel connections.

  • Write to Net iD System Service trace component when started after LogonUI.

  • Write of Net iD System Service application information when using trace component.

  • TS/RDP virtual channel double-jump problem.

  • TS/RDP reconnect of virtual channel for both "active" and "connected" state.

  • Some deprecated warnings for Linux webkit implementation.

  • Will not generate multiple Watch events for logon credential removed.

  • TS/RDP virtual channel double-jump problem.

  • TPM token flags.

  • TPM unlock for Credential Provider.

  • Copyright for Linux/macOS install/uninstall scripts.

  • Potential crash when using proxy for remote components (virtual channel).

  • Delete PKCS11 sessions when smart card removed during engine operation.

  • Response data length for remote components communication failure.

  • PKCS11 internal netid-session-count variable.

  • TPM unlock PIN using challenge/response.

  • Some variables for Credential Provider usage CHANGE_PASSWORD.

  • Load of Plugin web-extension for Linux when used with Net iD WebApp (soft links).

  • Crash when using remote components for Linux (virtual channel).

  • Format issue for Linux install script on Ubuntu 22.04.

  • Potential trace parsing eternal loop.

  • Plugin default application 'UNKNOWN' if unable to read, that is, ChromeOS.

  • ResetToken for IDPrime 940.

  • Verify PIN1 for IDPrime MD 4.EVEN card when all private keys missing (corrupt).

  • Update language for Setup dialog.

  • Better truncate of IDPrime MD dynamic model name (longer than 16 characters).

  • Error handling when disconnecting virtual channel.

  • Plugin extract certificate for corrupt data.

  • Slow detection of card insert for Credential provider.

  • Remove install directory at uninstall (company name).

  • Reload of credential after enroll/unlock for Credential Provider.

  • Variabel expansion for variabel with same length as GUID.

  • Minidriver virtual file system (certify test).

  • Minidriver ECC keys (certify test).

  • Exit-windows-dialog when unable to show (will force default action).

  • Virtual channel using Citrix.

  • CSP remember failed PIN attempts (only for CKR_PIN_INCORRECT and CKR_PIN_LOCKED).

  • Reload of trace configuration after waiting for Net iD Service started.

  • Ask current logged on user for Windows.

  • Create data object for IDPrime 940 SIS.

  • Block of force open local SSO cache on non-Windows systems.

  • Reset of CP command link at field update.

  • Internal variable {token-empty}.

  • SID translation to string.

  • Core dump on Linux when decoding PKCS#15 EF(TokenInfo).

  • BeID smart card model name.

  • SCS load of secure idle server (only install/delete SSL/TLS certificates).

  • SCS cleanup when unable to start server.

  • Error handling when Service Cache>UserProtect active for Linux/macOS.

  • Encoding of update counter for VSC token.