﻿7.60.03 - English 27/09/2020
============================
- Signed CiaMD
- AseKeySizeMax registry entry was changed from 2048 to 4096

7.60.02 - English 23/09/2020
============================
- artf783626 : Set default RSA key length in Minidrivers to be 2048
- artf785745 - c_login with NULL is not allowed with any of the 3 PINs, and in the PE file system SSCD is not allowed, so if null is passed 
in C_Login we fall back to CKU_DS_PIN to be passed to the gui
- CiaMD: added the JCOP4 ATR required for a standalone MD.
- CiaToken/CiaCertificate - because of differing reading the certificate's contents from the card, mpCertEF is null and in CiaCertificate::GetObjectId()
we need to calculate the file's path by calling GetCertPath() and not by GetCardRef(), which obtains it from mpCertEF. 
- CiaToken/CiaPin: SetUserPINStartDate is in try/catch as in PE we may not have credentails to update EF.AOD as it is protected by GP Key.
- P11/C_SetPIN* - return CKR_ARGUMENTS_BAD if there is a mixture of null and non-null values for the current and new values

7.60.01 - English 21/09/2020
===============================
- CDLToken - fixed Admin card functionality in ChipDocLiteCardSymKey::EncryptWithDiversifiedKey by sending blocks of data to
be encrypted in CBC mode when ECB mode is required.
- artf783365 : Set 4K as the max RSA key length supported by CD3 - was done only in the P11, but not the MD. 

7.60.00 - English 06/09/2020
============================
- artf746953: CD to support C_Sign with CKM_SHA384/512_RSA_PKCS
- artf761507: Add support for all RSA PSS mechanisms
- NOT INCLUDED IN VERSION: Signature APDUs (RSA/ECC) are now sent in Secure Messaging
- CiaToken: Update lastPasswordChange of the P15’s User PIN when its value changes.
- artf761298: Allow Cryptographic operations on token Public (RSA) keys
- artf763166: C_SetPIN failed with 0x102 if C_Login or GetTokenInfo were not called first for CD/CDL, as the flags were not 
updated in the token info.
- artf762753: Allow MD to support RSA 3K/4K keys (CD3.0). CChipDocLiteCardAPI::GetKeyCapabilities now uses the registry value
"aseKeySizeMax" to set the max RSA key length supported.
- artf695934: Cannot import SSCD certificate with "Container starts with" - fixed Token.cpp#DsPrefixMatch to check either attributes.
- artf677070 : Admin card feature to support ChipDoc V3 cards
- artf763490 : Test CMCK + MW with the cache disabled. Allow a eTestNoCacheOnWindows store mode to be used on Windows only.

7.57.08 - Montenegro 16/08/2020
===============================
- IDProtect PINTool string correction

7.57.00 - 06 English, Spanish 09/08/2020
=====================================================
- asePinDialog Spanish string correction. 
- IasEccToken: Querying the CD applet for its supported key types causes a memory leak. The MW function call that causes most of 
the leaks is checking if ECC is supported by the MD’s CardAcquireContext function. As we may assume that ECC is always supported 
in CD, the ICardAPI method IsECCSupported() was overidden to always return true.
- CiaToken: save the filenames of the MD files in the DataContainer's applicationName field, using the format <DFName>/<EFName>. This
enables to list and inspect existing files even when the file's AC_READ is not satisfied. CMCK was failing before this change 
when the files were not in the cache - see artf763488.

7.56.08 Spanish 26/07/2020
=======================
- remove %d strings from translation files

7.56.06-07 Spanish 22/07/2020
=======================
- monitor fix bug in while loop

7.56.04-05 Spanish 20/07/2020
=======================
- CiaTokenInfo: CiaTokenInfo::IncAndSet will try to update the card's value even if the token is not logged-in, 
allowing C_SetPIN to change any PINComplexity values (e.g. must change flag).
- monitor deletes RDP registry if no BIO
- Spanish strings corrected for tools

7.56.03 Spanish 14/07/2020
=======================
- Setup - release flags Biometrics, Services, CitrixClient removed from PE setup. Biometric libraries will not be installed. 
          Language of Setup is Spanish tools are yet to be translated.

7.56.02 Montenegro 16/06/2020
==============================
- P11: fixed support for CKM_RSA_PKCS_PSS - remove the first hash from PSS_Encode/Verify.

7.56.00 + 7.56.01 - Montenegro/ English 15/06/2020
============================
- Signed CiaMD was added to the setup

7.55.13 - Montenegro- 15/06/2020
============================
- not allow change label in Manager read only mode

7.55.12 - Montenegro- 01/06/2020
============================
- fix in IASECCToken, This fix should enable to pass the scenario below on cards formatted with the scripts for Montenegro, where Get Data blocked for the DS PUK. 
The change is in IasEccCardKey::Exists(), where in case this is a PIN it returns true if 0x6982 is received.

7.55.11 - Montenegro- 26/05/2020
============================
- fix in CiaToken, the pin complexity is maintained in a Cia DataContainer, but its value was used without updating it from the card (through the cache).

7.55.10 - Montenegro- 25/05/2020
============================
- Set property ROMANAGER=0 to ROMANAGER=1 

7.55.09 - Montenegro- 24/05/2020
============================
- Add missing translation string to asePinDialog.dll 

7.55.08 - Montenegro- 20/05/2020
============================
- fix bug 3.1.4 - for pin refresh after unlock
- fix more translations

7.55.07 - Montenegro- 13/05/2020
============================
- One more fix to special characters in Montenegro version (due to MS bug in font)

7.55.06 - Montenegro- 12/05/2020
============================
- fix special characters in Montenegro version (due to MS bug in font)

7.55.05 - Montenegro- 10/05/2020
============================
- new translations and fix bugs and fix issues according to the doc in artf739926

7.55.04 - Spanish - 07/05/2020
============================
- Setup - New signed CiaMD.

7.55.02 - 06/04/2020
=============================
- manager as viewer without asking for PIN 
- some ds bugs fix in token.cpp

7.54.00 - 06/04/2020
=============================
- Setup: Add support for PKCS11 for Firefox v58 and higher. Using extensions installed by the setup. 

7.52.01 - 15/03/2020 
=============================
- readOnly manager
- new PIN TOOL for PE
- change token.cpp setpin2 to allow GUI for enc/sig pins

7.51.16 - 13/02/2020 
=============================
- CiaToken - handle correctly cases where the User' History file is created but the count is set to 0 (Montenegro). In addition, the history file cannot
be enlarged beyond its initial (created) size.
- CiaToken - differ reading of Certificate objects till they are required.
- CiaToken - fix the way the CiaMapFile searches for an empty fid for a certificate when creating a new one (as there may be no ContextEF now because 
reading is differred).

7.51.14 - 04/02/2020 (Montenegro)
=============================
- P11: Fix a bug in C_SetPIN2(DS_PUK) where the DS PIN was incorrectly authenticated.

7.51.07 - 14/01/2020
=============================
- If Pin's prefix is used for non-PE cards return CKR_PIN_INVALID if the PIN doesnt exist on the card.
- CiaMD: CardChangeAuthenticator does not return an error if the PIN has expired.

7.51.06 - 13/01/2020
=============================
- C_Login(): Check if the userType matches the correct prefix – if not, the retry counter is NOT decremented and CKR_PIN_INVALID is returned.
- C_Login(CKU_SIGN_PIN/CKU_ENC_PIN) now verifies the pin on the card, and leaves the pin as de-authenticated. This means that a wrong value will decrement the retry counter and the function will fail with CKR_PIN_INCORRECT. 
- C_Login(CKU_CONTEXT_SPECIFIC) – if we are in the middle of an operation (e.g. decrypt/sign), check that the prefix matches the user type required and return CKR_PIN_INVALID if not (retry counter NOT decremented).
- PINs' prefixes are case insensitive.

7.51.02 - 30/12/2019
=============================
- CiaToken: Added Must Change support for the DS PIN (in addition to the User PIN).

7.50.12 - 15/12/2019
=============================
- CiaToken: fix the problems in format now that the PIN Complexity data containers are protected for Update with User || Admin.

7.50.10 - 10/12/2019
=============================
- Setup: three registry keys, empty strings, under IDProtect Client were added: aseAuthenticationPinPrefix, aseEncryptionPinPrefix, aseSigningPinPrefix
- P11/C_Login: update m_userType when the Sign/Enc keys are used. 

7.50.09 - 08/12/2019
=============================
- P11: When a new session is opened, set it as Logged-in if the userType is CKU_SIGN_PIN or CKU_ENC_PIN - in addition to the CKU_USER.

7.50.07 - 04/12/2019
=============================
- P11: Do not change the passed pin in C_Login* when the Prefix option is used. Use an offset instead.
- MD: Allow to execute RSADecrypt when either of the 3 pins are authenticated, instead of only the User PIN.

7.50.06 - 03/12/2019
=============================
- P11: Allow C_SetAttribute for CKA_SUBJECT even when CKA_MODIFIABLE is set to False.
- CiaToken/CiaPrivateKey – if the Subject is cleared, remove the matching keyIdentifier.
- Support a registry Prefix in the pin value that determines the userType
- MD: use empty CKA_SUBJECT for key containers (fixes Acrobat problems)

7.50.05 - 26/11/2019
=============================
- New P11 to support PE with 3 PINs
- New MD to support 3 PINs

7.24.02 - 25/08/2019 - Polish
=============================
- New Polish version with string corretions.

7.24.01 - 25/08/2019 - English
==============================
- New Laser and CIA signed MD.

7.24.00 - 18/08/2019 - English 
==============================
- CSimpleMsStore::InitUUID() - bytes 5 and 6 of the cardId were not included in the UUID. This may cause that the same MS cache "object space" 
is shared amongst more than one card. Affects all cards. (BCCR bug artf679535)
- label_t::Convert now removes up to 8 leading zeros, and pads with '#' if the result is too short. (BCCR bug artf679535)

7.23.03 - 18/08/2019 - Hebrew
=============================
- New Admin PIN Tool – button not responding corrected.

7.23.02 - 13/08/2019 - Polish
=============================
- String issues corrected.

7.23.01 - 12/08/2019 - Hebrew
=============================

7.23.00 - 29/07/2019
====================
- New registry keys in client and Calais for ‘ChipDoc JCOP4’ card.

7.22.00 - 14/07/2019
====================
- New Cia mini driver.

7.21.00 - 20/06/2019
====================
- New LaserMD (Only INF change – add registry key to control locking of transport key).
- Setup – New registry key ‘aseLockTrans’ can be controlled with parameter: LOCKTRANS (Default value = 1).

7.20.02 - 29/05/2019
====================
- Manager import bug solved.

7.20.01 - 23/05/2019
====================
- New CIA and Laser mini drivers

7.20.00 - 14/05/2019
====================
- fix complexity rule for CIA
- better behavior of delete DS in CSP mode (wrong sig PIN will not delete the key)
- add applet version to the manager for CIA  
- lock laser transport key on checkValidity and format (postInitialize)

7.19.04 - 07/01/2019
====================
- New CIA signed MD

7.19.03 - 26/12/2018
====================
- Enabling CDL applet to work with our SDK. 

7.19.02 - 20/12/2018
====================
- Correct a problem to create/generate non-SSCD keys on the applet for jcop 5.2. 

7.19.01 - 21/11/2018
====================
- Reading capabilities correctly in CDL.

7.19.00 - 19/11/2018
====================
- Changed Generate Key Pair and the Compute Digital Signature to be always Extended APDUs (CDL).

7.18.03
====================
- CiaToken: save CKA_DERIVE and CKA_SIGN_RECOVER attributes

7.18.02 - 08/10/2018
====================
- BCCR registry entry was added depend on BCCRREG=1 setup parameter.

7.18.00 - 20/08/2018
==========================
- Registry entries added to Calais: Athena IDProtect DuoV3, and Athena IDProtect V6.
- Registry entry CJCOP3 condition was removed.

7.17.00 - 18/06/2018
==========================
- remove aseVCapi.dll from setup
- fix sha2 signature issue

7.16.04 - 11/06/2018
==========================
- CiaToken - set and get CKA_ENCRYPT correctly for CiaPublickKey.

7.16.03 - 16/5/2018
==========================
- more PIN dialog improvment for the text size and finger bitmap, support 200/350% too
- bug in setting wrong FMR in laser. use the correct 2 bytes template type
- IasEccCard/Token - try GetSerialNumber with both CLA=00 and CLA=80, as in OSB CLA=00 is not allowed after the PA keys are locked.
- fix a crash when using BIO without installing BIO components

7.16.02 - 10/5/2018
==========================
- CiaToken: 1) CKA_VERIFY_RECOVER now saved to card. 2) CKS_KEY_GEN_MECHANISM now set.
- pin dialog: support dpi > 150
- pin dialog: GUI issue fix, above the finger
- athenaCSP: fix bug when no parameter is supplied in cryptAqcuierContext
- CiaToken: save CKA_WRAP and CKA_UNWRAP attributes

7.16.00 - 17/4/2018
==========================
- CiaToken: 1) CKA_VERIFY_RECOVER now saved to card. 2) CKS_KEY_GEN_MECHANISM now set.

7.16.00 - 6/3/2018
==========================
- fix invalid attribute that causes invlid object

7.15.00 - 15/2/2018
==========================
- support Citrix XenDesktop
- start support Horizon first version
- fix bug on PIN Dialog, read correct Pin type

7.14.00 - 23/01/2018
==========================
- Signed MD: Laser and CIA.

7.13.06 - 31/12/2017
==========================
- Hide internal objects in PKCS#11 interface 
- CiaToken/BaseToken - Bug Fix: after personalizing a card , Allows 10 minutes Grace time before change user PIN is required
- fix the CSP for checking ticket also when the PIN is < 16 (reported by the knseset)

7.13.04 (Internal) 12/11/2017
=============================
- Use new crypto algorithms. 

7.13.03 - 22/10/2017
====================
- New MD for CIA and Laser.
- ATR change for Chipdoc and CDL.

7.13.02 - 25/09/2017
==========================
- laser, fix to the correct template type so enroll Biometrics will pass

7.13.01 - 07/09/2017
==========================
- CiaToken/CiaCertificate.cpp - return CKA_CERTIFICATE_TYPE as unsigned long instead of int (previously webssl failed on Linux x64)
- CDL : Change 'mac' sym key value for SSCD BAC SM to its correct value ( same value of 'enc' was used as 'mac' till now )
- ciaMD, workaround for citrix, get protocol type from sCardStatus in case sCardGetCardAttrib fail with unsupported
- CDL/CD Token - OSB support for ID3 MOC 5.2: GetDefaultBioType() now encodes if MOC5.2 in the left nibble as 1 (if it 0 then it is MOC3).
- CDL/CD Token - OSB support for ID3 MOC 5.2: complexity rules's maxBioFingers passed to aseGetFMR() in 2'nd byte of 'cardBioAlg' parameter 
- CDL P40-OS3 SBR Issue fixed : since BAC is required, Defer any special SM Mode (such as SM_MODE_OUT for SBR ) to after Chip Auth  
- CiaToken - add SetLocal(true) in the CardREfid of CiaRSA/ECCPublicKey (otherwise it was not possible to SetAttributes of a Public key that existed on the token).
- manager - remove the minimized dialog on certUtil import

7.13.00 - 29/08/2017
==========================
- Signed Lasermd and Ciamd.

7.12.21 - 13/8/2017
==========================
- Added JRCP Talker support into CardUtils
- CIasEccCardAPI::AppletIsSelected() - ChipDoc on OSB returns 6A88 (older applets/cards return 6A86)
- Patch for P40-OS3-CDL applet 1.0.10 only:
  * In this cofiguration bypassing BAC is not possible
  * Bio : RemoveFinger - disabled as it is not working in this version ( so When using BioTool fingers are NOT removed before enrollment) 
- ICardAPI.h and IasEccCardAPI.* - add IcaoInternalAuthenticate method
- BaseToken.cpp (Laser) - fix to: "fileSize >= lenFromHeader + WEF_OBJECT_FOOTER_SIZE" instead of == in InitializeObjectNoTokenVersionChange(). This caused the object to be invalid as it expects to have an included version object. This bug caused an error mesage when importing pfx through FF on Linux.
- LaserToken - when reading the cache counter, set zero to the counter before copying the 4-bytes' counter as on some 64-bit OSs the higher 4 bytes are garbage.
- add C_EnrollBioImage and C_VerifyBioImage to the PKCS to support image injection

7.12.20 English - 10/7/2017
==========================
- AseDataBase\aseDBManager.cpp + VirtualChannelB\aseBio\dataStorage - change atomic to call_once

7.12.19 English - 02/07/2017
==========================
fix crash in PBMC200

7.12.18 English - 27/06/17
==========================
- Version should support SBR2/3 with Laser/CD ID3

7.12.15 English - 11/06/17
==========================
- fix signature PIN dialog caching
- fix certificate not in container in FF import
- fix Thuntherbird do not Identify SSCD keys (CKA_ID was created with wrong size)


7.12.11 English - 09/05/17
==========================
- CDL - bug #589
- LaserMD/CiaMD - in CardGetProperty of Serial Num clear the memory caching of the token info (Myid bug of cached SN)
- manager, fix import certificate not visibale by FF

7.12.10 Spanish Thin - 27/04/17
===============================
- Spanish Manager was added

7.12.09 Spanish Full - 27/04/17
===============================
- Spanish Manager was added

7.12.08 Spanish Full - 26/04/17
===============================

7.12.07 Spanish Thin - 26/04/17
===============================

7.12.06 - 26/04/17
==================
- New signed LaserMD

7.12.05
=======
- CiaTokenApplications::Build - parse correctly EF.Dir when more than one application exists (e.g. ICAO)
- Bug #586 - LaserToken/MD: CBaseToken::GetHPKCContents now limits the length of CKA_ID/LABEL correctly (SSCD containers failed to be imported/generated).
- bug in non-ascii containers names in manager laser card

7.12.02
=======
- fix idLen issue via CSP
- New signed LaserMD

7.12.01
=======
- CDL : Changed MF Delete AC , in case not using SSCD will be : SO PIN,
	for SSCD case default is NEVER or SO PIN according to existence and value of resgistry entry “aseAllowWipeCardOnDSCard” 
- CD - Changed Generic ADF's Delete to be the SO key instead of Free (in case SSCD doesnt exist, or when it exists and the registry indicates that it shouldnt be Never)
- CD - Set Generic ADF's DeleteSDO AC to User or SO (was free). NOTE: deletion of Public P11 objects will require User pin!!!
- New signed CiaMD

7.11.01
=======
- fix checking ID len when importing certificate(or key) to the card via C_CreateObject
- add “aseDelOnlyCertInternal” registery, under CU, when this is set only the certificate is deleted from a key container when u select delete in the manager. 

7.11.00
=======
- CDL : Updated SSCD FS as Agreed with Uri according to Minutes of meeting from 20/12/2017
- fix the CKA_ID to be the same as the one in the mapfile
- allow ECC import on win10  

7.10.09
=======
- fixed the decrement DeltaInSeconds that is written to the card
- fixed issue with pin always in format tool when it is set to 0


7.10.07
=======
- LaserToken - fixed the format of DeltaInSeconds that is written to the card

7.10.05
=======
- ChipDocLite ECDH Domain ID Optimization & backward compatibility
- IasEccCard:  Reading a  Binary EF now ignores SW=6282 as a spurious EOF to allow reading files which are larger than 32767 bytes
- bug #577 complexity rules modify admin 
- bug #578 fix friendly name 

7.10.00
=======
- LaserToken - User PIN History File was created through the Cacheable interface with 6 bytes too short, size on card was correct, and the hashed values couldnt be written to.

- New signed CiaMD.

*** Release v7.1

7.05.23
=======
- ChipDoc 3DES format failed, domain ID card ref problem fixed. (Bug #573).

7.05.22
=======
- CD/CDL/LPKI TokenLibs/MD - fixed ATRs for OSA/OSB
- Setup registry entries were added for CD and CDL OSA and OSB.

7.05.21
=======
- CiaMD library is back to its original size with optimization.

7.05.20
=======
- ChipDoc: Added CacheableDomainID EF to improve speed while using ImplicitSM - changeset 20240 
- BaseMiniDriver/BaseTokenMD.cpp - initialize the version member of the InfoStruct (bug in cmck when Compiler's space optimization is used)
- CiaToken - allow personalization with values taken form registry (see J:\Reader & DK\ASECard Crypto SDK\ToolKit\docs\ASE PKCS11\P11PersoReg.htm)
- Changed detection of ChipDoc applet - fix for problem where LASER identified as ChipDoc - Changeset 20247
- compile all the MD projects with minimum size optimization and remove lpki from the MD,  so that X64 dll can be certified
- CDL - Fetch ECDH Curve parameters data for SM using CryptoUtils ECCNamedCurve data (instead of hard coded before)
- CD/CDL/LPKI TokenLibs/MD - added ATRMask for OSA/OSB

7.05.19
=======
- Corrected the slow performance problem - was cause by different token counter (=last update time) in x64 and x32 because GeneralizedTime::operator time_t () didnt initialize the tm struct.

7.05.18
=======
- ChipDocLite : Bug#569 Fixed - Allow CDL to be formatted and used as an Admin Card - Changeset 20223 
- xxxTokenLib.cpp - remove memory leaks of Context and Talker objects - Changeset 20224
- TokenLibs/MD - add support for hard-coded ATRs+ATRMasks - Changeset 20224

7.05.17
=======
- ChipDoc - Fix bug which prevented creating an Admin Card with AC_Not satisfied (0x6982) - Details in Chnageset 20200
- CiaMD - fixed a bug in AppletExists(const string & readerName, void* hSCardCtx, void* hScard) where the talker was opened, while it shouldnt.

7.05.16
=======
- Minidriver version was promoted.

7.05.15
=======
- CiaToken - CiaTokenApplications::Refresh(true) - refresh now both Auth and Secret collections, and if any was updated link between the auth keys and the sym keys if needed (caused a failure in cmck ExecutionSpeed FileOps)
- CiaMd/IasEcc - CIasEccToken::SetSecureMessagingParams when generic SM is used it doesnt read the DH params from Card/Cache (hard-coded values are used instead). This was done to speed up performace of CardAuthenticate
- ICardAPI - added GetTalker() method (needed for eID SDK)

7.05.14
=======
- ChipDoc - use COsUtils::GetProcAddress() when accessing IFDUtils.dll during SymSM establishment - for cross platform support
- PkcsUtils/CardContext - delete the cache Store in the dtor
- MSStore - added more prints for debugging
- ChipDocLite - PNP Bug#568 - ChipDoc with PNP applet not detected correctly on manager fix in CChipDocLiteCardAPI::AppletIsSelected()


7.05.13
=======
- ChipDoc - User Global PIN Support , usage requires registry key : aseIsUserPinGlobal set to 0x01, and card prepared with privileges : 6 
- ChipDocLite - fix for bug #555 couldn't delete container, was stuck - fix (Changeset 20147) is now using correct command to clear key according to spec 
- ChipDocLite - Fixed security issue in filesystem format which could allow openning SSCD SM without BAC - fix involved changing SSCD and DSDF DF Flags to enforce it. 
- ChipDocLite/ChipDoc - Fix for Bug#563 "Version" in IDPC Manager/Format was disaplayed incorrectly (Changeset 20151)
- ChipDocLite - Fix for Bug#539 - ChipDocLite does not work as an Admin Card - symKey AC_CHANGE in CDL are now overriden to UserPin+SM (changeset#20152)
- Setup and products are now signed by as NXP.

7.05.10
=======
- ChipDoc : AdminPinPerso is now deleted at the end of SSCD Format to conform with SSCD file system ( changeset #20124 )
- ChipDocLite : Do not create the AdminPinPerso , since we dont need it during CreateSSCD ( to conform with SSCD file system since we cant delete it in CDL)
- ChipDoc : for eidSDK test program - fix to ignore ASN_ERROR in IasEccCardADF::Select() (same as already done in IasEccCardADF::intSelectADF()) - (changeset 20129)

7.05.09
=======
- P11Utils::GetAIDList - do not add empty AIDs to the list
- ICardAPI - CD/CDL add support for MutualAuthenticate 
 
7.05.08
=======
- ChipDoc OSA fix to Support Neuro Bio

7.05.05
=======
- CDL : Bug #554: ChipDocLite with Nuero does not work - Fixed
- CDL : Bug fix (ECDH SM) which caused failure during reformatting of card
- CacheableRSAPrivateKey, CacheableDomainParamDH, CacheableDomainParamECDH - use correct CacheLabel in all ctors.
- IasEccToken, ChipDocLiteToken - delete the CardDomainParams objects when the token is formatted (leaving them causes fetching of wrong key values from the cache)
- GUI issue with DPI in PIN Dialog
- NXP in help/about for Spanish and Port
- 3Des transaction on Win10 bug
- Bug Fix : Prevented CDL format in v7.05.03 / Portuguese and v7.05.04 - Spanish : Card Domain Param ECDH not initialized 
- Setup rebranding from Athena to NXP.

7.05.02
=======
- CDL : changed to using ECDH key agreement in SM (instead of RSA DH key Agreement before) - for optimized speed.
- Setup : document 'IDProtect for Windows Integration Guide' was removed.

7.05.01
=======
- bug #331 delete public key
- bug #492 copyright
- bug #534 spelling mistake on PIN tool
- ChipDoc: SSCD SSE-SP_Admin changed from 0xE to 0xA to overcome bug which prevented creating the SSCD ADF before the Generic ADF when using PA Keys
- ChipDocLite Bug fix (Changeset 20069) m_bPreCreated now updated correctly
- Bug #545 - do not open DS PIN GUI when the object is not a token one (even if it a DS one). MD - do not delete the public (session) key is it is DS.

7.05
=======
- P11 - changed timeout=0 (return immediate) in SCardGetStatusChange to 10 on MAC, as a value of 0 blocks.
- ChipDocLiteToken, CiaToken, PKCS11 : Update Access conditions during format *Admin Pin: Change PIN - SM + Activate Puk,  *Sig PIN  : Change PIN - SM + (ActivatePuk Or SigPin),  Unlock - SM + ActivatePuk 
- Support for dynamic detection of Bio Alg Supported (Neuro or Bio) in :CiaToken, ChipDocLiteToken, ChipDocLiteCard, IasEccToken, IasEccCardApi, CardUtils
- ChipDocLiteToken.cpp : AdminPinPerso Unlock AC changed to 0xFF never to comply with SSCD
- ChipDocLiteCardApi.cpp : GetDomainParamDH() optimized, when read from card, reads the pub data EF in one ReadBinary operation - result in half apdus sent to card than before
- CD/CDL/LPKIToken - support configurable AID instances as listed in the registry (feature #521)
- CiaToken, CiaPrivateKey : When Deleting a SSCD private key , also set dummy values for private key on card - (Also required Openning SM and verifying SigPin to allow that)
- LaserToken : When Deleting a SSCD private key , also set dummy values for private key on card - (Also required Openning SM and verifying SigPin to allow that)
- LaserToken - mark the DS entry in the ExistanceMap as invalid when deleting an SSCD key
- bug #528 - P11 - do not open SM channel if already open in IToken::GetBioPublicDataForPrecise
- bug #531 - LaserToken - fix a bug when importing an ECC pfx with Firefox. (CBaseToken::SetAttributes didnt check the key type of private keys so it was always created as RSA and when ECC was used it tried to set value to the non-existent attribute CKA_VALUE.)
- BaseToken::InitializeObjectNoTokenVersionChange - if the object is invalid (e.g. ECC public Key) then before deleting the cacheableEF we should clear the id that has a reference to it, otherwise there will be an attempt to delete twice the same memory (crash in Mac/Linux).
- BaseToken.h - added "unsigned" to CKK_ATHENA_3DES_FOR_DIVERSIFICATION and CKF_DS_IS_DEACTIVTAED as on Mac we couldnt compare a CK_ULONG value to them because they were negative values.
- ChipDoc - added support for Symmetric SM for SSCD , and Support for PA keys formatted card, keeping Customer Sym keys discretionary using external IFDUtils.dll (changeset 20055)
- CiaApplication Create() - SSCD adf is created after the Generic ADF for supporting PA keys formatted card - bug fix - to overcome conflict with SE#E in MF 
- CiaApplication Bug Fix : upon format deletes the SSCD ADF before the generic ADF - bug prevented reformatting of card
- ChipDoc change requested - Now if version is < 0x00050519 ( instead of =119 before) we assume we must use non standard challenge response (according to IasEccV2 spec)   

7.04.04 - Release Candidate
=======
- bug #522 - do not use CachableEF for the public key in CDL (recursive calls to the cache with ReadFromToken when an SSCD container is deleted).
- bug #523 - Pin::SetTimeLimit received unsigned char instead of unsigned int (m_valid=30 did not allow working)

7.04.03
=======
- CiaToken.cpp::CreatePrivate/PublicKey - when the creation fails, mApplications.DeleteCiaObject deletes also the CiaObject, so we must not delete it separately as well (bug fix for: crash when trying to import/generate RSA 4096 with CDL)
- Enable APDU logging to the regular log - controlled by the DebugLevel registry key when ORed with 0x100.
- ChipDocLiteCardAPI.cpp : Optimize updates to public EF's (RSA and ECC)
- ChipDocLiteCardAPI.cpp : ChipDocLiteCardBio::Change() use aseGetFMR on input parmeter before Loading biometric enrollment data
- CiaToken - fix the format bug in which C_Login to the card fails after format ends. Added Refresh for EF.AOD in CiaToken::ReadTokenInfo and update the cache counter if the CKU_SO is logged in (in addtion to the User).

7.04.02
=======
- ChipDocLiteCardAPI : avoid using cacheableEF while formatting a CDL DS profile as cache is not available - caused crash during format
- CDecryptor::RSADecrypt - use SupportsPKCS1PaddingRemovalByCard() to check if the card removed the PKCS1 padding from the decrypted data (CDL doesnt)
- CiaMinidriver - new united md for ChipDoc, ChipDocLite and LPKI to solve the conflicting ATRs problem
- ChipDocLiteCardAPI - ChipDocLiteCardElement::IntSelectByPath() avoid getting the fci to avoid asn parsing error ( happend on import sscd certificate from mamnager )
- ChipDocLiteCardAPI - fix read ac of svd to SM=0x80 when formatting an sscd profile
- manager , dont allow delete def ECC container too
- CacheManager - move mCounterPreIncremented to the Store interface as there exists more than one cachemanager objects and CDL fails when it tries to create the public cacheableEF of SSCD keys.
*** - CDL - Leave the bio key verified for ever (not clearing it even in Logout) for now!!!

7.04.01
=======
- P11 - add secure messaging in plain-text pin verification when no tickets is used (e.g. CD 119, CDL). Fixed in LoginPINAlways, LoginWithTicket + Get the ticket, VerifyTheToken.
- ChipDocLiteCardAPI : Public EF Keys cached,
- ChipDocLitecardAPI : changed AppletIsSelected() to use "verify file contents (80 02)" instead of "get version" - so to distinguish CDl from ChipDoc, LPKI and Laser (where this command is not supported)
- CSP, CryptAcuireContext and then CryptSetProvParam(PP_CONTAINER) will load PIN Dialog for user if it was not set
- ChipDocLitecardAPI : bug fix in ChipDocLiteCardBio::GetEnrolledFingers - wrong fingers returned
- manager over PKCS support ECC

7.04
=======
- P11+MD - with a ChipDoc card, import an ECC pfx with Firefox. Having the manager configured to work with baseCSP, the certificate cannot be viewed as CardGetContainerInfo fails. Fix: if there is no Q value that can be obtained from the P11’s private key, we try to find the matching P11’s public key and get Q from it.
- CiaToken - when we try to find a public key by filename, return the CiaPublicKey if in MD mode (done for the ECC fix above).
- P11 - allow finder to create existing P11 public keys according to their type (RSA/ECC).
- ChipDoc : Support for large RSA > 3072 , available in ChipDoc-OSA applet version 7.00001 using proprietary resize internal buffer command during format
- ChipDocLite SBR Support
- Setup: ChipDocLite token and MD were added

7.03.01
========
- Setup - Signed MD for ChipDoc, Laser, and LPKI were added.

7.03.01
========
- all minidrivers - there was a bug in CheckValidity as the code tries to verify that the card’s ATR matches the entries under TokenLibs. This code should not be called in MD mode.

7.03.00
========
- CiaToken - add the model to the tokenInfo
- LaserToken - bug #495 - fixed the "Valid for x minutes" bug (IToken::GetUserHowManySeconds() changed to new format only)
- bug #498 - AseCia/BasicTypes.h - set cia_ub_minPasswordLength=15 instead of 8 so that minLen >8 would be allowed for pin values.
- bug #496,#497,#508
- bug #505 - Fixed IasEccCardRSAPrivateKey::EncyrptDecrypt so that in case the data is prefixed with pkcs#1.5 padding [0x00, 0x01, 0xFF .... 0xFF, 0x00] and p119 is used, then the padding should be removed and Internal Authenticate that computes DS should be called instead. This way CardSignData with off-card hashed data succeeds when no OID can be added as in WEBSSL.
- Setup delete all libraries upon uninstall corrected.

7.02.03
========
- Setup bug #490 was corrected.  Set registry correctly for Microsoft and Athena \ NXP CSP.

7.02.02
========
- LaserToken - fixed a bug with PinHistory: when the file is created, the header should be updated through the CacheableEF interface as well
- Bug #487 - CiaToken - support card label in format and with CONTROL_SET_TOKEN_LABEL
- Bug #487 - DS profile allowed
- CiaToken - do not write the values of DS Pins to the complexity data container
- CheckRestrictons for pins may read only from complexity rules if the card doesnt support retrieval of attributes
- CiaToken - allow format without setting complexity rules first as the format tool does (i.e. use default values)
- CiaToken - allow adding new collections dynamically if run out of space (controlled by the registry key AddP15ObjectDirsDynamically)
- Token.cpp - move CheckPinHistory out of CheckPinRestrictions, and call CheckPinRestrictions before openning SM, in order to support CDL 
- CiaToeknInfo - update the cache with the card contents when a card is inserted (there was a bug on Linux that changing the lastUpdate on another machine didnt update the cache on the current machine)
- CiaToken - allow creation of symmetric session keys

7.02.01
========
- IasEccCardAPI - offcard hash RSA sign with either Sscd or version >= 519 will use PSO-CDS 

7.02.00
========
- Added an option to dump the Memroy Store to a disk file.
- fix the FMR of ID3 bio type cards
- CiaToken - ECC non-repudiation flag was set by mistake
- CiaToken - block the Decipher AC for Signature Private RSA keys by default if CKA_DECRYPT is false. Allow to open it if the registry key "CreateSignaturePrivateKeysWithDecipher" is non-zero.
- Feature #482 - add an option to have the P11 as a read only library controlled by the registry key "MDReadOnlyCard" (same as for the MD)
- LPKI - DS profiles not allowed in Format Tool
- CacheManager - use a condLocker_t for locking the store to prevent recursive locks that cause a deadlock in Linux (when trying to view an SSCD container in the manager - reading the cached Private key requires SM and the DH params are cached too)
- Bug Fix - Deleting a finger , now the finger is deleted from the BIT as well
- bug Fix - SupportsTicket issue – ContextFile SelectOnce() now gurantees that select is called within it once
- MyId - fixed CiaToken::WritePINsComplexity to support old structures (backward compatibility)
- LaserToken - LaserToken::CheckPinRestrictions used cacheable EF only when applicable (Linux format bug)
- IasEccCardAPI - RSA Sign with off card hash on SSCD wil use PSO CDS only if version >= 519 otherwise will use internalAuth - to overcome sdo usage limit in previous versions.

7.01.18
========
- CiaToken - do not check existance of private keys if they are SSCD keys in ::create
- bug #474,478
- bio, support the new 2020 next version adjust the threshold to 70 (with regKey)  instead of 255.
- bio, fix a bug when the finger index was not written correctly with sensors other than bsapi
- the last reader was not saved for next verify
- transaction and pin lock optimization in Finder,CreateObject, GenerateKeyPair
- CiaToken - add the keyLength for Chal/Resp and Symmetric keys created during format
- MD - add pinAlways support
- MyID - fixed userIsBiometric = 0 in pin complexity (backward compatibility)
- BioSupport - for unformatted cards, check if the card supports bio in all tools; for formatted cards, bio support is enabled only if the User has a bio part (in tools other than format tool)
- change the code so that it works even if GetAC() is not implemented (ChipDocLite)
- MD - work with SSCD keys, inlcuding enrollment/import
- CiaToken - fixed CiaToken::PreInitialize() code for a chal/resp admin (myID)
- BaseToken - fixed SafeDelete so that cacheable files can be deleted even if the cache counter file doesnt exist on the card
- CiaToken - the OD EFs sizes can now be determined by registry keys
- CiaToken - fixed a bug that didnt allow more than 5 containers to appear in the mapfile

7.01.17
========
- Bug fix when context is lost ADF was not selected (ocurred using manager and idptool together in ChipDoc)
- Optimization to defer checking if applet is selected (using ann apdu) only to later stage 
- bug #473 (removing cards while loading IDPC tools generates a PKCS init error) - added a try-catch block over CSlot::Init code

7.01.16
========
- MD - defer ReadTokenInfo until it is needed (optimization)
- bug #472
- More optimizations on CiaInfo and SFI changes

7.01.15
========
- Card Context access to Global Card API functions to make sure applet is selected
- MD - setTalker now checks if the transmit counter is valid, and only if not re-builds the token
- MD - compile pkcs11 + pkcsutils in one project (due to a compiler bug when accessing IToken methods from PinLock::lock())

7.01.14
========
- fixed the error returned from ContextDF::GetListData in case the card doesnt support list files apdu (occurred with MemoryStore and Update of a file with size=0)
- optimizations - transaction and pin locker object
- P11 - support Precise biometrics

7.01.13
========
- CONTROL_REFRESH_CACHE_COUNTER_FROM_CARD was removed.
- bug #466
- bug #468
- Android compilation.
- IasEccCardAPI - optimized Get Version and Get Total memory
- CiaToken optimization (Read, Select)
- Removed Get PIN DOUP APDU from IasEccCardPIN::Select() for optimization (will be done when actually needed)
- IasEccTokenLib::GetLibTokens - initialize the IasEccCardAPI in a transaction.
- GetTokenInfo - returns that the card supports biometrics only if the USer pin has a bio element. Added a C_Control CONTROL_GET_BIOMETRICS_SUPPORTED that is called only from the format tool.
- LPKI - use eSecureVerify for pin verification type.
- remove apdus called from IasEccCardAPI's ctor.
- IasEccCardAPI Optimization : no need to send any apdu at ctor, GetVersion apdu will be sent only when relevant info is required, no need for Init() to be called.
- P11 - remove recursive calls to BT from IToken::Invalidate()

7.01.12
========
- P11 - fixed pin freshness and init token version
- P11 - fixed pin valid for X seconds

7.01.11
========
- CiaToken - increase DCOD size from 750 to 1500 bytes (otherwise cmck tests fail)

7.01.10
========
- MD - added a new registry DWORD key MDAllowWorkWithUnformattedCards – if it is 1 then the MDInit should work with unformatted cards as well.
- ChipDoc+LPKI - add pin history support
- ChipDoc+LPKI - remove CiaObject(s) from ODs if GenerateKeyPair fails
- ChipDoc MD - fixed the ECC key length in the mapfile so that enrollment of ECC certificate in mmc succeeds
- MD - fixed a bug so that MDCardInitialize can work when the Admin is a Pin.

7.01.09
========
-admin card works on ChipDoc
- bug when enter wrong DS PIN
- feature 462

7.01.05
========
- bug #457

7.00.35
========
- IasEcc/LpkiToken - reset the cardContext when warm reset is called at the end of InitToken to select the applet if it is not the defualt selected one.
- bug when fast removing card after insert cause crash 
- fix MYID for laser and IASECC. SO des of 8-24 and complexity structure
- CryptoUtils - fix equals_0 in mathlib.c to work correctly when sizeof(long)=8 (Linux x64 problem with ECC-SM).
- P11 - split IToken 

7.00.20
========
- CryptoUtils - avoid using a sturct as a return value in Bytes2BigNum (fix made by Noam for x64 release ECC-SM stuck problem).

7.00.19
========
- lasermd - do not initialize the p11 library when in m_noCardMode as it causes a crash when we try to open a pcsc transaction with zero handles (ver 7.0.0.4).

7.00.18
========
- P11 + tokenlibs - removed IToken's and HandleCollection's locks.

7.00.17
========
- lasermd - supports now a generic filesystem (version 7.0.0.1) for the test-suite

7.00.16
========
- #pragma pack(push, ck_ase, 1) now declared in ck_ase.h + asepkcs.h for all platforms (not only win32)
- LaserToken: moved the m_context member from BaseToken to IToken
- LaserToken - TransportPin2 is always verified if the token is not logged-in as user or admin (required for updating the cache counter)
- LaserToken - handle the situation of the first select in a transaction

7.00.15
========
Setup - lasermd was added.

7.00.14
========
- Slot.cpp - return a slot Id for an empty slot.
- PcscTalker.cpp - reset the transmit counter when reset/reconnect is called so that the context would be invalidated and the applet re-selected.
- Setup - IASECC card was added to the setup.
- Setup - SC service was removed.

7.00.11
========
- P11 now uses the abstract interface IApduTalker instead of CPcscTalker/CcidTalker.
- LaserToken - stop caching certificates and mapfile on disk - the hash value still exists on card for backward compatibility.
- IASECCCard, File : AsnSdo.h, Removed constraint on non-Repudiation To overcome a bug in card implementation that  
	(upon GetData) doesn't return the Mandatory "Non-repudiation flag" (Tag '9E') if SDO was created as EmptySDOPrivateRSA (Should Be fixed by Lionel on next version of card)
- ScardCache, Files : SimpleMsStore.h/.cpp, Added additional 4 bytes random number to CardInfo to eliminate the chance that 
  CardInfo object for a card was removed from cache and when reinserted into cache the cacheVersionCounter might overlap existing old objects in cache.	

- SCardCache : interface of CacheManager and ICacheable changes - ICacheable now represents a single 
               single cacheable object. 
- IASECCCard
	Optimization phase :- 
	1. Removed unnecessary dynamic memory allocations
	2. changes from raw allocation to using self deleting unique_ptr
- CryptoUtils - Support for Brainpool elliptic curves
  
7.00.10
======
- remove the automatic cache reset - controlled now by the "ResetCache" registry value.

SCardCache -
Files: memoryStore.cpp, memoryStore.h 
•	Changes made to make sure memory store is aligned at 4 bytes boundary – Caused crash on android platform when not aligned.
•	Bug fix : on Update() Cache counter on memory store was not updated in case a large enough block was found.

IASECCCard:
* Allow ADF Deletion (proprietary 0x80 apdu) by passing optional parameter bIsADF=true to DeleteCardFile()
	- Default behavior remains same

•	Utils : WinScard extensions are now in CWinscardExt – dynamically loaded only once during construction 
•	ScardCache: SimpleMsStore now uses winscardext for using above functionality (requested for winXp)
	
7.00.09
======
- P11 - CryptoOperator Encrypt/Decrypt - initialize OAEP data members (found in Linux with pkcs11-tool --test).
- P11 - use the status for cardStatus when calling waitForCardEvent. Fixes a bug on XP where after station lock and card removal it was impossible to login with card again.
- remove shared memory from laser token

7.00.08
======
- Bug#316 - truncate the data to be signed with CKM_ECDSA to the key len
- Windows XP support was added
- CryptoUtils - fixed a bug in ECC (prevented working in Release compiled on MSDEV 2012 with ECC-based SM)

7.00.05
======
- Setup - IASECCProfiles.xml was added to common data folder
- Fix BIT_STRING const operator[] by not calling the non-const operator version
