T1C-API
Search…
Changelog

v3.5.8

Compatible with JavaScript v3.5.1

Bug

    Cors list should always completely represent what is defined in the DS
    Macos CORS sync towards registry is not immediate
    Pin values cause validation to trigger when the encrypted value becomes to big

Improvement

    input validation on all endpoints of API and REG

Story

    Parameterize the range of free ports to run on
    As a user I would like to have the possibility to receive a notification for a new version

v3.5.7

Compatible with JavaScript v3.5.1

Bug

    Dialogs on OSX should have binary names with ENV prefix/suffix

Story

    As a Mac user I would like to have a launcher to better manage the Trust1Connector
    As the Trust1Connector I want my SSL certificate to be updated automatically when it has been updated in the DS

v3.5.6

Component
Version
JavaScript
v3.5.0

Bug

    Eherkenning middleware does not work properly with M1 hardware
    Launcher should only stop component in its own user-context

v3.5.5

Component
Version
JavaScript
v3.5.0

Story

    Support for Airbus token
    Support for safenet token
    Support for Eherkenning token

v3.5.4

Component
Version
JavaScript
v3.5.0

Bug

    File-exchange when folder does not exist the open dialog crashes

Story

    Migration to Rust Wacom

v3.5.3

Component
Version
JavaScript
v3.5.0

Bug

    Fix for Wacom App::data() Mutex issue
    Update Error handling to reflect prior version of T1C (and map new once to existing error codes for ease of integration)

Improvement

    Added x-xsrf-token to CORS headers

v3.5.2

Component
Version
JavaScript
v3.5.0

Bug

    Registry and API Cors syncing does not happen in the first cycle when registration towards DS is done
    Pin dialog does not give focus to the input field in Windows
    Cors rules do not take into account the protocol
    Pin dialog does not display on MacOS
    Prepare registry cert does not find the certficates and tries to copy but fails

Story

    Provide launcher executable to start and manage the Trust1Connector
    Add dialog timeout to CLI (for both win and mac)

v3.5.1

Component
Version
JavaScript
v3.5.0-RC7

Bug

    Application launcher does not check current installed files and folders properly

v3.5.0

Component
Version
JavaScript
v3.5.0-RC7

Bug

    DS public key should not be needed when no DS config is present
    Unavailable DS makes the Trust1Connector crash
    CMD.exe /c SET is executed by the sandbox with no apparent use-case
    Device key rotation also needs to update the ds-txs.json
    Trust1Connector with DS capabilities uses current dir as rootfolder
    File exchange download create folders write authorization error
    File exchange List Type Content response object is not complete
    File exchange dialog and network timeout need to follow the parameter or default
    update-type and cancel the browse windows does not return data in the response
    File exchange Update Type does not show correct the entity folder in the dialog
    File exchange List type response object is not correct
    File exchange create type shows dialog when path doesnt exist and modal is false
    As a packager I want to provide a specific port for the Registry
    API and Registry info endpoint do not return all properties
    T1C API uses the readers as an info endpoint
    MacOS limited the access towards files for services
    Sending unknown filters makes the API crash
    rename query param for all_data and all_certs to filter
    Standalone mode should not trigger prepare_registry_cert
    MacOS logger does not work when the binary is packaged
    Airbus selects wrong Non-Repudiation cert
    MacOS installer sometimes asks for administrative password

Improvement

    RUST support Jcop card
    Device key rotation
    Bulk reset MUST be a GET as it does not contain any body

Story

    As a Integrator I want all dialogs to have an optional timeout property
    As a user, I want to be able to use/have a DS for the v3
    Migrate to Rust Jcop
    Migration to Rust Luxid
    Migration to Rust Crelan
    Migration to Rust Chambersign
    Migration to Rust Certinomis
    Migration to Rust Certigna
    Migration to Rust airbus
    Add timeout and file parameter for MacOS dialogs
    Encapsulate MacOS package in an administrative package which always automatically installs in the correct context
    As a Packager I would like to run the Trust1Connector via an executable
    Safenet rustification
    eHerkenning rustification
    Use the exe filename instead of env! cargo name
    Refactor usize/isize for win/osx
    Implement Relo rust module
    Implement EMV rust module
    Implement new architecture for shared environment, multi session host, single installation, ...
    Expose CORS config, to be configurable upon runtime (not compile time)
    Rust - File Exchange
    Improve the startup of the T1C with the sandbox

V3.5.0-rc020

Component
Version
JavaScript
v3.5.0-RC7

Bug

    Not starting due to DS cert loaded, when DS is not needed (upon startup ds client)
    DS public key should not be needed when no DS config is present

Story

    Add anti caching headers on the response to avoid http caching on the client
    Update the license terms for Signid Release

V3.5.0-rc019

Component
Version
JavaScript
v3.5.0-RC6

Bug

    Unavailable DS makes the Trust1Connector crash
    Device key rotation also needs to update the ds-txs.json
    Trust1Connector with DS capabilities uses current dir as rootfolder

V3.5.0-rc018

Component
Version
JavaScript
v3.5.0-RC6

Bug

    Cors control of Trust1Connector API and Registry does not allow the CSRF header

V3.5.0-rc017

Component
Version
JavaScript
v3.5.0-RC6

Story

    As a user, I want to be able to use/have a DS for the v3
    Expose CORS config, to be configurable upon runtime (not compile time)

V3.5.0-rc016

Component
Version
JavaScript
v3.5.0-RC6

Bug

    File exchange download fails to move the temporary file to its final location

V3.5.0-rc015

Component
Version
JavaScript
v3.5.0-RC6

Bug

    File exchange download create folders write authorization error

V3.5.0-rc014

Component
Version
JavaScript
v3.5.0-RC5

Bug

    File exchange List Type Content response object is not complete
    File exchange dialog and network timeout need to follow the parameter or default
    update-type and cancel the browse windows does not return data in the response
    File exchange Update Type does not show correct the entity folder in the dialog
    File exchange List type response object is not correct
    File exchange create type shows dialog when path doesnt exist and modal is false
    API and Registry info endpoint do not return all properties

Story

    As a Integrator I want all dialogs to have an optional timeout property

V3.5.0-rc013

Component
Version
JavaScript
v3.5.0-RC2

Bug

    As a packager I want to provide a specific port for the Registry
    T1C API uses the readers as an info endpoint

V3.5.0-rc012

Component
Version
JavaScript
v3.5.0-RC2

Bug

    Airbus selects wrong Non-Repudiation cert

Story

    Migrate to Rust Jcop
    Migration to Rust Luxid
    Migration to Rust Crelan
    Migration to Rust Chambersign
    Migration to Rust Certinomis
    Migration to Rust Certigna
    Migration to Rust airbus
    Safenet rustification
    eHerkenning rustification

V3.5.0-RC10

Component
Version
JavaScript
v3.5.0-RC1

Bug

    Trust1Connector API must be able to log when packaged
    MacOS installer sometimes asks for administrative password
    MacOS limited the access towards files for services

Story

    Encapsulate MacOS package in an administrative package which always automatically installs in the correct context
    As a Packager I would like to run the Trust1Connector via an executable
    Use the exe filename instead of env! cargo name
    Refactor usize/isize for win/osx
    Rust - File Exchange
The folder restriction from Apple regarding user sensitive folders such as
    Documents,
    Desktop,
    ...
has been fixed in this version. More information regarding this restriction can be found in their release notes here under the section Launch Daemons and Agents

V3.5.0-RC9

Component
Version
JavaScript
v3.5.0-RC1

Bug

    Spaces in path caused invalid CLI arguments
    Sandbox log path caused crashes

V3.5.0-RC8

Component
Version
JavaScript
v3.5.0-RC1

Bug

    T1C-sandbox does not automatically restart after crash

V3.5.0-RC7

Component
Version
JavaScript
v3.5.0-RC1

Bug

    Sending unknown filters makes the API crash
    rename query param for all_data and all_certs to filter

V3.5.0-RC6

Component
Version
JavaScript
v3.5.0-RC1

Bug

    MacOS T1C api does not register towards the registry when installed via the packaging
    Standalone mode should not trigger prepare_registry_cert

V3.5.0-RC5

Component
Version
JavaScript
v3.5.0-RC1

Bug

    MacOS logger does not work when the binary is packaged

Improvement

    RUST support Jcop card
    Device key rotation
    Bulk reset MUST be a GET as it does not contain any body

Story

    Implement EMV rust module
    Implement new architecture for shared environment, multi session host, single installation, ...

V3.4.9

Component
Version
Proxy
v3.3.1
JavaScript
v3.4.1

Bug

    Pin Obfuscation not working for all modules
    Download type with implicit type creation used wrong path
    Windows launching the API in a localAppData folder with a user which holds a & fails in Windows
    Airbus selects wrong Non-Repudiation cert

Story

    base64 encode the PIN before sending it to the API

V3.4.8

Component
Version
Proxy
v3.3.1
JavaScript
v3.4.0

Bug

MacOS File exchange private folder should not be allowed to be used as the OS prevents the use of these folders

V3.4.7

Component
Version
Proxy
v3.3.1
JavaScript
v3.4.0

Bug

    PKCS11 module error codes arent mapped correctly
    Update the Eherkenning module to allow non hashed data for signatures
    Certinomis Wrong pin returns incorrect error response

Story

    Chambersign token integration

V3.4.6

This release contains a known bug with Luxid, this will be patched in a upcoming release.
Component
Version
Proxy
v3.3.1
JavaScript
v3.4.0

API

Bug

    Certinomis integration with official middleware version

V3.4.5

This release contains a known bug with Luxid, this will be patched in a upcoming release.
Component
Version
Proxy
v3.3.1
JavaScript
v3.4.0

API

Bug

    macOS pin entry popup remains open after timeout
    WIN - The sandbox is not able to register to the api

Story

    I want to enable module for Certinomis
    Migrate certigna integration with the latest token

V3.4.4

This release contains a known bug with Luxid, this will be patched in a upcoming release.
Component
Version
Proxy
v3.3.1
JavaScript
v3.3.0

API

Bug

    Download file - folder creation is not correct

V3.4.3

This release contains a known bug with Luxid, this will be patched in a upcoming release.
Component
Version
Proxy
v3.3.1
JavaScript
v3.3.0

API

Bug

    Windows users with spaces cause proxy init script to not work

V3.4.2

This release contains a known bug with Luxid, this will be patched in a upcoming release.
Component
Version
Proxy
v3.3.1
JavaScript
v3.3.0

API

Bug

    MAC - Sandbox not running on macos high sierra
    Sandbox restart mechanism spawns mutiple functioning sandboxes but doesnt wait for the port registration
    MAC - sandbox not working on macos big sur

Story

    Update retry mechanism to restart the sandbox after a failure

V3.4.1

This release contains a known bug with Luxid, this will be patched in the upcoming.
Component
Version
Proxy
v3.3.1
JavaScript
v3.3.0

Proxy v3.3.1

Bug

    Trust1Connector in shared environment fails to register towards Proxy
    Usernames with spaces cannot consent
    play.pid file prohibits play api to start after reboot

API

Bug

    Sandbox is unable to retrieve usernames with special characters
    Create type with initial path keeps adding // at the beginning of the path
    Issue signing with eHerkenning token
    Stop T1C components script in shared environments stops for all users
    Trust1Connector in shared environment fails to register towards Proxy
    Usernames with spaces cannot consent
    play.pid file prohibits play api to start after reboot

Improvement

    Provide DNS Signed certificate to avoid DNS resolve issues

V3.4.0

This release contains a known bug with Luxid, this will be patched in the upcoming.
Component
Version
Proxy
v3.3.0
JavaScript
v3.3.0

API

Bug

    Update Sandbox http ports to not interfere excluded ports
    File-exchange download does not overwrite the file if its already present.
    ListTypeContent on C folder throws an error because there is a hidden/swapfile already in use
    CreateType adds an extra / at the start of the path
    When the Machine restart the API runs on a different port. This causes the consent to not be valid anymore
    CreateType and UpdateType do not show a modal from the proposed folder
    E-Herkenning module signing and authentication is not working anymore

Story

    Sandbox must start on a free port and register itself towards the API

V3.3.3

Component
Version
Proxy
v3.3.0
JavaScript
v3.3.0

API

Story

    Algorithm reference should be optional and be preslected the best algorithm if not presented
    Added the system's current epoch timestamp to the expired JWT error message
    Add cache headers to responses to prevent browser caching issues

V3.3.2

Component
Version
Proxy
v3.3.0
JavaScript
v3.3.0

API

Bug

    Beid v1.8 sign sometimes added the LE

V3.3.1

Component
Version
Proxy
v3.3.0
JavaScript
v3.3.0

API

Bug

    Return interface to previous state to prevent breaking applications

Story

    Trust1Connector API should be able to connect to the DS in a proxy network

V3.3.0

Dependencies

Component
Version
Proxy
v3.3.0
JavaScript
v3.2.13

API

Story

    I want to enable module for Airbus
    A new version of the trust1connector should have an update option in the MSI
    Make synchronization schedule 15 minute interval occur not at the start of hour, but from startup

Bug

    Update certificate model to correctly handle multiple certificates

Proxy

Story

    Make synchronization schedule 15 minute interval occur not at the start of hour, but from startup

v3.2.8

Beid 1.8 has different algorithms compared to 1.7. In a future release the Trust1Connector will merge these so the same values can be used for 1.7 and 1.8

Dependencies

Component
Version
Proxy
v3.2.7
JavaScript
v3.2.12

API

Bug

    Log file for Sandbox-windows should be saved to the Log folder
    Entity and Type return same error code for not found and already exists
    Decryption of pin should not be blocking initialisation or any pin use-case
    Pkcs11 module and os dialog return decryption error

Story

    I want to enable the module for BeID 1.8
    Integration jcop3

v3.2.7

Dependencies

Component
Version
Proxy
v3.2.7
JavaScript
v3.2.12

Proxy

Bug

    Error handler does not build the Error-code correctly

API

Bug

    Rawprint module returns error when executing print request
    Rawprint OpenAPI specification contains model error
    T1C Api returns 404 instead of 503 when the GRPC server is not available
    Return appropriate http status code 503 when the sandbox service is unavailable instead of 404
    Client errors do not return a valid error-code

Story

    Configure the memory and disk buffers to accept file uploads up to 50Mb
    File download in file exchange should support multipart form-data

v3.2.6

Dependencies

Component
Version
Proxy
v3.2.6
JavaScript
v3.2.10

Bug

    Chambersign can only be used when installation done with admin rights
    Log files build up after time which takes a lot of space on the hard disk after a while
    Remoteloading split Tx, RX and SW was only present in TX value

Story

    I want to enable the module for Chambersign
    I want to enable the module for Certigna
    The Trust1Connector API/Proxy should support wildcards in its CORS whitelist
    Rotate the logs on a time- and size-based policy

v3.2.5

Dependencies

Component
Version
Proxy
v3.2.3
JavaScript
v3.2.9

Bug

    Updatable Trust1Connector does not trigger an OS dialog
    Application names with spaces cause issues application lifecycle management
    Entity and type response object inconsistency
    Sandbox does not start when system boots without internet connection available
    Remoteloading split TX, RX and SW value based on APDU response

Story

    T1C API endpoint to prolong the consent cookie
    Update error codes of the proxy so they do not interfere with the error codes of the regular API
    Align error codes returned from the sandbox service with the API
    Integrate the printer driver
    Use Device certificate to encrypt the pin value sent in clear text
    Change the JWE communication from headers to request body in order to prevent header size limit errors
    Include memory management for the Java process spawned by the OS
    I want to enable the module for Chambersign
    I want to enable the module for Certigna
    I want to enable the module for eHerkenning
    I want to enable module for Print Writer

v3.2.4

Dependencies

Component
Version
Proxy
v3.2.2
JavaScript
v3.2.8

Bug

    Resetting the bulk pin does not remove the pin from the cache

v3.2.3

Dependencies

Component
Version
Proxy
v3.2.2
JavaScript
v3.2.8

Bug

    T1C does not work with FireFox
    when the pkcs11 is not initialized correctly in sandbox, calling directly the other functions, sandbox crashes
    Some EMV cards return 'beid' as suggested module
    Packaging automatic file recognition in Wix adds admin registry key entries to the installer for included DLL files

Story

    Provide a eHerkenning module for NL
    Integration of the eHerkenning (NL) PKCS11 module in Token Interface
    As an integrator I want errors to be consistent, clear and comprehensive
    Integrate remote loading module

v3.2.2

Dependencies

Component
Version
Proxy
v3.2.2
JavaScript
v3.2.8

Bug

    Remove v2.4.3 from T1C-lib-JS repository
    Crelan signing fails when data is different from 16 byte hex string
    Diplad sign operation fails when using specific Crelan reader
    The sandbox does not recover when using branded/custom package installers
    Allow bulk sign - does not work in JS
    Diplad description - verified but was already fixed in 3.2.1
    The T1C-API only syncs the cors list at startup, not during scheduled sync

Improvement

    Provide separate implementation for Belgian eID with Crelan reader

Story

    Skip CORS when running in develop mode
    Log output of shared environment initialisation script to file

v3.2.1

Dependencies

Component
Version
Proxy
v3.2.1
JavaScript
v3.2.8

Bug

    Diplad card description in get readers response not aligned with v2
    Diplad card crashes/does not work with cards with 1 revoked non-repudiation certificate and 1 additional valid non-repuditation certificate
    Reset Bulk Pin method in JS SDK returns a 404
    Crelan signing fails in sandbox
    serialnumber wrong mapping in pkcs11 objects
    no session flag found in input parameters when fetching certificates with PKCS11 objects
    Bulk sign query parameter encoding in JS SDK is wrong

Story

    As a T1C-API service I want to my pid handling more robust
    Update PKCS11 objects token information with mechanism information

v3.2.0

Dependencies

Component
Version
Proxy
v3.2.0
JavaScript
v3.2.8

Bug

    Diplad signing operator implicit deleted error. Makes GRPC crash
    Fix typo error in open-api yaml specification
    Registration shuts down Trust1Connector
    Update openapi yaml with pkcs11 objects endpoints
    Providing the pin popup with an invalid pin simply reopens the pin popup for another try
    Canceling pin causes the pin popup to reappear
    Pin input timeout on Windows crashes the dialog windows and terminates sandbox
    "issuer" property of T1C-API token biometric data is not present in JS SDK
    Compile MacOS version of T1C-Sandbox post upgrade cmake 2019
    Fix LuxID issues after recompilation with VS 2019
    Bulk signing with card with PACE layer does not temporarily store the PACE info
    Reset Bulk PIN endpoint should be a POST request to avoid caching issues
    openPinDialog crashes when called after previous request timed out

Improvement

    Add images & logo's to the Windows installer
    Implement authentication in JWT + Document with example
    Remove grpc port from config in JS

Story

    As an integrator I want to have the Wacom functionality in REST available
    Integrate Wacom JS SDK
    As a developer, I want JWT's to be validated in the proxy
    Windows installer includes the firewall settings upfront
    Pkcs11 Custom exception handling
    As a developer I want the T1C SDK to be provided as an NPM package
    Parse certificates in the Trust1Connector JS so we can provide detailed info about the certificate
    Update proxy with h2 database
    Reduce the size of the shared environment intialisation JAR
    Integrate Crelan in T1C JS SDK
    Enable Diplad in JS module factory
    Allow manual trigger of registration and synchronization
    Use a stable unique identifier as device id
    Make use of Java11 LTS as packaged JRE

v3.1.4

Bug

    File digests config doesn't take the path differences between Mac OS and Windows into account
    PKCS11 configuration cookie cannot be created on Windows devices
    PKCS11 returns null pointer exception when no pin is provided
    Unresolved address excpetion when the Trust1Connector is installed or started without internet connection

Story

    As an end user I can use RMC with the new T1C v3 for the belgian eID and the file exchange
    Windows installers are signed with the Trust1Team certificate
    All endpoints communicating with smardcards/tokens/... need to be protected by means of JWT
    Support for silent install on Win Platforms
    Remove sensitive system info from API & Proxy exposed on /info endpoint
    Remove from API & Proxy the temp folder path on the /info
    Provide the possibility to use PKCS11 objects instead of keystores
    Integrate PKCS11 container in the sandbox-service
    Maintain a transaction log with labels
    Ability to do bulk signing with the generic token interface

v3.1.3

Bug

    PKCS11 SlotId in config issue
    Fileexchange when canceling file or directory dialogs, no error is thrown but an empty path is returned
    Catch errors with regards to the GRPC service nog being running
    File IO needs to check if access rights for file are fulfilled otherwise return 803
    Fileexchange v2 recovery failed due to wrong encoding
    T1C JS SDK fix typo for responseObject info endpoint
    Typescript typings are conflicting with eachother (generics)
    T1C SDK pkcs11generic slots should be numbers instead of strings