MyEID Minidriver version 1.1.3 release note ------------------------------------------- Date: 16.12.2011 Installation ------------ - run MyEID_MiniDriver.exe and follow the instructions of the installation wizard. Updating from previous version ------------------------------ - run MyEID_MiniDriver.exe and follow the instructions of the installation wizard. - On Windows 7, insert a MyEID card, go to Device Manager and locate the card from the device tree under smart cards. - click "Update Driver Software..." Uninstallation -------------- - On Windows 7, insert a MyEID card, go to Device Manager and locate the card from the device tree under smart cards. Open popup menu with right mouse button and select "uninstall". Check "Delete driver files" checkbox. - On XP/Vista, delete registry key "Aventra MyEID" with regedit.exe. The key is a subkey of "HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Calais\SmartCard". Delete myeiddrv.dll from c:\windows\system32. If the file is in use (you get access denied), you need to reboot first (and not insert a MyEID card before deleting it). On a x64 system, delete also the registry key from HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Cryptography\ Calais\SmartCards. Delete myeiddrv.dll also from c:\windows\syswow64. Supported functionality ----------------------- - supports Windows Smart Card Minidriver Specification up to version 6.0 - supports 1024 and 2048 bit RSA keys - tested operating systems: Windows XP, Windows 7, Windows 2008 server - tested use cases: Smart card logon, certificate enrollment from Microsoft CA, VPN logon, logon through remote desktop Prerequisites for use ----------------------- - a PC/SC compatible smart card reader and a MyEID smart card that is initialized with PINs and a PKCS#15 file structure. Initialization can be done with for example MyClient software that is availabe on Aventra's web site (http://www.aventra.fi/MyClient) Known issues ------------ - uninstallation still has to be done manually. Changes from 1.1.1 ------------------ - added support for CALG_SSL3_SHAMD5 hash type - fixed incorrect behaviour, when CardSignData was called with no hash algorithm specified, with CARD_PADDING_INFO_PESENT flag - minor reliability improvements Changes from 1.0.5 ------------------ - extensive testing have been done to improve reliability and to prevent possible security vulnerablities. input data validation has been improved significantly. - The minidriver specification version 5 is now fully implemented except challenge/response functionality - version 6 of the specification is supported - the driver and the installer are now signed with Aventra's code signing certificate Changes from 1.0.4 ------------------ - Remote desktop crashed sometimes while shutting down and unloading myeiddrv.dll. The problem was related to static objects in the C++ STL and DLL unload order. A workaround was found, which ensures that the objects which caused problems are not instantiated at all. Changes from 1.0.3 ------------------ - Installation wizard - adding multiple certificates by web enroll works correctly Changes from 1.0.2 ------------------ - bugfix: Generated container GUIDs were not unique on cards that had several keys and certificates that were not loaded with the minidriver. Unique container GUIDs are now generated correctly for each container on cards that do not contain container map file. Changes from 1.0.0 ----------------- - key size is now written correctly to Private Key Directory File - minidriver creates and updates a "Container map file" on card, if necessary. In the previous version this file was maintained only in memory. It is required to keep this file on card when doing web enrollment with Windows 2008 domain's CA. Base CSP assigns a GUID to the created key container and it must remain the same between CardAcquireContext calls.