passwordless-lib/fido2-net-lib v2.0.0

on GitHub

Changes

This release is the culmination of more than one year of work and improvements.
Packages are available on nuget: https://www.nuget.org/packages/Fido2

• Fix typo in exception message - attestion -> attestation @ondrokrc (#202)

💥 Breaking change

• Improved API consistency for response parsing @Cooke (#150)
• Core 3.0 Support @abergs (#145)
• MDS refactoring @mackie1001 (#125)
• Moved Models and Public classes to Fido2NetLib.Models project @abergs (#103)

🚀 Features and enhancements

• change origin verify to use fully qualified origin @aseigler (#213)
• Attestation refactor, implement Apple attestation format verifier @aseigler (#205)
• Make TPM attestation format verifier work more like packed with regard to X5C @aseigler (#180)
• Switch remaining manual ASN.1 decoding to using the AsnElt library @aseigler (#176)
• Switch to using NSec.Cryptography v20.2.0 for Ed25519 @aseigler (#169)
• Upgrade PeterO.Cbor package to v4.1.2 @aseigler (#168)
• Add code coverage and codecov reporting @abergs (#170)
• Fix SafetyNet attestation verification, add unit tests @aseigler (#165)
• Add optional validation of attestation root certs @AdamUCF (#164)
• Add many unit tests for nearly all attestation types @aseigler (#162)
• adding solo tap and somu metadata to static metadata repository @AdamUCF (#157)
• Fix for issue #153 - System.IdentityModel.Tokens.Jwt version upgrade an associated fixes @mackie1001 (#156)
• Fixed challenge replay attack issue in examples @Cooke (#151)
• Improved API consistency for response parsing @Cooke (#150)
• Core 3.0 Support @abergs (#145)
• Add MDS configuration to Fido2Configuration @damienbod (#134)
• Remove CNG dependencies to allow cross platform scenarios @aseigler (#132)
• Code cleanup @Shtong (#127)
• MDS refactoring @mackie1001 (#125)
• Moved Models and Public classes to Fido2NetLib.Models project @abergs (#103)
• Refactor AuthenticatorData, and subcomponents @aseigler (#104)
• Redesign @abergs (#102)
• Continue redesign of AuthenticatorData, AttestedCredentialData, and CredentialPublicKey @aseigler (#100)
• Begin redesign of AuthenticatorData, AttestedCredentialData, and Cred… @aseigler (#97)
• Restructure repository per proposal in #79 @aseigler (#95)
• Convert metadata to async @aseigler (#83)
• Refactor and improve ToEnum extension method @CodeTherapist (#85)
• Add minimal tests for Base64Url class @CodeTherapist (#84)
• Parsing EnumMember values to Enum @daviddesmet (#75)
• Support Target Frameworks by OS @daviddesmet (#74)
• Properties of PublicKeyCredentialType enum are nullable @daviddesmet (#73)
• Prefer enumeration @daviddesmet (#69)
• Removed net462 from test project @abergs (#65)
• Added a guarding mechanism to prevent usage in .NET46X @MeikTranel (#66)
• TPM chain validation, move MDS to packed attestation specific area @aseigler (#63)
• Please review @aseigler (#59)

🐛 Bug Fixes

• Revert "change origin verify to use fully qualified origin" @aseigler (#211)
• change origin verify to use fully qualified origin @dgorbach (#208)
• Compare certificate validity period correctly when the machine is using a time zone other than UTC @kennep (#186)
• Fix SafetyNet attestation verification, add unit tests @aseigler (#165)
• Fix for issue #153 - System.IdentityModel.Tokens.Jwt version upgrade an associated fixes @mackie1001 (#156)
• Bug fix: require_resident_key @Shane32 (#152)
• EdDSA test, sign the actual data, not a hash of the data @aseigler (#128)
• Problem with non English OS @fa18swiss (#119)
• corrected error variable @Celdus (#118)
• Wrong naming of attestationObject and clientDataJSON in usernameless.… @Wesseldr (#105)
• Add field userHandle in verifyAssertionWithServer @Wesseldr (#108)
• use AppId instead of RpId to hash when AppId-Extensions-Flag is set @dgorbach (#99)
• Fixes enum parsing with dashed values @daviddesmet (#90)

🧰 Maintenance & documentation

• Release 2.0.0 (2021) @abergs (#207)
• Release version 2.0.0 @abergs (#175)
• Solve CI/CD Missing packages error @abergs (#182)
• Improved release note template @abergs (#174)
• Require labels on PR for better release notes @abergs (#173)
• Added better badges @abergs (#172)
• Added support for release-drafter as GH action @abergs (#171)
• fix 404 CHANGELOG link @damienbod (#163)
• Adding a changelog, and 2 links to the readme @damienbod (#160)
• Created CONTRIBUTING.md @Shtong (#129)
• Cleaned dead code @Shtong (#131)
• Adds xml comment documentation @CodeTherapist (#122)
• Code cleanup @Shtong (#127)
• Activating Open Collective @monkeywithacupcake (#123)
• Fix minor typos in demo javascript @Tornhoof (#115)
• fix links in readme to demo controllers @damienbod (#114)
• Redesign @abergs (#102)
• Add webauthn.io site to Read More @nicksteele (#81)
• Update README.md @aseigler (#77)
• Added syntax highlight to the code samples @herrjemand (#67)
• General project structure overhaul @MeikTranel (#61)