4.0.0-beta3

https://www.nuget.org/packages/Fido2/4.0.0-beta3

What's Changed

• Make Origins readonly by @Regenhardt in #393
• Feature/blazor wasm by @Regenhardt in #379
• Use correct Origin in Blazor example by @abergs in #408
• Support for PRF Extension by @kspearrin in #390
• Improve Code Quality by @iamcarbon in #405
• Fix demo project starting exception: change TargetFrameworks to TargetFramework by @yedidyas in #403
• Fix AuthenticationExtensionsClientInputs Example json prop name for conformance tests by @yedidyas in #404
• [WIP] Make AuthenticatorData immutable and strongly type throughout library by @iamcarbon in #412
• Add .bool to Output aswell by @abergs in #409
• Added Enterprise attestation by @abergs in #410
• Prefer Ed25519 when available by @abergs in #413
• Add CredentialPropertiesOuput (RK Support) by @abergs in #411

New Contributors

• @kspearrin made their first contribution in #390
• @yedidyas made their first contribution in #403

Full Changelog: v4.0.0-beta2...v4.0.0-beta3

v4.0.2 Beta2

https://nuget.org/packages/fido2/4.0.0-beta2

What's Changed

• WIP: Support device public key and passkeys by @aseigler in #356
• Simplify enum mapping & update specification links by @iamcarbon in #368

Full Changelog: 4.0.0-beta1...v4.0.0-beta2

4.0.0-beta1 🌈

Changes

• SourceLink consolidation @Regenhardt (#384)
• Fix Conformance Test @iamcarbon (#363)
• Improve Code Quality @iamcarbon (#352)
• Update link in Readme @mlh758 (#354)
• Improve error handling @iamcarbon (#344)
• Fix TestAppleAppAttestProd test on macOS & Linux @iamcarbon (#347)
• Use file scoped namespaces @iamcarbon (#343)
• Support ResidentKeyRequirement @dIeGoLi (#311)
• Pipelines fixes @abergs (#333)
• Improve Code Quality @iamcarbon (#326)

💥 Breaking change

• Strongly type AaGuid @iamcarbon (#362)

🚀 Features and enhancements

• Strongly type AaGuid @iamcarbon (#362)
• Fixes Fido2Configuration.FullyQualifiedOrigins contains a null entry when configured from a configuration section on .NET 7 @ghost (#360)
• Add Mac and Linux to test pipeline @aseigler (#332)
• Implement support for apple-appattest attestation format @aseigler (#322)
• added [DynamicallyAccessedMembers(DynamicallyAccessedMemberTypes.PublicFields)] annotations to generic enums @filipw (#330)

🐛 Bug Fixes

• Check return value from Base64.DecodeFromUtf8InPlace(), throw if error @aseigler (#331)
• Fix serialization error in Demo. Fixes #328 @abergs (#329)

🧰 Maintenance & documentation

• Update tests to get clean CI @aseigler (#355)
• Fixed clientDataJSON name @namespacedevbox (#348)
• Fix serialization error in Demo. Fixes #328 @abergs (#329)
• Updated sourcelink @abergs (#327)

v3.0.1 🌈

Patch release to solve an issue occurring with Windows Hello with latest windows update.

Upgraded sourcelink: 1aa3aa9
Fix TPMS_ECC_POINT parsing for TPM attestation b6f7642

https://www.nuget.org/packages/Fido2/3.0.1

v3.0.0

A long time has passed since last major release.
During this time there has been a lot of movement in the .net ecosystem, with .net5 and .net6 and new C# language versions.
This release is a large one, it contains several smaller breaking changes.

A guide on how to upgrade is available (thanks to @namespacedevbox) in Github issue #264

There are some changes that didn't make it into v3.0.0 such as the CTAP API, which will be released in a later version.

📦Nuget package is available at: https://www.nuget.org/packages/Fido2/3.0.0

Here are the release notes:

💥 Breaking change

• Improve code quality 4 @iamcarbon (#254)
• Drop net5.0 support & update depedencies @iamcarbon (#295)

🚀 Features and enhancements

• Drop net5.0 support & update depedencies @iamcarbon (#295)
• Refactored IMetadataService to be async and removed init-related methods @mackie1001 (#266)
• Add CancellationToken to Task methods @trejjam (#278)
• Add .Net 6 as supported framework @trejjam (#270)
• Improve Code Quality 7 @iamcarbon (#279)
• Enforce UV in attestation if required for registration @aseigler (#276)
• Add tests @aseigler (#269)
• Support Multiple Origins @Hinton (#237)
• Fix attestation certificate validation @adricasti (#261)
• Improve Code Quality 5 @iamcarbon (#259)
• Use System.Formats.Cbor @iamcarbon (#257)
• Move AndroidKey tests to System.Formats.Asn1, remove AsnElt @aseigler (#258)
• Improve code quality 4 @iamcarbon (#254)
• Improve code quality 3 @iamcarbon (#251)
• Migrate from Newtonsoft to System.Text.Json @iamcarbon (#249)
• Improve Code Quality 2 @iamcarbon (#244)
• Cleanup tests @iamcarbon (#247)
• Use .NET 5.0 SDK @iamcarbon (#245)
• Improve Code Quality @iamcarbon (#239)
• Support MDS3 @aseigler (#238)

🐛 Bug Fixes

• Avoid adding null Origin to Origins. Fixes #283. @abergs (#296)
• Enforce UV in attestation if required for registration @aseigler (#276)
• Fix attestation certificate validation @adricasti (#261)
• Fix for ECC Curve secP256k1 @rodheath (#234)
• Intercede bug fixes @rodheath (#229)

🧰 Maintenance & documentation

• Add TLS endpoint to Demo project launch config @tmarkovski (#297)
• Enforce UV in attestation if required for registration @aseigler (#276)
• Fix attestation certificate validation @adricasti (#261)
• Fix old links in readme @abergs (#262)
• Improve Code Quality 5 @iamcarbon (#259)
• Fix codecov badge in readme @abergs (#260)
• Move AndroidKey tests to System.Formats.Asn1, remove AsnElt @aseigler (#258)
• Remove left over remnants of MDS2 @aseigler (#253)
• Migrate from Newtonsoft to System.Text.Json @iamcarbon (#249)
• Remove require labels workflow @iamcarbon (#248)
• Use .NET 5.0 SDK @iamcarbon (#245)
• Improve Code Quality @iamcarbon (#239)
• Drop .NETStandard2.0 support on AspNet project @iamcarbon (#241)
• Adjust for .net foundation @abergs (#232)
• Release v3.0.0 @abergs (#264)

v2.0.2 🌈

Changes

This patch adds support for the root cert that was changed by FidoAlliance

🚀 Features and enhancements

• Intercede FIDO md2 new TOC root cert @rodheath (#225)

🧰 Maintenance & documentation

• Release v2.0.2 @abergs (#230)

v2.0.1 🐛

Changes

🐛 Bug Fixes

• Fix fully qualified origin, add unit tests @aseigler (#217)

🧰 Maintenance & documentation

• Release 2.0.1 @abergs (#218)

v2.0.0

Changes

This release is the culmination of more than one year of work and improvements.
Packages are available on nuget: https://www.nuget.org/packages/Fido2

• Fix typo in exception message - attestion -> attestation @ondrokrc (#202)

💥 Breaking change

• Improved API consistency for response parsing @Cooke (#150)
• Core 3.0 Support @abergs (#145)
• MDS refactoring @mackie1001 (#125)
• Moved Models and Public classes to Fido2NetLib.Models project @abergs (#103)

🚀 Features and enhancements

• change origin verify to use fully qualified origin @aseigler (#213)
• Attestation refactor, implement Apple attestation format verifier @aseigler (#205)
• Make TPM attestation format verifier work more like packed with regard to X5C @aseigler (#180)
• Switch remaining manual ASN.1 decoding to using the AsnElt library @aseigler (#176)
• Switch to using NSec.Cryptography v20.2.0 for Ed25519 @aseigler (#169)
• Upgrade PeterO.Cbor package to v4.1.2 @aseigler (#168)
• Add code coverage and codecov reporting @abergs (#170)
• Fix SafetyNet attestation verification, add unit tests @aseigler (#165)
• Add optional validation of attestation root certs @AdamUCF (#164)
• Add many unit tests for nearly all attestation types @aseigler (#162)
• adding solo tap and somu metadata to static metadata repository @AdamUCF (#157)
• Fix for issue #153 - System.IdentityModel.Tokens.Jwt version upgrade an associated fixes @mackie1001 (#156)
• Fixed challenge replay attack issue in examples @Cooke (#151)
• Improved API consistency for response parsing @Cooke (#150)
• Core 3.0 Support @abergs (#145)
• Add MDS configuration to Fido2Configuration @damienbod (#134)
• Remove CNG dependencies to allow cross platform scenarios @aseigler (#132)
• Code cleanup @Shtong (#127)
• MDS refactoring @mackie1001 (#125)
• Moved Models and Public classes to Fido2NetLib.Models project @abergs (#103)
• Refactor AuthenticatorData, and subcomponents @aseigler (#104)
• Redesign @abergs (#102)
• Continue redesign of AuthenticatorData, AttestedCredentialData, and CredentialPublicKey @aseigler (#100)
• Begin redesign of AuthenticatorData, AttestedCredentialData, and Cred… @aseigler (#97)
• Restructure repository per proposal in #79 @aseigler (#95)
• Convert metadata to async @aseigler (#83)
• Refactor and improve ToEnum extension method @CodeTherapist (#85)
• Add minimal tests for Base64Url class @CodeTherapist (#84)
• Parsing EnumMember values to Enum @daviddesmet (#75)
• Support Target Frameworks by OS @daviddesmet (#74)
• Properties of PublicKeyCredentialType enum are nullable @daviddesmet (#73)
• Prefer enumeration @daviddesmet (#69)
• Removed net462 from test project @abergs (#65)
• Added a guarding mechanism to prevent usage in .NET46X @MeikTranel (#66)
• TPM chain validation, move MDS to packed attestation specific area @aseigler (#63)
• Please review @aseigler (#59)

🐛 Bug Fixes

• Revert "change origin verify to use fully qualified origin" @aseigler (#211)
• change origin verify to use fully qualified origin @dgorbach (#208)
• Compare certificate validity period correctly when the machine is using a time zone other than UTC @kennep (#186)
• Fix SafetyNet attestation verification, add unit tests @aseigler (#165)
• Fix for issue #153 - System.IdentityModel.Tokens.Jwt version upgrade an associated fixes @mackie1001 (#156)
• Bug fix: require_resident_key @Shane32 (#152)
• EdDSA test, sign the actual data, not a hash of the data @aseigler (#128)
• Problem with non English OS @fa18swiss (#119)
• corrected error variable @Celdus (#118)
• Wrong naming of attestationObject and clientDataJSON in usernameless.… @Wesseldr (#105)
• Add field userHandle in verifyAssertionWithServer @Wesseldr (#108)
• use AppId instead of RpId to hash when AppId-Extensions-Flag is set @dgorbach (#99)
• Fixes enum parsing with dashed values @daviddesmet (#90)

🧰 Maintenance & documentation

• Release 2.0.0 (2021) @abergs (#207)
• Release version 2.0.0 @abergs (#175)
• Solve CI/CD Missing packages error @abergs (#182)
• Improved release note template @abergs (#174)
• Require labels on PR for better release notes @abergs (#173)
• Added better badges @abergs (#172)
• Added support for release-drafter as GH action @abergs (#171)
• fix 404 CHANGELOG link @damienbod (#163)
• Adding a changelog, and 2 links to the readme @damienbod (#160)
• Created CONTRIBUTING.md @Shtong (#129)
• Cleaned dead code @Shtong (#131)
• Adds xml comment documentation @CodeTherapist (#122)
• Code cleanup @Shtong (#127)
• Activating Open Collective @monkeywithacupcake (#123)
• Fix minor typos in demo javascript @Tornhoof (#115)
• fix links in readme to demo controllers @damienbod (#114)
• Redesign @abergs (#102)
• Add webauthn.io site to Read More @nicksteele (#81)
• Update README.md @aseigler (#77)
• Added syntax highlight to the code samples @herrjemand (#67)
• General project structure overhaul @MeikTranel (#61)

1.0.0 Preview

This marks the first release. We have a 100% test passes and should be in the clear. However it will be shipped under the preview flag for a couple of weeks to find any packaging issues that might exist since this is the first release.