Skip to content

Releases: trussed-dev/fido-authenticator

v0.4.0-rc.3

v0.4.0-rc.3 Pre-release
Pre-release

Choose a tag to compare

@robin-nitrokey robin-nitrokey released this 01 Jun 15:45
v0.4.0-rc.3
bb39a18
  • Update to ctap-types v0.6.0-rc.4.

v0.4.0-rc.2

v0.4.0-rc.2 Pre-release
Pre-release

Choose a tag to compare

@robin-nitrokey robin-nitrokey released this 01 Jun 11:32
v0.4.0-rc.2
4c38096
  • Fix signature counter to improve spec compliance:
    • Set the initial signature counter to 1.
    • Correctly handle signature counter overflows by returning 0.
    • Increment the signature counter by a positive random number per assertion.
  • Add the Config::new method to create an instance with the default values.
  • Add support for multiple credential ID versions and add the credential_id_version field to Config.
  • Add CredentialIdVersion::V2 using AES-256-GCM.
  • Make firmware version configurable depending on the current credential ID format.

v0.4.0-rc.1

v0.4.0-rc.1 Pre-release
Pre-release

Choose a tag to compare

@robin-nitrokey robin-nitrokey released this 29 May 09:21
v0.4.0-rc.1
e87b61f
  • Update to ctap-types v0.6.0-rc.2.
  • Set algorithms, authenticator_config_commands, firmware_version, max_serialized_large_blob_array and remaining_discoverable_credentials in get_info and add firmware_version to Config.
  • Implement these new extensions:
    • credBlob
    • hmac-secret-mc
    • minPinLength
  • Implement the alwaysUv feature.
  • Implement the config command with these subcommands:
    • toggleAlwaysUv
    • setMinPINLength
  • Add ccid_transport to Config and set transports in get_info accordingly.
  • Indicate support for FIDO_2_3 in get_info.
  • Load full credential from filesstem for getAssertion if an allow list is used with a discoverable credential.
  • Use UTF-8 code points instead of bytes when checking the minimum length for PINs.
  • Accept up = true in makeCredential.
  • Fix PIN verification in large_blobs_set.

v0.3.0

Choose a tag to compare

@robin-nitrokey robin-nitrokey released this 26 Mar 10:42
v0.3.0
9a4c76b
  • Update dependencies:
    • apdu-app v0.2
    • cosey v0.4
    • ctap-types v0.5
    • ctaphid-app v0.2
    • heapless v0.9
    • heapless-bytes v0.5
    • iso7816 v0.2
    • trussed-chunked v0.3
    • trussed-core v0.2
    • trussed-fs-info v0.3
    • trussed-hkdf v0.4

v0.2.0

Choose a tag to compare

@robin-nitrokey robin-nitrokey released this 02 Sep 12:46
v0.2.0
d53f29a

Changelog

  • Set the makeCredUvNotRqd CTAP option to true to indicate that we support
    makeCredential operations without user verification (#26)
  • Ignore public key credential paramters with an unknown type, as required by
    the Webauthn spec (#28)
  • Reject rk option in getAssertion (#31)
  • Ignore user data with empty ID in getAssertion (#32)
  • Allow three instead of two PIN retries per boot (#35)
  • Add log messages for requests, responses and errors
  • Add config option for setting a maximum number of resident credentials.
  • Reduce ID length for new credentials (#37)
  • Update apdu-dispatch and reject calls to select (#40)
  • Implement the largeBlobKey extension and the largeBlobs command (#38)
  • Fix error type for third invalid PIN entry (#60)
  • Fix error type for cancelled user presence (#61)
  • PIN protocol changes:
    • Extract PIN protocol implementation into separate module (#62)
    • Implement PIN protocol 2 (#63)
    • Implement PIN token permissions (#63)
  • Implement UpdateUserInformation subcommand for CredentialManagement
  • Support CTAP 2.1
  • Serialize PIN hash with serde-bytes (#52)
  • Reduce the space taken by credential serialization (#59)
  • Update dependencies:
    • Replace trussed dependency with trussed-core
    • Replace ctaphid-dispatch dependeny with ctaphid-app
  • Remove the per-relying party directory to save space (#55)