mirror of
https://github.com/Yubico/python-fido2
synced 2024-09-19 21:21:42 +02:00
d44a7d6d3e
- Fido2Client optionally takes extension_types (default: all) - Client make_credential and get_assertion now return objects containing extension outputs.
109 lines
5.1 KiB
Plaintext
109 lines
5.1 KiB
Plaintext
* Version 0.9.0 (unreleased)
|
|
** Client: API changes to better support extensions.
|
|
*** Fido2Client can be configured with Ctap2Extensions to support.
|
|
*** Client.make_credential now returns a AuthenticatorAttestationResponse,
|
|
which holds the AttestationObject and ClientData, as well as any client
|
|
extension results for the credential.
|
|
*** Client.get_assertion now returns an AssertionSelection object, which is
|
|
used to select between multiple assertions, resulting in an
|
|
AuthenticatorAssertionResponse, which holds the ClientData, assertion
|
|
values, as well as any client extension results for the assertion.
|
|
** Renames: The CTAP1 and CTAP2 classes have been renamed to Ctap1 and Ctap2,
|
|
respectively. The old names currently work, but will be removed in the
|
|
future.
|
|
** ClientPin: The ClientPin API has been restructured to support multiple PIN
|
|
protocols, UV tokens, and token permissions.
|
|
** CTAP 2.1 PRE: Several new features have been added for CTAP 2.1, including
|
|
Credential Management, Bio Enrollment, Large Blobs, and Authenticator Config.
|
|
** HID: The platform specific HID code has been revamped and cleaned up.
|
|
|
|
* Version 0.8.1 (released 2019-11-25)
|
|
** Bugfix: WindowsClient.make_credential error when resident key requirement is
|
|
unspecified.
|
|
|
|
* Version 0.8.0 (released 2019-11-25)
|
|
** New fido2.webauthn classes modeled after the W3C WebAuthn spec introduced.
|
|
** CTAP2 send_cbor/make_credential/get_assertion and U2fClient
|
|
request/authenticate `timeout` arguments replaced with `event` used to
|
|
cancel a request.
|
|
** Fido2Client:
|
|
*** make_credential/get_assertion now take WebAuthn options objects.
|
|
*** timeout is now provided in ms in WebAuthn options objects. Event based
|
|
cancelation also available by passing an Event.
|
|
** Fido2Server:
|
|
*** ATTESTATION, USER_VERIFICATION, and AUTHENTICATOR_ATTACHMENT enums
|
|
have been replaced with fido2.webauthn classes.
|
|
*** RelyingParty has been replaced with PublicKeyCredentialRpEntity, and
|
|
name is no longer optional.
|
|
*** Options returned by register_begin/authenticate_begin now omit unspecified
|
|
values if they are optional, instead of filling in default values.
|
|
*** Fido2Server.allowed_algorithms now contains a list of
|
|
PublicKeyCredentialParameters instead of algorithm identifiers.
|
|
*** Fido2Server.timeout is now in ms and of type int.
|
|
** Support native WebAuthn API on Windows through WindowsClient.
|
|
|
|
* Version 0.7.3 (released 2019-10-24)
|
|
** Bugfix: Workaround for size of int on Python 2 on Windows.
|
|
|
|
* Version 0.7.2 (released 2019-10-24)
|
|
** Support for the TPM attestation format.
|
|
** Allow passing custom challenges to register/authenticate in Fido2Server.
|
|
** Bugfix: CTAP2 CANCEL command response handling fixed.
|
|
** Bugfix: Fido2Client fix handling of empty allow_list.
|
|
** Bugfix: Fix typo in CTAP2.get_assertions() causing it to fail.
|
|
|
|
* Version 0.7.1 (released 2019-09-20)
|
|
** Support for FreeBSD.
|
|
** Enforce canonical CBOR on Authenticator responses by default.
|
|
** PCSC: Support extended APDUs.
|
|
** Server: Verify that UP flag is set.
|
|
** U2FFido2Server: Implement AppID exclusion extension.
|
|
** U2FFido2Server: Allow custom U2F facet verification.
|
|
** Bugfix: U2FFido2Server.authenticate_complete now returns the result.
|
|
|
|
* Version 0.7.0 (released 2019-06-17)
|
|
** Add support for NFC devices using PCSC.
|
|
** Add support for the hmac-secret Authenticator extension.
|
|
** Honor max credential ID length and number of credentials to Authenticator.
|
|
** Add close() method to CTAP devices to explicitly release their resources.
|
|
|
|
* Version 0.6.0 (released 2019-05-10)
|
|
** Don't fail if CTAP2 Info contains unknown fields.
|
|
** Replace cbor loads/dumps functions with encode/decode/decode_from.
|
|
** Server: Add support for AuthenticatorAttachment.
|
|
** Server: Add support for more key algorithms.
|
|
** Client: Expose CTAP2 Info object as Fido2Client.info.
|
|
|
|
* Version 0.5.0 (released 2018-12-21)
|
|
** Changes to server classes, some backwards breaking.
|
|
** Add ability to authenticate U2F credentials by using the appid extension.
|
|
** Make verification of attestation more explicit.
|
|
** Add support for Android SafetyNet attestation.
|
|
** Make it easier to work with U2F/CTAP1 data formats.
|
|
|
|
* Version 0.4.0 (released 2018-09-27)
|
|
** Add classes for implementing a server.
|
|
** Various small changes, some affecting backwards compatibility.
|
|
|
|
* Version 0.3.0 (released 2018-04-13)
|
|
** Add conversion between string/int keys for AttestationObject.
|
|
** Replace internal Exceptions with built-in types.
|
|
** Bugfix: Don't use TimeoutError which isn't available on Python 2.
|
|
|
|
* Version 0.2.2 (released 2018-04-11)
|
|
** Bugfix: Better handling of unplugged devices on MacOS and avoid leaking threads.
|
|
|
|
* Version 0.2.1 (released 2018-04-10)
|
|
** Add server example.
|
|
** Parse AttestationObjects that use string keys (Webauthn).
|
|
** Fix bug in handling packets with the wrong channel id.
|
|
|
|
* Version 0.2.0 (released 2018-04-05)
|
|
** Changed name of project to python-fido2 to better reflect its scope.
|
|
** Added attestation and assertion verification methods.
|
|
** A lot of name changes, moved classes, etc.
|
|
** New example for multi-device use.
|
|
|
|
* Version 0.1.0 (released 2018-03-16)
|
|
** First beta release.
|