1 * Version 1.10.0 (2022-01-17)
2 ** hid_osx: handle devices with paths > 511 bytes; gh#462.
3 ** bio: fix CTAP2 canonical CBOR encoding in fido_bio_dev_enroll_*(); gh#480.
4 ** winhello: fallback to GetTopWindow() if GetForegroundWindow() fails.
5 ** winhello: fallback to hid_win.c if webauthn.dll isn't available.
9 - fido_dev_new_with_info;
10 - fido_dev_open_with_info.
11 ** Cygwin and NetBSD build fixes.
12 ** Documentation and reliability fixes.
13 ** Support for TPM 2.0 attestation of COSE_ES256 credentials.
15 * Version 1.9.0 (2021-10-27)
16 ** Enabled NFC support on Linux.
17 ** Added OpenSSL 3.0 compatibility.
18 ** Removed OpenSSL 1.0 compatibility.
19 ** Support for FIDO 2.1 "minPinLength" extension.
20 ** Support for COSE_EDDSA, COSE_ES256, and COSE_RS1 attestation.
21 ** Support for TPM 2.0 attestation.
22 ** Support for device timeouts; see fido_dev_set_timeout().
24 - es256_pk_from_EVP_PKEY;
25 - fido_cred_attstmt_len;
26 - fido_cred_attstmt_ptr;
27 - fido_cred_pin_minlen;
28 - fido_cred_set_attstmt;
29 - fido_cred_set_pin_minlen;
30 - fido_dev_set_pin_minlen_rpid;
31 - fido_dev_set_timeout;
32 - rs256_pk_from_EVP_PKEY.
33 ** Reliability and portability fixes.
34 ** Better handling of HID devices without identification strings; gh#381.
35 ** Fixed detection of Windows's native webauthn API; gh#382.
37 * Version 1.8.0 (2021-07-22)
38 ** Dropped 'Requires.private' entry from pkg-config file.
39 ** Better support for FIDO 2.1 authenticators.
40 ** Support for Windows's native webauthn API.
41 ** Support for attestation format 'none'.
43 - fido_assert_set_clientdata;
44 - fido_cbor_info_algorithm_cose;
45 - fido_cbor_info_algorithm_count;
46 - fido_cbor_info_algorithm_type;
47 - fido_cbor_info_transports_len;
48 - fido_cbor_info_transports_ptr;
49 - fido_cred_set_clientdata;
51 - fido_credman_set_dev_rk;
52 - fido_dev_is_winhello.
53 ** fido2-token: new -Sc option to update a resident credential.
54 ** Documentation and reliability fixes.
55 ** HID access serialisation on Linux.
57 * Version 1.7.0 (2021-03-29)
58 ** New dependency on zlib.
59 ** Fixed musl build; gh#259.
60 ** hid_win: detect devices with vendor or product IDs > 0x7fff; gh#264.
61 ** Support for FIDO 2.1 authenticator configuration.
62 ** Support for FIDO 2.1 UV token permissions.
63 ** Support for FIDO 2.1 "credBlobs" and "largeBlobs" extensions.
65 - fido_assert_blob_len;
66 - fido_assert_blob_ptr;
67 - fido_assert_largeblob_key_len;
68 - fido_assert_largeblob_key_ptr;
69 - fido_assert_set_hmac_secret;
70 - fido_cbor_info_maxcredbloblen;
71 - fido_cred_largeblob_key_len;
72 - fido_cred_largeblob_key_ptr;
74 - fido_dev_enable_entattest;
75 - fido_dev_force_pin_change;
77 - fido_dev_largeblob_get;
78 - fido_dev_largeblob_get_array;
79 - fido_dev_largeblob_remove;
80 - fido_dev_largeblob_set;
81 - fido_dev_largeblob_set_array;
82 - fido_dev_set_pin_minlen;
83 - fido_dev_set_sigmask;
84 - fido_dev_supports_credman;
85 - fido_dev_supports_permissions;
86 - fido_dev_supports_uv;
87 - fido_dev_toggle_always_uv.
88 ** New fido_init flag to disable fido_dev_open's U2F fallback; gh#282.
89 ** Experimental NFC support on Linux; enable with -DNFC_LINUX.
91 * Version 1.6.0 (2020-12-22)
92 ** Fix OpenSSL 1.0 and Cygwin builds.
93 ** hid_linux: fix build on 32-bit systems.
94 ** hid_osx: allow reads from spawned threads.
95 ** Documentation and reliability fixes.
97 - fido_cred_authdata_raw_len;
98 - fido_cred_authdata_raw_ptr;
100 - fido_dev_get_uv_retry_count;
101 - fido_dev_supports_credman.
102 ** Hardened Windows build.
103 ** Native FreeBSD and NetBSD support.
104 ** Use CTAP2 canonical CBOR when combining hmac-secret and credProtect.
106 * Version 1.5.0 (2020-09-01)
107 ** hid_linux: return FIDO_OK if no devices are found.
109 - repair communication with U2F tokens, gh#166;
111 ** fido2-{assert,cred}: new options to explicitly toggle UP, UV.
112 ** Support for configurable report lengths.
114 - fido_cbor_info_maxcredcntlst;
115 - fido_cbor_info_maxcredidlen;
116 - fido_cred_aaguid_len;
117 - fido_cred_aaguid_ptr;
118 - fido_dev_get_touch_begin;
119 - fido_dev_get_touch_status.
120 ** Use COSE_ECDH_ES256 with CTAP_CBOR_CLIENT_PIN; gh#154.
121 ** Allow CTAP messages up to 2048 bytes; gh#171.
122 ** Ensure we only list USB devices by default.
124 * Version 1.4.0 (2020-04-15)
125 ** hid_hidapi: hidapi backend; enable with -DUSE_HIDAPI=1.
126 ** Fall back to U2F if the key claims to, but does not support FIDO2.
127 ** FIDO2 credential protection (credprot) support.
129 - fido_cbor_info_fwversion;
131 - fido_cred_set_prot;
132 - fido_dev_set_transport_functions;
133 - fido_set_log_handler.
134 ** Support for FreeBSD.
137 ** Fixed EdDSA and RSA self-attestation.
139 * Version 1.3.1 (2020-02-19)
140 ** fix zero-ing of le1 and le2 when talking to a U2F device.
141 ** dropping sk-libfido2 middleware, please find it in the openssh tree.
143 * Version 1.3.0 (2019-11-28)
144 ** assert/hmac: encode public key as per spec, gh#60.
145 ** fido2-cred: fix creation of resident keys.
146 ** fido2-{assert,cred}: support for hmac-secret extension.
147 ** hid_osx: detect device removal, gh#56.
148 ** hid_osx: fix device detection in MacOS Catalina.
150 - fido_assert_set_authdata_raw;
151 - fido_assert_sigcount;
152 - fido_cred_set_authdata_raw;
154 ** Middleware library for use by OpenSSH.
155 ** Support for biometric enrollment.
156 ** Support for OpenBSD.
157 ** Support for self-attestation.
159 * Version 1.2.0 (released 2019-07-26)
160 ** Credential management support.
161 ** New API reflecting FIDO's 3-state booleans (true, false, absent):
162 - fido_assert_set_up;
163 - fido_assert_set_uv;
166 ** Command-line tools for Windows.
167 ** Documentation and reliability fixes.
168 ** fido_{assert,cred}_set_options() are now marked as deprecated.
170 * Version 1.1.0 (released 2019-05-08)
171 ** MacOS: fix IOKit crash on HID read.
172 ** Windows: fix contents of release file.
173 ** EdDSA (Ed25519) support.
174 ** fido_dev_make_cred: fix order of CBOR map keys.
175 ** fido_dev_get_assert: plug memory leak when operating on U2F devices.
177 * Version 1.0.0 (released 2019-03-21)
178 ** Native HID support on Linux, MacOS, and Windows.
179 ** fido2-{assert,cred}: new -u option to force U2F on dual authenticators.
180 ** fido2-assert: support for multiple resident keys with the same RP.
181 ** Strict checks for CTAP2 compliance on received CBOR payloads.
182 ** Better fuzzing harnesses.
183 ** Documentation and reliability fixes.
185 * Version 0.4.0 (released 2019-01-07)
186 ** fido2-assert: print the user id for resident credentials.
187 ** Fix encoding of COSE algorithms when making a credential.
188 ** Rework purpose of fido_cred_set_type; no ABI change.
189 ** Minor documentation and code fixes.
191 * Version 0.3.0 (released 2018-09-11)
192 ** Various reliability fixes.
193 ** Merged fuzzing instrumentation.
194 ** Added regress tests.
195 ** Added support for FIDO 2's hmac-secret extension.
197 - fido_assert_hmac_secret_len;
198 - fido_assert_hmac_secret_ptr;
199 - fido_assert_set_extensions;
200 - fido_assert_set_hmac_salt;
201 - fido_cred_set_extensions;
202 - fido_dev_force_fido2.
203 ** Support for native builds with Microsoft Visual Studio 17.
205 * Version 0.2.0 (released 2018-06-20)
206 ** Added command-line tools.
207 ** Added a couple of missing get functions.
209 * Version 0.1.1 (released 2018-06-05)
210 ** Added documentation.
211 ** Added OpenSSL 1.0 support.
214 * Version 0.1.0 (released 2018-05-18)
215 ** First beta release.