Releases: e3b0c442/warp
fxamacker/cbor/v2
txAuthSimple and txAuthGeneric extensions
This release adds validators for the txAuthSimple and txAuthGeneric extensions as defined in the WebAuthn specification, using the validator pattern released in v0.5.0.
In addition, this release is the first to be tested against the go1.14 tree. The release is currently run against go1.14beta1; I will change this to the release candidate and subsequently the latest patch version as the releases arrive.
Custom validators
This release contains breaking changes.
For this release, in preparation to handle more extensions as well as lay the groundwork for optional validations like the attestation trust chain, custom validator function types have been added and the ceremony Finish functions have been updated to be variadic functions taking zero or more of the validator functions as arguments.
The existing appid extension was then reworked to use the custom validators.
Breaking changes are the removal of the ExtensionValidator type and the update of all uses of that type.
Packed attestation verification
This release adds verification for the packed attestation format that is the default for most CTAP2 external authenticators.
As with FIDO U2F, no verification of the trust chain is made; it is up to the caller to do this verification using the returned attestation object if they so choose.
FIDO U2F attestation verification
This release brings our first "true" attestation verification, for the FIDO U2F attestation format.
At this time, only the validity of the signature over the verification data by the provided certificate is checked. It is up to the implementor to assess the trustworthiness of the certificate should they choose. More than likely this will be the case in v1, but with some helper functions added.
Mo Data, Mo Problems
There are many breaking changes in this release, please read the changelog and GoDoc for details
This release tweaks some data types and function signatures to improve the usability of the library. In particular, the FinishRegistration function now returns the full AttestationObject, and similarly FinishAuthentication returns the full AuthenticatorData, in order to allow the implementor to make additional decisions based on the data. In order to support this, the AuthenticatorData, AttestedCredentialData, and AttestationObject types were tweaked slightly in regards to which members were parsed and which were left in their raw format.
Additionally, the method identifiers for the three data interfaces were changed to reduce the possibility of name conflicts with the structs implementing the interfaces.
Initial release
Thanks for exploring warp.
This is the initial release. It implements the WebAuth registration and authentication ceremonies in accordance with the WebAuthn Level 1 spec.
Only the "none" attestation statement format is supported at this time. More attestation formats will be supported in later releases.