1* Version 1.9.0 (2021-10-27) 2 ** Enabled NFC support on Linux. 3 ** Added OpenSSL 3.0 compatibility. 4 ** Removed OpenSSL 1.0 compatibility. 5 ** Support for FIDO 2.1 "minPinLength" extension. 6 ** Support for COSE_EDDSA, COSE_ES256, and COSE_RS1 attestation. 7 ** Support for TPM 2.0 attestation. 8 ** Support for device timeouts; see fido_dev_set_timeout(). 9 ** New API calls: 10 - es256_pk_from_EVP_PKEY; 11 - fido_cred_attstmt_len; 12 - fido_cred_attstmt_ptr; 13 - fido_cred_pin_minlen; 14 - fido_cred_set_attstmt; 15 - fido_cred_set_pin_minlen; 16 - fido_dev_set_pin_minlen_rpid; 17 - fido_dev_set_timeout; 18 - rs256_pk_from_EVP_PKEY. 19 ** Reliability and portability fixes. 20 ** Better handling of HID devices without identification strings; gh#381. 21 ** Fixed detection of Windows's native webauthn API; gh#382. 22 23* Version 1.8.0 (2021-07-22) 24 ** Dropped 'Requires.private' entry from pkg-config file. 25 ** Better support for FIDO 2.1 authenticators. 26 ** Support for Windows's native webauthn API. 27 ** Support for attestation format 'none'. 28 ** New API calls: 29 - fido_assert_set_clientdata; 30 - fido_cbor_info_algorithm_cose; 31 - fido_cbor_info_algorithm_count; 32 - fido_cbor_info_algorithm_type; 33 - fido_cbor_info_transports_len; 34 - fido_cbor_info_transports_ptr; 35 - fido_cred_set_clientdata; 36 - fido_cred_set_id; 37 - fido_credman_set_dev_rk; 38 - fido_dev_is_winhello. 39 ** fido2-token: new -Sc option to update a resident credential. 40 ** Documentation and reliability fixes. 41 ** HID access serialisation on Linux. 42 43* Version 1.7.0 (2021-03-29) 44 ** New dependency on zlib. 45 ** Fixed musl build; gh#259. 46 ** hid_win: detect devices with vendor or product IDs > 0x7fff; gh#264. 47 ** Support for FIDO 2.1 authenticator configuration. 48 ** Support for FIDO 2.1 UV token permissions. 49 ** Support for FIDO 2.1 "credBlobs" and "largeBlobs" extensions. 50 ** New API calls: 51 - fido_assert_blob_len; 52 - fido_assert_blob_ptr; 53 - fido_assert_largeblob_key_len; 54 - fido_assert_largeblob_key_ptr; 55 - fido_assert_set_hmac_secret; 56 - fido_cbor_info_maxcredbloblen; 57 - fido_cred_largeblob_key_len; 58 - fido_cred_largeblob_key_ptr; 59 - fido_cred_set_blob; 60 - fido_dev_enable_entattest; 61 - fido_dev_force_pin_change; 62 - fido_dev_has_uv; 63 - fido_dev_largeblob_get; 64 - fido_dev_largeblob_get_array; 65 - fido_dev_largeblob_remove; 66 - fido_dev_largeblob_set; 67 - fido_dev_largeblob_set_array; 68 - fido_dev_set_pin_minlen; 69 - fido_dev_set_sigmask; 70 - fido_dev_supports_credman; 71 - fido_dev_supports_permissions; 72 - fido_dev_supports_uv; 73 - fido_dev_toggle_always_uv. 74 ** New fido_init flag to disable fido_dev_open's U2F fallback; gh#282. 75 ** Experimental NFC support on Linux; enable with -DNFC_LINUX. 76 77* Version 1.6.0 (2020-12-22) 78 ** Fix OpenSSL 1.0 and Cygwin builds. 79 ** hid_linux: fix build on 32-bit systems. 80 ** hid_osx: allow reads from spawned threads. 81 ** Documentation and reliability fixes. 82 ** New API calls: 83 - fido_cred_authdata_raw_len; 84 - fido_cred_authdata_raw_ptr; 85 - fido_cred_sigcount; 86 - fido_dev_get_uv_retry_count; 87 - fido_dev_supports_credman. 88 ** Hardened Windows build. 89 ** Native FreeBSD and NetBSD support. 90 ** Use CTAP2 canonical CBOR when combining hmac-secret and credProtect. 91 92* Version 1.5.0 (2020-09-01) 93 ** hid_linux: return FIDO_OK if no devices are found. 94 ** hid_osx: 95 - repair communication with U2F tokens, gh#166; 96 - reliability fixes. 97 ** fido2-{assert,cred}: new options to explicitly toggle UP, UV. 98 ** Support for configurable report lengths. 99 ** New API calls: 100 - fido_cbor_info_maxcredcntlst; 101 - fido_cbor_info_maxcredidlen; 102 - fido_cred_aaguid_len; 103 - fido_cred_aaguid_ptr; 104 - fido_dev_get_touch_begin; 105 - fido_dev_get_touch_status. 106 ** Use COSE_ECDH_ES256 with CTAP_CBOR_CLIENT_PIN; gh#154. 107 ** Allow CTAP messages up to 2048 bytes; gh#171. 108 ** Ensure we only list USB devices by default. 109 110* Version 1.4.0 (2020-04-15) 111 ** hid_hidapi: hidapi backend; enable with -DUSE_HIDAPI=1. 112 ** Fall back to U2F if the key claims to, but does not support FIDO2. 113 ** FIDO2 credential protection (credprot) support. 114 ** New API calls: 115 - fido_cbor_info_fwversion; 116 - fido_cred_prot; 117 - fido_cred_set_prot; 118 - fido_dev_set_transport_functions; 119 - fido_set_log_handler. 120 ** Support for FreeBSD. 121 ** Support for C++. 122 ** Support for MSYS. 123 ** Fixed EdDSA and RSA self-attestation. 124 125* Version 1.3.1 (2020-02-19) 126 ** fix zero-ing of le1 and le2 when talking to a U2F device. 127 ** dropping sk-libfido2 middleware, please find it in the openssh tree. 128 129* Version 1.3.0 (2019-11-28) 130 ** assert/hmac: encode public key as per spec, gh#60. 131 ** fido2-cred: fix creation of resident keys. 132 ** fido2-{assert,cred}: support for hmac-secret extension. 133 ** hid_osx: detect device removal, gh#56. 134 ** hid_osx: fix device detection in MacOS Catalina. 135 ** New API calls: 136 - fido_assert_set_authdata_raw; 137 - fido_assert_sigcount; 138 - fido_cred_set_authdata_raw; 139 - fido_dev_cancel. 140 ** Middleware library for use by OpenSSH. 141 ** Support for biometric enrollment. 142 ** Support for OpenBSD. 143 ** Support for self-attestation. 144 145* Version 1.2.0 (released 2019-07-26) 146 ** Credential management support. 147 ** New API reflecting FIDO's 3-state booleans (true, false, absent): 148 - fido_assert_set_up; 149 - fido_assert_set_uv; 150 - fido_cred_set_rk; 151 - fido_cred_set_uv. 152 ** Command-line tools for Windows. 153 ** Documentation and reliability fixes. 154 ** fido_{assert,cred}_set_options() are now marked as deprecated. 155 156* Version 1.1.0 (released 2019-05-08) 157 ** MacOS: fix IOKit crash on HID read. 158 ** Windows: fix contents of release file. 159 ** EdDSA (Ed25519) support. 160 ** fido_dev_make_cred: fix order of CBOR map keys. 161 ** fido_dev_get_assert: plug memory leak when operating on U2F devices. 162 163* Version 1.0.0 (released 2019-03-21) 164 ** Native HID support on Linux, MacOS, and Windows. 165 ** fido2-{assert,cred}: new -u option to force U2F on dual authenticators. 166 ** fido2-assert: support for multiple resident keys with the same RP. 167 ** Strict checks for CTAP2 compliance on received CBOR payloads. 168 ** Better fuzzing harnesses. 169 ** Documentation and reliability fixes. 170 171* Version 0.4.0 (released 2019-01-07) 172 ** fido2-assert: print the user id for resident credentials. 173 ** Fix encoding of COSE algorithms when making a credential. 174 ** Rework purpose of fido_cred_set_type; no ABI change. 175 ** Minor documentation and code fixes. 176 177* Version 0.3.0 (released 2018-09-11) 178 ** Various reliability fixes. 179 ** Merged fuzzing instrumentation. 180 ** Added regress tests. 181 ** Added support for FIDO 2's hmac-secret extension. 182 ** New API calls: 183 - fido_assert_hmac_secret_len; 184 - fido_assert_hmac_secret_ptr; 185 - fido_assert_set_extensions; 186 - fido_assert_set_hmac_salt; 187 - fido_cred_set_extensions; 188 - fido_dev_force_fido2. 189 ** Support for native builds with Microsoft Visual Studio 17. 190 191* Version 0.2.0 (released 2018-06-20) 192 ** Added command-line tools. 193 ** Added a couple of missing get functions. 194 195* Version 0.1.1 (released 2018-06-05) 196 ** Added documentation. 197 ** Added OpenSSL 1.0 support. 198 ** Minor fixes. 199 200* Version 0.1.0 (released 2018-05-18) 201 ** First beta release. 202