Skip to content

Releases: lbuchs/WebAuthn

v2.2.0

04 Jul 07:36
20adb4a
Compare
Choose a tag to compare

New Features

  • isBackupEligible & isBackedUp flags exposed
  • Check for known android key hashes instead of URL origin check in case the origin string starts with android:apk-key-hash:;

v2.1.1

15 Jan 15:48
Compare
Choose a tag to compare

Temp Directory Improvement

v2.1.0

23 Oct 10:23
Compare
Choose a tag to compare

Verify EdDSA using Sodium
Support for EdDSA algorithm (-8) using PHP Sodium (or Sodium Compat )

v2.0.1

16 May 07:29
Compare
Choose a tag to compare

Updated PHP requirements.

v2.0.0

15 May 13:17
b31384c
Compare
Choose a tag to compare

v2

demo

  • rewrite demo app with async function
  • switch for attestation

Android

  • allow to decide if you require ctsProfileMatch for android devices (default true, like on v1.x).
    • ctsProfileMatch: A stricter verdict of device integrity. If the value of ctsProfileMatch is true, then the profile of the device running your app matches the profile of a device that has passed Android compatibility testing and has been approved as a Google-certified Android device.
    • basicIntegrity: A more lenient verdict of device integrity. If only the value of basicIntegrity is true, then the device running your app likely wasn't tampered with. However, the device hasn't necessarily passed Android compatibility testing.
  • usage: set $requireCtsProfileMatch on processCreate() to false to check only for basic integrity.

transport Hybrid

added support for transport hybrid. Hybrid indicates the respective authenticator can be contacted using a combination of (often separate) data-transport and proximity mechanisms. This supports, for example, authentication on a desktop computer using a smartphone.

⚠️Attention: new argument $allowHybrid on getGetArgs, CHECK YOUR IMPLEMENTATION!

public function getGetArgs($credentialIds=array(), $timeout=20, $allowUsb=true, $allowNfc=true, $allowBle=true, $allowHybrid=true, $allowInternal=true, $requireUserVerification=false)

v2.0.0-beta

06 Jan 08:27
Compare
Choose a tag to compare
v2.0.0-beta Pre-release
Pre-release

v2

demo

rewrite demo app with async function

Android

  • allow to decide if you require ctsProfileMatch for android devices (default true, like on v1.x).
    • ctsProfileMatch: A stricter verdict of device integrity. If the value of ctsProfileMatch is true, then the profile of the device running your app matches the profile of a device that has passed Android compatibility testing and has been approved as a Google-certified Android device.
    • basicIntegrity: A more lenient verdict of device integrity. If only the value of basicIntegrity is true, then the device running your app likely wasn't tampered with. However, the device hasn't necessarily passed Android compatibility testing.
  • usage: set $requireCtsProfileMatch on processCreate() to false to check only for basic integrity.

transport Hybrid

added support for transport hybrid. Hybrid indicates the respective authenticator can be contacted using a combination of (often separate) data-transport and proximity mechanisms. This supports, for example, authentication on a desktop computer using a smartphone.

⚠️Attention: new argument on getGetArgs, check your implementation:
public function getGetArgs($credentialIds=array(), $timeout=20, $allowUsb=true, $allowNfc=true, $allowBle=true, $allowHybrid=true, $allowInternal=true, $requireUserVerification=false)

v1.1.3: Self Signed detection

21 Nov 08:49
Compare
Choose a tag to compare
Fix self signed detection, switch to authorityKeyIdentifier instead of compare subject and issuer

v1.1.2

15 Nov 11:10
Compare
Choose a tag to compare
Bugfix: ByteBuffer->equals

v1.1.1

14 Oct 07:27
Compare
Choose a tag to compare

PHP 8 issues (Object attribute access)

v1.1.0

06 May 09:07
Compare
Choose a tag to compare
  • Handle certificates correctly already containing line breaks
  • The WebAuthn specification mandates that the counter check should be performed if either of the counters are non-zero.
  • Support WebAuthn v2 residentKey field (#60)
  • PHP 8.1 fixes