Skip to content

Version 2.8.0

Choose a tag to compare

View all tags
@fdennis fdennis released this 11 Dec 13:27
· 8 commits to main since this release
2.8.0
This tag was signed with the committer’s verified signature.
fdennis Dennis Fokin
GPG key ID: 870B88256690D8BC
Verified
Learn about vigilant mode.
4b5df78
This commit was signed with the committer’s verified signature.
fdennis Dennis Fokin
GPG key ID: 870B88256690D8BC
Verified
Learn about vigilant mode.

New features:

  • Added JavaDoc to COSEAlgorithmIdentifier constants.
  • Added support for Ed448 signatures.
  • New constants COSEAlgorithmIdentifier.Ed25519, COSEAlgorithmIdentifier.Ed448 and PublicKeyCredentialParameters.Ed448
  • (Experimental) Added a new suite of interfaces, starting with CredentialRepositoryV2. RelyingParty can now be configured with a CredentialRepositoryV2 instance instead of a CredentialRepository instance. This changes the result of the RelyingParty builder to RelyingPartyV2. CredentialRepositoryV2 and RelyingPartyV2 enable a suite of new features:
    • CredentialRepositoryV2 does not assume that the application has usernames, instead username support is modular. In addition to the CredentialRepositoryV2, RelyingPartyV2 can be optionally configured with a UsernameRepository as well. If a UsernameRepository is not set, then RelyingPartyV2.startAssertion(StartAssertionOptions) will fail at runtime if StartAssertionOptions.username is set.
    • CredentialRepositoryV2 uses a new interface CredentialRecord to represent registered credentials, instead of the concrete RegisteredCredential class (although RegisteredCredential also implements CredentialRecord). This provides implementations greater flexibility while also automating the type conversion to PublicKeyCredentialDescriptor needed in startRegistration() and startAssertion().
    • RelyingPartyV2.finishAssertion() returns a new type AssertionResultV2 with a new method getCredential(), which returns the CredentialRecord that was verified. The return type of getCredential() is generic and preserves the concrete type of CredentialRecord returned by the CredentialRepositoryV2 implementation.
    • NOTE: Experimental features may receive breaking changes without a major version increase.
  • (Experimental) Added property RegisteredCredential.transports.
    • NOTE: Experimental features may receive breaking changes without a major version increase.

webauthn-server-attestation:

New features:

  • Updated SupportedCtapOptions to version 2.2 of CTAP spec.
    • New field perCredMgmtRO

Fixes:

  • Fixed parsing logic of tri-valued Boolean SupportedCtapOptions properties. See: #382

Artifacts built with openjdk 17.0.15 2025-04-15.

Note: Artifacts are signed by a new key. See Yubico Software Signing.

Assets 4
Loading