yesvivek
commented
7 months ago Assuming this change will be merged, any idea when the next release is?
Closed yesvivek closed 5 months ago
yesvivek
commented
7 months ago Assuming this change will be merged, any idea when the next release is?
yesvivek
commented
6 months ago @LDVG is there anything needed that is blocking merge with main?
LDVG
commented
6 months ago @LDVG is there anything needed that is blocking merge with main?
Apologies for the delays. There shouldn't be much more needed to get this through, though a final review may take a little bit longer. I squashed some of the intermediate commits, I hope that is fine with you.
(note that the currently failing pipeline appears unrelated to these changes)
LDVG
commented
6 months ago Note (mostly to myself): Pushed a tentative fuzzer harness; needs seed corpora.
LDVG
commented
5 months ago Seed corpora updated.
Applications using Javascript WebAuthn APIs to communicate with FIDO2 devices get CBOR encoded attestation object containing authData, fmt and attStmt; more details about the JS API are given at MDN. Since there are no straight ways to set this value, I have updated libfido to set internal values after parsing the CBOR encoded attestation-object. This will mean that the applications using libfido doesn't have to handle CBOR data at all, just like how other high level libraries in other languages behave. Summary of changes:
fido_cred_set_attobjAPI is added to set attestation object containing CBOR encoded authData, fmt and attStmtRelevant issue #749 .