Closed boredom2 closed 1 year ago
davidearl
commented
1 year ago Yes, that doesn't seem like a problem.
Just to clarify, you are expecting to see something along these lines, yes? ... in COSEECDHAtoPKCS, for case RS256, replace:
$rsa = new RSA();
$rsa->loadKey(compact('e', 'n'));
return $rsa->getPublicKey();with
return (string)PublicKeyLoader::load(compact('e', 'n'));
boredom2
commented
1 year ago From my understanding, thats exactly the necessary (and only) change needed for v3, yes.
davidearl
commented
1 year ago OK, now released.
Please note the other recent change to prevent replay attacks, which, while upward compatible, requires you to save the $userwebauthn string after calling prepareForLogin and authenticate for it to have any effect.
boredom2
commented
1 year ago Thanks, that was really fast :)
Hi there,
thanks for your (really awesome) Work. I was forced now to remove this Library out of our Composer Project, as we cannot support PHPSecLib2 anymore. Would it be possible for you to switch to V3 or maintain both Versions? (its basically only replace "RSA" with the "PublicKeyLoader::load" Concept from V3, everything else could stay.
Thanks a lot! Christoph