Skip to content

Pre-release 1.4.0-RC1

Pre-release
Pre-release
Compare
Choose a tag to compare
@emlun emlun released this 09 Sep 12:43
1.4.0-RC1
This tag was signed with the committer’s verified signature. The key has expired.
emlun Emil Lundberg
GPG key ID: D8588A5844E2A774
Expired
Verified
Learn about vigilant mode.
6490bb5
This commit was signed with the committer’s verified signature. The key has expired.
emlun Emil Lundberg
GPG key ID: D8588A5844E2A774
Expired
Verified
Learn about vigilant mode.

Changes:

  • Class com.yubico.internal.util.WebAuthnCodecs is no longer public. The package com.yubico.internal.util was already declared non-public in JavaDoc, but this is now also enforced via Java visibility rules.
  • Class com.yubico.webauthn.meta.Specification.SpecificationBuilder is no longer public. It was never intended to be, although this was not documented explicitly.
  • Default value for RelyingParty.preferredPubKeyParams changed from [ES256, RS256] to [ES256, EdDSA, RS256]

New features:

  • Added support for Ed25519 signatures.
  • New constants COSEAlgorithmIdentifier.EdDSA and PublicKeyCredentialParameters.EdDSA
  • Artifacts are now built reproducibly; fresh builds from source should now be verifiable by signature files from Maven Central.

Security fixes:

Assets 4
Loading