Release 1.14.0 #301
Merged
Release 1.14.0 #301
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The streamlined docs now cut ~70% of the original content while providing more practical value. They focus on the new SDK patterns rather than manual DER parsing, making them much more maintainable and developer-friendly.
Copyright, tags, packageId
docs: 1.13.2 release notes
chore: Update copyright file header
misc(nuget): Add metadata for NuGet
deps: Update dependencies - Upgraded Microsoft.Extensions.Configuration.Json to version 8.0.1. - Upgraded Microsoft.Extensions.Logging.Abstractions to version 8.0.3. - Upgraded Microsoft.Extensions.Logging.Console to version 8.0.1.
docs: additional release note details for 1.13.2
feat: Add ToString override to CommandApdu and ResponseApdu
docs: Improvements to slot access codes how-to
Co-authored-by: Copilot <[email protected]>
fix: Correct logger for OtpSession
…tExtension method
…ding and null checks
…r YubiKeys v5.8.0 and later
feat: CTAP 2.2 (Authenticator info fields and extensions)
…1.14 merging develop branch
Co-authored-by: Copilot <[email protected]>
fix: Improve detection logic for NativeShims in 32 and 64 bit cases
Fido2Session now inherits ApplicationSession in the same way as other session classes. PPUAT wont be set unless the key supports it Add possibility to self compute the authParam on EnumerateCredentialsBeginCommand, EnumerateRpsBeginCommand and GetCredentialMetadata command.
refactor: FIDO2 Credential Management Authentication, ApplicationSession
Test Results: Windows 2 files 2 suites 11s ⏱️ Results for commit 1527069. |
Test Results: Ubuntu 2 files 2 suites 15s ⏱️ Results for commit 1527069. |
Minimum allowed line rate is |
Test Results: MacOS 2 files 2 suites 12s ⏱️ Results for commit 1527069. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
1.14.0
Release date: September 17th, 2025
Features:
Support has been added for the following CTAP 2.2 and YubiKey firmware version 5.8 features (#299):
Persistent PinUvAuthToken (PPUAT): The GetPersistentPinUvAuthToken() method has been added to retrieve PPUATs for use with read-only FIDO2 credential management operations, including EnumerateRelyingParties(), EnumerateCredentialsForRelyingParty(), and GetCredentialMetadata(). PPUATs enable applications to list discoverable credentials from YubiKeys without requiring repeated PIN entry.
thirdPartyPayment extension: The GetThirdPartyPaymentExtension method has been added to check for and return the status of the thirdPartyPayment extension. The thirdPartyPayment extension enables YubiKeys to be used for cross-domain credentials without redirects, as required by Secure Payment Confirmation (SPC) workflows.
hmac-secret-mc extension: GetHmacSecretExtension now handles both hmac-secret and hmac-secret-mc extensions when extracting and decrypting secrets. The hmac-secret-mc extension enables PRF (Pseudo-Random Function) during MakeCredential().
Additional
AuthenticatorInfoproperties: The SDK now supports parsing of several new AuthenticatorInfo properties, which are returned when calling the GetInfoCommand(). Properties includeAttestationFormats,UvCountSinceLastPinEntry,LongTouchForReset,EncIdentifier,TransportsForReset,PinComplexityPolicy,PinComplexityPolicyUrl, andMaxPinLength.The SDK has been updated to target .NET Framework 4.7.2, which provides broad reliability, security, and performance improvements. (#274)
The NuGet package metadata has been updated for the
Yubico.Core.csprojandYubico.YubiKey.csprojfiles to improve discoverability, consistency, and clarity. The updates include newPackageIdandPackageTagsfields as well as a reorganizedPackageReleaseNotesfield. (#265)ToStringoverrides have been introduced in the CommandApdu and ResponseApdu classes to provide a human-readable string representation of their internal state. These changes improve debugging and logging of APDUs. (#270)A new internal
HkdfUtilitiesclass has been added to the SDK. This class implements HKDF key derivation using HMAC-SHA256, as specified in RFC 5869, providing a reusable and standards-compliant key derivation utility. (#299)Bug Fixes:
Previously, DeleteSlot() and DeleteSlotConfiguration() would throw an exception when the slot configuration was successfully removed as intended. This has been fixed so that no exception occurs following a successful
DeleteSlot()orDeleteSlotConfiguration()operation. (#276)Prerelease versions of Yubico packages are now prevented from being referenced into published NuGet packages. This fixes an issue where a prerelease version of Yubico.NativeShims was incorrectly referenced by Yubico.Core. (#282)
The
OtpSessionlogger initialization has been updated to use the correct logger. (#275)The detection logic for
NativeShimsPathhas been improved, ensuring that 32-bit processes on 64-bit systems are correctly mapped to the "x86" directory. (#284)Documentation:
The FIDO2 reset documentation has been updated to fix an error in the instructions and clarify timeout durations. (#278)
The documentation on slot access codes has been updated to improve clarity and examples. (#268)
The documentation on PIV public and private keys has been updated with new sample code demonstrating how to use the latest factory methods. (#245, #272)
The documentation for the UseFastTrigger method has been updated to clarify information on behavior and applicability. (#294)
All hardcoded links to the Yubico.NET.SDK GitHub repository have been updated to point to the HEAD branch. This ensures that links to sample code point to the latest version of that code. (#286, #279)
An SDK overview designed to help the Copilot coding agent work more efficiently has been added to the Yubico.NET.SDK GitHub repository. (#296)
Dependencies: