This framework contains PHP libraries and Symfony bundle to allow developers to integrate that authentication mechanism into their web applications.
Class, Constant and Property Names
Naming things may be complicated. That’s why the following rule applies on the whole framework: the name of classes, constants and properties are identical to the ones you will find in the specification.
Elliptic Curve Direct Anonymous Attestation (ECDAA)
Token Binding support
RS1, RS256, RS384, RS512
PS256, PS384, PS512
ES256, ES256K, ES384, ES512
Supported (not fully tested)
appid extension (compatibility with FIDO U2F authenticator
The framework is already compatible with all authenticators except the ones that use ECDAA Attestation format.
The ECDAA Attestation format is very rare at that time (April 2021) thus this framework can safely be used in production.
The compliance of the framework is ensured by running unit and functional tests during its development.
It is also tested using the official FIDO Alliance testing tools. The status of the compliance tests are reported in this issue. At the time of writing (end of April 2021), the main features and algorithms are supported and 99% of the tests pass.
I bring solutions to your problems and answer your questions.