U2F/FIDO (Yubikey) support Topic is solved

Talk about code development, features, specific bugs, enhancements, patches, and similar things.
Forum rules
Please keep everything here strictly on-topic.
This board is meant for Pale Moon source code development related subjects only like code snippets, patches, specific bugs, git, the repositories, etc.

This is not for tech support! Please do not post tech support questions in the "Development" board!
Please make sure not to use this board for support questions. Please post issues with specific websites, extensions, etc. in the relevant boards for those topics.

Please keep things on-topic as this forum will be used for reference for Pale Moon development. Expect topics that aren't relevant as such to be moved or deleted.
jb_wisemo
Moonbather
Moonbather
Posts: 56
Joined: 2016-01-27, 02:09

U2F/FIDO (Yubikey) support

Unread post by jb_wisemo » 2021-04-06, 18:23

As an extension with or without extension API enhancement, would it be possible to add support for U2F/FIDO hardware authenticators that are called via the U2F/FIDO specified extensions to WebCrypto/WebAuthn and end up generating specific requests to USB as specified by U2F/FIDO.

Note that this is not a PKCS#11 mechanism, but something much more specific intended for web logins where the WebSite asks for a U2F authentication, and the Browser tells the hardware the request and the originating URL, such that the hardware can authenticate with a per site encryption key that cannot be accessed by any other web site. The Website request may also include payloads that the hardware decrypts to recover and verify the per site key.

This feature is already in Firefox, Safari and Chrome, but not IE. Maybe the Firefox code could be imported. For an extension implementation, the platform may (or may not) need a mechanism to integrate with the relevant WebCrypto/WebAuthn APIs such that websites see no difference from the Browser core implementation in Firefox.

The U2F specification is open, with at least one Open Hardware implementation, besides the market dominant Swedish Yubikey products.

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 35480
Joined: 2011-08-28, 17:27
Location: Motala, SE
Contact:

Re: U2F/FIDO (Yubikey) support

Unread post by Moonchild » 2021-04-06, 18:45

Closing as duplicate (or rather multiplcate)
viewtopic.php?f=13&t=19802
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite

Locked