Weekend project: WebAuthn support for typage, to symmetrically encrypt age files with passkeys and FIDO2 tokens, using the prf extension.
-
Weekend project: WebAuthn support for typage, to symmetrically encrypt age files with passkeys and FIDO2 tokens, using the prf extension.
The browser side already works with both iCloud Keychain / Touch ID and YubiKeys (resident and not, with strong hardware binding). Just 200 lines!!
Add initial experimental WebAuthn support by FiloSottile · Pull Request #28 · FiloSottile/typage
A TypeScript implementation of the age file encryption format, based on libsodium. - Add initial experimental WebAuthn support by FiloSottile · Pull Request #28 · FiloSottile/typage
GitHub (github.com)
Next, a CLI plugin to use the same credentials from outside the browser.
-
F [email protected] shared this topic
-
@filippo The PRF extension saddens me so much because its so close yet so far. If it handed over the PRF secret at enrollment time it would be perfect for so many things. Alas
But it does work for local entirely local encryption tasks like this.
