Commit graph

12 commits

Author SHA1 Message Date
Sami Vänttinen
4cb1d8d8ea
Passkeys: Add publicKey to register response (#12757) 2026-03-08 15:09:39 +01:00
varjolintu
5671e3ad41
Passkeys: Fix ordering of clientDataJSON 2025-06-19 17:42:34 -04:00
Sami Vänttinen
383c6d05d1
Support passkeys with Bitwarden import (#11401) 2024-12-21 23:25:15 -05:00
varjolintu
8bdc7c4702
Passkeys: Return authenticatorData and publicKeyAlgorithm to extension 2024-06-16 17:10:00 -04:00
Carlo Teubner
e26dbc5608
Botan: don't call deprecated functions (#10826)
* Botan: use raw_private_key_bits() if available

Botan 3.x introduces raw_private_key_bits() as an alias for
get_private_key(), and deprecates the latter.

* Botan: use Cipher_Dir::Encryption

Botan 3.x introduces Cipher_Dir::Encryption as an alias for
Cipher_Dir::ENCRYPTION, and deprecates the latter. Likewise for
Decryption/DECRYPTION.
2024-06-02 07:38:50 -04:00
Sami Vänttinen
8f03f2f59e
Passkeys: Pass extension JSON data to browser (#10615) 2024-04-27 23:35:07 -04:00
Sami Vänttinen
305fd24a8e
Passkeys: Fix compatibility with StrongBox (#10420) 2024-04-27 23:20:28 -04:00
varjolintu
97cf35c993
Passkeys: Allow nfc and usb transports 2024-04-27 23:20:18 -04:00
Jonathan White
b7a1c620e4 Passkeys improvements (#10318)
Refactors the Passkey implementation to include more checks and a structure that is more aligned with the official specification.
Notable changes:
- _BrowserService_ no longer does the checks by itself. A new class _BrowserPasskeysClient_ constructs the relevant objects, acting as a client. _BrowserService_ only acts as a bridge between the client and _BrowserPasskeys_ (authenticator) and calls the relevant popups for user interaction.
- A new helper class _PasskeyUtils_ includes the actual checks and parses the objects.
- _BrowserPasskeys_ is pretty much intact, but some functions have been moved to PasskeyUtils.
- Fixes Ed25519 encoding in _BrowserCBOR_.
- Adds new error messages.
- User confirmation for Passkey retrieval is also asked even if `discouraged` is used. This goes against the specification, but currently there's no other way to verify the user.
- `cross-platform` is also accepted for compatibility. This could be removed if there's a potential issue with it.
- Extension data is now handled correctly during Authentication.
- Allowed and excluded credentials are now handled correctly.
- `KPEX_PASSKEY_GENERATED_USER_ID` is renamed to `KPEX_PASSKEY_CREDENTIAL_ID`
- Adds a new option "Allow localhost with Passkeys" to Browser Integration -> Advanced tab. By default it's not allowed to access HTTP sites, but `http://localhost` can be allowed for debugging and testing purposes for local servers.
- Add tag `Passkey` to a Passkey entry, or an entry with an imported Passkey.

Fixes #10287.
2024-03-09 15:21:46 -05:00
varjolintu
fe739578ab Passkeys: Create AAGUID for KeePassXC 2024-01-30 18:26:45 -05:00
varjolintu
7371589955 Rename userId to credentialId 2024-01-30 18:26:45 -05:00
Jonathan White
416581b179 Add basic support for WebAuthn (Passkeys) (#8825)
---------

Co-authored-by: varjolintu <sami.vanttinen@protonmail.com>
Co-authored-by: droidmonkey <support@dmapps.us>
2024-01-30 18:26:45 -05:00