It seems the private key is calculated on the fly - in this case credential id would work as seed for the calculation)įIDO2 encompasses both WebAuthn (browser API) and CTAP2 (USB/Bluetooth/NFC APIs for externally connected authenticators). But the name makes me doubt if my request is possible with this parameter).ĮDIT: In the meantime I found this link to some Solo Keys developer pages describing how it works on Solo Keys. (The function accepts four specific parameters description here, and the only one that I understand could bring the private key is the "credential id". At least in "fido2-assert" I don't see a way to do this when I want to create an assertion on the client. If so, how does libfido2 need to be configured to do this? How can I provide the library with the appropriate protected private key. If this is the case, does libfido2 offer any possibility to work with FIDO U2F and wrapped keys instead? Yubico says in the FAQs that with YubiKey 5 unlimited key pairs can be used for FIDO U2F however, for FIDO2 only space for 25 resident keys is promised.ĭoes "FIDO2" mean that resident keys are used and that FIDO2 cannot be used with (external) wrapped private keys? I am currently working my way into libfido2 and trying to figure out how to use wrapped private keys with it.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |