bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2026-02-01 17:23:37 +00:00
Code Issues Releases Wiki Activity

Move behind compile-time feature

Browse Source
This commit is contained in:
Bernd Schoolmann
2025-11-17 13:57:07 +01:00
parent 829dc670e9
commit c53c8cb0ba
3 changed files with 17 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
apps/desktop/desktop_native/fido2_client/Cargo.toml
View File

@@ -5,10 +5,14 @@ license = { workspace = true }
version = { workspace = true }
publish = { workspace = true }
[features]
default = []
ctap-hid-fido2 = ["dep:ctap-hid-fido2", "dep:pinentry", "dep:secrecy"]
[dependencies]
base64 = { workspace = true }
ctap-hid-fido2 = "3.5.1"
pinentry = "0.5.0"
ctap-hid-fido2 = { version = "3.5.1", optional = true }
pinentry = { version = "0.5.0", optional = true}
serde = { workspace = true, features = ["derive"] }
secrecy = "0.8.0"
secrecy = { version = "0.8.0", optional = true }
sha2 = { workspace = true }

6
apps/desktop/desktop_native/fido2_client/src/ctap_hid_fido2.rs
View File

@@ -11,6 +11,12 @@ use crate::{
PublicKeyCredentialRequestOptions,
};
/// Depending on the platform API, the platform MAY do this for you, or may require you to do it manually.
fn prf_to_hmac(prf_salt: &[u8]) -> [u8; 32] {
use sha2::Digest;
sha2::Sha256::digest(&[b"WebAuthn PRF".as_slice(), &[0], prf_salt].concat()).into()
}
fn get_pin() -> Option<String> {
if let Some(mut input) = PassphraseInput::with_default_binary() {
input

15
apps/desktop/desktop_native/fido2_client/src/lib.rs
View File

@@ -1,20 +1,13 @@
#[cfg(all(target_os = "linux", target_env = "gnu"))]
#[cfg(feature = "ctap-hid-fido2")]
mod ctap_hid_fido2;
#[cfg(all(target_os = "linux", target_env = "gnu"))]
#[cfg(feature = "ctap-hid-fido2")]
use ctap_hid_fido2::*;
#[cfg(not(all(target_os = "linux", target_env = "gnu")))]
#[cfg(not(feature = "ctap-hid-fido2"))]
mod unimplemented;
#[cfg(not(all(target_os = "linux", target_env = "gnu")))]
#[cfg(not(feature = "ctap-hid-fido2"))]
use unimplemented::*;
#[cfg(all(target_os = "linux", target_env = "gnu"))]
/// Depending on the platform API, the platform MAY do this for you, or may require you to do it manually.
fn prf_to_hmac(prf_salt: &[u8]) -> [u8; 32] {
use sha2::Digest;
sha2::Sha256::digest(&[b"WebAuthn PRF".as_slice(), &[0], prf_salt].concat()).into()
}
#[derive(Debug, PartialEq, Clone)]
pub enum UserVerification {
Discouraged,