Bug 259934

Summary: [WebAuthn] Implement PRF extension + hmac-secret
Product: WebKit Reporter: pascoe <pascoe>
Component: WebKit Misc.Assignee: pascoe <pascoe>
Status: NEW    
Severity: Normal CC: pascoe, rew.islam, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   

pascoe@apple.com
Reported 2023-08-08 10:30:08 PDT
We currently do not support the PRF extension or the necessary CTAP extension for it, hmac-secret. This bug is to implement both of those.
Attachments
Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2023-08-08 10:30:21 PDT
<rdar://problem/113572812>
pascoe@apple.com
Comment 2 2023-08-08 10:30:41 PDT
explainer: https://github.com/w3c/webauthn/wiki/Explainer:-PRF-extension
Rew Islam @ Dashlane
Comment 3 2025-03-26 06:28:35 PDT
It would be great to also see support for hmac-secret-mc: https://fidoalliance.org/specs/fido-v2.2-ps-20250228/fido-client-to-authenticator-protocol-v2.2-ps-20250228.html#sctn-hmac-secret-make-cred-extension
pascoe@apple.com
Comment 4 2025-11-11 00:26:57 PST
Pull request: https://github.com/WebKit/WebKit/pull/53734
Note You need to log in before you can comment on or make changes to this bug.