Bug 312081
| Summary: | Support algorithm -8 (Ed25519) and -257 (RS256) in AuthenticatorAttestationResponse.getPublicKey() | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | pilcrow |
| Component: | New Bugs | Assignee: | Nobody <webkit-unassigned> |
| Status: | NEW | ||
| Severity: | Normal | CC: | pascoe, webkit-bug-importer |
| Priority: | P2 | Keywords: | InRadar |
| Version: | Other | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
pilcrow
The level 2 spec of the Web Authentication API (https://www.w3.org/TR/webauthn-2/) states that user agents MUST be able to return a non-null value for getPublicKey() when the public key has the algorithm -7 (ES256), -8 (Ed25519), or -257 (RS256).
https://www.w3.org/TR/webauthn-2/#sctn-public-key-easy
However, the latest version of WebKit only supports algorithm -7 (ES256). While RSA isn't common, Ed25519 is already supported by various external security keys like the YubiKey series 5.
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Radar WebKit Bug Importer
<rdar://problem/175102806>