[riot-notifications] [RIOT-OS/RIOT] FIDO2 support in RIOT (#16489)

Nils Ollrogge notifications at github.com
Wed May 26 14:34:48 CEST 2021


@Ollrogge commented on this pull request.



> +#
+# This file is subject to the terms and conditions of the GNU Lesser
+# General Public License v2.1. See the file LICENSE in the top level
+# directory for more details.
+
+menuconfig MODULE_FIDO2_CTAP
+    bool "FIDO2 CTAP"
+    depends on TEST_KCONFIG
+    help
+        Configure a FIDO2 CTAP authenticator via KConfig.
+
+if MODULE_FIDO2_CTAP
+
+config FIDO2_CTAP_DEVICE_AAGUID
+    string "AAGUID of the CTAP2 authenticator"
+    default "9c295865fa2c36b705a42320af9c8f16"

The [WebAuthn](https://www.w3.org/TR/webauthn/#sctn-authenticator-model) defines the AAGUID as follows:

>Additionally, each authenticator has an AAGUID, which is a 128-bit identifier indicating the type (e.g. make and model) of the authenticator. The AAGUID >MUST be chosen by the manufacturer to be identical across all substantially identical authenticators made by that manufacturer, and different (with high probability) from the AAGUIDs of all other types of authenticators. The AAGUID for a given type of authenticator SHOULD be randomly generated to ensure this. The Relying Party MAY use the AAGUID to infer certain properties of the authenticator, such as certification level and strength of key protection, >using information from other sources.

The static configuartion is a fallback value.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/RIOT-OS/RIOT/pull/16489#discussion_r639681096
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riot-os.org/pipermail/notifications/attachments/20210526/2ade7e63/attachment-0001.htm>


More information about the notifications mailing list