-
-
Notifications
You must be signed in to change notification settings - Fork 278
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for hmac-secret FIDO2 extension #304
Comments
Well… yeah, good idea. Given the cited key (SoloKey) now has the v2 campaign running, here are some more details on how that would have to be implemented: In contrast to #8, which uses HMAC-SHA1, which is a proprietary extension from Yubikey, the thing better to be done is use
"Upstream" KeePassXC issue for that is: keepassxreboot/keepassxc#3560 |
Also I'd propose to rename this issue to a more accurate title like "Add support for hmac-secret FIDO2 extension". |
@rugk I would like to add, that the use of Implementing both could also work. I think that HMAC-SHA1 implementation is important in order to ensure cross-compatibility with other KeePass implemtations (such as KeePassXC). I don't know of any desktop KeePass programs supporting |
That's a problem of KeePassXC, actually and tracked in keepassxreboot/keepassxc#3560 as said. As argued, it makes no sense to only support YubiKeys, when you can support a standard and thus all keys. The feature request you are probably looking for is thus #8, which is about YubiKey. |
@rugk as I understand it, AFAIK, FIDO is only supported in Chrome, so KeePassDX would need its own implementation anyway. Also, I think that omitting the use of Google Play Services is important for a FOSS project like this. |
Here is an alternative FIDO2 SDK in GPL3 that does not require the play service, it may be a good starting point to study the feasibility. |
The goal would be to promote the implementation of open protocols |
Note that on Android by default all apps/browsers seem to depend on Google Play Services (yet again 🙄) for FIDO2/WebAuthn to work/use that implementation. A feature request for implementation at microG (microg/GmsCore#849) is still open. Okay though WebAuthns is likely a different scope… though I don't know about the internals/what the Play Services support/provide, so just throwing this in here FYI. (Maybe yet again one could cooperate here just like with the exposure notification thing that you could use a library provided by microG to implement this, if you want to have support for de-googled devices without microG.) |
I've raised a pull request again hwsecurity to add support for hmac-secret. No response yet from the maintainers, but the GPLv3 license of that library would permit bundling a fork of it into the hardware key driver code. I would recommend against implementing a solution that directly uses the FIDO2 hmac-secret challenge response as part of the keying material for the password database. If you do that, users will have one hardware token whose loss would mean being unable to open their database. To me that's not an acceptable state of affairs... Instead, the database should store an encryption of the primary keying material part with n-many different hmac-secret challenge responses. That way one of n-many different FIDO2 devices could be used to unlock the database. |
I agree with that, the problem would be where to store the n-many. The Keeweb WIP explains the concept well but will putting this info in the database header pose a security problem? I will remove the option "FIDO2 secret" in the selection of the hardware key of KeePassDX because the functionality still needs to be discussed further and standardized. |
The latest release of microG have FIDO/FIDO2/WebAuthn support, while currently is only for browsers at least we already are some steps ahead. |
Good news on this topic. As a user of KeePassDX on Android, it would be great to see this also implemented here in a compatible manner, so that a keepass database created in KeePassXC secured with a hmac-secret device could be opened in KeepassDX with the same key. The challenges as discussed above is the primarily which FIDO2 library to pick. The official android FIDO2 api does support "hmac-secret" but is tied to Google Play Services, which I believe we want to avoid. The mentioned alternative library https://github.com/cotechde/hwsecurity is out of date, unmaintained, and does not support "hmac-secret". The latest release of microG has its own FIDO2 implementation, as mentioned above, and while its only intended for browsers it may be able to work directly with this app. Does KeePassDX use microG elsewhere already? There is a fully independent complete FIDO2 implementation created by the NitroKey team, but I believe it is proprietary, it requires a payment or subscription: https://www.nitrokey.com/products/android-fido2-sdk |
KeePassDX doesn't use microG, but there's nothing to stop extracting the source code and turning it into a driver app. |
I just noticed the existing KeePassDX Security Key Hardware Driver https://gitlab.com/kunzisoft/android-hardware-key-driver already mentions planned support for "hmac-secret" extension (For the solo key, but I don't see why it wouldn't work on other keys). |
@ashleysommer the one from Nitrokey is the same as the Hardware Security SDK. It's dual-licensed as GPLv3 and a proprietary license. |
@samsapti Thanks for pointing that out. Looks like that library doesn't yet support "hmac-secret" extension, but there is an open pull request (hwsecurity-sdk/hwsecurity#5) to add support. |
I opened that pull request, and since nobody has responded in the months since, I think it's safe to say that hwsecurity is indeed unmaintained. |
Ah right, yep I didn't to see the connection until now, with your comment from earlier in this thread. |
I just wanted to bring up that recently KeePassXC added support for the Nitrokey 3, but using
|
No, this is unrelated to the FIDO2 efforts that will enable support for SoloKeys and other FIDO2 keys.
Yes. That feature is merged, and be part of the v2.8.0 release of KeePassXC, I don't know when the release date for that will be. |
At the moment, I don't have a Nitrokey, so I can't test with it. The driver may need to be modified. |
@J-Jamet For development purposes we can provide you a free Nitrokey 3. Please DM me or send us an email to arrange that. |
I am in the process of writing a suitable FIDO2 Platform implementation that could be used for this feature: https://github.com/BryanJacobs/FIDOk/ . It's not ready yet: although technically things work with USB or NFC authenticators on Android, and it supports HMAC-Secret just fine, the documentation, error handling, and test coverage aren't up to snuff. But soon it will be able to serve as an alternative to both the hwsecurity code and to Google's own half-baked FIDO implementation. |
I've raised https://gitlab.com/kunzisoft/android-hardware-key-driver/-/merge_requests/12 to make supporting hmac-secret here possible. |
microG has implemented FIDO feature since v0.2.25.223616 (2022-10-21) and implemented FIDO PIN support since v0.3.3.240913 (2024-09-28). Fennec (a libre build of Firefox) has used microG as a replacement for the GMS library to implement the FIDO feature. It can be done by simply replacing |
What about setups that wish to avoid connecting to google altogether and don't have GSF or microG installed at all? |
Actually, microG's FIDO part can be used as a standalone full implementation library with a GMS-like API. Fennec considered this way before. Also, the FIDO part of the microG service is unrelated to other parts connecting to the Google server. You can disable the network permission of microG and use its FIDO or other networkless features. I see some users use microG this way. |
Allow the use of SoloKey keys.
Implement a challenge-response using the hmac-secret FIDO2 algorithm. https://fidoalliance.org/specs/fido-v2.0-rd-20180702/fido-client-to-authenticator-protocol-v2.0-rd-20180702.html#sctn-hmac-secret-extension
Links :
keeweb/keeweb#1681
https://github.com/keeweb/keeweb/wiki/%5BWIP%5D-FIDO2-hmac-otp
https://github.com/MartinKolarik/KeePassFIDO2
#304
keepassxreboot/keepassxc#3560
https://github.com/Yubico/libfido2
https://developers.yubico.com/libfido2/Manuals/fido2-cred.html
https://github.com/mjec/khefin
https://solokeys.com/
https://github.com/solokeys/solo1-cli#challenge-response
https://github.com/saravanan30erd/solokey-full-disk-encryption#table-of-contents
The text was updated successfully, but these errors were encountered: