You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Windows 10's normal WebAuthn API is limited, and has some interesting extra functionality which is not (well?) documented.
There's a public spec for using WebAuthn over RDP, this appears to somewhat map to the regular WebAuthn API; but has some bonus features like being able to pass in a client_data_hash rather than client_data_json.
webauthn.dll exports VirtualChannelGetInstance(), which is an IWTSPlugin COM interface for Microsoft Remote Desktop Client. It's possible for other applications to use this same interface and stuff in commands like RDP would; and I currently have a Rust application which implements the needed COM interfaces.
The actual protocol is mostly CBOR, so aside from the COM shenanigans, it's actually a lot cleaner to work with from Rust than the FFI with C structs.
I'm not sure I'd make this one of the default APIs... but it is certainly tempting.
The text was updated successfully, but these errors were encountered:
micolous
added
win10
Windows 10's normal WebAuthn API is limited, and has some interesting extra functionality which is not (well?) documented.
There's a public spec for using WebAuthn over RDP, this appears to somewhat map to the regular WebAuthn API; but has some bonus features like being able to pass in a
client_data_hashrather thanclient_data_json.webauthn.dllexportsVirtualChannelGetInstance(), which is anIWTSPluginCOM interface for Microsoft Remote Desktop Client. It's possible for other applications to use this same interface and stuff in commands like RDP would; and I currently have a Rust application which implements the needed COM interfaces.The actual protocol is mostly CBOR, so aside from the COM shenanigans, it's actually a lot cleaner to work with from Rust than the FFI with C structs.
I'm not sure I'd make this one of the default APIs... but it is certainly tempting.
The text was updated successfully, but these errors were encountered: