Divested-Mobile / Mull-Fenix

Build scripts for a web browser built upon Mozilla technology
https://divestos.org/pages/our_apps#mull
GNU Affero General Public License v3.0
605 stars 16 forks source link

Support for FIDO2 Webauthn #89

Open ph00lt0 opened 2 years ago

ph00lt0 commented 2 years ago

Firefox for mobile supports FIDO2 Webauthn however this seems disabled in Mull' user config.

security.webauth.webauthn = false

Not sure if anything else is necessary to get this to work?

SkewedZeppelin commented 2 years ago

This is wholly dependent on Google Play Services and proprietary blobs compiled into gecko. The removal patch: https://github.com/Divested-Mobile/Mull-Fenix/blob/master/gecko-liberate.patch

SkewedZeppelin commented 2 years ago

Discussion: https://gitlab.com/fdroid/rfp/-/issues/235#note_922550819

A potential future solution: https://gitlab.com/relan/fennecbuild/-/issues/34 https://gitlab.com/relan/fennecbuild/-/tree/microg

ph00lt0 commented 2 years ago

I am aware of the requirements of GMS, did not know about the other requirement. But I think it could be offered to those who chose to use this. The security advances are undeniable.

JaehaerysNL commented 1 year ago

Good evening,

I was wondering if the Mull development team would consider adding FIDO2/WebAuthn via this Android SDK that is not reliant on Google elements, instead of the non-FOSS libs that you do not wish to have in Mull's code.

The SDK is previewed on the website of Nitrokey GmbH: https://www.nitrokey.com/products/android-fido2-sdk

The main website appears to be: https://hwsecurity.dev/

(I am not entirely sure whether it's free, it does seem to show paid options but I am not sure in what context (eg whether's paid is for actual service, similar to OpenVPN))

EDIT: It seems there is a commercial license available, but that is optional, it is otherwise GPLv3, Nitrokey's website says it's GitHub repo page is the following: https://github.com/cotechde/hwsecurity

I hope you will reconsider FIDO2 implementation if you can manage to implement this SDK or any other FOSS-compliant alternative, as I've held to hold back on implementing WebAuthn on several online accounts due to the browser not properly rejecting the requests (for example Google doesn't go toward failed screen, which allows you to select TOTP instead, it waits eternally), but I would prefer not needing to hold back on adding phys. security keys on my accounts.

Hope this information may prove of use to you.

Kind regards, Jaehaerys

SkewedZeppelin commented 1 year ago

@JaehaerysNL see https://github.com/Divested-Mobile/Mull-Fenix/issues/89#issuecomment-1273549239

due to the browser not properly rejecting the requests

it should be rejected: https://github.com/Divested-Mobile/Mull-Fenix/blob/master/prebuild.sh#L305 did you edit anything in about config?

edit: actually probably regressed by: https://github.com/Divested-Mobile/Mull-Fenix/blob/master/preferences/userjs-brace.js#L33 will fix

JaehaerysNL commented 1 year ago

Maybe I am missing something, but I see mentions of MicroG implementation, which isn't useable for GrapheneOS.

And MicroG means still using Google in a way, so I'm not sure how that competes to using a SDK that does not rely on Google directly or indirectly, but maybe I'm just dumb, idk.

(Just speaking my mind here, no offense intended, apologies if it is taken as such)

SkewedZeppelin commented 1 year ago

It would only be using a single component of microG and it wouldn't matter if you had microG or Play installed or not.

DivestOS itself has zero support for microG either, so I wouldn't accept such as solution if it was as you say.

JaehaerysNL commented 1 year ago

Ahh I see, it seems I misread it then, apologies.

It would only be using a single component of microG and it wouldn't matter if you had microG or Play installed or not.

DivestOS itself has zero support for microG either, so I wouldn't accept such as solution if it was as you say.

That is very good to hear, though, I mistook it as still needing MicroG or something, I think MicroG project isn't bad or something, but in the long run one might be shifting the problem with that, which is what made me worry (I think only Vanced MicroG works for GrapheneOS, CalyxOS MicroG does not however, since Graphene lacks things regarding that signature spoofing, I forgot the exact words but I think you know what I might be referring to.