The first two patches align the extension inputs and outputs in our API with WebAuthn. In the long run this will simplify how we pass extensions from Firefox (e.g. we could deserialize them from JSON in authrs_bridge).
I'm only adding partial support for hmac-secret; I've not added an hmac_get_secret field to AuthenticationExtensionsClientInputs. I'll add support for the PRF extension, which uses hmac-secret internally, in a later revision, but I don't think we'll ever want to give the client direct access to hmac-secret.
While this enables a lot of new behavior, it's all inert until we actually pass inputs from Firefox. I developed this along with a series of patches that enable the individual extensions in Firefox and those patches enable web platform tests and add mochitests for each.
The first two patches align the extension inputs and outputs in our API with WebAuthn. In the long run this will simplify how we pass extensions from Firefox (e.g. we could deserialize them from JSON in authrs_bridge).
I'm only adding partial support for hmac-secret; I've not added an
hmac_get_secretfield toAuthenticationExtensionsClientInputs. I'll add support for the PRF extension, which uses hmac-secret internally, in a later revision, but I don't think we'll ever want to give the client direct access to hmac-secret.While this enables a lot of new behavior, it's all inert until we actually pass inputs from Firefox. I developed this along with a series of patches that enable the individual extensions in Firefox and those patches enable web platform tests and add mochitests for each.