r4gus
commented
2 weeks ago Thanks for the hint, I'll look into it.
Open frie opened 2 weeks ago
r4gus
commented
2 weeks ago Thanks for the hint, I'll look into it.
r4gus
commented
2 weeks ago @frie thanks again for letting me know. When you say "not Google" do you get the same/ a similar error as shown below?
"Your device doesn't support creating passkeys. However, you can create a passkey on another device."
If so, it's an Issue with Google itself I'm unable to fix. Google seems to fingerprint the Browser and OS. I'm actually not surprised. The same time they "introduced" Passkey (its more a rebranding of FIDO2 with credential synchronization support) they (Google, Apple, Microsoft) rolled out their proprietary CTAP2 replacements. To me this is an indication that there is... let's say a lack of commitment to work on a shared standard.
Nevertheless, if you have additional information to share, I would appreciate it if you post it below.
Also, the transitive dependency issue (stb_image) will probably take some time to fix (I'm currently working on a new version and I'm the only maintainer with limited time).
frie
commented
2 weeks ago Yes, same error message. But that's only on Chromium. On Firefox Google also told me that my device does not support passkeys, but I could create a passkey anyway, and later also use it for authentication on Chromium. For Github and Microsoft PasskeeZ worked on both browsers. I also tried with some php code (Wordpress plugin, Joomla module) and all this worked out of the box.
On first sight I did not find the notes for the Beta version, so I missed the GUI (later found it was removed in the Beta version). Also read the recommendation to use the stable version (which I currently cannot install) to edit keys, but is the database format compatible between stable and Beta?
For my FIDO stick I can manage keys using the Chromium security settings. Seems not to be supported currently by PasskeeZ
r4gus
commented
2 weeks ago Thanks for the additional information. I've to do some digging regarding Google. Maybe there is a way into tricking Google with the "right" HID descriptor.
The dependency issue is quite unfortunate.
The problem is that the stable and the new version use different file formats (https://r4gus.github.io/ccdb/ + KDBX4 [currently working on it]). I'll add a command line application for managing credentials to the beta.
frie
commented
2 weeks ago I probably can await PasskeeZ making use of a kdbx4 DB - then I could use KeePassXC to manage keys in the database. Have to think further about the options arising from using kdbx4 format... Maybe integrate the PasskeeZ DB as a satellite of the KeePassXC DB? From the UX perspective I find PasskeeZ better than KeePassXC, because of browser independence and no need for having an addon for each browser. And using KeePassXC to manage passwords and passkeys in one tool would make much sense.
r4gus
commented
2 weeks ago I'll hit you up as soon as KDBX4 support lands.
r4gus
commented
1 week ago @frie I've added a command line tool for managing credentials https://github.com/r4gus/ccdb
frie
commented
1 week ago @frie I've added a command line tool for managing credentials https://github.com/r4gus/ccdb
Thanks - I finally got this working without being a zig developer... Maybe an integration of the ccdb build in the passkeez beta build script (as for zigenity) would make sense. When cloning the 0.1.0 branch the build does not create binary - using the master is ok.
r4gus
commented
5 days ago Good point, I'll add pre-build binaries the next time.
Seems that the url for stb_image in build.zig.zon is broken:
Fetch Packages [8/8] dvui.stb_image... /root/.cache/zig/p/1220e30b896597e843a23df3c15e9b126ed4a3d0fb042bfb7c85f7c10827bd6e66a7/build.zig.zon:14:20: error: Expected response status '200 OK' got '404 Not Found' .url = "https://github.com/david-vanderson/stb_image/archive/9a961327f5e67ec799bc9a6258d7abebb59d7028.tar.gz",Beta install.sh currently runs without problems, and the passkeys work on Github and Microsoft (!) - not Google