[BEEEP] Implement rust fido2 for desktop mac and linux (v3) #12186
Conversation
quexten
changed the title
|
New Issues
Fixed Issues
|
|
Note: Linux builds are not working atm because the workflow is missing 2 dependencies. I'll make a separate PR with only the dependencies to merge first. |
Codecov ReportAttention: Patch coverage is
✅ All tests successful. No failed tests found. Additional details and impacted files@@ Coverage Diff @@
## main #12186 +/- ##
==========================================
- Coverage 33.36% 33.36% -0.01%
==========================================
Files 2908 2909 +1
Lines 90978 91005 +27
Branches 17325 17326 +1
==========================================
+ Hits 30356 30363 +7
- Misses 58219 58239 +20
Partials 2403 2403 ☔ View full report in Codecov by Sentry. |
|
@JaredSnider-Bitwarden note: this is only implemented for the refactored 2fa components. It seems we still only have them on on usdev. Does this require backporting to the shared 2fa component? |
|
Very much looking forward to the Linux FIDO2 support. Thank you for working on this. |
Should be fixed after #12207 is merged I think, since the workflow seems to be using the build step from |
|
Why closed? Does this mean no FIDO2 for Bitwarden on Linux? |
|
Sorry, I should have put a comment. I'll revisit this as a later time, but do not have the capacity right now to bring this over the finish line :| . I do still plan to revisit it though. |
|
I appreciate the efforts you've made so far and this is not directed at you personally, but I have to say it’s disappointing that a security-focused company like Bitwarden hasn’t prioritized this feature and resolved it already. It’s not a great look when an open-source security project provides support for a privacy-compromising platform like Microsoft Windows while continuing to neglect Linux, a platform that supposedly aligns with the principles Bitwarden promotes. Frankly, that inconsistency rubs a lot of users the wrong way. FIDO2 is clearly the gold standard for security keys, yet Linux users have been waiting for years while this feature has remained “on the road map.” It’s frustrating to see no implementation after such a long time, especially when competitors like Proton Pass launch in beta with this functionality right from the start. I’ve been stuck using only the browser extension because I refuse to resort to other options. It’s disappointing for those of us who value security and privacy to be left waiting this long with no certainty that it will ever be implemented at all. I'm sure I speak for many when I say this. |
|
Yeah, I agree, and no worries. I'll actually re-open and put this to draft again to make sure this does not slip off my radar completely, but don't expect an update from my end soon on this. |
|
Closing again in favor of #13038 ;) |
🎟️ Tracking
https://bitwarden.atlassian.net/browse/PM-15462
📔 Objective
Third version of cross-platform ctap-fido2-hid in the desktop. This time, not encumbered by any openssl dependencies, or "dangerous" apis.
Note: We don't implement a PIN gui because bitwarden does not require a PIN (UV) for 2FA.
📸 Screenshots
⏰ Reminders before review
🦮 Reviewer guidelines
:+1:) or similar for great changes:memo:) or ℹ️ (:information_source:) for notes or general info:question:) for questions:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion:art:) for suggestions / improvements:x:) or:warning:) for more significant problems or concerns needing attention:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt:pick:) for minor or nitpick changes