celsius

On Arch Linux, Booster provides a shell script that puts the initramfs image at /boot. The shell script does not currently accommodate this which (should) cause the image to not...

@enihcam To follow up, is there any specific reason why you do not have a `/boot` directory? I understand the case where one can have both `/boot` and `/efi` but...

Still a WIP. Strangely, when recovering the HMAC secret using the library, the value is different than the one recovered via `fido2-assert` even after it passes assertion. I have to...

> Using an existing library for some functionality (e.g. fido2 handling) is a preferable way in general. > > The only issue I see here is that libfido will always...

I fixed the bug. At it's current state, only the library's functionality is used rather than `fido2-assert`. User presence works, but I haven't tested unlocking with PINs (user verification) yet

I looked into go plugins https://pkg.go.dev/plugin. While extending the libfido2 functionality as a plugin promotes a modular design, thus avoiding the hard dependency to the images, things gets rather complicated....

> Are there other ways to decouple libfido2 from the booster? I think decoupling will involve either dynamically linking in some other way or compiling as a separate binary like...

@anatol I fixed the bug and was able to get libfido2 to work as a plugin. Now, it needs review booster.yaml extra_files: /usr/lib/booster/libfido2_plugin.so

@anatol Finished. I don't plan on adding anything, so let me know if I am missing/or should add anything more. I also tested (locally) the PIN code path and can...

@anatol I'm sorta having second thoughts about this PR to just prefer the current implementation instead, despite it not being pretty Both accomplish the same effect, but using the library...