Feature: allow hints without attachment

[MasterKale]

I got another ask to consider enabling testing of hints without setting authenticatorAttachment. I should probably enable this, if it helps out certain browser vendors roll out hints support...

[Firstyear]

ring crashes on a lot of platforms so we can't use it. Haven't looked at aws-lc-rs

we are considering moving to he RustCrypto ecosystem.

[bakcxoj]

Thank you for your response @Firstyear. Do you know about how long it'll be before that'll be in production? And, is there anything that can be done in the meantime (other libraries, techniques, hacks) that you can think of?

[Firstyear]

I won't be able to get to it for some time - if @micolous has spare time and feels up it to they can.

Otherwise, if you want to help, feel free. I'm starting a "glue" crate because RustCrypto crates are generally a fragmented bunch and the glue is needed. From there we can swap out small parts of the primitives one at a time, and potentially even make the glue crate it's own interface etc.

[yaleman]

Rather than start Yet Another Glue Crate, I'd probably help out rustls and/or implement the crypto::CryptoProvider trait as noted to avoid duplicating work... there was a recent talk saying that they've replaced OpenSSL in some projects recently with it

[Firstyear]

@yaleman that provider is very much aimed at TLS, not general purpose crypto operations.

[anderspitman]

Just want to provide another use case. I'm working on an authentication library that can be used with multiple languages (currently JS, Go, and Rust). Rather than rewrite things like webauthn support for every language, I'm writing the bulk of the code in Rust, compiling to wasm32, and using Extism to run in each host language.

So far I've been able to use openidconnect-rs to add OIDC support and ATrium to add ATProto/Bluesky login, but I haven't found a webauthn library yet. I see webauthn_rp which does compile for wasm32, but I don't see any examples and I'm not sure if it's fully functional or not.