This repository contains demos for the use of FIDO largeBlobs - opaque data that can be stored on a FIDO authenticator such as a YubiKey.
LargeBlobs are part of the FIDO CTAP spec and can also be used from web pages via a WebAuthn extension.
Demos are located in the following subdirectories:
- ssh-certificate: storing SSH certificates, for access to SSH servers.
- webauthn - a simple example of using largeBlobs from a web page.
- x509 - storing X.509 certificates that bridge FIDO credentials to a PKI.
See the README.md files in those directories for further instructions.
To use the demos, you will need a FIDO Authenticator with largeBlob support. YubiKeys have support for largeBlobs starting with firmware version 5.5.
When using largeBlobs from a web appliation, you need a browser that supports the WebAuthn largeBlob extension, such as Chrome or Edge. For other browsers, check largeBlob support for WebAuthn get and create calls.