⚠️ Consider this plugin to be experimental until the version v1.0.0 is published! ⚠️

🔑 Symmetrically encrypt files with fido2 keys that support the "hmac-secret" extension.

#️⃣ Unlimited generation of recipients/identities because generated fido2 credentials are stateless.

📝 See SPEC.md for more details.

• age (>= 1.1.0) or rage
  • Prefer rage when encrypting to multiple fido2 tokens (because of #525).

git clone https://github.com/olastor/age-plugin-fido2-hmac.git
cd age-plugin-fido2-hmac
pip install .

$ age-plugin-fido2-hmac -n
Please insert your fido2 token now...
Please enter the PIN:
Please touch the authenticator.
Do you want to require a PIN for encryption/decryption? [y/N]: y
Do you want to create a secret identity? [y/N]: N
# -> prints either recipient ("age1fido2-hmac1...") or identity ("AGE-PLUGIN-FIDO2-HMAC-...")

• Don't loose your fido2 token (obviously)!
• You can only require a PIN if you have one set (obviously)!
• Keep identities secret and don't loose them!
• Keep track of which token matches which identity (if you have multiple fido2 tokens)!
• You cannot encrypt to a recipient without your fido2 token.*
• To decrypt files encrypted with a recipient use the magic identity (age-plugin-fido2-hmac -m).
• To decrypt files encrypted with an identity use the same identity.

* In contrast to asymmetric key pairs, this plugin uses symmetric encryption, meaning for both encryption and decryption the plugin needs to interact with the fido2 token. The difference between a recipient and an identity is nuanced. Basically identities isolate additional information required for decryption, while recipients treat that as public metadata. See SPEC.md for more details.

Encryption:

cat test.txt | rage -r age1fido2-hmac1... -o test.txt.enc

or

cat test.txt | rage -e -i identity.txt -o test.txt.enc

Decryption:

age-plugin-fido2-hmac -m > magic.txt
cat test.txt.enc | age -d -i magic.txt -o test-decrypted.txt

or

cat test.txt.enc | age -d -i identity.txt -o test-decrypted.txt

By default, one of the following algorithms is picked (in that order): ES256, EdDSA, RS256. If you want the credential to use a specific algorithm, use the -a parameter:

age-plugin-fido2-hmac -a eddsa -n

Note that

• your authenticator may not support all algorithms,
• the length of recipient/identity strings can increase dramatically by using a different algorithm.

The default (in most cases) is "es256", which should provide the smallest recipient/identity strings.