Andrey Ovcharov

Professional Software Engineer and hobbyist Hardware enthusiast

Andrey Ovcharov

WebAuthN on ESP32 development board

After implementing the Android app for FIDO2 authentication I started to implement the same functionality on the ESP32 development board.

In the beginning, I started development with C++ on the Arduino Platform as it has a high-level library to operate Bluetooth Low Energy (BLE). But after some work, I have figured out that this library is only a thin wrapper around functions provided by the ESP IDF framework. Therefore I have switched to ESP IDF and continued development with C language. The previously built Android app helped me a lot in debugging various issues with the protocol.

And finally, I’ve made this project running.

I have trimmed a lot of functionality to achieve this. For example, I have implemented only one credential which is stored in a volatile device’s memory. User validation and presence is implemented as a simple button click. Most of the checks and validations are missing as well.

Nevertheless, I was able to pass both “Make Credential” and “Get Assertion” procedures on a (testing webpage)[] and the video below shows the full process of registration and authentication.

So at this point, I have almost all the required pieces to continue with the build of a personal Authenticator device. Every piece can be improved independently while maintaining basic functionality of registration and authentication workflows.

Now I am thinking of making a custom PCB board for the device. Looks like it can be small-sized wearable allowing to use secure passwordless authentication.