Skip to content

Instantly share code, notes, and snippets.

Emil Lundberg emlun

Block or report user

Report or block emlun

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
emlun /
Last active Sep 28, 2019
DRAFT: WebAuthn recovery credentials extension


Web Authentication solves many problems in secure online authentication, but also introduces some new challenges. One of the greatest challenges is loss of an authenticator - what can the user do to prevent being locked out of their account if they lose an authenticator?

The current workaround to this problem is to have the user register more than one authenticator, for example a roaming USB authenticator and a platform authenticator integrated into a smartphone. That way the user can still use the

// Copyright (c) 2018, Yubico AB
// All rights reserved.
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are met:
// 1. Redistributions of source code must retain the above copyright notice, this
// list of conditions and the following disclaimer.
// 2. Redistributions in binary form must reproduce the above copyright notice,
emlun /
Created Oct 22, 2018
Draft: WebAuthn recovery extension

DRAFT: Recovery Credentials Extension (recovery)

This extension allows for recovery credentials to be registered with an RP, which can be used for account recovery in the case of a lost/destroyed main authenticator. This is done by associating one or more backup authenticators with the main authenticator, the latter of which is then able to provide additional credentials for account recovery to the RP without involving the backup authenticators. The mechanism of setting this up is outside of the scope of this extension, however a state counter is defined as follows:

# Tiny tool for generating valid but nonsensical PNG images of a given file size.
# Usage:
# $ python SIZE_BYTES
# Example:
# $ python 1024 > output.png
View firefox-nightly-assertion-fail-ykneo.html
<meta charset="utf-8"/>
const ykNanoCredentialId = new Uint8Array([
177, 125, 44, 11, 125, 20, 124, 221, 117, 42, 171, 163, 91, 125, 150, 85,
217, 150, 76, 209, 3, 91, 109, 115, 21, 100, 42, 36, 107, 73, 20, 120,
emlun / c173434232651982.lua
Last active Sep 9, 2017
Shenzhen I/O: Frobnicator
View c173434232651982.lua
-- The function get_name() should return a single string that is the name of the puzzle.
function get_name()
return "Frobnicator"
-- The function get_description() should return an array of strings, where each string is
-- a line of description for the puzzle. Surrounding text with asterisks will cause it to
-- be rendered in bold, something we use when mentioning a signal by name.
from binascii import hexlify, unhexlify
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import ec
sig_alg = ec.ECDSA(hashes.SHA256())
emlun /
Last active Jun 4, 2017
GRand Unified Storage system
emlun / two-combinations.clj
Last active Apr 9, 2017
View two-combinations.clj
(defn pair-with-all-in
{ :test #(let [f pair-with-all-in]
(is (= [] (f 0 [])))
(is (= [ [0 1] ] (f 0 [1])))
(is (= [ [0 1] [0 2] ] (f 0 [1 2])))
[ x ys ]
(map (fn [y] [x y]) ys))
You can’t perform that action at this time.