Win10 RDP VirtualChannel

[micolous]

Windows 10's normal WebAuthn API is limited, and has some interesting extra functionality which is not (well?) documented.

There's a public spec for using WebAuthn over RDP, this appears to somewhat map to the regular WebAuthn API; but has some bonus features like being able to pass in a client_data_hash rather than client_data_json.

webauthn.dll exports VirtualChannelGetInstance(), which is an IWTSPlugin COM interface for Microsoft Remote Desktop Client. It's possible for other applications to use this same interface and stuff in commands like RDP would; and I currently have a Rust application which implements the needed COM interfaces.

The actual protocol is mostly CBOR, so aside from the COM shenanigans, it's actually a lot cleaner to work with from Rust than the FFI with C structs.

I'm not sure I'd make this one of the default APIs... but it is certainly tempting.