ctap2-proto: Add ctap2-proto::authenticator::client_pin::raw::RawPermission bitflag set

CTAP 2 uses bitflags to represent the permissions field in client pin requests. This adds a RawPermission type that can be represented using a FlagSet<RawPermission> for Serialization and Deserialization.
11 months ago · 132cd6b03f
parent 10bdfc1547
commit 132cd6b03f
2 changed files with 53 additions and 0 deletions
--- a/crates/ctap2-proto/Cargo.toml
+++ b/crates/ctap2-proto/Cargo.toml
@ -14,6 +14,7 @@ typed-builder = { version = "0.14.0", default-features = false }
 # Version <= to support older serde
 serde_with = { version = "<=2.2.0", optional = true }
 cosey = "0.3.0"
+flagset = { version = "0.4.3", default-features = false, features = ["serde"] }

 [dev-dependencies]
 hex = "0.4.3"
--- a/crates/ctap2-proto/src/authenticator/client_pin/raw/mod.rs
+++ b/crates/ctap2-proto/src/authenticator/client_pin/raw/mod.rs
@ -2,6 +2,9 @@
 //! possible in CBOR format while maintaining ergonomic enum variants for public
 //! API.

+use super::Permission;
+use flagset::flags;
+use flagset::FlagSet;
 use serde::{Deserialize, Serialize};
 mod public_key;

@ -24,3 +27,52 @@ impl From<RawSubcommand> for u8 {
    }
 }

+
+flags! {
+    #[derive(Serialize, Deserialize)]
+    pub enum RawPermission: u8 {
+        MakeCredential = 0x01,
+        GetAssertion = 0x02,
+        CredentialManagement = 0x04,
+        BioEnrollment = 0x08,
+        LargeBlobWrite = 0x10,
+        AuthenticatorConfiguration = 0x20,
+    }
+}
+
+impl From<Permission> for RawPermission {
+    fn from(value: Permission) -> Self {
+        match value {
+            Permission::MakeCredential => Self::MakeCredential,
+            Permission::GetAssertion => Self::GetAssertion,
+            Permission::CredentialManagement => Self::CredentialManagement,
+            Permission::BiometricEnrollment => Self::BioEnrollment,
+            Permission::LargeBlobWrite => Self::LargeBlobWrite,
+            Permission::AuthenticatorConfiguration => Self::AuthenticatorConfiguration,
+        }
+    }
+}
+
+impl From<RawPermission> for Permission {
+    fn from(value: RawPermission) -> Self {
+        match value {
+            RawPermission::MakeCredential => Self::MakeCredential,
+            RawPermission::GetAssertion => Self::GetAssertion,
+            RawPermission::CredentialManagement => Self::CredentialManagement,
+            RawPermission::BioEnrollment => Self::BiometricEnrollment,
+            RawPermission::LargeBlobWrite => Self::LargeBlobWrite,
+            RawPermission::AuthenticatorConfiguration => Self::AuthenticatorConfiguration,
+        }
+    }
+}
+
+impl FromIterator<Permission> for FlagSet<RawPermission> {
+    fn from_iter<T: IntoIterator<Item = Permission>>(iter: T) -> Self {
+        iter.into_iter()
+            .map(RawPermission::from)
+            .fold(None.into(), |mut set, flag| {
+                set |= flag;
+                set
+            })
+    }
+}