From 8e1b1751365169e2c3671fb29e4e71d8e50472dc Mon Sep 17 00:00:00 2001 From: Nick Zana Date: Tue, 16 May 2023 13:01:24 -0400 Subject: [PATCH] remove bounded_vec from fido_common crate bounded_vec crate was used to enforce constraints on size of various fields as defined by webauthn or ctap specs. However, it does not properly support zero-sized lower bounds. --- crates/fido-common/Cargo.toml | 3 +-- crates/fido-common/src/credential/public_key.rs | 5 ++--- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/crates/fido-common/Cargo.toml b/crates/fido-common/Cargo.toml index 27e2a1c..aa96bd1 100644 --- a/crates/fido-common/Cargo.toml +++ b/crates/fido-common/Cargo.toml @@ -6,9 +6,8 @@ edition = "2021" # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html [dependencies] -bounded-vec = { version = "0.7.1", features = ["serde"] } coset = { version = "0.3.4", default-features = false } serde = { version = "1", features = ["derive"], optional = true } [features] -serde = ["dep:serde", "bounded-vec/serde"] +serde = ["dep:serde"] diff --git a/crates/fido-common/src/credential/public_key.rs b/crates/fido-common/src/credential/public_key.rs index d0aff71..0d65a0b 100644 --- a/crates/fido-common/src/credential/public_key.rs +++ b/crates/fido-common/src/credential/public_key.rs @@ -1,6 +1,5 @@ use crate::registry::algorithms; use crate::{authenticator::Transport, credential}; -use bounded_vec::BoundedVec; use std::collections::BTreeSet; #[cfg(feature = "serde")] @@ -35,7 +34,7 @@ pub struct Descriptor { /// > A probabilistically-unique byte sequence identifying a /// > public key credential source and its authentication /// > assertions. - pub id: BoundedVec, + pub id: Vec, /// > This... member contains a hint as to how the client might /// > communicate with the managing authenticator of the public /// > key credential the caller is referring to. @@ -64,7 +63,7 @@ pub struct UserEntity { // // WebAuthn says that "The user handle MUST NOT be empty." To maximimize compatibility, the // definition from the CTAP specs is used. - pub id: BoundedVec, + pub id: Vec, /// > a human-palatable identifier for a user account. It is intended /// > only for display, i.e., aiding the user in determining the /// > difference between user accounts with similar displayNames. For