Attestation statements are returned as part of the CBOR maps returned by
authenticators in response to authenticatorMakeCredential and
authenticatorGetAssertion commands.
The attestation statements defined by WebAuthn come in various formats.
However, the format identifier is not part of the attestation statement
field in the CBOR map (0x03 attStmt), but rather as a distinct format
field (fmt 0x01).
Normally, this could be worked around with an externally tagged enum,
but using integer tags is not currently supported by serde. By marking
the enum instead as untagged, this should ideally mean that serde can
differentiate between the enum variants by the fields of the attestation
statement, which is itself a CBOR map.
Otherwise, we could always revert to just raw byte sequences for the
attestation statements during (de)serialization and push validating
these statements onto another part of the code.
Adds serde_with as a dependency in order to serialize Descriptor::id as
bytes instead of as a sequence.
Enables cfg_eval feature to enable conditional usage of serde_with
behind the "serde" feature flag for the fido-common crate.
Relies on ciborium as a dependency because coset requires one of
ciborium's error types. It should be possible to remove this type's
dependence on ciborium.
The credential::public_key::Parameters field algorithm designates the
public key algorithm represented by the parameter. This replaces the
incorrect registry::algorithms::Signature type with the correct
coset::iana::Algorithm type and adds Serialization/Deserialization
methods for this type.
bounded_vec crate was used to enforce constraints on size of various
fields as defined by webauthn or ctap specs. However, it does not
properly support zero-sized lower bounds.
The webauthn3-proto crate provides a FIDO WebAuthn3 API definition that
implements the w3c CredentialManagement API defined in the
credential-management-proto crate.
