In preparation for adding traits for the PIN/UV Auth Protocol, this
splits the AuthProtocolVersion type into its own module and renames it
to auth_protocol::Version.
Used to manage serialization and deserialization of COSE public keys
instead of coset in order to be able to derive De/Serialize for types
that include COSE public keys as fields in CBOR messages.
coset is inadequate for the purpose because it uses a distinct
AsCborSerialize trait instead of the standard serde::{Serialize,
Deserialize} traits.
Derives PartialOrd and Ord for credential::public_key::Parameters
Derives PartialEq, Eq, PartialOrd and Ord for credential::public_key::UserEntity
Also derives clone and copy for some types.
serde_derive does not currently support using integer values as map
keys. CTAP uses integer values for various CBOR map keys. In order to
properly serialize and deserialize types for the CTAP protocol, a forked
version of serde from a pull request that adds support for renaming
field keys as integer types is used.
Tracked in <https://github.com/serde-rs/serde/pull/2209>
Renamed every value to screaming snake case manually to ensure that the
large number of acronyms and numbers don't cause an accidentally
incorrect value to be derived.
Attestation statements are returned as part of the CBOR maps returned by
authenticators in response to authenticatorMakeCredential and
authenticatorGetAssertion commands.
The attestation statements defined by WebAuthn come in various formats.
However, the format identifier is not part of the attestation statement
field in the CBOR map (0x03 attStmt), but rather as a distinct format
field (fmt 0x01).
Normally, this could be worked around with an externally tagged enum,
but using integer tags is not currently supported by serde. By marking
the enum instead as untagged, this should ideally mean that serde can
differentiate between the enum variants by the fields of the attestation
statement, which is itself a CBOR map.
Otherwise, we could always revert to just raw byte sequences for the
attestation statements during (de)serialization and push validating
these statements onto another part of the code.
