RawSubcommand is de/serialized as a u8 corresponding to its subCommand
number.
Also implements Display for authenticator::credential::management::Error
so that it can be used as the serde error type for RawSubcommand.
CTAP 2 uses bitflags to represent the permissions field in client pin
requests. This adds a RawPermission type that can be represented using a
FlagSet<RawPermission> for Serialization and Deserialization.
The cosey::PublicKey type does not properly implement deserialize for
the general PublicKey type. the client_pin::raw::PublicKey type is used
as an intermediate to allow deserialization of COSE public keys in the
client_pin protocol.
Replaces coset::CoseKey type, which doesn't sufficiently distinguish
between public and private keys and the parameters required for key
algorithm variants, with the cosey::PublicKey type in the Request and
Response type fields.
Rather than use manual lifetime management for PinUvAuthProtocol session
keys, change the auth_protocol::platform::Session trait to represent a
single Session, which maintains its own platform key agreement key, and
can be managed with the lifetime of the value itself.
This unstable feature is used in the
authenticator::client_pin::auth_protocol module to keep track of which
version of the PinUvAuthProtocol a given Authenticator or Platform
interface implements.
In preparation for adding traits for the PIN/UV Auth Protocol, this
splits the AuthProtocolVersion type into its own module and renames it
to auth_protocol::Version.
Used to manage serialization and deserialization of COSE public keys
instead of coset in order to be able to derive De/Serialize for types
that include COSE public keys as fields in CBOR messages.
coset is inadequate for the purpose because it uses a distinct
AsCborSerialize trait instead of the standard serde::{Serialize,
Deserialize} traits.
Derives PartialOrd and Ord for credential::public_key::Parameters
Derives PartialEq, Eq, PartialOrd and Ord for credential::public_key::UserEntity
Also derives clone and copy for some types.
serde_derive does not currently support using integer values as map
keys. CTAP uses integer values for various CBOR map keys. In order to
properly serialize and deserialize types for the CTAP protocol, a forked
version of serde from a pull request that adds support for renaming
field keys as integer types is used.
Tracked in <https://github.com/serde-rs/serde/pull/2209>
Renamed every value to screaming snake case manually to ensure that the
large number of acronyms and numbers don't cause an accidentally
incorrect value to be derived.
Attestation statements are returned as part of the CBOR maps returned by
authenticators in response to authenticatorMakeCredential and
authenticatorGetAssertion commands.
The attestation statements defined by WebAuthn come in various formats.
However, the format identifier is not part of the attestation statement
field in the CBOR map (0x03 attStmt), but rather as a distinct format
field (fmt 0x01).
Normally, this could be worked around with an externally tagged enum,
but using integer tags is not currently supported by serde. By marking
the enum instead as untagged, this should ideally mean that serde can
differentiate between the enum variants by the fields of the attestation
statement, which is itself a CBOR map.
Otherwise, we could always revert to just raw byte sequences for the
attestation statements during (de)serialization and push validating
these statements onto another part of the code.
Adds serde_with as a dependency in order to serialize Descriptor::id as
bytes instead of as a sequence.
Enables cfg_eval feature to enable conditional usage of serde_with
behind the "serde" feature flag for the fido-common crate.
Relies on ciborium as a dependency because coset requires one of
ciborium's error types. It should be possible to remove this type's
dependence on ciborium.
The credential::public_key::Parameters field algorithm designates the
public key algorithm represented by the parameter. This replaces the
incorrect registry::algorithms::Signature type with the correct
coset::iana::Algorithm type and adds Serialization/Deserialization
methods for this type.
bounded_vec crate was used to enforce constraints on size of various
fields as defined by webauthn or ctap specs. However, it does not
properly support zero-sized lower bounds.
