You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
84 lines
3.5 KiB
Rust
84 lines
3.5 KiB
Rust
use crate::{attestation, extensions, Sha256Hash};
|
|
use std::collections::BTreeMap;
|
|
|
|
#[cfg(feature = "serde")]
|
|
use serde::{Deserialize, Serialize};
|
|
|
|
pub enum Flags {}
|
|
|
|
/// > The authenticator data structure encodes contextual bindings made by the
|
|
/// > authenticator. These bindings are controlled by the authenticator itself,
|
|
/// > and derive their trust from the `WebAuthn` Relying Party's assessment of
|
|
/// > the security properties of the authenticator. In one extreme case, the
|
|
/// > authenticator may be embedded in the client, and its bindings may be no
|
|
/// > more trustworthy than the client data. At the other extreme, the
|
|
/// > authenticator may be a discrete entity with high-security hardware and
|
|
/// > software, connected to the client over a secure channel. In both cases,
|
|
/// > the Relying Party receives the authenticator data in the same format, and
|
|
/// > uses its knowledge of the authenticator to make trust decisions.
|
|
#[cfg_attr(feature = "serde", derive(Deserialize, Serialize))]
|
|
pub struct Data {
|
|
/// > SHA-256 hash of the RP ID the credential is scoped to.
|
|
pub relying_party_id_hash: Sha256Hash,
|
|
pub user_is_present: bool,
|
|
pub user_is_verified: bool,
|
|
pub signature_counter: u32,
|
|
pub attested_credential_data: Option<attestation::CredentialData>,
|
|
pub extensions: Option<BTreeMap<extensions::Identifier, Vec<u8>>>,
|
|
}
|
|
|
|
impl Data {
|
|
fn try_from(value: &[u8]) -> Option<Self> {
|
|
// 32 bytes: RP id hash
|
|
let rp_id = value.get(0..32)?.as_ref();
|
|
//
|
|
let flags = value.get(32)?;
|
|
|
|
None
|
|
}
|
|
}
|
|
|
|
impl TryFrom<&[u8]> for Data {
|
|
type Error = ();
|
|
|
|
fn try_from(value: &[u8]) -> Result<Self, Self::Error> {
|
|
Self::try_from(value).ok_or(())
|
|
}
|
|
}
|
|
|
|
/// > Authenticators may implement various transports for communicating with
|
|
/// > clients. This enumeration defines hints as to how clients might
|
|
/// > communicate with a particular authenticator in order to obtain an
|
|
/// > assertion for a specific credential. Note that these hints represent the
|
|
/// > `WebAuthn` Relying Party's best belief as to how an authenticator may be
|
|
/// > reached. A Relying Party will typically learn of the supported transports
|
|
/// > for a public key credential via getTransports().
|
|
#[derive(Clone, PartialEq, Eq, PartialOrd, Ord, Hash, Debug)]
|
|
#[cfg_attr(feature = "serde", derive(Serialize, Deserialize), serde(untagged))]
|
|
pub enum Transport {
|
|
/// > Indicates the respective authenticator can be contacted over removable
|
|
/// > USB.
|
|
#[cfg_attr(feature = "serde", serde(rename = "usb"))]
|
|
Usb,
|
|
/// > Indicates the respective authenticator can be contacted over Near
|
|
/// > Field Communication (NFC).
|
|
#[cfg_attr(feature = "serde", serde(rename = "nfc"))]
|
|
Nfc,
|
|
/// > Indicates the respective authenticator can be contacted over Bluetooth
|
|
/// > Smart (Bluetooth Low Energy / BLE).
|
|
#[cfg_attr(feature = "serde", serde(rename = "ble"))]
|
|
Ble,
|
|
/// > Indicates the respective authenticator can be contacted using a
|
|
/// > combination of (often separate) data-transport and proximity
|
|
/// > mechanisms. This supports, for example, authentication on a desktop
|
|
/// > computer using a smartphone.
|
|
#[cfg_attr(feature = "serde", serde(rename = "hybrid"))]
|
|
Hybrid,
|
|
/// > Indicates the respective authenticator is contacted using a client
|
|
/// > device-specific transport, i.e., it is a platform authenticator. These
|
|
/// > authenticators are not removable from the client device.
|
|
#[cfg_attr(feature = "serde", serde(rename = "internal"))]
|
|
Internal,
|
|
Unknown(String),
|
|
}
|