You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
139 lines
4.7 KiB
Rust
139 lines
4.7 KiB
Rust
use crate::{authenticator::client_pin, extensions::cred_protect, Sha256Hash};
|
|
use client_pin::PinUvAuthParam;
|
|
use fido_common::credential::public_key;
|
|
<<<<<<< Updated upstream
|
|
|
|
pub type PinUvAuthParam = [u8; 16];
|
|
|
|
#[derive(Clone, Copy)]
|
|
=======
|
|
use std::{borrow::Cow, fmt::Display};
|
|
|
|
#[cfg(feature = "serde")]
|
|
use serde::{Deserialize, Serialize};
|
|
|
|
#[cfg(feature = "serde")]
|
|
mod raw;
|
|
|
|
#[cfg(feature = "serde")]
|
|
use raw::{RawRequest, RawResponse};
|
|
|
|
#[derive(Clone, Debug)]
|
|
#[cfg_attr(
|
|
feature = "serde",
|
|
derive(Serialize, Deserialize),
|
|
serde(try_from = "RawRequest<'a>", into = "RawRequest<'a>")
|
|
)]
|
|
>>>>>>> Stashed changes
|
|
pub enum Request<'a> {
|
|
GetCredentialsMetadata {
|
|
/// > PIN/UV protocol version chosen by the platform.
|
|
pin_uv_auth_protocol: client_pin::AuthProtocolVersion,
|
|
/// > First 16 bytes of HMAC-SHA-256 of contents using `pinUvAuthToken`.
|
|
pin_uv_auth_param: PinUvAuthParam,
|
|
},
|
|
EnumerateRPsBegin {
|
|
/// > PIN/UV protocol version chosen by the platform.
|
|
pin_uv_auth_protocol: client_pin::AuthProtocolVersion,
|
|
/// > First 16 bytes of HMAC-SHA-256 of contents using `pinUvAuthToken`.
|
|
pin_uv_auth_param: PinUvAuthParam,
|
|
},
|
|
EnumerateRPsGetNextRP,
|
|
EnumerateCredentialsBegin {
|
|
/// The ID of the relying party to enumerate credentials for.
|
|
relying_party_id_hash: Sha256Hash,
|
|
/// > PIN/UV protocol version chosen by the platform.
|
|
pin_uv_auth_protocol: client_pin::AuthProtocolVersion,
|
|
/// > First 16 bytes of HMAC-SHA-256 of contents using `pinUvAuthToken`.
|
|
pin_uv_auth_param: PinUvAuthParam,
|
|
},
|
|
EnumerateCredentialsGetNextCredential,
|
|
DeleteCredential {
|
|
/// The ID of the credential to delete.
|
|
credential_id: Cow<'a, public_key::Descriptor>,
|
|
/// > PIN/UV protocol version chosen by the platform.
|
|
pin_uv_auth_protocol: client_pin::AuthProtocolVersion,
|
|
/// > First 16 bytes of HMAC-SHA-256 of contents using `pinUvAuthToken`.
|
|
pin_uv_auth_param: PinUvAuthParam,
|
|
},
|
|
UpdateUserInformation {
|
|
/// The ID of the credential to update.
|
|
credential_id: Cow<'a, public_key::Descriptor>,
|
|
/// The updated user information.
|
|
user: Cow<'a, public_key::UserEntity>,
|
|
/// > PIN/UV protocol version chosen by the platform.
|
|
pin_uv_auth_protocol: client_pin::AuthProtocolVersion,
|
|
/// > First 16 bytes of HMAC-SHA-256 of contents using `pinUvAuthToken`.
|
|
pin_uv_auth_param: PinUvAuthParam,
|
|
},
|
|
}
|
|
|
|
#[derive(Clone, Debug)]
|
|
#[cfg_attr(
|
|
feature = "serde",
|
|
derive(Serialize, Deserialize),
|
|
serde(into = "RawResponse", try_from = "RawResponse")
|
|
)]
|
|
pub enum Response {
|
|
GetCredentialsMetadata {
|
|
/// > Number of existing discoverable credentials present on the
|
|
/// > authenticator.
|
|
existing_resident_credentials_count: usize,
|
|
/// > Number of maximum possible remaining discoverable credentials
|
|
/// > which can be created on the authenticator.
|
|
max_possible_remaining_resident_credentials_count: usize,
|
|
},
|
|
EnumerateRPsBegin {
|
|
relying_party: RelyingParty,
|
|
/// > total number of RPs present on the authenticator
|
|
total_relying_parties: usize,
|
|
},
|
|
EnumerateRPsGetNextRP {
|
|
relying_party: RelyingParty,
|
|
},
|
|
EnumerateCredentialsBegin {
|
|
credential: Credential,
|
|
/// > Total number of credentials present on the authenticator for the
|
|
/// > RP in question
|
|
total_credentials: usize,
|
|
},
|
|
EnumerateCredentialsGetNextCredential {
|
|
credential: Credential,
|
|
},
|
|
DeleteCredential,
|
|
UpdateUserInformation,
|
|
}
|
|
|
|
#[derive(Debug, Clone)]
|
|
pub struct RelyingParty {
|
|
/// The description of the relying party.
|
|
pub relying_party: public_key::RelyingPartyEntity,
|
|
/// The hash of the relying party ID.
|
|
pub relying_party_id_hash: Sha256Hash,
|
|
}
|
|
|
|
#[derive(Debug, Clone)]
|
|
pub struct Credential {
|
|
/// The description of the user account associated with the credential.
|
|
pub user: public_key::UserEntity,
|
|
/// A description of the public key associated with the credential.
|
|
pub credential_id: public_key::Descriptor,
|
|
/// The public key associated with the credential.
|
|
pub public_key: Vec<u8>, // TODO: Replace arbitrary bytes with parsed key type
|
|
/// Indicates the level of user verification the authenticator requires for
|
|
/// this credential.
|
|
pub credential_protection_policy: cred_protect::Policy,
|
|
/// > Large blob encryption key.
|
|
pub large_blob_key: Vec<u8>,
|
|
}
|
|
|
|
#[derive(Debug, Clone)]
|
|
pub enum Error {
|
|
PinUvAuthTokenRequired,
|
|
MissingParameter,
|
|
InvalidParameter,
|
|
PinAuthInvalid,
|
|
NoCredentials,
|
|
KeyStoreFull,
|
|
}
|