libwebauthn 0.5.1

FIDO2 (WebAuthn) and FIDO U2F platform library for Linux written in Rust
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134

use async_trait::async_trait;
use std::fmt;
#[allow(unused_imports)]
use tracing::{debug, info, instrument, trace};

use crate::{
    transport::{device::Device, Channel},
    webauthn::Error,
};

use super::channel::NfcChannel;
#[cfg(feature = "nfc-backend-libnfc")]
use super::libnfc;
#[cfg(feature = "nfc-backend-pcsc")]
use super::pcsc;
use super::{Context, Nfc};

#[derive(Clone, Debug)]
enum DeviceInfo {
    #[cfg(feature = "nfc-backend-libnfc")]
    LibNfc(libnfc::Info),
    #[cfg(feature = "nfc-backend-pcsc")]
    Pcsc(pcsc::Info),
}

#[derive(Clone, Debug)]
pub struct NfcDevice {
    info: DeviceInfo,
}

impl fmt::Display for DeviceInfo {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        match &self {
            #[cfg(feature = "nfc-backend-libnfc")]
            DeviceInfo::LibNfc(info) => write!(f, "{}", info),
            #[cfg(feature = "nfc-backend-pcsc")]
            DeviceInfo::Pcsc(info) => write!(f, "{}", info),
        }
    }
}

impl fmt::Display for NfcDevice {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        write!(f, "{}", self.info)
    }
}

impl NfcDevice {
    #[cfg(feature = "nfc-backend-libnfc")]
    pub fn new_libnfc(info: libnfc::Info) -> Self {
        NfcDevice {
            info: DeviceInfo::LibNfc(info),
        }
    }

    #[cfg(feature = "nfc-backend-pcsc")]
    pub fn new_pcsc(info: pcsc::Info) -> Self {
        NfcDevice {
            info: DeviceInfo::Pcsc(info),
        }
    }

    async fn channel_sync(&self) -> Result<NfcChannel<Context>, Error> {
        trace!("nfc channel {:?}", self);
        let mut channel: NfcChannel<Context> = match &self.info {
            #[cfg(feature = "nfc-backend-libnfc")]
            DeviceInfo::LibNfc(info) => info.channel(),
            #[cfg(feature = "nfc-backend-pcsc")]
            DeviceInfo::Pcsc(info) => info.channel(),
        }?;

        channel.select_fido2().await?;
        Ok(channel)
    }
}

#[async_trait]
impl<'d> Device<'d, Nfc, NfcChannel<Context>> for NfcDevice {
    async fn channel(&'d mut self) -> Result<NfcChannel<Context>, Error> {
        self.channel_sync().await
    }
}

async fn is_fido(device: &NfcDevice) -> bool {
    async fn inner(device: &NfcDevice) -> Result<bool, Error> {
        let chan = device.channel_sync().await?;
        let protocols = chan.supported_protocols().await?;
        Ok(protocols.fido2 || protocols.u2f)
    }

    inner(device).await.is_ok()
}

#[instrument]
/// Returns Ok(None) if no devices are found, otherwise returns
/// the first device found by either NFC-backend.
pub async fn get_nfc_device() -> Result<Option<NfcDevice>, Error> {
    // See https://github.com/linux-credentials/libwebauthn/issues/154 for
    // why we only return the first found device here.
    // We'd otherwise need to deduplicate found devices here, as
    // we'll potentially have the same device discovered by
    // both backends and thus added multiple times to the list.
    let list_devices_fns = [
        #[cfg(feature = "nfc-backend-libnfc")]
        libnfc::list_devices,
        #[cfg(feature = "nfc-backend-pcsc")]
        pcsc::list_devices,
    ];

    for list_devices in list_devices_fns {
        for device in list_devices()? {
            if is_fido(&device).await {
                return Ok(Some(device));
            }
        }
    }

    Ok(None)
}

#[instrument]
pub fn is_nfc_available() -> bool {
    let mut available = false;
    #[cfg(feature = "nfc-backend-libnfc")]
    {
        available |= libnfc::is_nfc_available();
    }
    #[cfg(feature = "nfc-backend-pcsc")]
    {
        available |= pcsc::is_nfc_available();
    }

    available
}