pub struct Authenticator { /* private fields */ }Expand description
Open CTAP2 authenticator handle.
Implementations§
Source§impl Authenticator
impl Authenticator
Sourcepub fn open(info: &DeviceInfo) -> Result<Self>
pub fn open(info: &DeviceInfo) -> Result<Self>
Open a device returned by
list_devices. Runs CTAPHID_INIT
to allocate a channel id.
§Errors
[Error::Hid] if hidapi can’t open the path, [Error::Parse] if
the INIT response is malformed.
Sourcepub const fn transport_mut(&mut self) -> &mut Transport
pub const fn transport_mut(&mut self) -> &mut Transport
Borrow the underlying Transport for raw CTAPHID exchanges.
Sourcepub const fn firmware_version(&self) -> (u8, u8, u8)
pub const fn firmware_version(&self) -> (u8, u8, u8)
Firmware version reported in the CTAPHID_INIT response that ran
during Self::open. Tuple is (major, minor, build).
Sourcepub fn info(&mut self) -> Result<&AuthenticatorInfo>
pub fn info(&mut self) -> Result<&AuthenticatorInfo>
Cached authenticatorGetInfo, fetched on first call.
§Errors
Whatever get_info::call propagates: [Error::Ctap],
[Error::Hid], [Error::Cbor].
Sourcepub fn make_credential(
&mut self,
rp_id: &str,
client_data_hash: &[u8; 32],
opts: &MakeCredentialOptions<'_>,
) -> Result<Credential>
pub fn make_credential( &mut self, rp_id: &str, client_data_hash: &[u8; 32], opts: &MakeCredentialOptions<'_>, ) -> Result<Credential>
Create a non-discoverable credential bound to hmac-secret.
Returns the credential id and public key. Persist both: the public
key is required to verify assertion signatures via
Self::get_hmac_secret.
§Errors
PIN/touch/policy failures from CTAP, plus the transport and CBOR errors from the lower layers.
Sourcepub fn pin_retries(&mut self) -> Result<u8>
pub fn pin_retries(&mut self) -> Result<u8>
Remaining PIN attempts. Does not consume one.
§Errors
[Error::Ctap] if the device rejects clientPIN.getPinRetries, or
[Error::Pin] if the response is missing the retry count.
Sourcepub fn get_hmac_secret(
&mut self,
req: &HmacSecretRequest<'_>,
) -> Result<HmacSecretResponse>
pub fn get_hmac_secret( &mut self, req: &HmacSecretRequest<'_>, ) -> Result<HmacSecretResponse>
Return the 32-byte hmac-secret output(s) for the given request.
When req.salt2 is Some, the second slot of the returned tuple
holds the second output. When None, the second slot is None.
§Errors
Same as Self::make_credential, plus
CtapStatus::NoCredentials
when req.cred_id is unknown to the device, and
[Error::MissingExtension] when a salt2 was requested but the
device returned a single-output response.
Sourcepub fn get_next_assertion(&mut self) -> Result<Assertion>
pub fn get_next_assertion(&mut self) -> Result<Assertion>
Fetch the next assertion in a multi-credential sequence. Call once
per remaining credential after Self::get_assertion returns an
Assertion with number_of_credentials > 1.
§Errors
Forwards from get_next_assertion::call.
Sourcepub fn get_assertion(
&mut self,
rp_id: &str,
client_data_hash: &[u8; 32],
allow_list: &[&[u8]],
extensions: Option<Value>,
pin: Option<&str>,
) -> Result<Assertion>
pub fn get_assertion( &mut self, rp_id: &str, client_data_hash: &[u8; 32], allow_list: &[&[u8]], extensions: Option<Value>, pin: Option<&str>, ) -> Result<Assertion>
Run getAssertion. Empty allow_list triggers resident-credential
discovery. extensions is a CBOR map of {name: input}.
§Errors
Forwards from get_assertion::call.
Sourcepub fn probe_credential(
&mut self,
rp_id: &str,
client_data_hash: &[u8; 32],
allow_list: &[&[u8]],
) -> Result<Option<Vec<u8>>>
pub fn probe_credential( &mut self, rp_id: &str, client_data_hash: &[u8; 32], allow_list: &[&[u8]], ) -> Result<Option<Vec<u8>>>
Silent (up=false) allow-list probe: returns the matching
credential id without touch, or None when the device has none
of the candidates. Callers follow up with a touch-requiring
assertion (e.g. Self::get_hmac_secret) to derive the secret.
§Errors
CTAP statuses other than NoCredentials propagate via
[Error::Ctap]. Older firmware rejects up=false outright;
callers should fall back to Self::probe_credential_with_touch.
Sourcepub fn probe_credential_with_touch(
&mut self,
rp_id: &str,
client_data_hash: &[u8; 32],
allow_list: &[&[u8]],
) -> Result<Option<Vec<u8>>>
pub fn probe_credential_with_touch( &mut self, rp_id: &str, client_data_hash: &[u8; 32], allow_list: &[&[u8]], ) -> Result<Option<Vec<u8>>>
Touch-requiring up=true allow-list probe. Fallback for
firmware that rejects Self::probe_credential.
§Errors
CTAP statuses other than NoCredentials propagate via
[Error::Ctap].
Sourcepub fn pin_session(&mut self) -> Result<PinSession>
pub fn pin_session(&mut self) -> Result<PinSession>
Establish a PIN session for amortizing one ECDH across multiple commands.
§Errors
[Error::Pin] if the authenticator’s COSE_Key is malformed,
[Error::Ctap] for transport failures.
Sourcepub fn pin_token(&mut self, session: &PinSession, pin: &str) -> Result<PinToken>
pub fn pin_token(&mut self, session: &PinSession, pin: &str) -> Result<PinToken>
Exchange a PIN for a pinUvAuthToken within an established session.
§Errors
[Error::Ctap] with
CtapStatus::PinInvalid
or PinBlocked.
Sourcepub fn wink(&mut self) -> Result<()>
pub fn wink(&mut self) -> Result<()>
Blink/buzz the device so the user can identify it. Optional per spec.
§Errors
[Error::Ctap] with an invalid-command status on devices that don’t
implement CTAPHID_WINK.
Sourcepub fn cancel(&self) -> Result<()>
pub fn cancel(&self) -> Result<()>
Fire-and-forget CTAPHID_CANCEL. Cannot interrupt your own in-flight
transact. Intended for signal handlers and Drop paths.
§Errors
[Error::Hid] if the underlying HID write fails.
Sourcepub fn reset(&mut self) -> Result<()>
pub fn reset(&mut self) -> Result<()>
Destructive: wipes all credentials and the PIN.
Devices typically require the command within ~10s of insertion and touch within ~30s of the command.
§Errors
[Error::Ctap] if the device rejects the reset (outside the
10s-since-insertion window, or no touch within the 30s grace).