Authenticator

fido_authenticator

Struct Authenticator 

Source 
pub struct Authenticator<UP, T>
where
    UP: UserPresence,
{ /* private fields */ }
Expand description

Trussed® app implementing a FIDO authenticator.

It implements the ctap_types::ctap1::Authenticator and ctap_types::ctap2::Authenticator traits, which, in turn, express the interfaces defined in the CTAP specification.

The type parameter T selects a Trussed® client implementation, which must meet the TrussedRequirements in our implementation.

NB: T should be the first parameter, UP should default to Conforming, and probably UP shouldn’t be a generic parameter at all, at least not this kind.

Implementations§

Source§

impl<UP, T> Authenticator<UP, T>
where UP: UserPresence, T: TrussedRequirements,

Source

pub fn new(trussed: T, up: UP, config: Config) -> Self

Trait Implementations§

Source§

impl<UP, T, const N: usize> App<'static, N> for Authenticator<UP, T>
where UP: UserPresence, T: TrussedRequirements,

Source§

fn commands(&self) -> &'static [Command]

Define which CTAPHID commands to register to.
Source§

fn call( &mut self, command: Command, request: &[u8], response: &mut Bytes<N>, ) -> Result<(), Error>

Application is called here when one of it’s register commands occurs. Application must put response in @message, or decide to return an error. Read more
Source§

fn interrupt(&self) -> Option<&'static InterruptFlag>

Get access to the app interrupter
Source§

impl<UP, T, const R: usize> App<R> for Authenticator<UP, T>
where UP: UserPresence, T: TrussedRequirements,

Source§

fn select( &mut self, interface: Interface, _: CommandView<'_>, reply: &mut Data<R>, ) -> Result

Given parsed APDU for select command. Write response data back to buf, and return length of payload. Return APDU Error code on error. Alternatively, the app can defer the response until later by returning it in poll().
Source§

fn deselect(&mut self)

Deselects the app. This is the result of another app getting selected. App should clear any sensitive state and reset security indicators.
Source§

fn call( &mut self, interface: Interface, apdu: CommandView<'_>, response: &mut Data<R>, ) -> Result

Given parsed APDU for app when selected. Write response data back to buf, and return length of payload. Return APDU Error code on error.
Source§

impl<UP, T> App for Authenticator<UP, T>
where UP: UserPresence,

Source§

fn aid(&self) -> Aid

Source§

impl<UP: UserPresence, T: TrussedRequirements> Authenticator for Authenticator<UP, T>

Implement ctap1::Authenticator for our Authenticator.

§References

The “proposed standard” of U2F V1.2 applies to CTAP1.

Source§

fn register(&mut self, reg: &Request<'_>) -> Result<Response>

Register a new credential, this always uses P-256 keys.

Note that attestation is mandatory in CTAP1/U2F, so if the state is not provisioned with a key/cert, this method will fail. https://fidoalliance.org/specs/fido-u2f-v1.2-ps-20170411/fido-u2f-raw-message-formats-v1.2-ps-20170411.html#registration-request-message---u2f_register

Also note that CTAP1 credentials should be assertable over CTAP2. I believe this is currently not the case.

Source§

fn authenticate(&mut self, auth: &Request<'_>) -> Result<Response>

Authenticate with a U2F credential.
Source§

fn version() -> [u8; 6]

Supported U2F version.
Source§

fn call_ctap1(&mut self, request: &Request<'_>) -> Result<Response, Status>

Source§

impl<UP: UserPresence, T: TrussedRequirements> Authenticator for Authenticator<UP, T>

Implement ctap2::Authenticator for our Authenticator.

Source§

fn get_info(&mut self) -> Response

Source§

fn get_next_assertion(&mut self) -> Result<Response>

Source§

fn make_credential(&mut self, parameters: &Request<'_>) -> Result<Response>

Source§

fn reset(&mut self) -> Result<()>

Source§

fn selection(&mut self) -> Result<()>

Source§

fn client_pin(&mut self, parameters: &Request<'_>) -> Result<Response>

Source§

fn credential_management( &mut self, parameters: &Request<'_>, ) -> Result<Response>

Source§

fn vendor(&mut self, op: VendorOperation) -> Result<()>

Source§

fn get_assertion(&mut self, parameters: &Request<'_>) -> Result<Response>

Source§

fn large_blobs(&mut self, request: &Request<'_>) -> Result<Response>

Source§

fn call_ctap2(&mut self, request: &Request<'_>) -> Result<Response, Error>

Dispatches the enum of possible requests into the appropriate trait method.

Auto Trait Implementations§

§

impl<UP, T> Freeze for Authenticator<UP, T>
where T: Freeze, UP: Freeze,

§

impl<UP, T> RefUnwindSafe for Authenticator<UP, T>
where T: RefUnwindSafe, UP: RefUnwindSafe,

§

impl<UP, T> Send for Authenticator<UP, T>
where T: Send, UP: Send,

§

impl<UP, T> Sync for Authenticator<UP, T>
where T: Sync, UP: Sync,

§

impl<UP, T> Unpin for Authenticator<UP, T>
where T: Unpin, UP: Unpin,

§

impl<UP, T> UnwindSafe for Authenticator<UP, T>
where T: UnwindSafe, UP: UnwindSafe,

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<A> Rpc<Error, Request<'_>, Response> for A
where A: Authenticator,

Source§

fn call(&mut self, request: &Request<'_>) -> Result<Response, Error>

Dispatches the enum of possible requests into the appropriate trait method.

Source§

impl<A> Rpc<Status, Request<'_>, Response> for A
where A: Authenticator,

Source§

fn call(&mut self, request: &Request<'_>) -> Result<Response, Status>

Dispatches the enum of possible requests into the appropriate trait method.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<A> Authenticator for A
where A: Authenticator + Authenticator,