FIDO2

fido_mds

Struct FIDO2 

Source 
pub struct FIDO2 {
Show 20 fields
    pub aaguid: Uuid,
    pub description: String,
    pub alternative_descriptions: BTreeMap<String, String>,
    pub authenticator_version: u32,
    pub authentication_algorithms: Vec<AuthenticationAlgorithm>,
    pub public_key_alg_and_encodings: Vec<PublicKeyAlg>,
    pub attestation_types: Vec<AttestationType>,
    pub user_verification_details: Vec<Vec<UserVerificationMethod>>,
    pub key_protection: Vec<KeyProtection>,
    pub is_key_restricted: bool,
    pub is_fresh_user_verification_required: bool,
    pub attestation_root_certificates: Vec<Vec<u8>>,
    pub ecdaa_trust_anchors: Vec<EcdaaAnchor>,
    pub supported_extensions: Vec<ExtensionDescriptor>,
    pub authenticator_get_info: Option<AuthenticatorGetInfo>,
    pub status_reports: BTreeSet<StatusReport>,
    pub time_of_last_status_change: String,
    pub inconsistent_data: bool,
    pub patched_data: bool,
    pub multi_device_credential_support: MultiDeviceCredentialSupport,

}
Expand description

A metadata statement describing a FIDO2 device.

Fields§

§aaguid: Uuid

The AAGUID (UUID, Universally Unique IDentifier) that identifies this device.

§description: String

A description of the device in English

§alternative_descriptions: BTreeMap<String, String>

Descriptions of the device, mapped from language to description.

§authenticator_version: u32

The latest firmware version of the device.

§authentication_algorithms: Vec<AuthenticationAlgorithm>

The supported cryptographic algorithms this device supports.

§public_key_alg_and_encodings: Vec<PublicKeyAlg>

The encoding of the devices public key when registered

§attestation_types: Vec<AttestationType>

The types of attestation format that device may provide

§user_verification_details: Vec<Vec<UserVerificationMethod>>

A matrix of user verification methods this device supports. The outer matrix is a list of OR methods, the inner list is AND methods. For example, consider:

[ [ { uvm: None } ], // OR [ { uvm: PresenceInternal } ], // OR [ { uvm: PresenceInternal }, { uvm: PasscodeExternal }, ], ]

This is a common configuration found on many devices where it supports signatures with no verification, signatures with touch-only, and signatures with touch and a passcode. These bits are represented via the User Presence and User Verification booleans inside of the attested credential data. Webauthn for example will always require at least presence.

§key_protection: Vec<KeyProtection>

The methods of supported private key protection this device supports.

§is_key_restricted: bool

If this device is restricted to only sign FIDO signature assertions. If false the device may be used to sign any arbitrary data. If true the device may only be used with FIDO (Webauthn) requests.

§is_fresh_user_verification_required: bool

If true the device requires user verification for each operation it performs. If false the device may cache the user verification for a short time. Consider a token that requires a PIN - it may cache this for a small amount of time so that the user only requires presence.

§attestation_root_certificates: Vec<Vec<u8>>

A list of DER root certificates that may have signed this model of authenticators attestation.

§ecdaa_trust_anchors: Vec<EcdaaAnchor>

A list of ECDAA root anchors that may have signed this model of authenticators attestation.

§supported_extensions: Vec<ExtensionDescriptor>

A list of extensions that this device supports.

§authenticator_get_info: Option<AuthenticatorGetInfo>

If supported, the output of CTAP2.0+ authenticatorGetInfo command from a “factory new” device.

§status_reports: BTreeSet<StatusReport>

A list of status reports about this device.

§time_of_last_status_change: String

The time this device was last updated.

§inconsistent_data: bool

These data as supplied from FIDO is inconsistent for this device, and may contain omissions or errors. In some cases the webauthn-rs project has patched these data to correct these which is indicated by the “patched” flag.

§patched_data: bool

These data have been patched by the webauthn-rs project to repair flaws in the MDS that are provided by FIDO. These patches are created by the project observing the device and providing this.

§multi_device_credential_support: MultiDeviceCredentialSupport

If the device supports multiple credentials

Trait Implementations§

Source§

impl Clone for FIDO2

Source§

fn clone(&self) -> FIDO2

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for FIDO2

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Display for FIDO2

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Auto Trait Implementations§

§

impl Freeze for FIDO2

§

impl RefUnwindSafe for FIDO2

§

impl Send for FIDO2

§

impl Sync for FIDO2

§

impl Unpin for FIDO2

§

impl UnwindSafe for FIDO2

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T> ToString for T
where T: Display + ?Sized,

Source§

fn to_string(&self) -> String

Converts the given value to a String. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more