passkey_types/ctap2/
aaguid.rs

1use serde::{Deserialize, Serialize};
2
3/// An Authenticator Attestation GUID is a 128-bit identifier.
4///
5/// This should be used to indicate the type (e.g. make and model) of an Authenticator. The [spec]
6/// recommends this to be identical accross all substantially identical authenticators made by the
7/// same manufacturer so that Relying Parties may use it to infer properties of the authenticator.
8///
9/// For privacy reasons we do not recomend this as it can be used for PII, therefore we provide a
10/// way to generate an empty AAGUID where it is only `0`s. This the typical AAGUID used when doing
11/// self or no attestation.
12///
13/// [spec]: https://w3c.github.io/webauthn/#sctn-authenticator-model
14/// [RFC4122]: https://www.rfc-editor.org/rfc/rfc4122
15#[derive(Debug, Copy, Clone, PartialEq, Eq)]
16pub struct Aaguid(pub [u8; Self::LEN]);
17
18impl Aaguid {
19    const LEN: usize = 16;
20
21    /// Generate empty AAGUID
22    pub const fn new_empty() -> Self {
23        Self([0; 16])
24    }
25}
26
27impl Default for Aaguid {
28    fn default() -> Self {
29        Self::new_empty()
30    }
31}
32
33impl From<[u8; 16]> for Aaguid {
34    fn from(inner: [u8; 16]) -> Self {
35        Aaguid(inner)
36    }
37}
38
39impl Serialize for Aaguid {
40    fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
41    where
42        S: serde::Serializer,
43    {
44        serializer.serialize_bytes(&self.0)
45    }
46}
47
48impl<'de> Deserialize<'de> for Aaguid {
49    fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
50    where
51        D: serde::Deserializer<'de>,
52    {
53        struct AaguidVisitior;
54        impl serde::de::Visitor<'_> for AaguidVisitior {
55            type Value = Aaguid;
56
57            fn expecting(&self, f: &mut std::fmt::Formatter) -> std::fmt::Result {
58                write!(f, "A byte string of {} bytes long", Aaguid::LEN)
59            }
60
61            fn visit_bytes<E>(self, v: &[u8]) -> Result<Self::Value, E>
62            where
63                E: serde::de::Error,
64            {
65                v.try_into().map(Aaguid).map_err(|_| {
66                    E::custom(format!("Byte string of len {}, is not of len 16", v.len()))
67                })
68            }
69        }
70        deserializer.deserialize_bytes(AaguidVisitior)
71    }
72}
73
74#[cfg(test)]
75mod tests;