Struct passkey_types::u2f::RegisterResponse
source · pub struct RegisterResponse {
pub public_key: PublicKey,
pub key_handle: Vec<u8>,
pub attestation_certificate: Vec<u8>,
pub signature: Vec<u8>,
}
Expand description
Register response payload
This message is output by the U2F token once it created a new keypair in response to the registration request message. Note that U2F tokens SHOULD verify user presence before returning a registration response success message (otherwise they SHOULD return a test-of-user-presence-required message - see above).
Fields§
§public_key: PublicKey
This is the (uncompressed) x,y-representation of a curve point on the P-256 NIST elliptic curve. User’s new public key
key_handle: Vec<u8>
This a handle that allows the U2F token to identify the generated key pair. U2F tokens MAY wrap the generated private key and the application id it was generated for, and output that as the key handle.
attestation_certificate: Vec<u8>
This is a certificate in X.509 DER format. Parsing of the X.509 certificate unambiguously establishes its ending.
signature: Vec<u8>
This is a ECDSA signature (on P-256) over the following byte string:
- A byte reserved for future use [1 byte] with the value 0x00.
- The application parameter [32 bytes] from the registration request message.
- The challenge parameter [32 bytes] from the registration request message.
- The above key handle [variable length]. (Note that the key handle length is not included in the signature base string. This doesn’t cause confusion in the signature base string, since all other parameters in the signature base string are fixed-length.)
- The above user public key [65 bytes].