Crate webauthn_rs_core

Webauthn-rs - Webauthn for Rust Server Applications

Webauthn is a standard allowing communication between servers, browsers and authenticators to allow strong, passwordless, cryptographic authentication to be performed. Webauthn is able to operate with many authenticator types, such as U2F.

⚠️ ⚠️ ⚠️ THIS IS UNSAFE. AVOID USING THIS DIRECTLY ⚠️ ⚠️ ⚠️

If possible, use the webauthn-rs crate, and it’s safe wrapper instead!

Webauthn as a standard has many traps that in the worst cases, may lead to bypasses and full account compromises. Many of the features of webauthn are NOT security policy, but user interface hints. Many options can NOT be enforced. webauthn-rs handles these correctly. USE webauthn-rs INSTEAD.

Modules

• attestation
  Attestation information and verification procedures. This contains a transparent type allowing callbacks to make attestation decisions.
• crypto
  Cryptographic operation wrapper for Webauthn. This module exists to allow ease of auditing, safe operation wrappers for the webauthn library, and cryptographic provider abstraction. This module currently uses OpenSSL as the cryptographic primitive provider.
• error
  Possible errors that may occur during Webauthn Operation processing
• fake
  Fake CredentialID generator. See WebauthnFakeCredentialGenerator for more details.
• internals
  Internal structures for parsing webauthn registrations and challenges. This may change at anytime and should not be relied on in your library.
• proto
  Protocol bindings

Structs

• ChallengeAuthenticateBuilder
  A builder allowing customisation of a client authentication challenge.
• ChallengeRegisterBuilder
  A builder allowing customisation of a client registration challenge.
• WebauthnCore
  The Core Webauthn handler.