Enum webauthn_rs_core::interface::AttestationMetadata

source · []
pub enum AttestationMetadata {
    None,
    Packed {
        aaguid: Uuid,
    },
    Tpm {
        aaguid: Uuid,
        firmware_version: u64,
    },
    AndroidKey {
        is_km_tee: bool,
        is_attest_tee: bool,
    },
    AndroidSafetyNet {
        apk_package_name: String,
        apk_certificate_digest_sha256: Vec<Base64UrlSafeData>,
        cts_profile_match: bool,
        basic_integrity: bool,
        evaluation_type: Option<String>,
    },
}
Expand description

The processed Attestation that the Authenticator is providing in it’s AttestedCredentialData. This metadata may allow identification of the device and it’s specific properties.

Variants

None

no metadata available for this device.

Packed

Fields

aaguid: Uuid

This is the unique id of the class/type of device. Often this id can imply the properties of the device.

This is commonly found on Fido Authenticators.

Tpm

Fields

aaguid: Uuid

This is the unique id of the class/type of device. Often this id can imply the properties of the device.

firmware_version: u64

The firmware version of the device at registration. It can NOT be determined if this updates later, which may require you to re-register the device if you need to enforce a version update.

This is found on TPM authenticators.

AndroidKey

Fields

is_km_tee: bool

is the key master running in a Trusted Execution Environment

is_attest_tee: bool

did the attestation come from a Trusted Execution Environment

various attestation flags set by the device (attested by OS)

AndroidSafetyNet

Fields

apk_package_name: String

the name of apk that originated this key operation

apk_certificate_digest_sha256: Vec<Base64UrlSafeData>

cert chain for this apk

cts_profile_match: bool

A stricter verdict of device integrity. If the value of ctsProfileMatch is true, then the profile of the device running your app matches the profile of a device that has passed Android compatibility testing and has been approved as a Google-certified Android device.

basic_integrity: bool

A more lenient verdict of device integrity. If only the value of basicIntegrity is true, then the device running your app likely wasn’t tampered with. However, the device hasn’t necessarily passed Android compatibility testing.

evaluation_type: Option<String>

Types of measurements that contributed to the current API response

various attestation flags set by the device (attested via safety-net) https://developer.android.com/training/safetynet/attestation#use-response-server

Trait Implementations

Returns a copy of the value. Read more
Performs copy-assignment from source. Read more
Formats the value using the given formatter. Read more
Deserialize this value from the given Serde deserializer. Read more
Serialize this value into the given Serde serializer. Read more

Auto Trait Implementations

Blanket Implementations

Gets the TypeId of self. Read more
Immutably borrows from an owned value. Read more
Mutably borrows from an owned value. Read more

Returns the argument unchanged.

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Instruments this type with the current Span, returning an Instrumented wrapper. Read more

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

The resulting type after obtaining ownership.
Creates owned data from borrowed data, usually by cloning. Read more
Uses borrowed data to replace owned data, usually by cloning. Read more
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more