CredentialV5

webauthn_rs_core::proto

Struct CredentialV5 

Source 
pub struct CredentialV5 {
    pub cred_id: CredentialID,
    pub cred: COSEKey,
    pub counter: Counter,
    pub transports: Option<Vec<AuthenticatorTransport>>,
    pub user_verified: bool,
    pub backup_eligible: bool,
    pub backup_state: bool,
    pub registration_policy: UserVerificationPolicy,
    pub extensions: RegisteredExtensions,
    pub attestation: ParsedAttestation,
    pub attestation_format: AttestationFormat,
}
Expand description

A user’s authenticator credential. It contains an id, the public key and a counter of how many times the authenticator has been used.

Fields§

§cred_id: CredentialID

The ID of this credential.

§cred: COSEKey

The public key of this credential

§counter: Counter

The counter for this credential

§transports: Option<Vec<AuthenticatorTransport>>

The set of transports this credential indicated it could use. This is NOT a security property, but a hint for the browser and the user experience to how to communicate to this specific device.

§user_verified: bool

During registration, if this credential was verified then this is true. If not it is false. This is based on the policy at the time of registration of the credential.

This is a deviation from the Webauthn specification, because it clarifies the user experience of the credentials to UV being a per-credential attribute, rather than a per-authentication ceremony attribute. For example it can be surprising to register a credential as un-verified but then to use verification with it in the future.

§backup_eligible: bool

During registration, this credential indicated that it may be possible for it to exist between multiple hardware authenticators, or be backed up.

This means the private key is NOT sealed within a hardware cryptograhic processor, and may have impacts on your risk assessments and modeling.

§backup_state: bool

This credential has indicated that it is currently backed up OR that it is shared between multiple devices.

§registration_policy: UserVerificationPolicy

During registration, the policy that was requested from this credential. This is used to understand if the how the verified component interacts with the device, i.e. an always verified authenticator vs one that can dynamically request it.

§extensions: RegisteredExtensions

The set of extensions that were verified at registration, that can be used in future authentication attempts

§attestation: ParsedAttestation

The attestation certificate of this credential, including parsed metadata from the credential.

§attestation_format: AttestationFormat

the format of the attestation

Implementations§

Source§

impl CredentialV5

Source

pub fn verify_attestation<'a>( &self, ca_list: &'a AttestationCaList, ) -> Result<Option<&'a AttestationCa>, WebauthnError>

Re-verify this Credential’s attestation chain. This re-applies the same process for certificate authority verification that occurred at registration. This can be useful if you want to re-assert your credentials match an updated or changed ca_list from the time that registration occurred. This can also be useful to re-determine certain properties of your device that may exist.

Trait Implementations§

Source§

impl Clone for CredentialV5

Source§

fn clone(&self) -> CredentialV5

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for CredentialV5

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<'de> Deserialize<'de> for CredentialV5

Source§

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
Source§

impl Serialize for CredentialV5

Source§

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>
where __S: Serializer,

Serialize this value into the given Serde serializer. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<'a, T, E> AsTaggedExplicit<'a, E> for T
where T: 'a,

Source§

fn explicit(self, class: Class, tag: u32) -> TaggedParser<'a, Explicit, Self, E>

Source§

impl<'a, T, E> AsTaggedImplicit<'a, E> for T
where T: 'a,

Source§

fn implicit( self, class: Class, constructed: bool, tag: u32, ) -> TaggedParser<'a, Implicit, Self, E>

Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,

Source§

impl<T> ErasedDestructor for T
where T: 'static,