Crate webauthn_rs_core
source ·Expand description
Webauthn-rs - Webauthn for Rust Server Applications
Webauthn is a standard allowing communication between servers, browsers and authenticators to allow strong, passwordless, cryptographic authentication to be performed. Webauthn is able to operate with many authenticator types, such as U2F.
⚠️ ⚠️ ⚠️ THIS IS UNSAFE. AVOID USING THIS DIRECTLY ⚠️ ⚠️ ⚠️
If possible, use the webauthn-rs
crate, and it’s safe wrapper instead!
Webauthn as a standard has many traps that in the worst cases, may lead to
bypasses and full account compromises. Many of the features of webauthn are
NOT security policy, but user interface hints. Many options can NOT be
enforced. webauthn-rs
handles these correctly. USE webauthn-rs
INSTEAD.
Modules§
- Attestation information and verification procedures. This contains a transparent type allowing callbacks to make attestation decisions.
- Cryptographic operation wrapper for Webauthn. This module exists to allow ease of auditing, safe operation wrappers for the webauthn library, and cryptographic provider abstraction. This module currently uses OpenSSL as the cryptographic primitive provider.
- Possible errors that may occur during Webauthn Operation processing
- Fake
CredentialID
generator. See WebauthnFakeCredentialGenerator for more details. - Internal structures for parsing webauthn registrations and challenges. This may change at anytime and should not be relied on in your library.
- Protocol bindings
Structs§
- A builder allowing customisation of a client authentication challenge.
- A builder allowing customisation of a client registration challenge.
- The Core Webauthn handler.