ctap2

package
v0.2.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 6, 2026 License: MIT Imports: 4 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	CmdMakeCredential = 0x01
	CmdGetAssertion   = 0x02
	CmdGetInfo        = 0x04
)

CTAP2 command codes (first byte of CmdCbor payload).

View Source 
const (
	StatusOK                 = byte(0x00)
	StatusInvalidCbor        = byte(0x12)
	StatusCredentialExcluded = byte(0x19) // credential in excludeList already exists
	StatusUnsupportedAlg     = byte(0x26)
	StatusOperationDenied    = byte(0x27)
	StatusInvalidOption      = byte(0x2C) // uv=true but authenticator cannot verify identity
	StatusNoCredentials      = byte(0x2E)
	StatusUserActionTimeout  = byte(0x2F) // CTAP 2.1 §8.2 / FIDO_ERR_USER_ACTION_TIMEOUT
	StatusNotAllowed         = byte(0x30)
	StatusUVInvalid          = byte(0x3F)
)

CTAP2 status codes (first byte of CmdCbor response).

View Source 
const (
	AuthFlagUP = byte(0x01) // User Present
	AuthFlagUV = byte(0x04) // User Verified — only set when identity was verified (e.g. biometric)
	AuthFlagAT = byte(0x40) // Attested Credential Data present (MakeCredential only)
)

authenticatorData flags (WebAuthn §6.1).

Variables

This section is empty.

Functions

This section is empty.

Types

type CredDescriptor 

type CredDescriptor struct {
	Type string `cbor:"type"`
	ID   []byte `cbor:"id"`
}

type CredParam 

type CredParam struct {
	Type string `cbor:"type"`
	Alg  int    `cbor:"alg"`
}

type CredStore 

type CredStore struct {
	// contains filtered or unexported fields
}

CredStore persists resident credentials at ~/.config/linux-id/creds.json.

func NewCredStore 

func NewCredStore() *CredStore

NewCredStore returns a CredStore backed by ~/.config/linux-id/creds.json.

func (*CredStore) FindByRPID 

func (cs *CredStore) FindByRPID(rpIdHash []byte) ([]StoredCredential, error)

FindByRPID returns all credentials whose RPIDHash matches.

func (*CredStore) Save 

func (cs *CredStore) Save(c StoredCredential) error

Save appends c to the store, replacing any existing entry with the same CredID.

type GetAssertOptions 

type GetAssertOptions struct {
	UV bool `cbor:"uv,omitempty"`
}

type GetAssertionRequest 

type GetAssertionRequest struct {
	RPID           string            `cbor:"1,keyasint"`
	ClientDataHash []byte            `cbor:"2,keyasint"`
	AllowList      []CredDescriptor  `cbor:"3,keyasint,omitempty"`
	Options        *GetAssertOptions `cbor:"5,keyasint,omitempty"`
}

GetAssertionRequest is the CTAP2 0x02 authenticatorGetAssertion request.

type MakeCredOptions 

type MakeCredOptions struct {
	RK bool `cbor:"rk,omitempty"`
	UV bool `cbor:"uv,omitempty"`
}

type MakeCredentialRequest 

type MakeCredentialRequest struct {
	ClientDataHash   []byte           `cbor:"1,keyasint"`
	RP               RPEntity         `cbor:"2,keyasint"`
	User             UserEntity       `cbor:"3,keyasint"`
	PubKeyCredParams []CredParam      `cbor:"4,keyasint"`
	ExcludeList      []CredDescriptor `cbor:"5,keyasint,omitempty"`
	Options          *MakeCredOptions `cbor:"7,keyasint,omitempty"`
}

MakeCredentialRequest is the CTAP2 0x01 authenticatorMakeCredential request.

type RPEntity 

type RPEntity struct {
	ID   string `cbor:"id"`
	Name string `cbor:"name,omitempty"`
}

type StoredCredential 

type StoredCredential struct {
	CredID      []byte `json:"credId"`
	RPIDHash    []byte `json:"rpIdHash"`
	RPID        string `json:"rpId"`
	RPName      string `json:"rpName"`
	UserID      []byte `json:"userId"`
	UserName    string `json:"userName"`
	DisplayName string `json:"displayName"`
}

StoredCredential is a resident credential entry persisted to disk.

type UserEntity 

type UserEntity struct {
	ID          []byte `cbor:"id"`
	Name        string `cbor:"name,omitempty"`
	DisplayName string `cbor:"displayName,omitempty"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.