credential

package

v0.1.1 Latest Latest Go to latest Published: Feb 25, 2022 License: BSD-3-Clause Imports: 1 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/teamhanko/webauthn-go

Documentation ¶

Index ¶

type Authenticator
- func (a *Authenticator) CheckCounter(authDataCount uint32) error
- func (a *Authenticator) UpdateCounter(authDataCount uint32)
type Credential
type CredentialService

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Authenticator ¶

type Authenticator struct {
	// The AAGUID of the authenticator. An AAGUID is defined as an array containing the globally unique
	// identifier of the authenticator model being sought.
	AAGUID []byte
	// SignCount -Upon a new login operation, the Relying Party compares the stored signature counter value
	// with the new signCount value returned in the assertion’s authenticator data. If this new
	// signCount value is less than or equal to the stored value, a cloned authenticator may
	// exist, or the authenticator may be malfunctioning.
	SignCount uint32
}

func (*Authenticator) CheckCounter ¶

func (a *Authenticator) CheckCounter(authDataCount uint32) error

VerifyCounter Step 17 of §7.2. about verifying attestation. If the signature counter value authData.signCount is nonzero or the value stored in conjunction with credential’s id attribute is nonzero, then run the following sub-step:

If the signature counter value authData.signCount is

→ Greater than the signature counter value stored in conjunction with credential’s id attribute.
Update the stored signature counter value, associated with credential’s id attribute, to be the value of
authData.signCount.

→ Less than or equal to the signature counter value stored in conjunction with credential’s id attribute.
This is a signal that the authenticator may be cloned.

func (*Authenticator) UpdateCounter ¶

func (a *Authenticator) UpdateCounter(authDataCount uint32)

type Credential ¶

type Credential struct {
	// A probabilistically-unique byte sequence identifying a public key credential source and its authentication assertions.
	ID []byte
	// The public key portion of a Relying Party-specific credential key pair, generated by an authenticator and returned to
	// a Relying Party at registration time (see also public key credential). The private key portion of the credential key
	// pair is known as the credential private key. Note that in the case of self attestation, the credential key pair is also
	// used as the attestation key pair, see self attestation for details.
	PublicKey []byte
	// The attestation format used (if any) by the authenticator when creating the credential.
	AttestationType string
	// Indicates if the credential was created with userVerification
	UserVerification bool
	// The Authenticator information for a given certificate
	Authenticator Authenticator
}

Credential contains all needed information about a WebAuthn credential for storage

type CredentialService ¶

type CredentialService interface {
	ExistsCredential(credentialId []byte) (bool, error)
	GetCredential(credentialId []byte) (cred *Credential, userId []byte, err error)
	GetCredentialForUser(userId []byte) ([]Credential, error)
}

TODO: Doc

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL