spec

package

v1.1.5 Latest Latest Go to latest Published: Aug 12, 2023 License: MIT Imports: 15 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/spiretechnology/go-webauthn

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func VerifySignature(publicKey crypto.PublicKey, keyType pubkey.KeyType, ...) (bool, error)
type AttestationObject
- func (o *AttestationObject) AuthenticatorData() (*AuthenticatorData, error)
type AttestedCredential
- func (c *AttestedCredential) Decode(buf []byte) error
type AuthenticatorAssertionResponse
type AuthenticatorAttestationResponse
type AuthenticatorData
- func (a *AuthenticatorData) Decode(buf []byte) error
type ClientData
- func (c *ClientData) DecodeChallenge() (challenge.Challenge, error)
type PubKeyCredParam

Constants ¶

View Source

const (
	// User Present flag.
	AuthDataFlag_UserPresent = 1 << iota
	// Reserved for future use.
	AuthDataFlag_RFU1
	// User Verified flag.
	AuthDataFlag_UserVerified
	// Reserved for future use.
	AuthDataFlag_RFU2
	// Reserved for future use.
	AuthDataFlag_RFU3
	// Reserved for future use.
	AuthDataFlag_RFU4
	// Attested credential data included.
	AuthDataFlag_AttestedCredentialData
	// Extension data included.
	AuthDataFlag_ExtensionData
)

View Source

const (
	// ClientDataTypeCreate is the type of a client data for a registration.
	ClientDataTypeCreate = "webauthn.create"

	// ClientDataTypeGet is the type of a client data for an authentication.
	ClientDataTypeGet = "webauthn.get"
)

Variables ¶

View Source

var CertExtID_FidoGenCEAAGUID = []int{1, 3, 6, 1, 4, 1, 45724, 1, 1, 4}

const id-fido-gen-ce-aaguid

Functions ¶

func VerifySignature ¶

func VerifySignature(publicKey crypto.PublicKey, keyType pubkey.KeyType, signature, clientDataJSON, authData []byte) (bool, error)

VerifySignature verifies the signature of an attestation or assertion.

Types ¶

type AttestationObject ¶

type AttestationObject struct {
	AuthData []byte         `cbor:"authData"`
	Fmt      string         `cbor:"fmt"`
	AttStmt  map[string]any `cbor:"attStmt"`
	// contains filtered or unexported fields
}

AttestationObject represents the structure of the attestation object.

func (*AttestationObject) AuthenticatorData ¶

func (o *AttestationObject) AuthenticatorData() (*AuthenticatorData, error)

type AttestedCredential ¶

type AttestedCredential struct {
	AAGUID            [16]byte
	CredID            []byte
	CredPublicKeyType pubkey.KeyType
	CredPublicKey     crypto.PublicKey
}

func (*AttestedCredential) Decode ¶

func (c *AttestedCredential) Decode(buf []byte) error

type AuthenticatorAssertionResponse ¶

type AuthenticatorAssertionResponse struct {
	AuthData       []byte
	ClientDataJSON []byte
	Signature      []byte
	UserHandle     []byte
	// contains filtered or unexported fields
}

AuthenticatorAssertionResponse is an authentication response.

func (*AuthenticatorAssertionResponse) AuthenticatorData ¶

func (a *AuthenticatorAssertionResponse) AuthenticatorData() (*AuthenticatorData, error)

func (*AuthenticatorAssertionResponse) ClientData ¶

func (a *AuthenticatorAssertionResponse) ClientData() (*ClientData, error)

func (*AuthenticatorAssertionResponse) Verify ¶

func (a *AuthenticatorAssertionResponse) Verify(publicKey crypto.PublicKey, keyType pubkey.KeyType) error

verifyAssertionSignature checks a signed WebAuthn response against the registered public key of the device.

type AuthenticatorAttestationResponse ¶

type AuthenticatorAttestationResponse struct {
	ClientDataJSON        []byte
	AttestationObjectCBOR []byte
	// contains filtered or unexported fields
}

AuthenticatorAttestationResponse is a registration response.

func (*AuthenticatorAttestationResponse) AttestationObject ¶

func (a *AuthenticatorAttestationResponse) AttestationObject() (*AttestationObject, error)

func (*AuthenticatorAttestationResponse) ClientData ¶

func (a *AuthenticatorAttestationResponse) ClientData() (*ClientData, error)

func (*AuthenticatorAttestationResponse) Verify ¶

func (a *AuthenticatorAttestationResponse) Verify() error

Verify checks a signed WebAuthn response against the public key of the device.

type AuthenticatorData ¶

type AuthenticatorData struct {
	RPIDHash           [sha256.Size]byte
	Flags              byte
	SignCount          uint32
	AttestedCredential *AttestedCredential
}

AuthenticatorData represents the authenticator data structure.

func (*AuthenticatorData) Decode ¶

func (a *AuthenticatorData) Decode(buf []byte) error

type ClientData ¶

type ClientData struct {
	Type        string `json:"type"`
	Challenge   string `json:"challenge"`
	Origin      string `json:"origin"`
	CrossOrigin *bool  `json:"crossOrigin,omitempty"`
}

func (*ClientData) DecodeChallenge ¶

func (c *ClientData) DecodeChallenge() (challenge.Challenge, error)

type PubKeyCredParam ¶

type PubKeyCredParam struct {
	Type string `json:"type"`
	Alg  int    `json:"alg"`
}

PubKeyCredParam defines a supported type of public key and its signature algorithm.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL