revamp extensions
This commit is contained in:
@@ -2,7 +2,7 @@ extern crate ctap_hmac as ctap;
|
||||
|
||||
use crypto::digest::Digest;
|
||||
use crypto::sha2::Sha256;
|
||||
use ctap::extensions::hmac::HmacExtension;
|
||||
use ctap::extensions::{self, FidoExtensionResponseParserExt};
|
||||
use ctap::{FidoAssertionRequestBuilder, FidoCredential, FidoCredentialRequestBuilder};
|
||||
use hex;
|
||||
use std::env::args;
|
||||
@@ -16,14 +16,13 @@ fn main() -> ctap::FidoResult<()> {
|
||||
let mut devices = ctap::get_devices()?;
|
||||
let device_info = &mut devices.next().expect("No authenticator found");
|
||||
let mut device = ctap::FidoDevice::new(device_info)?;
|
||||
|
||||
let credential = match args().skip(1).next().map(|h| FidoCredential {
|
||||
let credential = match args().nth(1).map(|h| FidoCredential {
|
||||
id: hex::decode(&h).expect("Invalid credential"),
|
||||
public_key: None,
|
||||
}) {
|
||||
Some(cred) => cred,
|
||||
_ => {
|
||||
let req = FidoCredentialRequestBuilder::default()
|
||||
let mut req = FidoCredentialRequestBuilder::default()
|
||||
.rp_id(RP_ID)
|
||||
.rp_name("ctap_hmac crate")
|
||||
.user_name("example")
|
||||
@@ -31,9 +30,16 @@ fn main() -> ctap::FidoResult<()> {
|
||||
.build()
|
||||
.unwrap();
|
||||
|
||||
assert!(
|
||||
&device.supports_extension::<extensions::HmacSecret>(),
|
||||
"Your device does not support the hmac extension"
|
||||
);
|
||||
let hmac = extensions::HmacSecret::new();
|
||||
req.with_extension(&hmac)?;
|
||||
dbg!(&req);
|
||||
println!("Authorize using your device");
|
||||
let cred = device
|
||||
.make_hmac_credential(&req)
|
||||
let cred = req
|
||||
.make_credential(&mut device)
|
||||
.expect("Failed to request credential");
|
||||
println!("Credential: {}\nNote: You can pass this credential as first argument in order to reproduce results", hex::encode(&cred.id));
|
||||
cred
|
||||
@@ -52,12 +58,15 @@ fn main() -> ctap::FidoResult<()> {
|
||||
digest.input(&message.as_bytes());
|
||||
digest.result(&mut salt);
|
||||
let credential = &&credential;
|
||||
let request = FidoAssertionRequestBuilder::default()
|
||||
let hmac = extensions::HmacSecret::new().for_device(&mut device, &salt, None)?;
|
||||
let mut request = FidoAssertionRequestBuilder::default()
|
||||
.rp_id(RP_ID)
|
||||
.credential(credential)
|
||||
.build()
|
||||
.unwrap();
|
||||
let (_cred, (hash1, _hash2)) = device.get_hmac_assertion(&request, &salt, None)?;
|
||||
request.with_extension(&hmac)?;
|
||||
let (_cred, auth_data) = device.get_assertion(&request)?;
|
||||
let (hash1, _hash2) = auth_data.parse_extension_data(&hmac)?;
|
||||
println!("Hash: {}", hex::encode(&hash1));
|
||||
Ok(())
|
||||
}
|
||||
|
Reference in New Issue
Block a user