Documentation ¶
Index ¶
- Constants
- func GetAttestationObject(authDataBytes, clientData []byte, keyHandle string, ...) string
- func GetAuthDataAndPrivateKey(rpID, keyHandle string) (authDataStr string, authData []byte, privateKey *ecdsa.PrivateKey)
- func GetClientDataJson(ceremonyType, challenge, rpOrigin string) (string, []byte)
- func U2fRegistration(w http.ResponseWriter, r *http.Request)
- type AttObjectClientData
- type ClientData
- type DsaSignature
- type U2fRegistrationResponse
Constants ¶
const ( DefaultKeyHandle = `U2fSimulatorKey` // Using this instead of rand.Reader, in order to have consistent // private and public keys, which allows for comparison when tests fail BigStrNotRandom1 = "11111111111111111111111111111111111111111" // The authenticatorData value includes bytes that refer to these flags. // Multiple flags can be combined through addition. For example, // including the UserPresent (UP) and AttestedCredentialData (AT) flags would be done // by using the value 65. // AT(64) + UP(1) = 65 AttObjFlagUserPresent_UP = 1 AttObjFlagUserVerified_UV = 2 AttObjFlagAttestedCredData_AT = 64 AttObjFlagExtensionData_ED = 128 )
Variables ¶
This section is empty.
Functions ¶
func GetAttestationObject ¶
func GetAttestationObject(authDataBytes, clientData []byte, keyHandle string, privateKey *ecdsa.PrivateKey, rpOrigin string) string
GetAttestationObject builds an attestation object for a webauth registration.
func GetAuthDataAndPrivateKey ¶
func GetAuthDataAndPrivateKey(rpID, keyHandle string) (authDataStr string, authData []byte, privateKey *ecdsa.PrivateKey)
GetAuthDataAndPrivateKey return the authentication data as a string and as a byte slice and also returns the private key
func GetClientDataJson ¶
func U2fRegistration ¶
func U2fRegistration(w http.ResponseWriter, r *http.Request)
U2fRegistration is intended to assist with automated testing by returning to an api server something similar to what a client would return following a registration ceremony with a U2F key
It expects a POST call with the following elements in the body/form
"challenge" "keyHandle" (optional)
(Although the api server wouldn't normally deal with a challenge and keyHandle, including them here allows for more predictability with the test results.)
It also expects the following headers to be set on the request
"x-mfa-RPID" "x-mfa-RPOrigin" "x-mfa-UserUUID"
Types ¶
type AttObjectClientData ¶
type ClientData ¶
type ClientData struct { Typ string `json:"type"` Challenge string `json:"challenge"` Origin string `json:"origin"` CIDPublicKey json.RawMessage `json:"cid_pubkey"` }
ClientData as defined by the FIDO U2F Raw Message Formats specification.
type DsaSignature ¶
Internal type for ASN1 coercion
func GetASN1Signature ¶
func GetASN1Signature(notRandom io.Reader, privateKey *ecdsa.PrivateKey, sha256Digest []byte) (DsaSignature, []byte)
GetASN1Signature signs a hash (which should be the result of hashing a larger message) using the private key.