View information about the connected Authenticator.
Spec: 6.4. authenticatorGetInfo (0x04)
use ctap_hid_fido2::{Cfg, FidoKeyHidFactory};
fn main() {
println!("get_info()");
let device = FidoKeyHidFactory::create(&Cfg::init()).unwrap();
let info = device.get_info().unwrap();
println!("{}", info);
}
console
get_info()
- versions = ["U2F_V2", "FIDO_2_0", "FIDO_2_1_PRE", "FIDO_2_1"]
- extensions = ["credProtect", "hmac-secret", "largeBlobKey", "credBlob", "minPinLength"]
- aaguid(16) = D8522D9F575B486688A9BA99FA02F35B
- options = [("rk", true), ("up", true), ("uv", true), ("plat", false), ("uvToken", true), ("alwaysUv", true), ("credMgmt", true), ("authnrCfg", true), ("bioEnroll", true), ("clientPin", true), ("largeBlobs", true), ("pinUvAuthToken", true), ("setMinPINLength", true), ("makeCredUvNotRqd", false), ("credentialMgmtPreview", true), ("userVerificationMgmtPreview", true)]
- max_msg_size = 1200
- pin_uv_auth_protocols = [2, 1]
- max_credential_count_in_list = 8
- max_credential_id_length = 128
- transports = ["usb"]
- algorithms = [("alg", "-7"), ("type", "public-key"), ("alg", "-8"), ("type", "public-key")]
- max_serialized_large_blob_array = 1024
- force_pin_change = false
- min_pin_length = 4
- firmware_version = 328966
- max_cred_blob_length = 32
- max_rpids_for_set_min_pin_length = 1
- preferred_platform_uv_attempts = 3
- uv_modality = 2
- remaining_discoverable_credentials = 22
Same as get_info()
, but checks if it has a specific feature/version.
It is specified by the enum of InfoParam
.
use ctap_hid_fido2::{Cfg, FidoKeyHidFactory, fidokey::get_info::InfoParam};
fn main() {
println!("enable_info_param()");
let device = FidoKeyHidFactory::create(&Cfg::init()).unwrap();
let info = device.enable_info_param(&InfoParam::VersionsFido21Pre).unwrap();
println!("VersionsFido21Pre = {}", info);
}
console
enable_info_param()
VersionsFido21Pre = true
Same as get_info()
, but checks if it has a specific option.
It is specified by the enum of InfoOption
.
- Result is
Option<bool>
Some(true)
: option is present and set to trueSome(false)
: option is present and set to falseNone
: option is absent
use ctap_hid_fido2::{Cfg, FidoKeyHidFactory, fidokey::get_info::InfoOption};
fn main() {
println!("enable_info_option()");
let device = FidoKeyHidFactory::create(&Cfg::init()).unwrap();
let info = device.enable_info_option(&InfoOption::BioEnroll).unwrap();
println!("BioEnroll = {:?}", info);
}
console
enable_info_option()
BioEnroll = Some(true)
pinRetries counter represents the number of attempts left before PIN is disabled.
Spec: 6.5.5.2. Platform getting PIN retries from Authenticator
use ctap_hid_fido2::{Cfg, FidoKeyHidFactory};
fn main() {
println!("get_pin_retries()");
let device = FidoKeyHidFactory::create(&Cfg::init()).unwrap();
let info = device.get_pin_retries().unwrap();
println!("{}", info);
}
console
get_pin_retries()
8
Yubikey Bio Only
UV(User Verification) retries count is the number of built-in UV attempts remaining before built-in UV is disabled on the device.
Spec: 6.5.5.3. Platform getting UV Retries from Authenticator
use ctap_hid_fido2::{Cfg, FidoKeyHidFactory};
fn main() {
println!("get_uv_retries()");
let device = FidoKeyHidFactory::create(&Cfg::init()).unwrap();
let info = device.get_uv_retries().unwrap();
println!("{}", info);
}
console
get_uv_retries()
3
Just blink the LED on the FIDO key.
Spec: 11.2.9.2.1. CTAPHID_WINK (0x08)
use ctap_hid_fido2::{Cfg, FidoKeyHidFactory};
fn main() {
println!("wink()");
let device = FidoKeyHidFactory::create(&Cfg::init()).unwrap();
device.wink().unwrap();
}
CTAP 2.1 Only
Check the touch of the Authenticator's touch sensor.
Spec: 6.9. authenticatorSelection (0x0B)
pub fn up(device: &FidoKeyHid) -> Result<()> {
if !device.enable_info_param(&InfoParam::VersionsFido21)? {
return Err(anyhow!(
"This authenticator is not supported for this functions."
));
}
device.selection()?;
Ok(())
}