feat(protocol): implement device eligible and backup flags (#85)

Extend existing flags by adding new ones backup eligible and backup state. Closes #75 Co-authored-by: Tobias Albrecht <[email protected]>
go-webauthn · Dec 7, 2022 · 694d289 · 694d289
1 parent 752defd
commit 694d289
Showing 1 changed file with 15 additions and 3 deletions.
diff --git a/protocol/authenticator.go b/protocol/authenticator.go
@@ -131,9 +131,11 @@ const (
  // FlagUserVerified Bit 00000100 in the byte sequence. Tells us if user is verified
  // by the authenticator using a biometric or PIN
  FlagUserVerified // Referred to as UV
- _ // Reserved
- _ // Reserved
- _ // Reserved
+ // FlagBackupEligible Bit 00001000 in the byte sequence. Tells us if a backup is eligible for device
+ FlagBackupEligible // Referred to as BE
+ // FlagBackupState Bit 00010000 in the byte sequence. Tells us if a backup state for device
+ FlagBackupState // Referred to as BS
+ _ // Reserved
  // FlagAttestedCredentialData Bit 01000000 in the byte sequence. Indicates whether
  // the authenticator added attested credential data.
  FlagAttestedCredentialData // Referred to as AT
@@ -161,6 +163,16 @@ func (flag AuthenticatorFlags) HasExtensions() bool {
  return (flag & FlagHasExtensions) == FlagHasExtensions
 }
 
+// HasBackupEligible returns if the BE flag was set
+func (flag AuthenticatorFlags) HasBackupEligible() bool {
+ return (flag & FlagBackupEligible) == FlagBackupEligible
+}
+
+// HasBackupState returns if the BS flag was set
+func (flag AuthenticatorFlags) HasBackupState() bool {
+ return (flag & FlagBackupState) == FlagBackupState
+}
+
 // Unmarshal will take the raw Authenticator Data and marshalls it into AuthenticatorData for further validation.
 // The authenticator data has a compact but extensible encoding. This is desired since authenticators can be
 // devices with limited capabilities and low power requirements, with much simpler software stacks than the client platform.