| Stability | experimental |
|---|---|
| Safe Haskell | None |
| Language | Haskell2010 |
Crypto.WebAuthn.AttestationStatementFormat.TPM
Description
This module implements the TPM Attestation Statement Format.
Synopsis
- format :: SomeAttestationStatementFormat
- data Format = Format
- data VerificationError
- = VerificationErrorCredentialKeyMismatch
- | VerificationErrorInvalidMagicNumber Word32
- | VerificationErrorInvalidType Word16
- | VerificationErrorInvalidNameAlgorithm
- | VerificationErrorInvalidName ByteString ByteString
- | VerificationErrorInvalidPublicKey Text
- | VerificationErrorCertificateVersion Int Int
- | VerificationErrorVerificationFailure Text
- | VerificationErrorNonEmptySubjectField
- | VerificationErrorUnknownVendor
- | VerificationErrorExtKeyOIDMissing
- | VerificationErrorBasicConstraintsTrue
- | VerificationErrorCertificateAAGUIDMismatch
- | VerificationErrorASN1Error ASN1Error
- | VerificationErrorCredentialAAGUIDMissing
- | VerificationErrorUnknownHashFunction
- | VerificationErrorHashMismatch ByteString ByteString
Documentation
format :: SomeAttestationStatementFormat Source #
Helper function that wraps the TPM format into the general SomeAttestationStatementFormat type.
The TPM format. The sole purpose of this type is to instantiate the AttestationStatementFormat typeclass below.
Constructors
| Format |
Instances
| Show Format Source # | |
| AttestationStatementFormat Format Source # | |
Defined in Crypto.WebAuthn.AttestationStatementFormat.TPM Methods asfIdentifier :: Format -> Text Source # asfVerify :: Format -> DateTime -> AttStmt Format -> AuthenticatorData 'Registration 'True -> ClientDataHash -> Validation (NonEmpty (AttStmtVerificationError Format)) SomeAttestationType Source # asfTrustAnchors :: Format -> VerifiableAttestationType -> CertificateStore Source # asfDecode :: Format -> HashMap Text Term -> Either Text (AttStmt Format) Source # | |
| type AttStmt Format Source # | |
| type AttStmtVerificationError Format Source # | |
data VerificationError Source #
Verification errors specific to TPM attestation
Constructors
| VerificationErrorCredentialKeyMismatch | The public key in the certificate is different from the on in the attested credential data |
| VerificationErrorInvalidMagicNumber Word32 | The magic number in certInfo was not set to TPM_GENERATED_VALUE |
| VerificationErrorInvalidType Word16 | The type in certInfo was not set to TPM_ST_ATTEST_CERTIFY |
| VerificationErrorInvalidNameAlgorithm | The algorithm specified in the nameAlg field is unsupported or is not a valid name algorithm |
| VerificationErrorInvalidName ByteString ByteString | The calulated name does not match the provided name. (first: expected, second: received) |
| VerificationErrorInvalidPublicKey Text | The public key in the certificate was invalid, either because the it had an unexpected algorithm, or because it was otherwise malformed |
| VerificationErrorCertificateVersion Int Int | The certificate didn't have the expected version-value (first: expected, second: received) |
| VerificationErrorVerificationFailure Text | The Public key cannot verify the signature over the authenticatorData and the clientDataHash. |
| VerificationErrorNonEmptySubjectField | The subject field was not empty |
| VerificationErrorUnknownVendor | The vendor was unknown |
| VerificationErrorExtKeyOIDMissing | The Extended Key Usage did not contain the 2.23.133.8.3 OID |
| VerificationErrorBasicConstraintsTrue | The CA component of the basic constraints extension was set to True |
| VerificationErrorCertificateAAGUIDMismatch | The AAGUID in the certificate extension does not match the AAGUID in the authenticator data |
| VerificationErrorASN1Error ASN1Error | The (supposedly) ASN1 encoded certificate extension could not be decoded |
| VerificationErrorCredentialAAGUIDMissing | The certificate extension does not contain a AAGUID |
| VerificationErrorUnknownHashFunction | The desired algorithm does not have a known associated hash function |
| VerificationErrorHashMismatch ByteString ByteString | The calculated hash over the attToBeSigned does not match the received hash (first: calculated, second: received) |
Instances
| Show VerificationError Source # | |
Defined in Crypto.WebAuthn.AttestationStatementFormat.TPM Methods showsPrec :: Int -> VerificationError -> ShowS # show :: VerificationError -> String # showList :: [VerificationError] -> ShowS # | |
| Exception VerificationError Source # | |
Defined in Crypto.WebAuthn.AttestationStatementFormat.TPM Methods toException :: VerificationError -> SomeException # | |