webauthn-0.6.0.1: Relying party (server) implementation of the WebAuthn 2 specification
Stabilityexperimental
Safe HaskellSafe-Inferred
LanguageHaskell2010

Crypto.WebAuthn.AttestationStatementFormat.TPM

Description

This module implements the TPM Attestation Statement Format.

Synopsis

Documentation

format :: SomeAttestationStatementFormat Source #

Helper function that wraps the TPM format into the general SomeAttestationStatementFormat type.

data Format Source #

The TPM format. The sole purpose of this type is to instantiate the AttestationStatementFormat typeclass below.

Constructors

Format 

Instances

Instances details
Show Format Source # 
Instance details

Defined in Crypto.WebAuthn.AttestationStatementFormat.TPM

Methods

showsPrec :: Int -> Format -> ShowS #

show :: Format -> String #

showList :: [Format] -> ShowS #

AttestationStatementFormat Format Source # 
Instance details

Defined in Crypto.WebAuthn.AttestationStatementFormat.TPM

Associated Types

type AttStmt Format Source #

type AttStmtVerificationError Format Source #

Methods

asfIdentifier :: Format -> Text Source #

asfVerify :: Format -> DateTime -> AttStmt Format -> AuthenticatorData 'Registration 'True -> ClientDataHash -> Validation (NonEmpty (AttStmtVerificationError Format)) SomeAttestationType Source #

asfTrustAnchors :: Format -> VerifiableAttestationType -> CertificateStore Source #

asfDecode :: Format -> HashMap Text Term -> Either Text (AttStmt Format) Source #

asfEncode :: Format -> AttStmt Format -> Term Source #

type AttStmt Format Source # 
Instance details

Defined in Crypto.WebAuthn.AttestationStatementFormat.TPM

type AttStmt Format
type AttStmtVerificationError Format Source # 
Instance details

Defined in Crypto.WebAuthn.AttestationStatementFormat.TPM

type AttStmtVerificationError Format = VerificationError

data VerificationError Source #

Verification errors specific to TPM attestation

Constructors

PublicKeyMismatch

The public key in the certificate is different from the on in the attested credential data

Fields

MagicNumberInvalid Word32

The magic number in certInfo was not set to TPM_GENERATED_VALUE (0xff544347)

TypeInvalid Word16

The type in certInfo was not set to TPM_ST_ATTEST_CERTIFY (0x8017)

NameAlgorithmInvalid TPMAlgId

The algorithm specified in the nameAlg field is unsupported or is not a valid name algorithm

NameMismatch

The calulated name does not match the provided name.

Fields

PublicKeyInvalid Text

The public key in the certificate was invalid, either because the it had an unexpected algorithm, or because it was otherwise malformed

CertificateVersionInvalid Int

The certificate didn't have the expected version-value (2)

VerificationFailure Text

The Public key cannot verify the signature over the authenticatorData and the clientDataHash.

SubjectFieldNotEmpty [(OID, ASN1CharacterString)]

The subject field was not empty

VendorUnknown Text

The vendor was unknown

ExtKeyOIDMissing

The Extended Key Usage did not contain the 2.23.133.8.3 OID

BasicConstraintsTrue

The CA component of the basic constraints extension was set to True

CertificateAAGUIDMismatch

The AAGUID in the attested credential data does not match the AAGUID in the fido certificate extension

Fields

ASN1Error ASN1Error

The (supposedly) ASN1 encoded certificate extension could not be decoded

CredentialAAGUIDMissing

The certificate extension does not contain a AAGUID

HashFunctionUnknown

The desired algorithm does not have a known associated hash function

HashMismatch

The calculated hash over the attToBeSigned does not match the received hash

Fields

  • calculatedHash :: ByteString

    The hash of the concatenation of the authenticatorData and clientDataHash (attToBeSigned) calculated by the alg specified in the Statement.

  • extraData :: ByteString

    The extra data from the TPMS_ATTEST structure.

Instances

Instances details
Exception VerificationError Source # 
Instance details

Defined in Crypto.WebAuthn.AttestationStatementFormat.TPM

Methods

toException :: VerificationError -> SomeException #

fromException :: SomeException -> Maybe VerificationError #

displayException :: VerificationError -> String #

Show VerificationError Source # 
Instance details

Defined in Crypto.WebAuthn.AttestationStatementFormat.TPM

Methods

showsPrec :: Int -> VerificationError -> ShowS #

show :: VerificationError -> String #

showList :: [VerificationError] -> ShowS #

data TPMAlgId Source #

(spec)

Constructors

TPMAlgRSA 
TPMAlgSHA1 
TPMAlgSHA256 
TPMAlgECC 

Instances

Instances details
ToJSON TPMAlgId Source # 
Instance details

Defined in Crypto.WebAuthn.AttestationStatementFormat.TPM

Methods

toJSON :: TPMAlgId -> Value #

toEncoding :: TPMAlgId -> Encoding #

toJSONList :: [TPMAlgId] -> Value #

toEncodingList :: [TPMAlgId] -> Encoding #

Generic TPMAlgId Source # 
Instance details

Defined in Crypto.WebAuthn.AttestationStatementFormat.TPM

Associated Types

type Rep TPMAlgId :: Type -> Type #

Methods

from :: TPMAlgId -> Rep TPMAlgId x #

to :: Rep TPMAlgId x -> TPMAlgId #

Show TPMAlgId Source # 
Instance details

Defined in Crypto.WebAuthn.AttestationStatementFormat.TPM

Methods

showsPrec :: Int -> TPMAlgId -> ShowS #

show :: TPMAlgId -> String #

showList :: [TPMAlgId] -> ShowS #

Eq TPMAlgId Source # 
Instance details

Defined in Crypto.WebAuthn.AttestationStatementFormat.TPM

Methods

(==) :: TPMAlgId -> TPMAlgId -> Bool #

(/=) :: TPMAlgId -> TPMAlgId -> Bool #

type Rep TPMAlgId Source # 
Instance details

Defined in Crypto.WebAuthn.AttestationStatementFormat.TPM

type Rep TPMAlgId = D1 ('MetaData "TPMAlgId" "Crypto.WebAuthn.AttestationStatementFormat.TPM" "webauthn-0.6.0.1-inplace" 'False) ((C1 ('MetaCons "TPMAlgRSA" 'PrefixI 'False) (U1 :: Type -> Type) :+: C1 ('MetaCons "TPMAlgSHA1" 'PrefixI 'False) (U1 :: Type -> Type)) :+: (C1 ('MetaCons "TPMAlgSHA256" 'PrefixI 'False) (U1 :: Type -> Type) :+: C1 ('MetaCons "TPMAlgECC" 'PrefixI 'False) (U1 :: Type -> Type)))