Stability | experimental |
---|---|
Safe Haskell | Safe-Inferred |
Language | Haskell2010 |
Crypto.WebAuthn.AttestationStatementFormat.TPM
Description
This module implements the TPM Attestation Statement Format.
Synopsis
- format :: SomeAttestationStatementFormat
- data Format = Format
- data VerificationError
- = PublicKeyMismatch { }
- | MagicNumberInvalid Word32
- | TypeInvalid Word16
- | NameAlgorithmInvalid TPMAlgId
- | NameMismatch { }
- | PublicKeyInvalid Text
- | CertificateVersionInvalid Int
- | VerificationFailure Text
- | SubjectFieldNotEmpty [(OID, ASN1CharacterString)]
- | VendorUnknown Text
- | ExtKeyOIDMissing
- | BasicConstraintsTrue
- | CertificateAAGUIDMismatch { }
- | ASN1Error ASN1Error
- | CredentialAAGUIDMissing
- | HashFunctionUnknown
- | HashMismatch { }
- data TPMAlgId
Documentation
format :: SomeAttestationStatementFormat Source #
Helper function that wraps the TPM format into the general SomeAttestationStatementFormat type.
The TPM format. The sole purpose of this type is to instantiate the AttestationStatementFormat typeclass below.
Constructors
Format |
Instances
Show Format Source # | |
AttestationStatementFormat Format Source # | |
Defined in Crypto.WebAuthn.AttestationStatementFormat.TPM Methods asfIdentifier :: Format -> Text Source # asfVerify :: Format -> DateTime -> AttStmt Format -> AuthenticatorData 'Registration 'True -> ClientDataHash -> Validation (NonEmpty (AttStmtVerificationError Format)) SomeAttestationType Source # asfTrustAnchors :: Format -> VerifiableAttestationType -> CertificateStore Source # asfDecode :: Format -> HashMap Text Term -> Either Text (AttStmt Format) Source # | |
type AttStmt Format Source # | |
type AttStmtVerificationError Format Source # | |
data VerificationError Source #
Verification errors specific to TPM attestation
Constructors
PublicKeyMismatch | The public key in the certificate is different from the on in the attested credential data |
Fields
| |
MagicNumberInvalid Word32 | The magic number in certInfo was not set to TPM_GENERATED_VALUE (0xff544347) |
TypeInvalid Word16 | The type in certInfo was not set to TPM_ST_ATTEST_CERTIFY (0x8017) |
NameAlgorithmInvalid TPMAlgId | The algorithm specified in the nameAlg field is unsupported or is not a valid name algorithm |
NameMismatch | The calulated name does not match the provided name. |
Fields
| |
PublicKeyInvalid Text | The public key in the certificate was invalid, either because the it had an unexpected algorithm, or because it was otherwise malformed |
CertificateVersionInvalid Int | The certificate didn't have the expected version-value (2) |
VerificationFailure Text | The Public key cannot verify the signature over the authenticatorData and the clientDataHash. |
SubjectFieldNotEmpty [(OID, ASN1CharacterString)] | The subject field was not empty |
VendorUnknown Text | The vendor was unknown |
ExtKeyOIDMissing | The Extended Key Usage did not contain the 2.23.133.8.3 OID |
BasicConstraintsTrue | The CA component of the basic constraints extension was set to True |
CertificateAAGUIDMismatch | The AAGUID in the attested credential data does not match the AAGUID in the fido certificate extension |
Fields
| |
ASN1Error ASN1Error | The (supposedly) ASN1 encoded certificate extension could not be decoded |
CredentialAAGUIDMissing | The certificate extension does not contain a AAGUID |
HashFunctionUnknown | The desired algorithm does not have a known associated hash function |
HashMismatch | The calculated hash over the attToBeSigned does not match the received hash |
Fields
|
Instances
Exception VerificationError Source # | |
Defined in Crypto.WebAuthn.AttestationStatementFormat.TPM Methods toException :: VerificationError -> SomeException # | |
Show VerificationError Source # | |
Defined in Crypto.WebAuthn.AttestationStatementFormat.TPM Methods showsPrec :: Int -> VerificationError -> ShowS # show :: VerificationError -> String # showList :: [VerificationError] -> ShowS # |
Constructors
TPMAlgRSA | |
TPMAlgSHA1 | |
TPMAlgSHA256 | |
TPMAlgECC |
Instances
ToJSON TPMAlgId Source # | |
Generic TPMAlgId Source # | |
Show TPMAlgId Source # | |
Eq TPMAlgId Source # | |
type Rep TPMAlgId Source # | |
Defined in Crypto.WebAuthn.AttestationStatementFormat.TPM type Rep TPMAlgId = D1 ('MetaData "TPMAlgId" "Crypto.WebAuthn.AttestationStatementFormat.TPM" "webauthn-0.10.0.0-inplace" 'False) ((C1 ('MetaCons "TPMAlgRSA" 'PrefixI 'False) (U1 :: Type -> Type) :+: C1 ('MetaCons "TPMAlgSHA1" 'PrefixI 'False) (U1 :: Type -> Type)) :+: (C1 ('MetaCons "TPMAlgSHA256" 'PrefixI 'False) (U1 :: Type -> Type) :+: C1 ('MetaCons "TPMAlgECC" 'PrefixI 'False) (U1 :: Type -> Type))) |