The Perl Toolchain Summit needs more sponsors. If your company depends on Perl, please support this very important event.
 / 
FIDO-Raw-0.06
River stage zero No dependents
1 ++
/ FIDO::Raw::Cred

NAME

FIDO::Raw::Cred

VERSION

version 0.06

DESCRIPTION

FIDO2 Credential

METHODS

new( )

Create a new instance.

fmt( [$format] )

Get/set the format, where $format must either be "packed" or "fido-u2f".

prot( [$protection] )

Get/set the protection. At the moment only CRED_PROT_UV_OPTIONAL, CRED_PROT_UV_OPTIONAL_WITH_ID and FIDO_CRED_PROT_UV_REQUIRED protections are supported.

extensions( $flags )

Set the extensions to the bitmask of $flags. At the moment, only EXT_HMAC_SECRET and EXT_CRED_PROTECT are supported.

rp( [$id], $name )

Get/set the the relying party information. $id may be set to undef if required. Returns a hash reference.

type ( [$cose_alg] )

Get/set the algorithm, where $cose_alg may be COSE_ES256, COSE_RS256 or COSE_EDDSA. The type of a credential may only be set once. Not all authenticators support COSE_RS256 or COSE_EDDSA.

user( [$user_id, $name, $display_name, $icon] )

Get/set the user attributes. Returns a hash reference.

rk( [$opt] )

Get/set the resident key attribute.

uv( [$opt] )

Get/set the user verification attribute.

exclude( $cred )

Append the credential ID $cred to the list of excluded credentials.

authdata( [$data] )

Get/set the authenticator data. $data must be a CBOR-encoded byte string. Alternatively, authdata_raw may be used to set raw binary blob.

authdata_raw( $data )

Set the authenticator data as a raw binary blob.

clientdata_hash( [$hash] )

Get/set the clientdata hash.

sig( [$signature] )

Get/set the signature.

x509( [$cert] )

Get/set the attestation certification.

flags( )

Get the authenticator data flags.

id( )

Get the credential ID.

aaguid( )

Get the authenticator attestation GUID.

pubkey( )

Get the public key.

verify( )

Verifies whether the signature matches the attributes of the credential. This method verifies that the client data hash, relying party ID, credential ID, type, resident key and user verification attributes have been attested by the holder of the private key counterpart of the public key contained in the X509 certificate. The certificate itself is not verified.

The attestation statement formats supported are "packed" and "fido-u2f". The attestation type implemented is Basic Attestation. The attestation key pair is assumed to be of the type ES256. Other attestation formats and types are not supported.

This method returns a result code of FIDO::Raw::FIDO_OK on success or an error result code otherwise.

AUTHOR

Jacques Germishuys <jacquesg@striata.com>

LICENSE AND COPYRIGHT

Copyright 2020 Jacques Germishuys.

This program is free software; you can redistribute it and/or modify it under the terms of either: the GNU General Public License as published by the Free Software Foundation; or the Artistic License.

See http://dev.perl.org/licenses/ for more information.