GetMetadataStatement iterates through a list of payload entries within a FIDO metadata table of contents object per §3.1.8, step 6 FIDO Authenticator Metadata Service https://fidoalliance.org/specs/fido-v2.0-rd-20180702/fido-metadata-service-v2.0-rd-20180702.html#metadata-toc-object-processing-rules.

IsUndesiredAuthenticatorStatus returns whether the supplied authenticator status is desirable or not.

ProcessMDSTOC processes a FIDO metadata table of contents object per §3.1.8, steps 1 through 5 FIDO Authenticator Metadata Service https://fidoalliance.org/specs/fido-v2.0-rd-20180702/fido-metadata-service-v2.0-rd-20180702.html#metadata-toc-object-processing-rules.

AttCA - Indicates PrivacyCA attestation as defined in [TCG-CMCProfile-AIKCertEnroll].

AttestationKeyCompromise - Indicates that an attestation key for this authenticator is known to be compromised.

BasicFull - Indicates full basic attestation, based on an attestation private key shared among a class of authenticators (e.g.

BasicSurrogate - Just syntactically a Basic Attestation.

Ecdaa - Indicates use of elliptic curve based direct anonymous attestation as defined in [FIDOEcdaaAlgorithm].

FidoCertified - This authenticator has passed FIDO functional certification.

FidoCertifiedL1 - The authenticator has passed FIDO Authenticator certification at level 1.

FidoCertifiedL1plus - The authenticator has passed FIDO Authenticator certification at level 1+.

FidoCertifiedL2 - The authenticator has passed FIDO Authenticator certification at level 2.

FidoCertifiedL2plus - The authenticator has passed FIDO Authenticator certification at level 2+.

FidoCertifiedL3 - The authenticator has passed FIDO Authenticator certification at level 3.

FidoCertifiedL3plus - The authenticator has passed FIDO Authenticator certification at level 3+.

NotFidoCertified - This authenticator is not FIDO certified.

Revoked - The FIDO Alliance has determined that this authenticator should not be trusted for any reason, for example if it is known to be a fraudulent product or contain a deliberate backdoor.

SelfAssertionSubmitted - The authenticator vendor has completed and submitted the self-certification checklist to the FIDO Alliance.

UpdateAvailable - A software or firmware update is available for the device.

UserKeyPhysicalCompromise - This authenticator has known weaknesses in its key protection mechanism(s) that allow user keys to be extracted by an adversary in physical possession of the device.

UserKeyRemoteCompromise - This authenticator has identified weaknesses that allow registered keys to be compromised and should not be trusted.

UserVerificationBypass - Indicates that malware is able to bypass the user verification.

Conformance indicates if test metadata is currently being used.

Metadata is a map of authenticator AAGUIDs to corresponding metadata statements.

UndesiredAuthenticatorStatus is an array of undesirable authenticator statuses.

The BiometricAccuracyDescriptor describes relevant accuracy/complexity aspects in the case of a biometric user verification method.

BiometricStatusReport - Contains the current BiometricStatusReport of one of the authenticator's biometric component.

CodeAccuracyDescriptor describes the relevant accuracy/complexity aspects of passcode user verification methods.

The DisplayPNGCharacteristicsDescriptor describes a PNG image characteristics as defined in the PNG [PNG] spec for IHDR (image header) and PLTE (palette table).

EcdaaTrustAnchor - In the case of ECDAA attestation, the ECDAA-Issuer's trust anchor MUST be specified in this field.

ExtensionDescriptor - This descriptor contains an extension supported by the authenticator.

MDSGetEndpointsRequest is the request sent to the conformance metadata getEndpoints endpoint.

MDSGetEndpointsResponse is the response received from a conformance metadata getEndpoints request.

MetadataStatement - Authenticator metadata statements are used directly by the FIDO server at a relying party, but the information contained in the authoritative statement is used in several other places.

MetadataTOCPayload - Represents the MetadataTOCPayload.

MetadataTOCPayloadEntry - Represents the MetadataTOCPayloadEntry.

The PatternAccuracyDescriptor describes relevant accuracy/complexity aspects in the case that a pattern is used as the user verification method.

RogueListEntry - Contains a list of individual authenticators known to be rogue.

StatusReport - Contains the current BiometricStatusReport of one of the authenticator's biometric component.

VerificationMethodANDCombinations MUST be non-empty.

VerificationMethodDescriptor - A descriptor for a specific base user verification method as implemented by the authenticator.

Version - Represents a generic version with major and minor fields.

AuthenticatorAttestationType - The ATTESTATION constants are 16 bit long integers indicating the specific attestation that authenticator supports.

AuthenticatorStatus - This enumeration describes the status of an authenticator model as identified by its AAID and potentially some additional information (such as a specific attestation key).