IsValidAssertion may be used to check whether an assertion is valid.

IsValidAttestation may be used to check whether an attestation is valid.

NewChallenge creates a new cryptographically secure random challenge of ChallengeSize bytes.

ParseAssertionResponse will parse a raw AssertionResponse as supplied by a client to a ParsedAssertionResponse that may be used by clients to examine data.

ParseAttestationResponse will parse a raw AttestationResponse as supplied by a client to a ParsedAttestationResponse that may be used by clients to examine data.

RegisterFormat will register an attestation format.

ToWebAuthnError converts any error into the *Error type.

AttestationConveyancePreferenceDirect indicates that the Relying Party wants to receive the attestation statement as generated by the authenticator.

AttestationConveyancePreferenceIndirect indicates that the Relying Party prefers an attestation conveyance yielding verifiable attestation statements, but allows the client to decide how to obtain such attestation statements.

AttestationConveyancePreferenceNone indicates that the Relying Party is not interested in authenticator attestation.

AuthenticatorAttachmentCrossPlatform indicates cross-platform attachment.

AuthenticatorAttachmentPlatform indicates platform attachment.

0100 0000.

1000 0000.

0000 0001.

0000 0100.

AuthenticatorTransportBLE indicates the respective authenticator can be contacted over Bluetooth Smart (Bluetooth Low Energy / BLE).

AuthenticatorTransportInternal indicates the respective authenticator is contacted using a client device-specific transport.

AuthenticatorTransportNFC indicates the respective authenticator can be contacted over Near Field Communication (NFC).

AuthenticatorTransportUSB indicates the respective authenticator can be contacted over removable USB.

ChallengeSize represents the size of a challenge created by NewChallenge.

ES256 is the COSE Algorithm Identifier of ECDSA 256.

PublicKeyCredentialTypePublicKey is the only credential type defined, namely "public-key".

RS256 is the COSE Algorithm Identifier of RSA 256.

TokenBindingStatusPresent indicates the client supports token binding, but it was not negotiated when communicating with the Relying Party.

TokenBindingStatusSupported indicates token binding was used when communicating with the Relying Party.

UserVerificationDiscouraged indicates that the Relying Party does not want user verification employed during the operation (e.g., in the interest of minimizing disruption to the user interaction flow).

UserVerificationPreferred indicates that the Relying Party prefers user verification for the operation if possible, but will not fail the operation if the response does not have the UV flag set.

UserVerificationRequired indicates that the Relying Party requires user verification for the operation and will fail the operation if the response does not have the UV flag set.

Default errors.

Default errors.

Default errors.

Default errors.

Default errors.

Default errors.

Default errors.

Default errors.

AssertionResponse contains the attributes that are returned to the caller when a new assertion is requested.

Attestation represents the attestionObject.

AttestationResponse contains the attributes that are returned to the caller when a new credential is created.

AttestedCredentialData represents the AttestedCredentialData type in the WebAuthn specification.

The AuthenticatorAssertionResponse interface represents an authenticator's response to a client’s request for generation of a new authentication assertion given the WebAuthn Relying Party's challenge and OPTIONAL list of credentials it is aware of.

The AuthenticatorAttestationResponse interface represents the authenticator's response to a client’s request for the creation of a new public key credential.

AuthenticatorData encodes contextual bindings made by the authenticator.

AuthenticatorResponse is used by authenticators to respond to Relying Party requests.

The AuthenticatorSelectionCriteria may be used by WebAuthn Relying Parties to specify their requirements regarding authenticator attributes.

CollectedClientData represents the contextual bindings of both the WebAuthn Relying Party and the client.

CredentialCreationOptions contains the options that should be passed to navigator.credentials.create().

CredentialRequestOptions contains the options that should be passed to navigator.credentials.get().

Error is a representation of errors returned from this package.

ParsedAssertionResponse is a parsed version of AssertionResponse.

ParsedAttestationResponse is a parsed version of AttestationResponse https://www.w3.org/TR/webauthn/#publickeycredential.

ParsedAuthenticatorAssertionResponse is a parsed version of AuthenticatorAssertionResponse.

ParsedAuthenticatorAttestationResponse is a parsed version of AuthenticatorAttestationResponse https://www.w3.org/TR/webauthn/#authenticatorattestationresponse.

ParsedAuthenticatorResponse is a parsed version of AuthenticatorResponse.

ParsedPublicKeyCredential is a parsed version of PublicKeyCredential https://www.w3.org/TR/webauthn/#publickeycredential.

The PublicKeyCredential interface inherits from Credential [CREDENTIAL-MANAGEMENT-1], and contains the attributes that are returned to the caller when a new credential is created, or a new assertion is requested.

The PublicKeyCredentialCreationOptions dictionary supplies create() with the data it needs to generate an attestation.

PublicKeyCredentialDescriptor contains the attributes that are specified by a caller when referring to a public key credential as an input parameter to the create() or get() methods.

The PublicKeyCredentialEntity dictionary describes a user account, or a WebAuthn Relying Party, with which a public key credential is associated.

PublicKeyCredentialParameters is used to supply additional parameters when creating a new credential.

The PublicKeyCredentialRequestOptions dictionary supplies get() with the data it needs to generate an assertion.

The PublicKeyCredentialRpEntity dictionary is used to supply additional Relying Party attributes when creating a new credential.

The PublicKeyCredentialUserEntity dictionary is used to supply additional user account attributes when creating a new credential.

TokenBinding represents the token binding.

AttestationConveyancePreference may be used by WebAuthn Relying Parties to specify their preference regarding attestation conveyance during credential generation.

AttestationFormatFunction will be called when checking whether an Attestation is valid.

AuthenticationExtensionsClientInputs contains the client extension input values for zero or more WebAuthn extensions, as defined in §9 WebAuthn Extensions.

AuthenticatorAttachment's values describe authenticators' attachment modalities.

AuthenticatorDataFlags are the flags that are present in the authenticator data.

AuthenticatorTransport represents the transport used by an authenticator.

Challenge represents a challenge.

A COSEAlgorithmIdentifier's value is a number identifying a cryptographic algorithm.

PublicKeyCredentialType defines the valid credential types.

TokenBindingStatus represents the status of a TokenBinding.

UserVerificationRequirement may be used by a WebAuthn Relying Party to require user verification for some of its operations but not for others.