This command manages discoverable credentials(resident key) in the authenticator.
Spec: 6.8. authenticatorCredentialManagement (0x0A)
To use this feature, the Authenticator must implement CredMgmt or CredentialMgmtPreview. check with enable_info_option()
fn is_supported(device: &FidoKeyHid) -> Result<bool> {
if device.enable_info_option(&InfoOption::CredMgmt)?.is_some() {
return Ok(true);
}
if device
.enable_info_option(&&InfoOption::CredentialMgmtPreview)?
.is_some()
{
Ok(true)
} else {
Ok(false)
}
}Get discoverable credentials metadata.
fn metadata(device: &FidoKeyHid, pin: &str) {
match device.credential_management_get_creds_metadata(Some(pin)) {
Ok(result) => println!("{}", result),
Err(e) => println!("- error: {:?}", e),
}
}Enumerate RPs present on the authenticator.
match device.credential_management_enumerate_rps(Some(pin))
{
Ok(results) => {
for r in results {
println!("## rps\n{}", r);
}
}
Err(e) => println!("- error: {:?}", e),
}Enumerate the credentials for a RP.
match device.credential_management_enumerate_credentials(Some(pin), rpid_hash_bytes) {
Ok(results) => {
for c in results {
println!("## credentials\n{}", c);
}
}
Err(e) => println!("- error: {:?}", e),
}Delete a credential.
let mut pkcd = PublicKeyCredentialDescriptor::default();
pkcd.id = util::to_str_hex(credential_id.unwrap());
pkcd.ctype = "public_key".to_string();
match device.credential_management_delete_credential(Some(pin), pkcd) {
Ok(_) => println!("- success"),
Err(e) => println!("- error: {:?}",e),
}