Fix #68: Implement legacy preview (#70)

msirringhaus · web-flow · commit 393f1601bcc9 · 2025-02-13T12:55:03.000+01:00
diff --git a/libwebauthn/examples/bio_enrollment_hid.rs b/libwebauthn/examples/bio_enrollment_hid.rs
@@ -46,17 +46,15 @@ impl Display for Operation {
 
 fn get_supported_options(info: &Ctap2GetInfoResponse) -> Vec<Operation> {
     let mut configure_ops = vec![];
-    if let Some(options) = &info.options {
-        if options.get("bioEnroll").is_some() {
-            configure_ops.push(Operation::GetModality);
-            configure_ops.push(Operation::GetFingerprintSensorInfo);
-            if options.get("bioEnroll") == Some(&true) {
-                configure_ops.push(Operation::EnumerateEnrollments);
-                configure_ops.push(Operation::RemoveEnrollment);
-                configure_ops.push(Operation::RenameEnrollment);
-            }
-            configure_ops.push(Operation::AddNewEnrollment);
+    if info.supports_bio_enrollment() {
+        configure_ops.push(Operation::GetModality);
+        configure_ops.push(Operation::GetFingerprintSensorInfo);
+        if info.has_bio_enrollments() {
+            configure_ops.push(Operation::EnumerateEnrollments);
+            configure_ops.push(Operation::RemoveEnrollment);
+            configure_ops.push(Operation::RenameEnrollment);
         }
+        configure_ops.push(Operation::AddNewEnrollment);
     }
     configure_ops
 }
@@ -155,7 +153,7 @@ pub async fn main() -> Result<(), Box<dyn Error>> {
                     };
                     println!("Which enrollment do you want to remove?");
                     for (id, enrollment) in enrollments.iter().enumerate() {
-                        println!("{id} {enrollment:?}")
+                        println!("({id}) {enrollment:?}")
                     }
                     let idx = ask_for_user_input(enrollments.len());
                     channel
@@ -186,7 +184,7 @@ pub async fn main() -> Result<(), Box<dyn Error>> {
                     };
                     println!("Which enrollment do you want to rename?");
                     for (id, enrollment) in enrollments.iter().enumerate() {
-                        println!("{id} {enrollment:?}")
+                        println!("({id}) {enrollment:?}")
                     }
                     let idx = ask_for_user_input(enrollments.len());
                     print!("New name: ");
diff --git a/libwebauthn/examples/cred_management.rs b/libwebauthn/examples/cred_management.rs
@@ -133,11 +133,9 @@ pub async fn main() -> Result<(), WebAuthnError> {
         let mut channel = device.channel().await?;
         let info = channel.ctap2_get_info().await?;
 
-        if let Some(options) = &info.options {
-            if options.get("credMgmt") != Some(&true) {
-                println!("Your token does not support credential management.");
-                return Err(WebAuthnError::Ctap(CtapError::InvalidCommand));
-            }
+        if !info.supports_credential_management() {
+            println!("Your token does not support credential management.");
+            return Err(WebAuthnError::Ctap(CtapError::InvalidCommand));
         }
 
         let options = [
diff --git a/libwebauthn/src/management/authenticator_config.rs b/libwebauthn/src/management/authenticator_config.rs
@@ -223,4 +223,8 @@ impl Ctap2UserVerifiableRequest for Ctap2AuthenticatorConfigRequest {
     fn can_use_uv(&self, info: &Ctap2GetInfoResponse) -> bool {
         info.option_enabled("uvAcfg")
     }
+
+    fn handle_legacy_preview(&mut self, _info: &Ctap2GetInfoResponse) {
+        // No-op
+    }
 }
diff --git a/libwebauthn/src/management/bio_enrollment.rs b/libwebauthn/src/management/bio_enrollment.rs
@@ -70,6 +70,7 @@ pub trait BioEnrollment {
 pub struct Ctap2BioEnrollmentFingerprintSensorInfo {
     pub fingerprint_kind: Ctap2BioEnrollmentFingerprintKind,
     pub max_capture_samples_required_for_enroll: Option<u64>,
+    /// Not returned/supported by BioEnrollmentPreview
     pub max_template_friendly_name: Option<u64>,
 }
 
@@ -333,4 +334,17 @@ impl Ctap2UserVerifiableRequest for Ctap2BioEnrollmentRequest {
     fn can_use_uv(&self, info: &Ctap2GetInfoResponse) -> bool {
         info.option_enabled("uvBioEnroll")
     }
+
+    fn handle_legacy_preview(&mut self, info: &Ctap2GetInfoResponse) {
+        if let Some(options) = &info.options {
+            // According to Spec, we would also need to verify the token only
+            // supports FIDO_2_1_PRE, but let's be a bit less strict here and
+            // accept it simply reporting preview-support, but not the real one.
+            if options.get("bioEnroll") != Some(&true)
+                && options.get("userVerificationMgmtPreview") == Some(&true)
+            {
+                self.use_legacy_preview = true;
+            }
+        }
+    }
 }
diff --git a/libwebauthn/src/management/credential_management.rs b/libwebauthn/src/management/credential_management.rs
@@ -185,7 +185,7 @@ where
             resp.credential_id.unwrap(),
             resp.public_key.unwrap(),
             resp.cred_protect.unwrap(),
-            resp.large_blob_key.unwrap(),
+            resp.large_blob_key.map(|x| x.into_vec()),
         );
         let total_creds = resp.total_credentials.unwrap();
         Ok((cred, total_creds))
@@ -219,7 +219,7 @@ where
             resp.credential_id.unwrap(),
             resp.public_key.unwrap(),
             resp.cred_protect.unwrap(),
-            resp.large_blob_key.unwrap(),
+            resp.large_blob_key.map(|x| x.into_vec()),
         );
         Ok(cred)
     }
@@ -270,6 +270,11 @@ where
             )
             .await?;
 
+            // Preview mode does not support "updateUserInfo" subcommand
+            if req.use_legacy_preview {
+                return Err(Error::Ctap(CtapError::InvalidCommand));
+            }
+
             // On success, this is an all-empty Ctap2AuthenticatorConfigResponse
             handle_errors!(
                 self,
@@ -317,4 +322,17 @@ impl Ctap2UserVerifiableRequest for Ctap2CredentialManagementRequest {
     fn can_use_uv(&self, _info: &Ctap2GetInfoResponse) -> bool {
         true
     }
+
+    fn handle_legacy_preview(&mut self, info: &Ctap2GetInfoResponse) {
+        if let Some(options) = &info.options {
+            // According to Spec, we would also need to verify the token only
+            // supports FIDO_2_1_PRE, but let's be a bit less strict here and
+            // accept it simply reporting preview-support, but not the real one.
+            if options.get("credMgmt") != Some(&true)
+                && options.get("credentialMgmtPreview") == Some(&true)
+            {
+                self.use_legacy_preview = true;
+            }
+        }
+    }
 }
diff --git a/libwebauthn/src/proto/ctap2/cbor/request.rs b/libwebauthn/src/proto/ctap2/cbor/request.rs
@@ -77,17 +77,27 @@ impl From<&Ctap2AuthenticatorConfigRequest> for CborRequest {
 
 impl From<&Ctap2BioEnrollmentRequest> for CborRequest {
     fn from(request: &Ctap2BioEnrollmentRequest) -> CborRequest {
+        let command = if request.use_legacy_preview {
+            Ctap2CommandCode::AuthenticatorBioEnrollmentPreview
+        } else {
+            Ctap2CommandCode::AuthenticatorBioEnrollment
+        };
         CborRequest {
-            command: Ctap2CommandCode::AuthenticatorBioEnrollment,
+            command,
             encoded_data: to_vec(request).unwrap(),
         }
     }
 }
 
 impl From<&Ctap2CredentialManagementRequest> for CborRequest {
     fn from(request: &Ctap2CredentialManagementRequest) -> CborRequest {
+        let command = if request.use_legacy_preview {
+            Ctap2CommandCode::AuthenticatorCredentialManagementPreview
+        } else {
+            Ctap2CommandCode::AuthenticatorCredentialManagement
+        };
         CborRequest {
-            command: Ctap2CommandCode::AuthenticatorCredentialManagement,
+            command,
             encoded_data: to_vec(request).unwrap(),
         }
     }
diff --git a/libwebauthn/src/proto/ctap2/model.rs b/libwebauthn/src/proto/ctap2/model.rs
@@ -49,7 +49,9 @@ pub enum Ctap2CommandCode {
     AuthenticatorClientPin = 0x06,
     AuthenticatorGetNextAssertion = 0x08,
     AuthenticatorBioEnrollment = 0x09,
+    AuthenticatorBioEnrollmentPreview = 0x40,
     AuthenticatorCredentialManagement = 0x0A,
+    AuthenticatorCredentialManagementPreview = 0x41,
     AuthenticatorSelection = 0x0B,
     AuthenticatorConfig = 0x0D,
 }
@@ -198,6 +200,7 @@ pub trait Ctap2UserVerifiableRequest {
     fn permissions(&self) -> Ctap2AuthTokenPermissionRole;
     fn permissions_rpid(&self) -> Option<&str>;
     fn can_use_uv(&self, info: &Ctap2GetInfoResponse) -> bool;
+    fn handle_legacy_preview(&mut self, info: &Ctap2GetInfoResponse);
 }
 
 #[derive(Debug, Clone, Copy)]
diff --git a/libwebauthn/src/proto/ctap2/model/bio_enrollment.rs b/libwebauthn/src/proto/ctap2/model/bio_enrollment.rs
@@ -36,6 +36,9 @@ pub struct Ctap2BioEnrollmentRequest {
     #[serde(default)]
     #[serde(skip_serializing_if = "Option::is_none")]
     pub get_modality: Option<bool>,
+
+    #[serde(skip)]
+    pub use_legacy_preview: bool,
 }
 
 #[repr(u32)]
@@ -166,6 +169,7 @@ impl Ctap2BioEnrollmentRequest {
             protocol: None,      // Get's filled in later
             uv_auth_param: None, // Get's filled in later
             get_modality: Some(true),
+            use_legacy_preview: false,
         }
     }
 
@@ -177,6 +181,7 @@ impl Ctap2BioEnrollmentRequest {
             protocol: None,      // Get's filled in later
             uv_auth_param: None, // Get's filled in later
             get_modality: None,
+            use_legacy_preview: false,
         }
     }
 
@@ -188,6 +193,7 @@ impl Ctap2BioEnrollmentRequest {
             protocol: None,      // Get's filled in later
             uv_auth_param: None, // Get's filled in later
             get_modality: None,
+            use_legacy_preview: false,
         }
     }
 
@@ -203,6 +209,7 @@ impl Ctap2BioEnrollmentRequest {
             protocol: None,      // Get's filled in later
             uv_auth_param: None, // Get's filled in later
             get_modality: None,
+            use_legacy_preview: false,
         }
     }
 
@@ -218,6 +225,7 @@ impl Ctap2BioEnrollmentRequest {
             protocol: None,      // Get's filled in later
             uv_auth_param: None, // Get's filled in later
             get_modality: None,
+            use_legacy_preview: false,
         }
     }
 
@@ -239,6 +247,7 @@ impl Ctap2BioEnrollmentRequest {
             protocol: None,      // Get's filled in later
             uv_auth_param: None, // Get's filled in later
             get_modality: None,
+            use_legacy_preview: false,
         }
     }
 
@@ -256,6 +265,7 @@ impl Ctap2BioEnrollmentRequest {
             protocol: None,
             uv_auth_param: None,
             get_modality: None,
+            use_legacy_preview: false,
         }
     }
 
@@ -267,6 +277,7 @@ impl Ctap2BioEnrollmentRequest {
             protocol: None,
             uv_auth_param: None,
             get_modality: None,
+            use_legacy_preview: false,
         }
     }
 }
diff --git a/libwebauthn/src/proto/ctap2/model/credential_management.rs b/libwebauthn/src/proto/ctap2/model/credential_management.rs
@@ -29,6 +29,9 @@ pub struct Ctap2CredentialManagementRequest {
     #[serde(default)]
     #[serde(skip_serializing_if = "Option::is_none")]
     pub uv_auth_param: Option<ByteBuf>,
+
+    #[serde(skip)]
+    pub use_legacy_preview: bool,
 }
 
 #[repr(u32)]
@@ -128,6 +131,7 @@ impl Ctap2CredentialManagementRequest {
             subcommand_params: None,
             protocol: None,
             uv_auth_param: None,
+            use_legacy_preview: false,
         }
     }
 
@@ -137,6 +141,7 @@ impl Ctap2CredentialManagementRequest {
             subcommand_params: None,
             protocol: None,
             uv_auth_param: None,
+            use_legacy_preview: false,
         }
     }
 
@@ -146,6 +151,7 @@ impl Ctap2CredentialManagementRequest {
             subcommand_params: None,
             protocol: None,
             uv_auth_param: None,
+            use_legacy_preview: false,
         }
     }
 
@@ -159,6 +165,7 @@ impl Ctap2CredentialManagementRequest {
             }),
             protocol: None,
             uv_auth_param: None,
+            use_legacy_preview: false,
         }
     }
 
@@ -170,6 +177,7 @@ impl Ctap2CredentialManagementRequest {
             subcommand_params: None,
             protocol: None,
             uv_auth_param: None,
+            use_legacy_preview: false,
         }
     }
 
@@ -183,6 +191,7 @@ impl Ctap2CredentialManagementRequest {
             }),
             protocol: None,
             uv_auth_param: None,
+            use_legacy_preview: false,
         }
     }
 
@@ -199,6 +208,7 @@ impl Ctap2CredentialManagementRequest {
             }),
             protocol: None,
             uv_auth_param: None,
+            use_legacy_preview: false,
         }
     }
 }
@@ -227,7 +237,8 @@ pub struct Ctap2CredentialData {
     pub credential_id: Ctap2PublicKeyCredentialDescriptor,
     pub public_key: PublicKey,
     pub cred_protect: u64,
-    pub large_blob_key: ByteBuf,
+    /// This is not there in the Preview mode
+    pub large_blob_key: Option<Vec<u8>>,
 }
 
 impl Ctap2CredentialData {
@@ -236,7 +247,7 @@ impl Ctap2CredentialData {
         credential_id: Ctap2PublicKeyCredentialDescriptor,
         public_key: PublicKey,
         cred_protect: u64,
-        large_blob_key: ByteBuf,
+        large_blob_key: Option<Vec<u8>>,
     ) -> Self {
         Self {
             user,
diff --git a/libwebauthn/src/proto/ctap2/model/get_assertion.rs b/libwebauthn/src/proto/ctap2/model/get_assertion.rs
@@ -201,4 +201,8 @@ impl Ctap2UserVerifiableRequest for Ctap2GetAssertionRequest {
     fn can_use_uv(&self, _info: &Ctap2GetInfoResponse) -> bool {
         true
     }
+
+    fn handle_legacy_preview(&mut self, _info: &Ctap2GetInfoResponse) {
+        // No-op
+    }
 }
diff --git a/libwebauthn/src/proto/ctap2/model/get_info.rs b/libwebauthn/src/proto/ctap2/model/get_info.rs
@@ -164,6 +164,26 @@ impl Ctap2GetInfoResponse {
         self.versions.iter().any(|v| v == "FIDO_2_1")
     }
 
+    pub fn supports_credential_management(&self) -> bool {
+        self.option_enabled("credMgmt") || self.option_enabled("credentialMgmtPreview")
+    }
+
+    pub fn supports_bio_enrollment(&self) -> bool {
+        if let Some(options) = &self.options {
+            return options.get("bioEnroll").is_some()
+                || options.get("userVerificationMgmtPreview").is_some();
+        }
+        false
+    }
+
+    pub fn has_bio_enrollments(&self) -> bool {
+        if let Some(options) = &self.options {
+            return options.get("bioEnroll") == Some(&true)
+                || options.get("userVerificationMgmtPreview") == Some(&true);
+        }
+        false
+    }
+
     /// Implements check for "Protected by some form of User Verification":
     ///   Either or both clientPin or built-in user verification methods are supported and enabled.
     ///   I.e., in the authenticatorGetInfo response the pinUvAuthToken option ID is present and set to true,
diff --git a/libwebauthn/src/proto/ctap2/model/make_credential.rs b/libwebauthn/src/proto/ctap2/model/make_credential.rs
@@ -175,6 +175,10 @@ impl Ctap2UserVerifiableRequest for Ctap2MakeCredentialRequest {
     fn can_use_uv(&self, _info: &Ctap2GetInfoResponse) -> bool {
         true
     }
+
+    fn handle_legacy_preview(&mut self, _info: &Ctap2GetInfoResponse) {
+        // No-op
+    }
 }
 
 impl TryFrom<&Ctap2MakeCredentialResponse> for Ctap2PublicKeyCredentialDescriptor {
diff --git a/libwebauthn/src/webauthn.rs b/libwebauthn/src/webauthn.rs

Original file line number	Diff line number	Diff line change
`@@ -223,4 +223,8 @@ impl Ctap2UserVerifiableRequest for Ctap2AuthenticatorConfigRequest {`
`223`	`223`	`fn can_use_uv(&self, info: &Ctap2GetInfoResponse) -> bool {`
`224`	`224`	`info.option_enabled("uvAcfg")`
`225`	`225`	`}`
	`226`	`+`
	`227`	`+ fn handle_legacy_preview(&mut self, _info: &Ctap2GetInfoResponse) {`
	`228`	`+ // No-op`
	`229`	`+ }`
`226`	`230`	`}`
Original file line number	Diff line number	Diff line change
`@@ -77,17 +77,27 @@ impl From<&Ctap2AuthenticatorConfigRequest> for CborRequest {`
`77`	`77`
`78`	`78`	`impl From<&Ctap2BioEnrollmentRequest> for CborRequest {`
`79`	`79`	`fn from(request: &Ctap2BioEnrollmentRequest) -> CborRequest {`
	`80`	`+ let command = if request.use_legacy_preview {`
	`81`	`+ Ctap2CommandCode::AuthenticatorBioEnrollmentPreview`
	`82`	`+ } else {`
	`83`	`+ Ctap2CommandCode::AuthenticatorBioEnrollment`
	`84`	`+ };`
`80`	`85`	`CborRequest {`
`81`		`- command: Ctap2CommandCode::AuthenticatorBioEnrollment,`
	`86`	`+ command,`
`82`	`87`	`encoded_data: to_vec(request).unwrap(),`
`83`	`88`	`}`
`84`	`89`	`}`
`85`	`90`	`}`
`86`	`91`
`87`	`92`	`impl From<&Ctap2CredentialManagementRequest> for CborRequest {`
`88`	`93`	`fn from(request: &Ctap2CredentialManagementRequest) -> CborRequest {`
	`94`	`+ let command = if request.use_legacy_preview {`
	`95`	`+ Ctap2CommandCode::AuthenticatorCredentialManagementPreview`
	`96`	`+ } else {`
	`97`	`+ Ctap2CommandCode::AuthenticatorCredentialManagement`
	`98`	`+ };`
`89`	`99`	`CborRequest {`
`90`		`- command: Ctap2CommandCode::AuthenticatorCredentialManagement,`
	`100`	`+ command,`
`91`	`101`	`encoded_data: to_vec(request).unwrap(),`
`92`	`102`	`}`
`93`	`103`	`}`
Original file line number	Diff line number	Diff line change
`@@ -36,6 +36,9 @@ pub struct Ctap2BioEnrollmentRequest {`
`36`	`36`	`#[serde(default)]`
`37`	`37`	`#[serde(skip_serializing_if = "Option::is_none")]`
`38`	`38`	`pub get_modality: Option<bool>,`
	`39`	`+`
	`40`	`+ #[serde(skip)]`
	`41`	`+ pub use_legacy_preview: bool,`
`39`	`42`	`}`
`40`	`43`
`41`	`44`	`#[repr(u32)]`
`@@ -166,6 +169,7 @@ impl Ctap2BioEnrollmentRequest {`
`166`	`169`	`protocol: None, // Get's filled in later`
`167`	`170`	`uv_auth_param: None, // Get's filled in later`
`168`	`171`	`get_modality: Some(true),`
	`172`	`+ use_legacy_preview: false,`
`169`	`173`	`}`
`170`	`174`	`}`
`171`	`175`
`@@ -177,6 +181,7 @@ impl Ctap2BioEnrollmentRequest {`
`177`	`181`	`protocol: None, // Get's filled in later`
`178`	`182`	`uv_auth_param: None, // Get's filled in later`
`179`	`183`	`get_modality: None,`
	`184`	`+ use_legacy_preview: false,`
`180`	`185`	`}`
`181`	`186`	`}`
`182`	`187`
`@@ -188,6 +193,7 @@ impl Ctap2BioEnrollmentRequest {`
`188`	`193`	`protocol: None, // Get's filled in later`
`189`	`194`	`uv_auth_param: None, // Get's filled in later`
`190`	`195`	`get_modality: None,`
	`196`	`+ use_legacy_preview: false,`
`191`	`197`	`}`
`192`	`198`	`}`
`193`	`199`
`@@ -203,6 +209,7 @@ impl Ctap2BioEnrollmentRequest {`
`203`	`209`	`protocol: None, // Get's filled in later`
`204`	`210`	`uv_auth_param: None, // Get's filled in later`
`205`	`211`	`get_modality: None,`
	`212`	`+ use_legacy_preview: false,`
`206`	`213`	`}`
`207`	`214`	`}`
`208`	`215`
`@@ -218,6 +225,7 @@ impl Ctap2BioEnrollmentRequest {`
`218`	`225`	`protocol: None, // Get's filled in later`
`219`	`226`	`uv_auth_param: None, // Get's filled in later`
`220`	`227`	`get_modality: None,`
	`228`	`+ use_legacy_preview: false,`
`221`	`229`	`}`
`222`	`230`	`}`
`223`	`231`
`@@ -239,6 +247,7 @@ impl Ctap2BioEnrollmentRequest {`
`239`	`247`	`protocol: None, // Get's filled in later`
`240`	`248`	`uv_auth_param: None, // Get's filled in later`
`241`	`249`	`get_modality: None,`
	`250`	`+ use_legacy_preview: false,`
`242`	`251`	`}`
`243`	`252`	`}`
`244`	`253`
`@@ -256,6 +265,7 @@ impl Ctap2BioEnrollmentRequest {`
`256`	`265`	`protocol: None,`
`257`	`266`	`uv_auth_param: None,`
`258`	`267`	`get_modality: None,`
	`268`	`+ use_legacy_preview: false,`
`259`	`269`	`}`
`260`	`270`	`}`
`261`	`271`
`@@ -267,6 +277,7 @@ impl Ctap2BioEnrollmentRequest {`
`267`	`277`	`protocol: None,`
`268`	`278`	`uv_auth_param: None,`
`269`	`279`	`get_modality: None,`
	`280`	`+ use_legacy_preview: false,`
`270`	`281`	`}`
`271`	`282`	`}`
`272`	`283`	`}`
Original file line number	Diff line number	Diff line change
`@@ -29,6 +29,9 @@ pub struct Ctap2CredentialManagementRequest {`
`29`	`29`	`#[serde(default)]`
`30`	`30`	`#[serde(skip_serializing_if = "Option::is_none")]`
`31`	`31`	`pub uv_auth_param: Option<ByteBuf>,`
	`32`	`+`
	`33`	`+ #[serde(skip)]`
	`34`	`+ pub use_legacy_preview: bool,`
`32`	`35`	`}`
`33`	`36`
`34`	`37`	`#[repr(u32)]`
`@@ -128,6 +131,7 @@ impl Ctap2CredentialManagementRequest {`
`128`	`131`	`subcommand_params: None,`
`129`	`132`	`protocol: None,`
`130`	`133`	`uv_auth_param: None,`
	`134`	`+ use_legacy_preview: false,`
`131`	`135`	`}`
`132`	`136`	`}`
`133`	`137`
`@@ -137,6 +141,7 @@ impl Ctap2CredentialManagementRequest {`
`137`	`141`	`subcommand_params: None,`
`138`	`142`	`protocol: None,`
`139`	`143`	`uv_auth_param: None,`
	`144`	`+ use_legacy_preview: false,`
`140`	`145`	`}`
`141`	`146`	`}`
`142`	`147`
`@@ -146,6 +151,7 @@ impl Ctap2CredentialManagementRequest {`
`146`	`151`	`subcommand_params: None,`
`147`	`152`	`protocol: None,`
`148`	`153`	`uv_auth_param: None,`
	`154`	`+ use_legacy_preview: false,`
`149`	`155`	`}`
`150`	`156`	`}`
`151`	`157`
`@@ -159,6 +165,7 @@ impl Ctap2CredentialManagementRequest {`
`159`	`165`	`}),`
`160`	`166`	`protocol: None,`
`161`	`167`	`uv_auth_param: None,`
	`168`	`+ use_legacy_preview: false,`
`162`	`169`	`}`
`163`	`170`	`}`
`164`	`171`
`@@ -170,6 +177,7 @@ impl Ctap2CredentialManagementRequest {`
`170`	`177`	`subcommand_params: None,`
`171`	`178`	`protocol: None,`
`172`	`179`	`uv_auth_param: None,`
	`180`	`+ use_legacy_preview: false,`
`173`	`181`	`}`
`174`	`182`	`}`
`175`	`183`
`@@ -183,6 +191,7 @@ impl Ctap2CredentialManagementRequest {`
`183`	`191`	`}),`
`184`	`192`	`protocol: None,`
`185`	`193`	`uv_auth_param: None,`
	`194`	`+ use_legacy_preview: false,`
`186`	`195`	`}`
`187`	`196`	`}`
`188`	`197`
`@@ -199,6 +208,7 @@ impl Ctap2CredentialManagementRequest {`
`199`	`208`	`}),`
`200`	`209`	`protocol: None,`
`201`	`210`	`uv_auth_param: None,`
	`211`	`+ use_legacy_preview: false,`
`202`	`212`	`}`
`203`	`213`	`}`
`204`	`214`	`}`
`@@ -227,7 +237,8 @@ pub struct Ctap2CredentialData {`
`227`	`237`	`pub credential_id: Ctap2PublicKeyCredentialDescriptor,`
`228`	`238`	`pub public_key: PublicKey,`
`229`	`239`	`pub cred_protect: u64,`
`230`		`- pub large_blob_key: ByteBuf,`
	`240`	`+ /// This is not there in the Preview mode`
	`241`	`+ pub large_blob_key: Option<Vec<u8>>,`
`231`	`242`	`}`
`232`	`243`
`233`	`244`	`impl Ctap2CredentialData {`
`@@ -236,7 +247,7 @@ impl Ctap2CredentialData {`
`236`	`247`	`credential_id: Ctap2PublicKeyCredentialDescriptor,`
`237`	`248`	`public_key: PublicKey,`
`238`	`249`	`cred_protect: u64,`
`239`		`- large_blob_key: ByteBuf,`
	`250`	`+ large_blob_key: Option<Vec<u8>>,`
`240`	`251`	`) -> Self {`
`241`	`252`	`Self {`
`242`	`253`	`user,`
Original file line number	Diff line number	Diff line change
`@@ -201,4 +201,8 @@ impl Ctap2UserVerifiableRequest for Ctap2GetAssertionRequest {`
`201`	`201`	`fn can_use_uv(&self, _info: &Ctap2GetInfoResponse) -> bool {`
`202`	`202`	`true`
`203`	`203`	`}`
	`204`	`+`
	`205`	`+ fn handle_legacy_preview(&mut self, _info: &Ctap2GetInfoResponse) {`
	`206`	`+ // No-op`
	`207`	`+ }`
`204`	`208`	`}`