linux-credentials
diff --git a/‎.github/workflows/rust.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/rust.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎Cargo.lock‎
Lines changed: 4 additions & 4 deletions b/‎Cargo.lock‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎libwebauthn/examples/authenticator_config_hid.rs‎
Lines changed: 178 additions & 0 deletions b/‎libwebauthn/examples/authenticator_config_hid.rs‎
Lines changed: 178 additions & 0 deletions
diff --git a/‎libwebauthn/examples/change_pin_hid.rs‎
Lines changed: 66 additions & 0 deletions b/‎libwebauthn/examples/change_pin_hid.rs‎
Lines changed: 66 additions & 0 deletions
diff --git a/‎libwebauthn/src/lib.rs‎
Lines changed: 1 addition & 0 deletions b/‎libwebauthn/src/lib.rs‎
Lines changed: 1 addition & 0 deletions
@@ -1,5 +1,5 @@
 name: Build and run tests
-on: [push]
+on: [push, pull_request]
 
 jobs:
   build:
 
@@ -0,0 +1,178 @@
+use std::error::Error;
+use std::fmt::Display;
+use std::time::Duration;
+
+use libwebauthn::management::AuthenticatorConfig;
+use libwebauthn::pin::{PinProvider, StdinPromptPinProvider};
+use libwebauthn::proto::ctap2::{Ctap2, Ctap2GetInfoResponse};
+use libwebauthn::transport::hid::list_devices;
+use libwebauthn::transport::Device;
+use libwebauthn::webauthn::Error as WebAuthnError;
+use std::io::{self, Write};
+use text_io::read;
+use tracing_subscriber::{self, EnvFilter};
+
+const TIMEOUT: Duration = Duration::from_secs(10);
+
+fn setup_logging() {
+    tracing_subscriber::fmt()
+        .with_env_filter(EnvFilter::from_default_env())
+        .without_time()
+        .init();
+}
+
+#[derive(Clone, Copy, Debug, PartialEq, Eq)]
+enum Operation {
+    ToggleAlwaysUv,
+    EnableForceChangePin,
+    DisableForceChangePin,
+    SetMinPinLength(Option<u32>),
+    SetMinPinLengthRpids,
+    EnableEnterpriseAttestation,
+}
+
+impl Display for Operation {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        match self {
+            Operation::ToggleAlwaysUv => f.write_str("Toggle AlwaysUV"),
+            Operation::EnableForceChangePin => f.write_str("Enable force change pin"),
+            Operation::DisableForceChangePin => f.write_str("Disable force change pin"),
+            Operation::SetMinPinLength(l) => {
+                if let Some(length) = l {
+                    f.write_fmt(format_args!("Set min PIN length. Current length: {length}"))
+                } else {
+                    f.write_str("Set min PIN length.")
+                }
+            }
+            Operation::SetMinPinLengthRpids => f.write_str("Set min PIN length RPIDs"),
+            Operation::EnableEnterpriseAttestation => f.write_str("Enable enterprise attestation"),
+        }
+    }
+}
+
+fn get_supported_options(info: &Ctap2GetInfoResponse) -> Vec<Operation> {
+    let mut configure_ops = vec![];
+    if let Some(options) = &info.options {
+        if options.get("authnrCfg") == Some(&true) && options.get("alwaysUv").is_some() {
+            configure_ops.push(Operation::ToggleAlwaysUv);
+        }
+        if options.get("authnrCfg") == Some(&true) && options.get("setMinPINLength").is_some() {
+            if info.force_pin_change == Some(true) {
+                configure_ops.push(Operation::DisableForceChangePin);
+            } else {
+                configure_ops.push(Operation::EnableForceChangePin);
+            }
+            configure_ops.push(Operation::SetMinPinLength(info.min_pin_length));
+            configure_ops.push(Operation::SetMinPinLengthRpids);
+        }
+        if options.get("ep").is_some() {
+            configure_ops.push(Operation::EnableEnterpriseAttestation);
+        }
+    }
+    configure_ops
+}
+
+#[tokio::main]
+pub async fn main() -> Result<(), Box<dyn Error>> {
+    setup_logging();
+
+    let devices = list_devices().await.unwrap();
+    println!("Devices found: {:?}", devices);
+    let pin_provider: Box<dyn PinProvider> = Box::new(StdinPromptPinProvider::new());
+
+    for mut device in devices {
+        println!("Selected HID authenticator: {}", &device);
+        device.wink(TIMEOUT).await?;
+
+        let mut channel = device.channel().await?;
+        let info = channel.ctap2_get_info().await?;
+        let options = get_supported_options(&info);
+
+        println!("What do you want to do?");
+        println!();
+        for (idx, op) in options.iter().enumerate() {
+            println!("({idx}) {op}");
+        }
+
+        let idx = loop {
+            print!("Your choice: ");
+            io::stdout().flush().expect("Failed to flush stdout!");
+            let input: String = read!("{}\n");
+            if let Ok(idx) = input.trim().parse::<usize>() {
+                if idx < options.len() {
+                    println!();
+                    break idx;
+                }
+            }
+        };
+
+        let mut min_pin_length_rpids = Vec::new();
+        if options[idx] == Operation::SetMinPinLengthRpids {
+            loop {
+                print!("Add RPIDs to list (enter empty string once finished): ");
+                io::stdout().flush().expect("Failed to flush stdout!");
+                let input: String = read!("{}\n");
+                let trimmed = input.trim().to_string();
+                if trimmed.is_empty() {
+                    break;
+                } else {
+                    min_pin_length_rpids.push(trimmed);
+                }
+            }
+        };
+
+        let new_pin_length = if matches!(options[idx], Operation::SetMinPinLength(..)) {
+            loop {
+                print!("New minimum PIN length: ");
+                io::stdout().flush().expect("Failed to flush stdout!");
+                let input: String = read!("{}\n");
+                match input.trim().parse::<u64>() {
+                    Ok(l) => {
+                        break l;
+                    }
+                    Err(_) => continue,
+                }
+            }
+        } else {
+            0
+        };
+
+        loop {
+            let action = match options[idx] {
+                Operation::ToggleAlwaysUv => channel.toggle_always_uv(&pin_provider, TIMEOUT),
+                Operation::SetMinPinLengthRpids => channel.set_min_pin_length_rpids(
+                    min_pin_length_rpids.clone(),
+                    &pin_provider,
+                    TIMEOUT,
+                ),
+                Operation::SetMinPinLength(..) => {
+                    channel.set_min_pin_length(new_pin_length, &pin_provider, TIMEOUT)
+                }
+                Operation::EnableEnterpriseAttestation => {
+                    channel.enable_enterprise_attestation(&pin_provider, TIMEOUT)
+                }
+                Operation::EnableForceChangePin => {
+                    channel.force_change_pin(true, &pin_provider, TIMEOUT)
+                }
+                Operation::DisableForceChangePin => {
+                    channel.force_change_pin(false, &pin_provider, TIMEOUT)
+                }
+            };
+            match action.await {
+                Ok(_) => break Ok(()),
+                Err(WebAuthnError::Ctap(ctap_error)) => {
+                    if ctap_error.is_retryable_user_error() {
+                        println!("Oops, try again! Error: {}", ctap_error);
+                        continue;
+                    }
+                    break Err(WebAuthnError::Ctap(ctap_error));
+                }
+                Err(err) => break Err(err),
+            };
+        }
+        .unwrap();
+        println!("Authenticator config done!");
+    }
+
+    Ok(())
+}
@@ -0,0 +1,66 @@
+use std::error::Error;
+use std::time::Duration;
+
+use tracing_subscriber::{self, EnvFilter};
+
+use libwebauthn::pin::{PinManagement, PinProvider, StdinPromptPinProvider};
+use libwebauthn::transport::hid::list_devices;
+use libwebauthn::transport::Device;
+use libwebauthn::webauthn::Error as WebAuthnError;
+use std::io::{self, Write};
+use text_io::read;
+
+const TIMEOUT: Duration = Duration::from_secs(10);
+
+fn setup_logging() {
+    tracing_subscriber::fmt()
+        .with_env_filter(EnvFilter::from_default_env())
+        .without_time()
+        .init();
+}
+
+#[tokio::main]
+pub async fn main() -> Result<(), Box<dyn Error>> {
+    setup_logging();
+
+    let devices = list_devices().await.unwrap();
+    println!("Devices found: {:?}", devices);
+    let pin_provider: Box<dyn PinProvider> = Box::new(StdinPromptPinProvider::new());
+
+    for mut device in devices {
+        println!("Selected HID authenticator: {}", &device);
+        device.wink(TIMEOUT).await?;
+
+        let mut channel = device.channel().await?;
+
+        print!("PIN: Please enter the _new_ PIN: ");
+        io::stdout().flush().unwrap();
+        let new_pin: String = read!("{}\n");
+
+        if &new_pin == "" {
+            println!("PIN: No PIN provided, cancelling operation.");
+            return Ok(());
+        }
+
+        let response = loop {
+            match channel
+                .change_pin(&pin_provider, new_pin.clone(), TIMEOUT)
+                .await
+            {
+                Ok(response) => break Ok(response),
+                Err(WebAuthnError::Ctap(ctap_error)) => {
+                    if ctap_error.is_retryable_user_error() {
+                        println!("Oops, try again! Error: {}", ctap_error);
+                        continue;
+                    }
+                    break Err(WebAuthnError::Ctap(ctap_error));
+                }
+                Err(err) => break Err(err),
+            };
+        }
+        .unwrap();
+        println!("WebAuthn MakeCredential response: {:?}", response);
+    }
+
+    Ok(())
+}
@@ -1,4 +1,5 @@
 pub mod fido;
+pub mod management;
 pub mod ops;
 pub mod pin;
 pub mod proto;
Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,5 @@`
`1`	`1`	`pub mod fido;`
	`2`	`+pub mod management;`
`2`	`3`	`pub mod ops;`
`3`	`4`	`pub mod pin;`
`4`	`5`	`pub mod proto;`