diff --git a/apps/desktop/desktop_native/fido2_client/Cargo.toml b/apps/desktop/desktop_native/fido2_client/Cargo.toml index d493a08251c..ea2bdcbeacd 100644 --- a/apps/desktop/desktop_native/fido2_client/Cargo.toml +++ b/apps/desktop/desktop_native/fido2_client/Cargo.toml @@ -5,10 +5,14 @@ license = { workspace = true } version = { workspace = true } publish = { workspace = true } +[features] +default = [] +ctap-hid-fido2 = ["dep:ctap-hid-fido2", "dep:pinentry", "dep:secrecy"] + [dependencies] base64 = { workspace = true } -ctap-hid-fido2 = "3.5.1" -pinentry = "0.5.0" +ctap-hid-fido2 = { version = "3.5.1", optional = true } +pinentry = { version = "0.5.0", optional = true} serde = { workspace = true, features = ["derive"] } -secrecy = "0.8.0" +secrecy = { version = "0.8.0", optional = true } sha2 = { workspace = true } diff --git a/apps/desktop/desktop_native/fido2_client/src/ctap_hid_fido2.rs b/apps/desktop/desktop_native/fido2_client/src/ctap_hid_fido2.rs index bc21b3f714a..8a3618bf630 100644 --- a/apps/desktop/desktop_native/fido2_client/src/ctap_hid_fido2.rs +++ b/apps/desktop/desktop_native/fido2_client/src/ctap_hid_fido2.rs @@ -11,6 +11,12 @@ use crate::{ PublicKeyCredentialRequestOptions, }; +/// Depending on the platform API, the platform MAY do this for you, or may require you to do it manually. +fn prf_to_hmac(prf_salt: &[u8]) -> [u8; 32] { + use sha2::Digest; + sha2::Sha256::digest(&[b"WebAuthn PRF".as_slice(), &[0], prf_salt].concat()).into() +} + fn get_pin() -> Option { if let Some(mut input) = PassphraseInput::with_default_binary() { input diff --git a/apps/desktop/desktop_native/fido2_client/src/lib.rs b/apps/desktop/desktop_native/fido2_client/src/lib.rs index addcc588776..822ba21179d 100644 --- a/apps/desktop/desktop_native/fido2_client/src/lib.rs +++ b/apps/desktop/desktop_native/fido2_client/src/lib.rs @@ -1,20 +1,13 @@ -#[cfg(all(target_os = "linux", target_env = "gnu"))] +#[cfg(feature = "ctap-hid-fido2")] mod ctap_hid_fido2; -#[cfg(all(target_os = "linux", target_env = "gnu"))] +#[cfg(feature = "ctap-hid-fido2")] use ctap_hid_fido2::*; -#[cfg(not(all(target_os = "linux", target_env = "gnu")))] +#[cfg(not(feature = "ctap-hid-fido2"))] mod unimplemented; -#[cfg(not(all(target_os = "linux", target_env = "gnu")))] +#[cfg(not(feature = "ctap-hid-fido2"))] use unimplemented::*; -#[cfg(all(target_os = "linux", target_env = "gnu"))] -/// Depending on the platform API, the platform MAY do this for you, or may require you to do it manually. -fn prf_to_hmac(prf_salt: &[u8]) -> [u8; 32] { - use sha2::Digest; - sha2::Sha256::digest(&[b"WebAuthn PRF".as_slice(), &[0], prf_salt].concat()).into() -} - #[derive(Debug, PartialEq, Clone)] pub enum UserVerification { Discouraged,