인디노트

FIDO2 의 인증자 모듈을 개발하다보면 WebAuthn 기능의 Test가 필요하다. 다음의 사이트에서 테스트를 해 볼 수 있다. webauthntest.azurewebsites.net/ WebAuthn Test App Require Resident Key Authenticator Data Authenticator Data in Hex Public Key Extension Data Attestation Statement Chain Attestation Statement in Hex webauthntest.azurewebsites.net

enum AuthenticatorTransport { "usb", "nfc", "ble", "internal" }; Note: The AuthenticatorTransport enumeration is deliberately not referenced, see § 2.1.1 Enumerations as DOMString types. Authenticators may implement various transports for communicating with clients. This enumeration defines hints as to how clients might communicate with a particular authenticator in order to obtain an assertion ..

This enumeration’s values describe authenticators' attachment modalities. Relying Parties use this to express a preferred authenticator attachment modality when calling navigator.credentials.create() to create a credential.enum AuthenticatorAttachment { "platform", "cross-platform" }; 이 열거의 값은 인증 자의 첨부 양식을 설명합니다. 신뢰 당사자는 navigator.credentials.create ()를 호출하여 credential.enum AuthenticatorAttachme..

excludeCredentials, of type sequence, defaulting to [] This member is intended for use by Relying Parties that wish to limit the creation of multiple credentials for the same account on a single authenticator. The client is requested to return an error if the new credential would be created on an authenticator that also contains one of the credentials enumerated in this parameter. sequence 유형의 e..

authenticatorAttachment, of type DOMString If this member is present, eligible authenticators are filtered to only authenticators attached with the specified § 5.4.5 Authenticator Attachment Enumeration (enum AuthenticatorAttachment). The value SHOULD be a member of AuthenticatorAttachment but client platforms MUST ignore unknown values, treating an unknown value as if the member does not exist...

residentKey, of type DOMString Specifies the extent to which the Relying Party desires to create a client-side discoverable credential. For historical reasons the naming retains the deprecated “resident” terminology. The value SHOULD be a member of ResidentKeyRequirement but client platforms MUST ignore unknown values, treating an unknown value as if the member does not exist. If no value is giv..

userVerification, of type DOMString, defaulting to "preferred" This member describes the Relying Party's requirements regarding user verification for the create() operation. Eligible authenticators are filtered to only those capable of satisfying this requirement. The value SHOULD be a member of UserVerificationRequirement but client platforms MUST ignore unknown values, treating an unknown valu..

requireResidentKey, of type boolean, defaulting to false This member is retained for backwards compatibility with WebAuthn Level 1 and, for historical reasons, its naming retains the deprecated “resident” terminology for discoverable credentials. Relying Parties SHOULD set it to true if, and only if, residentKey is set to required. 부울 유형의 requireResidentKey, 기본값은 false, FIDO 멤버는 WebAuthn 레벨 1의 이..

WebAuthn Relying Parties may use AttestationConveyancePreference to specify their preference regarding attestation conveyance during credential generation.enum AttestationConveyancePreference { "none", "indirect", "direct", "enterprise" }; WebAuthn 신뢰 당사자는 AttestationConveyancePreference를 사용하여 자격 증명 생성 중 증명 전달에 대한 선호도를 지정할 수 있습니다 . enum AttestationConveyancePreference { "none", "indirect", "dire..

사용하는 플랫폼 (기기, 웹브라우저 등) 에서 인증에 필요한 기능 ( Face ID, Touch ID 등) 을 지원하는지 확인할 수 있다. function isUVPAA() { try { eval(PublicKeyCredential); } catch(err) { showErrorMsg(`UVPAA failed: [${err.toString()}]`); return; } if (PublicKeyCredential && PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable) { PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable().then(response => { if (res..