Coder Social home page Coder Social logo

passkey-rs's Introduction

Passkey-rs by 1Password

github version documentation

The passkey-rs library is a collection of Rust libraries to enable developers to use Passkeys in Rust code through a comprehensive implementation of both the Webauthn Level 3 and CTAP2 standards. It is comprised of five sub-libraries:

  • passkey-client - a library, usable as client, which implements the Webauthn Level 3 standard for authentication to websites.
  • passkey-authenticator - a library, usable as authenticator, which implements the CTAP2 standard.
  • passkey-transports - a library, usable as transports, which implements the CTAP HID protocol.
  • passkey-types - type definitions, usable as types for the -client and -authenticator libraries.
  • public-suffix - a library which efficiently determines the effictive Top-Level Domain of a given URL, based on the Mozilla Public Suffix List.

In understanding how to use this library, developers should read the Webauthn Level 3 and CTAP2 standards. Much of the type naming in these libraries refer directly to the terms used in these standards and being familiar with their terminology will greatly aid your understanding of how to use these libraries.

Examples in this documentation shows certain values being assumed to come from the website (Relying Party). It is not within the scope of these libraries to manage the details of the interaction with the Relying Party. How these values and the authentication results are communicated with the Relying Party is an implementation detail for users of these crates.

Basic Concepts

Conceptually, working with Passkeys involves receiving requests for registration of new credentials, storing those credentials, and performing authentication with existing credentials. Two standards are involved here: Webauthn is the protocol by which a website (a "Relying Party") communicates with your application. The Client-to-Authenticator Protocol (CTAP2) is the protocol by which your application communicates with an authenticator - which can be software or a hardware device such as a FIDO2 USB key.

This library provides Rust types to implement both protocols, as well as a software Authenticator which can be used in place of the USB keys that many will be familiar with.

You can think of these libraries as a chain that interacts with Relying Parties in the following way:

RelyingParty <-> Client <-> Authenticator <-> CredentialStore

The Client type marshals and unmarshals options and data from the Relying Party. It provides the following API for registration and authentication:

  • register() - Register a webauthn credential.
  • authenticate() - Authenticate a webauthn request.

The Client does not itself perform cryptographic operations. Instead it depends on an internal Authenticator for these operations.

The Authenticator type provides a virtual authenticator which can create new credentials and authenticate users using the following functions:

  • make_credential() - creates a credential.
  • get_assertion() - generates the cryptograhic proof of user authentication

The Authenticator does not store credentials itself, but relies on a generic type which implements the CredentialStore trait. This trait provides the API for storing and retrieving Passkey structures:

  • save_credential() - stores a credential created in make_credential()
  • find_credentials() - searches the CredentialStore's internal storage for credentials which might be used for an authentication.

The authenticator library provides a range of implementations of authenticator::CredentialStore but users of the library can provide their own.

A runnable demonstration binary is provided in passkey/examples/

Example: Using the Client type for Webauthn Operations

The highest-level type in these libraries is the passkey-client::Client. This is the type you will primarily use to implement Webauthn authentication in your application.

The following example demonstrates how to create a Client and use it to create a credential. Doing this from scratch involves creating an Authenticator and a CredentialStore, then providing those to the Client.

In this example, we are going to manually create a CredentialCreationOptions struct with hypothetical values named *_from_rp to indicate that these are values that would usually be supplied by the Relying Party. For simplicity, most of the CredentialCreationOptions are being set to None here.

use passkey::{
    authenticator::{Authenticator, UserValidationMethod},
    client::{Client, WebauthnError},
    types::{ctap2::*, webauthn::*, Bytes, Passkey},
use url::Url;

// First create an Authenticator for the Client to use.
let my_aaguid = Aaguid::new_empty();
let user_validation_method = MyUserValidationMethod {};
// Create the CredentialStore for the Authenticator.
// Option<Passkey> is the simplest possible implementation of CredentialStore
let store: Option<Passkey> = None;
let my_authenticator = Authenticator::new(my_aaguid, store, user_validation_method);

// Create the Client
// If you are creating credentials, you need to declare the Client as mut
let mut my_client = Client::new(my_authenticator);

// The following values, provided as parameters to this function would usually be
// retrieved from a Relying Party according to the context of the application.
let request = CredentialCreationOptions {
    public_key: PublicKeyCredentialCreationOptions {
        rp: PublicKeyCredentialRpEntity {
            id: None, // Leaving the ID as None means use the effective domain
            name: name_from_rp.clone(),
        user: PublicKeyCredentialUserEntity {
            id: user_handle_from_rp,
            display_name: display_name_from_rp,
            name: name_from_rp,
        challenge: challenge_bytes_from_rp,
        pub_key_cred_params: vec![parameters_from_rp],
        timeout: None,
        exclude_credentials: None,
        authenticator_selection: None,
        attestation: AttestationConveyancePreference::None,
        extensions: None,

// Now create the credential.
let my_webauthn_credential: CreatedPublicKeyCredential = my_client.register(origin, request).await?;

The above example shows how a Webauthn credential can be created. Now, we can go ahead and try to authenticate the user.

let challenge_bytes_from_rp: Bytes = random_vec(32).into();
// Now try and authenticate
let credential_request = CredentialRequestOptions {
    public_key: PublicKeyCredentialRequestOptions {
        challenge: challenge_bytes_from_rp,
        timeout: None,
        rp_id: Some(String::from(origin.domain().unwrap())),
        allow_credentials: None,
        user_verification: UserVerificationRequirement::default(),
        extensions: None,

let authenticated_cred: AuthenticatedPublicKeyCredential = my_client
    .authenticate(origin, credential_request, None)

Example: Using the Authenticator for CTAP2 Operations

The following code provides a basic example of how to create and use an Authenticator by itself to generate a credential and store it.

// Option<Passkey> is the simplest possible implementation of CredentialStore
let store: Option<Passkey> = None;
let user_validation_method = MyUserValidationMethod {};
let my_aaguid = Aaguid::new_empty();

let mut my_authenticator = Authenticator::new(my_aaguid, store, user_validation_method);

let reg_request = make_credential::Request {
    client_data_hash: client_data_hash_from_rp.clone(),
    rp: make_credential::PublicKeyCredentialRpEntity {
        id: tld_from_rp.clone(),
        name: None,
    user: PublicKeyCredentialUserEntity {
        id: user_handle_from_rp,
        display_name: display_name_from_rp,
        name: name_from_rp,
    pub_key_cred_params: vec![algorithms_from_rp],
    exclude_list: None,
    extensions: None,
    options: make_credential::Options::default(),
    pin_auth: None,
    pin_protocol: None,

let credential: make_credential::Response =

The credential is stored within the Authenticator's CredentialStore as part of the creation process. Now, we can use this credential directly to perform an authentication:

let auth_request = get_assertion::Request {
    rp_id: tld_from_rp,
    client_data_hash: client_data_hash_from_rp,
    allow_list: None,
    extensions: None,
    options: make_credential::Options::default(),
    pin_auth: None,
    pin_protocol: None,

let response = my_authenticator.get_assertion(auth_request).await?;

Crates in Detail


Passkey-types provides the type definitions for the other crates. It may be initially confusing to realise that there are sometimes two variants of what is seemingly the same type. For example, we have a webauthn::PublicKeyCredentialRpEntity and a ctap2::PublicKeyCredentialRpEntity. This is because the different protocols have different requirements for which fields must be present and which are optional. In cases where the CTAP2 structures are the same as those in Webauthn, the CTAP2 libraries use the Webauthn types.


The Public-Suffix crate provides an efficient library for determining the effective top-level domain or 'public suffix' for a given URL. Most crate users will not need to work with this library directly. It is used internally by the passkey-client::Client type.

However, depending on the context, it may be necessary for some applications to take an alternative interpretation of certain top-level domains. To do this, users can reimplement the public-suffix list in this crate or provide an alternative implementation. Next, users should implement the public-suffix::EffectiveTLDProvider trait and provide that implementation to Client::new_with_custom_tld_provider(). An example of how to do this is provided in the validate_domain_with_private_list_provider() test in passkey_client::tests. See, also, the README in public-suffix for more information on how to generate a custom TLD list according to the needs of your application.

Current Limitations

  • Client::authenticate() and Client::register() do not respect timeout values set in CredentialRequestOptions.
  • The Client always reports its Authenticator Attachment Modality as "Platform"
  • Client only supports the "internal" type of AuthenticatorTransport
  • The Authenticator currently only supports the ECDSA w/SHA-256 algorithm.

Contributing and feedback

passkey-rs is an open source project.

๐Ÿ› If you find an issue you'd like to report, or otherwise have feedback, please file a new Issue.

๐Ÿง‘โ€๐Ÿ’ป If you'd like to contribute to the code please start by filing or commenting on an Issue so we can track the work.


Made with โค๏ธ and โ˜• by the 1Password team.

Get a free 1Password account for your open source project

Does your team need a secure way to manage passwords and other credentials for your open source project? Head on over to our other repository to get a 1Password Teams account on us:

โœจ1Password for Open Source Projects


Licensed under either of Apache License, Version 2.0 or MIT license at your option.
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in this crate by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

passkey-rs's People


hariria avatar mitchchn avatar olanod avatar progdrasil avatar robbiemckinstry avatar virtualritz avatar


 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar


 avatar  avatar  avatar  avatar  avatar  avatar

passkey-rs's Issues

Needless JSON generation in case of passing a non-None client_data_hash

First I'd like to thank the developers of this library for your contribution to the open-source space :)

I've found a section in the source code that I'd like to know more about.
In the register and authenticate methods of the Client struct, there are some sections that generate the client_data_json for calculating the client_data_json_hash. In these cases, the generated JSON is only used if the client_data_hash parameter is None. As this is known beforehand, the client_data_json could be generated only if the client_data_hash parameter is None, otherwise the struct construction and its serialization to JSON are not needed.

Is this behaviour intended in order to try to achieve the maximum "constant-time" operations (which wouldn't be, as the hashing only happens in the unwrap_or_else)? Or is it an overlook?

I'm willing to create the PR myself in case it's the latter.


Sooo... got a release date?

I am really interested in hearing more about the crate, and your plans for open sourcing. Got any timeline? Big fan of 1pass.



Follow spec when pkOptions.pubKeyCredParams is Empty

Originally posted in Slack:

According to the webauthn spec, if options.pubKeyCredParams is an empty array, ES256 and RS256 should be assumed, in that order.




Related issue: web-auth/symfony-webauthn-demo#419

CollectedClientData extensibility

It's unclear how the CollectedClientData struct would accommodate new keys in the future given its current state. Are there any plans to add an additional field to accommodate for unexpected keys? Something like kandim's CollectedClientData:

/// The data collected and hashed in the operation.
/// <>
#[derive(Debug, Serialize, Clone, Deserialize)]
pub struct CollectedClientData {
    /// The credential type
    #[serde(rename = "type")]
    pub type_: String,
    /// The challenge.
    pub challenge: Base64UrlSafeData,
    /// The rp origin as the browser understood it.
    pub origin: url::Url,
    /// The inverse of the sameOriginWithAncestors argument value that was
    /// passed into the internal method.
    #[serde(rename = "crossOrigin", skip_serializing_if = "Option::is_none")]
    pub cross_origin: Option<bool>,
    /// tokenBinding.
    #[serde(rename = "tokenBinding")]
    pub token_binding: Option<TokenBinding>,
    /// This struct be extended, so it's important to be tolerant of unknown
    /// keys.
    pub unknown_keys: BTreeMap<String, serde_json::value::Value>,

Update P256 Version

I'm creating this issue to suggest updating the version of the p256 crate used by this repository.

The latest version is of p256 is v0.13.2. This repository uses p256 = "^0.10". This particular version is troublesome because of its transitive dependence on signature = ">=1.3.1, <1.5". The 1.5 release of signature introduced a backward-incompatible change, which is why downstream crates have specified a version range capped out at <1.5.

Cargo's dependency resolution algorithm allows multiple major versions of the same crate. Unfortunately, since signature 1.6 introduced a breaking change without bumping the major version number, projects must decide whether to select signature < 1.6 or signature >= 1.6. All dependencies, transitive or direct, must agree on which version range to use for signature. There can be no mix-and-match

From my anecdotal investigation, other crates in the ecosystem have resolved this issue by bumping to >= signature 1.5. For example, ecdsa-core, [email protected], and k256.

Steps to Reproduce

To reproduce this issue, we create a new project with passkey and one common cryptographic dependency, and attempt to add them to the same Rust workspace.

  1. cargo new passkey-reproduction && cd passkey-reproduction
  2. cargo add passkey [email protected]
     Created binary (application) `passkey-reproduction` package
    Updating index
      Adding passkey v0.1.0 to dependencies.
      Adding ecdsa v0.14 to dependencies.
             Features as of v0.14.4:
             + digest
             - alloc
             - arithmetic
             - der
             - dev
             - hazmat
             - pem
             - pkcs8
             - rfc6979
             - serde
             - serdect
             - sign
             - std
             - verify
    Updating index
error: failed to select a version for `signature`.
    ... required by package `ecdsa v0.14.4`
    ... which satisfies dependency `ecdsa = "^0.14"` of package `passkey-reproduction v0.1.0 (/Users/robbiemckinstry/workspace/passkey-reproduction)`
versions that meet the requirements `>=1.5, <1.7` are: 1.6.4, 1.6.3, 1.6.2, 1.5.0

all possible versions conflict with previously selected packages.

  previously selected package `signature v1.3.1`
    ... which satisfies dependency `signature = ">=1.3.1, <1.5"` of package `ecdsa v0.13.3`
    ... which satisfies dependency `ecdsa-core = "^0.13"` of package `p256 v0.10.0`
    ... which satisfies dependency `p256 = "^0.10"` of package `passkey-authenticator v0.1.0`
    ... which satisfies dependency `passkey-authenticator = "^0.1.0"` of package `passkey v0.1.0`
    ... which satisfies dependency `passkey = "^0.1.0"` of package `passkey-reproduction v0.1.0 (/Users/robbiemckinstry/workspace/passkey-reproduction)`

failed to select a version for `signature` which could resolve this conflict

I've found a workaround specific to ecdsa, which is to expand the version constraint from [email protected] to ecdsa@>=0.14, which installs 0.16.8, but this doesn't work for other ecosystem crates which have opted to use new versions of signature e.g. ethers, k256


โœจ Please let me know if you're willing to accept a pull request for this issue. โค๏ธ

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.