linux-credentials
diff --git a/‎libwebauthn/examples/prf_test.rs‎
Lines changed: 7 additions & 6 deletions b/‎libwebauthn/examples/prf_test.rs‎
Lines changed: 7 additions & 6 deletions
diff --git a/‎libwebauthn/examples/webauthn_cable.rs‎
Lines changed: 3 additions & 2 deletions b/‎libwebauthn/examples/webauthn_cable.rs‎
Lines changed: 3 additions & 2 deletions
diff --git a/‎libwebauthn/examples/webauthn_extensions_hid.rs‎
Lines changed: 9 additions & 7 deletions b/‎libwebauthn/examples/webauthn_extensions_hid.rs‎
Lines changed: 9 additions & 7 deletions
diff --git a/‎libwebauthn/examples/webauthn_hid.rs‎
Lines changed: 3 additions & 2 deletions b/‎libwebauthn/examples/webauthn_hid.rs‎
Lines changed: 3 additions & 2 deletions
diff --git a/‎libwebauthn/examples/webauthn_json_hid.rs‎
Lines changed: 3 additions & 3 deletions b/‎libwebauthn/examples/webauthn_json_hid.rs‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎libwebauthn/examples/webauthn_preflight_hid.rs‎
Lines changed: 3 additions & 3 deletions b/‎libwebauthn/examples/webauthn_preflight_hid.rs‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎libwebauthn/examples/webauthn_prf_hid.rs‎
Lines changed: 25 additions & 25 deletions b/‎libwebauthn/examples/webauthn_prf_hid.rs‎
Lines changed: 25 additions & 25 deletions
diff --git a/‎libwebauthn/src/ops/u2f.rs‎
Lines changed: 3 additions & 2 deletions b/‎libwebauthn/src/ops/u2f.rs‎
Lines changed: 3 additions & 2 deletions
diff --git a/‎libwebauthn/src/ops/webauthn/create.rs‎
Lines changed: 1 addition & 1 deletion b/‎libwebauthn/src/ops/webauthn/create.rs‎
Lines changed: 1 addition & 1 deletion
@@ -13,7 +13,7 @@ use tracing_subscriber::{self, EnvFilter};
 
 use libwebauthn::ops::webauthn::{
     Base64UrlString, GetAssertionHmacOrPrfInput, GetAssertionRequest,
-    GetAssertionRequestExtensions, PRFValue, UserVerificationRequirement,
+    GetAssertionRequestExtensions, PRFValue, PrfInput, UserVerificationRequirement,
 };
 use libwebauthn::pin::PinRequestReason;
 use libwebauthn::proto::ctap2::{Ctap2PublicKeyCredentialDescriptor, Ctap2PublicKeyCredentialType};
@@ -125,10 +125,11 @@ pub async fn main() -> Result<(), Box<dyn Error>> {
         });
 
         let eval_by_credential = HashMap::new();
-        let hmac_or_prf = GetAssertionHmacOrPrfInput::Prf {
+        let hmac_or_prf: GetAssertionHmacOrPrfInput = GetAssertionHmacOrPrfInput::Prf(PrfInput {
             eval,
             eval_by_credential,
-        };
+        });
+
         run_success_test(
             &mut channel,
             &credential,
@@ -153,10 +154,10 @@ async fn run_success_test(
         hash: Vec::from(challenge),
         allow: vec![credential.clone()],
         user_verification: UserVerificationRequirement::Preferred,
-        extensions: Some(GetAssertionRequestExtensions {
-            hmac_or_prf,
+        extensions: GetAssertionRequestExtensions {
+            hmac_or_prf: Some(hmac_or_prf),
             ..Default::default()
-        }),
+        },
         timeout: TIMEOUT,
     };
 
 
@@ -19,7 +19,8 @@ use tokio::time::sleep;
 use tracing_subscriber::{self, EnvFilter};
 
 use libwebauthn::ops::webauthn::{
-    GetAssertionRequest, MakeCredentialRequest, ResidentKeyRequirement, UserVerificationRequirement,
+    GetAssertionRequest, GetAssertionRequestExtensions, MakeCredentialRequest,
+    ResidentKeyRequirement, UserVerificationRequirement,
 };
 use libwebauthn::proto::ctap2::{
     Ctap2CredentialType, Ctap2PublicKeyCredentialDescriptor, Ctap2PublicKeyCredentialRpEntity,
@@ -161,7 +162,7 @@ pub async fn main() -> Result<(), Box<dyn Error>> {
         hash: Vec::from(challenge),
         allow: vec![credential],
         user_verification: UserVerificationRequirement::Discouraged,
-        extensions: None,
+        extensions: GetAssertionRequestExtensions::default(),
         timeout: TIMEOUT,
     };
 
 
@@ -147,14 +147,16 @@ pub async fn main() -> Result<(), Box<dyn Error>> {
             hash: Vec::from(challenge),
             allow: vec![credential],
             user_verification: UserVerificationRequirement::Discouraged,
-            extensions: Some(GetAssertionRequestExtensions {
-                cred_blob: Some(true),
-                hmac_or_prf: GetAssertionHmacOrPrfInput::HmacGetSecret(HMACGetSecretInput {
-                    salt1: [1; 32],
-                    salt2: None,
-                }),
+            extensions: GetAssertionRequestExtensions {
+                cred_blob: true,
+                hmac_or_prf: Some(GetAssertionHmacOrPrfInput::HmacGetSecret(
+                    HMACGetSecretInput {
+                        salt1: [1; 32],
+                        salt2: None,
+                    },
+                )),
                 ..Default::default()
-            }),
+            },
             timeout: TIMEOUT,
         };
 
 
@@ -10,7 +10,8 @@ use tokio::sync::broadcast::Receiver;
 use tracing_subscriber::{self, EnvFilter};
 
 use libwebauthn::ops::webauthn::{
-    GetAssertionRequest, MakeCredentialRequest, ResidentKeyRequirement, UserVerificationRequirement,
+    GetAssertionRequest, GetAssertionRequestExtensions, MakeCredentialRequest,
+    ResidentKeyRequirement, UserVerificationRequirement,
 };
 use libwebauthn::pin::PinRequestReason;
 use libwebauthn::proto::ctap2::{
@@ -128,7 +129,7 @@ pub async fn main() -> Result<(), Box<dyn Error>> {
             hash: Vec::from(challenge),
             allow: vec![credential],
             user_verification: UserVerificationRequirement::Discouraged,
-            extensions: None,
+            extensions: GetAssertionRequestExtensions::default(),
             timeout: TIMEOUT,
         };
 
 
@@ -10,8 +10,8 @@ use tokio::sync::broadcast::Receiver;
 use tracing_subscriber::{self, EnvFilter};
 
 use libwebauthn::ops::webauthn::{
-    GetAssertionRequest, MakeCredentialRequest, RelyingPartyId, UserVerificationRequirement,
-    WebAuthnIDL as _,
+    GetAssertionRequest, GetAssertionRequestExtensions, MakeCredentialRequest, RelyingPartyId,
+    UserVerificationRequirement, WebAuthnIDL as _,
 };
 use libwebauthn::pin::PinRequestReason;
 use libwebauthn::proto::ctap2::Ctap2PublicKeyCredentialDescriptor;
@@ -144,7 +144,7 @@ pub async fn main() -> Result<(), Box<dyn Error>> {
             hash: Vec::from(challenge),
             allow: vec![credential],
             user_verification: UserVerificationRequirement::Discouraged,
-            extensions: None,
+            extensions: GetAssertionRequestExtensions::default(),
             timeout: TIMEOUT,
         };
 
 
@@ -11,8 +11,8 @@ use tokio::sync::broadcast::Receiver;
 use tracing_subscriber::{self, EnvFilter};
 
 use libwebauthn::ops::webauthn::{
-    Base64UrlString, GetAssertionRequest, GetAssertionResponse, MakeCredentialRequest,
-    ResidentKeyRequirement, UserVerificationRequirement,
+    Base64UrlString, GetAssertionRequest, GetAssertionRequestExtensions, GetAssertionResponse,
+    MakeCredentialRequest, ResidentKeyRequirement, UserVerificationRequirement,
 };
 use libwebauthn::pin::PinRequestReason;
 use libwebauthn::proto::ctap2::{
@@ -202,7 +202,7 @@ async fn get_assertion_call(
         hash: Vec::from(challenge),
         allow: allow_list,
         user_verification: UserVerificationRequirement::Discouraged,
-        extensions: None,
+        extensions: GetAssertionRequestExtensions::default(),
         timeout: TIMEOUT,
     };
 
 
@@ -14,7 +14,7 @@ use tracing_subscriber::{self, EnvFilter};
 use libwebauthn::ops::webauthn::{
     GetAssertionHmacOrPrfInput, GetAssertionRequest, GetAssertionRequestExtensions,
     MakeCredentialPrfInput, MakeCredentialRequest, MakeCredentialsRequestExtensions, PRFValue,
-    ResidentKeyRequirement, UserVerificationRequirement,
+    PrfInput, ResidentKeyRequirement, UserVerificationRequirement,
 };
 use libwebauthn::pin::PinRequestReason;
 use libwebauthn::proto::ctap2::{
@@ -148,10 +148,10 @@ pub async fn main() -> Result<(), Box<dyn Error>> {
                 second: None,
             },
         );
-        let hmac_or_prf = GetAssertionHmacOrPrfInput::Prf {
+        let hmac_or_prf: GetAssertionHmacOrPrfInput = GetAssertionHmacOrPrfInput::Prf(PrfInput {
             eval,
             eval_by_credential,
-        };
+        });
         run_success_test(
             &mut channel,
             &credential,
@@ -175,10 +175,10 @@ pub async fn main() -> Result<(), Box<dyn Error>> {
                 second: None,
             },
         );
-        let hmac_or_prf = GetAssertionHmacOrPrfInput::Prf {
+        let hmac_or_prf: GetAssertionHmacOrPrfInput = GetAssertionHmacOrPrfInput::Prf(PrfInput {
             eval,
             eval_by_credential,
-        };
+        });
         run_success_test(
             &mut channel,
             &credential,
@@ -195,10 +195,10 @@ pub async fn main() -> Result<(), Box<dyn Error>> {
         });
 
         let eval_by_credential = HashMap::new();
-        let hmac_or_prf = GetAssertionHmacOrPrfInput::Prf {
+        let hmac_or_prf: GetAssertionHmacOrPrfInput = GetAssertionHmacOrPrfInput::Prf(PrfInput {
             eval,
             eval_by_credential,
-        };
+        });
         run_success_test(
             &mut channel,
             &credential,
@@ -243,10 +243,10 @@ pub async fn main() -> Result<(), Box<dyn Error>> {
                 second: None,
             },
         );
-        let hmac_or_prf = GetAssertionHmacOrPrfInput::Prf {
+        let hmac_or_prf: GetAssertionHmacOrPrfInput = GetAssertionHmacOrPrfInput::Prf(PrfInput {
             eval,
             eval_by_credential,
-        };
+        });
         run_success_test(
             &mut channel,
             &credential,
@@ -284,10 +284,10 @@ pub async fn main() -> Result<(), Box<dyn Error>> {
                 second: Some([8; 32]),
             },
         );
-        let hmac_or_prf = GetAssertionHmacOrPrfInput::Prf {
+        let hmac_or_prf: GetAssertionHmacOrPrfInput = GetAssertionHmacOrPrfInput::Prf(PrfInput {
             eval,
             eval_by_credential,
-        };
+        });
         run_success_test(
             &mut channel,
             &credential,
@@ -322,10 +322,10 @@ pub async fn main() -> Result<(), Box<dyn Error>> {
                 second: Some([8; 32]),
             },
         );
-        let hmac_or_prf = GetAssertionHmacOrPrfInput::Prf {
+        let hmac_or_prf: GetAssertionHmacOrPrfInput = GetAssertionHmacOrPrfInput::Prf(PrfInput {
             eval,
             eval_by_credential,
-        };
+        });
         run_success_test(
             &mut channel,
             &credential,
@@ -349,10 +349,10 @@ pub async fn main() -> Result<(), Box<dyn Error>> {
                 second: None,
             },
         );
-        let hmac_or_prf = GetAssertionHmacOrPrfInput::Prf {
+        let hmac_or_prf: GetAssertionHmacOrPrfInput = GetAssertionHmacOrPrfInput::Prf(PrfInput {
             eval,
             eval_by_credential,
-        };
+        });
         run_failed_test(
             &mut channel,
             Some(&credential),
@@ -373,10 +373,10 @@ pub async fn main() -> Result<(), Box<dyn Error>> {
                 second: None,
             },
         );
-        let hmac_or_prf = GetAssertionHmacOrPrfInput::Prf {
+        let hmac_or_prf: GetAssertionHmacOrPrfInput = GetAssertionHmacOrPrfInput::Prf(PrfInput {
             eval,
             eval_by_credential,
-        };
+        });
         run_failed_test(
             &mut channel,
             Some(&credential),
@@ -397,10 +397,10 @@ pub async fn main() -> Result<(), Box<dyn Error>> {
                 second: None,
             },
         );
-        let hmac_or_prf = GetAssertionHmacOrPrfInput::Prf {
+        let hmac_or_prf = GetAssertionHmacOrPrfInput::Prf(PrfInput {
             eval,
             eval_by_credential,
-        };
+        });
         run_failed_test(
             &mut channel,
             None,
@@ -426,10 +426,10 @@ async fn run_success_test(
         hash: Vec::from(challenge),
         allow: vec![credential.clone()],
         user_verification: UserVerificationRequirement::Discouraged,
-        extensions: Some(GetAssertionRequestExtensions {
-            hmac_or_prf,
+        extensions: GetAssertionRequestExtensions {
+            hmac_or_prf: Some(hmac_or_prf),
             ..Default::default()
-        }),
+        },
         timeout: TIMEOUT,
     };
 
@@ -468,10 +468,10 @@ async fn run_failed_test(
         hash: Vec::from(challenge),
         allow: credential.map(|x| vec![x.clone()]).unwrap_or_default(),
         user_verification: UserVerificationRequirement::Discouraged,
-        extensions: Some(GetAssertionRequestExtensions {
-            hmac_or_prf,
+        extensions: GetAssertionRequestExtensions {
+            hmac_or_prf: Some(hmac_or_prf),
             ..Default::default()
-        }),
+        },
         timeout: TIMEOUT,
     };
 
 
@@ -10,7 +10,8 @@ use super::webauthn::MakeCredentialRequest;
 use crate::fido::{AttestedCredentialData, AuthenticatorData, AuthenticatorDataFlags};
 use crate::ops::webauthn::idl::Base64UrlString;
 use crate::ops::webauthn::{
-    GetAssertionRequest, GetAssertionResponse, MakeCredentialResponse, UserVerificationRequirement,
+    GetAssertionRequest, GetAssertionRequestExtensions, GetAssertionResponse,
+    MakeCredentialResponse, UserVerificationRequirement,
 };
 use crate::proto::ctap1::{Ctap1RegisterRequest, Ctap1SignRequest};
 use crate::proto::ctap1::{Ctap1RegisterResponse, Ctap1SignResponse};
@@ -207,7 +208,7 @@ impl UpgradableResponse<GetAssertionResponse, SignRequest> for SignResponse {
                 id: request.key_handle.clone().into(),
                 transports: None,
             }],
-            extensions: None,
+            extensions: GetAssertionRequestExtensions::default(),
             user_verification: if request.require_user_presence {
                 UserVerificationRequirement::Required
             } else {
 
@@ -40,7 +40,7 @@ pub struct PublicKeyCredentialCreationOptionsJSON {
     pub challenge: Base64UrlString,
     #[serde(rename = "pubKeyCredParams")]
     pub params: Vec<Ctap2CredentialType>,
-    pub timeout: u32,
+    pub timeout: Option<u32>,
     #[serde(rename = "excludeCredentials")]
     pub exclude_credentials: Vec<Ctap2PublicKeyCredentialDescriptor>,
     #[serde(rename = "authenticatorSelection")]