From 5c9160a929bf0df2c34d57f1b941b2aa291db6a7 Mon Sep 17 00:00:00 2001
From: Alfie Fresta <alfie.fresta@gmail.com>
Date: Sun, 25 May 2025 16:56:56 +0200
Subject: [PATCH 1/3] Adjust CTAP transport casing

---
 libwebauthn/src/proto/ctap1/model.rs          | 16 ++++++------
 libwebauthn/src/proto/ctap2/model.rs          | 26 +++++++++----------
 .../ctap2/model/credential_protection.rs      | 22 ++++++++++++++++
 3 files changed, 43 insertions(+), 21 deletions(-)
 create mode 100644 libwebauthn/src/proto/ctap2/model/credential_protection.rs

diff --git a/libwebauthn/src/proto/ctap1/model.rs b/libwebauthn/src/proto/ctap1/model.rs
index 8919e467..c487fe8b 100644
--- a/libwebauthn/src/proto/ctap1/model.rs
+++ b/libwebauthn/src/proto/ctap1/model.rs
@@ -12,20 +12,20 @@ use crate::webauthn::CtapError;
 
 #[derive(Debug, Clone, Copy)]
 pub enum Ctap1Transport {
-    BT,
-    BLE,
-    NFC,
-    USB,
+    Bt,
+    Ble,
+    Nfc,
+    Usb,
 }
 
 impl TryFrom<&Ctap2Transport> for Ctap1Transport {
     type Error = CtapError;
     fn try_from(ctap2: &Ctap2Transport) -> Result<Ctap1Transport, Self::Error> {
         match ctap2 {
-            Ctap2Transport::BLE => Ok(Ctap1Transport::BLE),
-            Ctap2Transport::USB => Ok(Ctap1Transport::USB),
-            Ctap2Transport::NFC => Ok(Ctap1Transport::NFC),
-            Ctap2Transport::INTERNAL => Err(CtapError::UnsupportedOption),
+            Ctap2Transport::Ble => Ok(Ctap1Transport::Ble),
+            Ctap2Transport::Usb => Ok(Ctap1Transport::Usb),
+            Ctap2Transport::Nfc => Ok(Ctap1Transport::Nfc),
+            Ctap2Transport::Internal => Err(CtapError::UnsupportedOption),
         }
     }
 }
diff --git a/libwebauthn/src/proto/ctap2/model.rs b/libwebauthn/src/proto/ctap2/model.rs
index aad10b4c..6f0c4d63 100644
--- a/libwebauthn/src/proto/ctap2/model.rs
+++ b/libwebauthn/src/proto/ctap2/model.rs
@@ -121,19 +121,19 @@ pub enum Ctap2PublicKeyCredentialType {
 #[derive(Debug, Clone, Copy, PartialEq, Serialize, Deserialize)]
 #[serde(rename_all = "lowercase")]
 pub enum Ctap2Transport {
-    BLE,
-    NFC,
-    USB,
-    INTERNAL,
+    Ble,
+    Nfc,
+    Usb,
+    Internal,
 }
 
 impl From<&Ctap1Transport> for Ctap2Transport {
     fn from(ctap1: &Ctap1Transport) -> Ctap2Transport {
         match ctap1 {
-            Ctap1Transport::BT => Ctap2Transport::BLE,
-            Ctap1Transport::BLE => Ctap2Transport::BLE,
-            Ctap1Transport::USB => Ctap2Transport::USB,
-            Ctap1Transport::NFC => Ctap2Transport::NFC,
+            Ctap1Transport::Bt => Ctap2Transport::Ble,
+            Ctap1Transport::Ble => Ctap2Transport::Ble,
+            Ctap1Transport::Usb => Ctap2Transport::Usb,
+            Ctap1Transport::Nfc => Ctap2Transport::Nfc,
         }
     }
 }
@@ -211,13 +211,13 @@ pub enum Ctap2UserVerificationOperation {
 mod tests {
     use crate::proto::ctap2::Ctap2PublicKeyCredentialDescriptor;
 
-    use super::{Ctap2CredentialType, Ctap2COSEAlgorithmIdentifier, Ctap2PublicKeyCredentialType};
+    use super::{Ctap2COSEAlgorithmIdentifier, Ctap2CredentialType, Ctap2PublicKeyCredentialType};
+    use hex;
     use serde_bytes::ByteBuf;
     use serde_cbor;
-    use hex;
 
     #[test]
-    /// Verify CBOR serialization conforms to CTAP canonical standard, including ordering (see #95) 
+    /// Verify CBOR serialization conforms to CTAP canonical standard, including ordering (see #95)
     pub fn credential_type_field_serialization() {
         let credential_type = Ctap2CredentialType {
             algorithm: Ctap2COSEAlgorithmIdentifier::ES256,
@@ -230,7 +230,7 @@ mod tests {
     }
 
     #[test]
-    /// Verify CBOR serialization conforms to CTAP canonical standard, including ordering (see #95) 
+    /// Verify CBOR serialization conforms to CTAP canonical standard, including ordering (see #95)
     pub fn credential_descriptor_serialization() {
         let credential_descriptor = Ctap2PublicKeyCredentialDescriptor {
             id: ByteBuf::from(vec![0x42]),
@@ -242,4 +242,4 @@ mod tests {
         let expected = hex::decode("a2626964414264747970656a7075626c69632d6b6579").unwrap();
         assert_eq!(serialized, expected);
     }
-}
\ No newline at end of file
+}
diff --git a/libwebauthn/src/proto/ctap2/model/credential_protection.rs b/libwebauthn/src/proto/ctap2/model/credential_protection.rs
new file mode 100644
index 00000000..d51f1326
--- /dev/null
+++ b/libwebauthn/src/proto/ctap2/model/credential_protection.rs
@@ -0,0 +1,22 @@
+use minicbor::{Decode, Encode};
+
+/// Credential protection policy as defined in the CTAP2 spec.
+/// 
+/// This replaces the ctap_types::ctap2::credential_management::CredentialProtectionPolicy
+/// to avoid external dependency.
+#[derive(Debug, Clone, Copy, PartialEq, Eq, Encode, Decode)]
+#[cbor(index_only)]
+pub enum CredentialProtectionPolicy {
+    #[n(1)]
+    UserVerificationOptional = 0x01,
+    #[n(2)]
+    UserVerificationOptionalWithCredentialIdList = 0x02,
+    #[n(3)]
+    UserVerificationRequired = 0x03,
+}
+
+impl Default for CredentialProtectionPolicy {
+    fn default() -> Self {
+        Self::UserVerificationOptional
+    }
+}

From 0f70bf9c53d10dcf8e75a68e7e209397e5e83034 Mon Sep 17 00:00:00 2001
From: Alfie Fresta <alfie.fresta@gmail.com>
Date: Sun, 25 May 2025 16:59:04 +0200
Subject: [PATCH 2/3] Add Hybrid CTAP2 transport

---
 libwebauthn/src/proto/ctap1/model.rs | 1 +
 libwebauthn/src/proto/ctap2/model.rs | 1 +
 2 files changed, 2 insertions(+)

diff --git a/libwebauthn/src/proto/ctap1/model.rs b/libwebauthn/src/proto/ctap1/model.rs
index c487fe8b..ff6e12b1 100644
--- a/libwebauthn/src/proto/ctap1/model.rs
+++ b/libwebauthn/src/proto/ctap1/model.rs
@@ -26,6 +26,7 @@ impl TryFrom<&Ctap2Transport> for Ctap1Transport {
             Ctap2Transport::Usb => Ok(Ctap1Transport::Usb),
             Ctap2Transport::Nfc => Ok(Ctap1Transport::Nfc),
             Ctap2Transport::Internal => Err(CtapError::UnsupportedOption),
+            Ctap2Transport::Hybrid => Err(CtapError::UnsupportedOption),
         }
     }
 }
diff --git a/libwebauthn/src/proto/ctap2/model.rs b/libwebauthn/src/proto/ctap2/model.rs
index 6f0c4d63..a6bfa768 100644
--- a/libwebauthn/src/proto/ctap2/model.rs
+++ b/libwebauthn/src/proto/ctap2/model.rs
@@ -125,6 +125,7 @@ pub enum Ctap2Transport {
     Nfc,
     Usb,
     Internal,
+    Hybrid,
 }
 
 impl From<&Ctap1Transport> for Ctap2Transport {

From 4b7ba3fe2da14029f3895b4f479c0cc59a967288 Mon Sep 17 00:00:00 2001
From: Alfie Fresta <alfie.fresta@gmail.com>
Date: Mon, 26 May 2025 17:01:56 +0200
Subject: [PATCH 3/3] Remove accidental file

---
 .../ctap2/model/credential_protection.rs      | 22 -------------------
 1 file changed, 22 deletions(-)
 delete mode 100644 libwebauthn/src/proto/ctap2/model/credential_protection.rs

diff --git a/libwebauthn/src/proto/ctap2/model/credential_protection.rs b/libwebauthn/src/proto/ctap2/model/credential_protection.rs
deleted file mode 100644
index d51f1326..00000000
--- a/libwebauthn/src/proto/ctap2/model/credential_protection.rs
+++ /dev/null
@@ -1,22 +0,0 @@
-use minicbor::{Decode, Encode};
-
-/// Credential protection policy as defined in the CTAP2 spec.
-/// 
-/// This replaces the ctap_types::ctap2::credential_management::CredentialProtectionPolicy
-/// to avoid external dependency.
-#[derive(Debug, Clone, Copy, PartialEq, Eq, Encode, Decode)]
-#[cbor(index_only)]
-pub enum CredentialProtectionPolicy {
-    #[n(1)]
-    UserVerificationOptional = 0x01,
-    #[n(2)]
-    UserVerificationOptionalWithCredentialIdList = 0x02,
-    #[n(3)]
-    UserVerificationRequired = 0x03,
-}
-
-impl Default for CredentialProtectionPolicy {
-    fn default() -> Self {
-        Self::UserVerificationOptional
-    }
-}