Package com.yubico.fido.metadata
Enum AuthenticatorStatus
- java.lang.Object
-
- java.lang.Enum<AuthenticatorStatus>
-
- com.yubico.fido.metadata.AuthenticatorStatus
-
- All Implemented Interfaces:
java.io.Serializable,java.lang.Comparable<AuthenticatorStatus>
public enum AuthenticatorStatus extends java.lang.Enum<AuthenticatorStatus>
This enumeration describes the status of an authenticator model as identified by its AAID/AAGUID or attestationCertificateKeyIdentifiers and potentially some additional information (such as a specific attestation key).
-
-
Enum Constant Summary
Enum Constants Enum Constant Description ATTESTATION_KEY_COMPROMISEIndicates that an attestation key for this authenticator is known to be compromised.FIDO_CERTIFIEDThis authenticator has passed FIDO functional certification.FIDO_CERTIFIED_L1The authenticator has passed FIDO Authenticator certification at level 1.FIDO_CERTIFIED_L1plusThe authenticator has passed FIDO Authenticator certification at level 1+.FIDO_CERTIFIED_L2The authenticator has passed FIDO Authenticator certification at level 2.FIDO_CERTIFIED_L2plusThe authenticator has passed FIDO Authenticator certification at level 2+.FIDO_CERTIFIED_L3The authenticator has passed FIDO Authenticator certification at level 3.FIDO_CERTIFIED_L3plusThe authenticator has passed FIDO Authenticator certification at level 3+.NOT_FIDO_CERTIFIEDThis authenticator is not FIDO certified.REVOKEDThe FIDO Alliance has determined that this authenticator should not be trusted for any reason.SELF_ASSERTION_SUBMITTEDThe authenticator vendor has completed and submitted the self-certification checklist to the FIDO Alliance.UNKNOWN(NOT DEFINED IN SPEC) Placeholder for any unknownAuthenticatorStatusvalue.UPDATE_AVAILABLEA software or firmware update is available for the device.USER_KEY_PHYSICAL_COMPROMISEThis authenticator has known weaknesses in its key protection mechanism(s) that allow user keys to be extracted by an adversary in physical possession of the device.USER_KEY_REMOTE_COMPROMISEThis authenticator has identified weaknesses that allow registered keys to be compromised and should not be trusted.USER_VERIFICATION_BYPASSIndicates that malware is able to bypass the user verification.
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static AuthenticatorStatusvalueOf(java.lang.String name)Returns the enum constant of this type with the specified name.static AuthenticatorStatus[]values()Returns an array containing the constants of this enum type, in the order they are declared.
-
-
-
Enum Constant Detail
-
UNKNOWN
public static final AuthenticatorStatus UNKNOWN
(NOT DEFINED IN SPEC) Placeholder for any unknownAuthenticatorStatusvalue.
-
NOT_FIDO_CERTIFIED
public static final AuthenticatorStatus NOT_FIDO_CERTIFIED
This authenticator is not FIDO certified.
-
FIDO_CERTIFIED
public static final AuthenticatorStatus FIDO_CERTIFIED
This authenticator has passed FIDO functional certification. This certification scheme is phased out and will be replaced byFIDO_CERTIFIED_L1.
-
USER_VERIFICATION_BYPASS
public static final AuthenticatorStatus USER_VERIFICATION_BYPASS
Indicates that malware is able to bypass the user verification. This means that the authenticator could be used without the user’s consent and potentially even without the user’s knowledge.
-
ATTESTATION_KEY_COMPROMISE
public static final AuthenticatorStatus ATTESTATION_KEY_COMPROMISE
Indicates that an attestation key for this authenticator is known to be compromised. The relying party SHOULD check the certificate field and use it to identify the compromised authenticator batch. If the certificate field is not set, the relying party should reject all new registrations of the compromised authenticator. The Authenticator manufacturer should set the date to the date when compromise has occurred.
-
USER_KEY_REMOTE_COMPROMISE
public static final AuthenticatorStatus USER_KEY_REMOTE_COMPROMISE
This authenticator has identified weaknesses that allow registered keys to be compromised and should not be trusted. This would include both, e.g. weak entropy that causes predictable keys to be generated or side channels that allow keys or signatures to be forged, guessed or extracted.
-
USER_KEY_PHYSICAL_COMPROMISE
public static final AuthenticatorStatus USER_KEY_PHYSICAL_COMPROMISE
This authenticator has known weaknesses in its key protection mechanism(s) that allow user keys to be extracted by an adversary in physical possession of the device.
-
UPDATE_AVAILABLE
public static final AuthenticatorStatus UPDATE_AVAILABLE
A software or firmware update is available for the device. The Authenticator manufacturer should set the url to the URL where users can obtain an update and the date the update was published. When this status code is used, then the field authenticatorVersion in the authenticator Metadata Statement [FIDOMetadataStatement] MUST be updated, if the update fixes severe security issues, e.g. the ones reported by preceding StatusReport entries with status codeUSER_VERIFICATION_BYPASS,ATTESTATION_KEY_COMPROMISE,USER_KEY_REMOTE_COMPROMISE,USER_KEY_PHYSICAL_COMPROMISE,REVOKED. The Relying party MUST reject the Metadata Statement if the authenticatorVersion has not increased
-
REVOKED
public static final AuthenticatorStatus REVOKED
The FIDO Alliance has determined that this authenticator should not be trusted for any reason. For example if it is known to be a fraudulent product or contain a deliberate backdoor. Relying parties SHOULD reject any future registration of this authenticator model.
-
SELF_ASSERTION_SUBMITTED
public static final AuthenticatorStatus SELF_ASSERTION_SUBMITTED
The authenticator vendor has completed and submitted the self-certification checklist to the FIDO Alliance. If this completed checklist is publicly available, the URL will be specified in url.
-
FIDO_CERTIFIED_L1
public static final AuthenticatorStatus FIDO_CERTIFIED_L1
The authenticator has passed FIDO Authenticator certification at level 1. This level is the more strict successor ofFIDO_CERTIFIED.
-
FIDO_CERTIFIED_L1plus
public static final AuthenticatorStatus FIDO_CERTIFIED_L1plus
The authenticator has passed FIDO Authenticator certification at level 1+. This level is the more than level 1.
-
FIDO_CERTIFIED_L2
public static final AuthenticatorStatus FIDO_CERTIFIED_L2
The authenticator has passed FIDO Authenticator certification at level 2. This level is more strict than level 1+.
-
FIDO_CERTIFIED_L2plus
public static final AuthenticatorStatus FIDO_CERTIFIED_L2plus
The authenticator has passed FIDO Authenticator certification at level 2+. This level is more strict than level 2.
-
FIDO_CERTIFIED_L3
public static final AuthenticatorStatus FIDO_CERTIFIED_L3
The authenticator has passed FIDO Authenticator certification at level 3. This level is more strict than level 2+.
-
FIDO_CERTIFIED_L3plus
public static final AuthenticatorStatus FIDO_CERTIFIED_L3plus
The authenticator has passed FIDO Authenticator certification at level 3+. This level is more strict than level 3.
-
-
Method Detail
-
values
public static AuthenticatorStatus[] values()
Returns an array containing the constants of this enum type, in the order they are declared. This method may be used to iterate over the constants as follows:for (AuthenticatorStatus c : AuthenticatorStatus.values()) System.out.println(c);
- Returns:
- an array containing the constants of this enum type, in the order they are declared
-
valueOf
public static AuthenticatorStatus valueOf(java.lang.String name)
Returns the enum constant of this type with the specified name. The string must match exactly an identifier used to declare an enum constant in this type. (Extraneous whitespace characters are not permitted.)- Parameters:
name- the name of the enum constant to be returned.- Returns:
- the enum constant with the specified name
- Throws:
java.lang.IllegalArgumentException- if this enum type has no constant with the specified namejava.lang.NullPointerException- if the argument is null
-
-