web_authn 0.1.0 → 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/README.md +9 -5
- data/VERSION +1 -1
- data/bin/console +14 -0
- data/bin/setup +8 -0
- data/lib/web_authn/attested_credential_data.rb +2 -22
- data/lib/web_authn/context/authentication.rb +3 -0
- data/lib/web_authn.rb +1 -2
- data/web_authn.gemspec +1 -1
- metadata +9 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: 89d25f455fdd1323936c0c32072be162f888df15e7ddd86fb65549e9f37736fb
|
|
4
|
+
data.tar.gz: ecb31a66853aeaca039da91aeb66ca5a24b5ee9f103153ed76ae6593fc1071ea
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: dee33babaf79b1ba80f86321223206c56e59c7c3e5adc113bb8a4f51d8d9c185d5eb1b62219a408e98130265d75e9ee1fa648794d3db8f60ab32551cbd5c83bb
|
|
7
|
+
data.tar.gz: 70fdbe9c79f25a5044eea4ac2b06815d6f5c128e0db61c03f930577cba78dc2d5e6fcf46324823fefa9dcefab2b76ccd648e3e769a12020f123f7f0d128b7798
|
data/README.md
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# WebAuthn
|
|
2
2
|
|
|
3
|
-
W3C
|
|
3
|
+
W3C Web Authentication API (a.k.a. WebAuthN / FIDO 2.0) RP library in Ruby
|
|
4
4
|
|
|
5
5
|
[](http://travis-ci.org/nov/web_authn)
|
|
6
6
|
|
|
@@ -14,11 +14,15 @@ gem 'web_authn'
|
|
|
14
14
|
|
|
15
15
|
And then execute:
|
|
16
16
|
|
|
17
|
-
|
|
17
|
+
```sh
|
|
18
|
+
$ bundle
|
|
19
|
+
```
|
|
18
20
|
|
|
19
21
|
Or install it yourself as:
|
|
20
22
|
|
|
21
|
-
|
|
23
|
+
```sh
|
|
24
|
+
$ gem install web_authn
|
|
25
|
+
```
|
|
22
26
|
|
|
23
27
|
## Usage
|
|
24
28
|
|
|
@@ -33,11 +37,11 @@ Currently, there are several restrictions.
|
|
|
33
37
|
|
|
34
38
|
After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
|
|
35
39
|
|
|
36
|
-
To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `
|
|
40
|
+
To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `VERSION`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
|
|
37
41
|
|
|
38
42
|
## Contributing
|
|
39
43
|
|
|
40
|
-
Bug reports and pull requests are welcome on GitHub at https://github.com/
|
|
44
|
+
Bug reports and pull requests are welcome on GitHub at https://github.com/nov/web_authn.
|
|
41
45
|
|
|
42
46
|
## License
|
|
43
47
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.1.
|
|
1
|
+
0.1.1
|
data/bin/console
ADDED
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
#!/usr/bin/env ruby
|
|
2
|
+
|
|
3
|
+
require "bundler/setup"
|
|
4
|
+
require "web_authn"
|
|
5
|
+
|
|
6
|
+
# You can add fixtures and/or initialization code here to make experimenting
|
|
7
|
+
# with your gem easier. You can also use a different console, if you like.
|
|
8
|
+
|
|
9
|
+
# (If you use this, don't forget to add pry to your Gemfile!)
|
|
10
|
+
# require "pry"
|
|
11
|
+
# Pry.start
|
|
12
|
+
|
|
13
|
+
require "irb"
|
|
14
|
+
IRB.start(__FILE__)
|
data/bin/setup
ADDED
|
@@ -16,35 +16,15 @@ module WebAuthn
|
|
|
16
16
|
)
|
|
17
17
|
aaguid,
|
|
18
18
|
credential_id,
|
|
19
|
-
|
|
19
|
+
cose_key_cbor = [
|
|
20
20
|
attested_credential_data.byteslice(0...16),
|
|
21
21
|
attested_credential_data.byteslice(18...(18 + length)),
|
|
22
22
|
attested_credential_data.byteslice((18 + length)..-1),
|
|
23
23
|
]
|
|
24
|
-
cose_key = COSE::Key::EC2.from_cbor(_encoded_cose_key_)
|
|
25
|
-
curve_name = case cose_key.curve
|
|
26
|
-
when 1
|
|
27
|
-
'prime256v1'
|
|
28
|
-
when 2
|
|
29
|
-
'secp384r1'
|
|
30
|
-
when 3
|
|
31
|
-
'secp521r1'
|
|
32
|
-
else
|
|
33
|
-
raise NotImplementedError, 'Non-supported EC curve'
|
|
34
|
-
end
|
|
35
|
-
ec_key = OpenSSL::PKey::EC.new curve_name
|
|
36
|
-
ec_key.public_key = OpenSSL::PKey::EC::Point.new(
|
|
37
|
-
OpenSSL::PKey::EC::Group.new(curve_name),
|
|
38
|
-
OpenSSL::BN.new([
|
|
39
|
-
'04' +
|
|
40
|
-
cose_key.x_coordinate.unpack('H*').first +
|
|
41
|
-
cose_key.y_coordinate.unpack('H*').first
|
|
42
|
-
].pack('H*'), 2)
|
|
43
|
-
)
|
|
44
24
|
new(
|
|
45
25
|
aaguid: Base64.urlsafe_encode64(aaguid, padding: false),
|
|
46
26
|
credential_id: Base64.urlsafe_encode64(credential_id, padding: false),
|
|
47
|
-
public_key:
|
|
27
|
+
public_key: COSE::Key.decode(cose_key_cbor).to_key
|
|
48
28
|
)
|
|
49
29
|
end
|
|
50
30
|
end
|
|
@@ -40,6 +40,9 @@ module WebAuthn
|
|
|
40
40
|
end
|
|
41
41
|
|
|
42
42
|
def verify_signature!(public_key, signature)
|
|
43
|
+
# TODO:
|
|
44
|
+
# needs to handle digest size based on COSE key algorithm.
|
|
45
|
+
# how to get COSE key alg header at this point?
|
|
43
46
|
signature_base_string = [
|
|
44
47
|
authenticator_data.raw,
|
|
45
48
|
OpenSSL::Digest::SHA256.digest(client_data_json.raw)
|
data/lib/web_authn.rb
CHANGED
data/web_authn.gemspec
CHANGED
|
@@ -14,7 +14,7 @@ Gem::Specification.new do |gem|
|
|
|
14
14
|
gem.required_ruby_version = '>= 2.3'
|
|
15
15
|
gem.add_runtime_dependency 'activesupport'
|
|
16
16
|
gem.add_runtime_dependency 'cbor'
|
|
17
|
-
gem.add_runtime_dependency 'cose'
|
|
17
|
+
gem.add_runtime_dependency 'cose-key'
|
|
18
18
|
gem.add_development_dependency 'rake', '~> 10.0'
|
|
19
19
|
gem.add_development_dependency 'simplecov'
|
|
20
20
|
gem.add_development_dependency 'rspec'
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: web_authn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- nov matake
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-09-
|
|
11
|
+
date: 2018-09-08 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|
|
@@ -39,7 +39,7 @@ dependencies:
|
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
40
|
version: '0'
|
|
41
41
|
- !ruby/object:Gem::Dependency
|
|
42
|
-
name: cose
|
|
42
|
+
name: cose-key
|
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
|
44
44
|
requirements:
|
|
45
45
|
- - ">="
|
|
@@ -112,7 +112,9 @@ description: W3C Web Authentication API (a.k.a. WebAuthN / FIDO 2.0) RP library
|
|
|
112
112
|
Ruby
|
|
113
113
|
email:
|
|
114
114
|
- nov@matake.jp
|
|
115
|
-
executables:
|
|
115
|
+
executables:
|
|
116
|
+
- console
|
|
117
|
+
- setup
|
|
116
118
|
extensions: []
|
|
117
119
|
extra_rdoc_files: []
|
|
118
120
|
files:
|
|
@@ -124,6 +126,8 @@ files:
|
|
|
124
126
|
- README.md
|
|
125
127
|
- Rakefile
|
|
126
128
|
- VERSION
|
|
129
|
+
- bin/console
|
|
130
|
+
- bin/setup
|
|
127
131
|
- lib/web_authn.rb
|
|
128
132
|
- lib/web_authn/attestation_object.rb
|
|
129
133
|
- lib/web_authn/attested_credential_data.rb
|
|
@@ -163,7 +167,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
163
167
|
version: '0'
|
|
164
168
|
requirements: []
|
|
165
169
|
rubyforge_project:
|
|
166
|
-
rubygems_version: 2.6
|
|
170
|
+
rubygems_version: 2.7.6
|
|
167
171
|
signing_key:
|
|
168
172
|
specification_version: 4
|
|
169
173
|
summary: WebAuthn RP library
|