webauthn 2.2.0 → 2.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (37) hide show
  1. checksums.yaml +4 -4
  2. data/.github/workflows/build.yml +36 -0
  3. data/.rubocop.yml +60 -0
  4. data/Appraisals +2 -10
  5. data/CHANGELOG.md +53 -0
  6. data/README.md +71 -9
  7. data/SECURITY.md +6 -3
  8. data/gemfiles/{openssl_2_0.gemfile → openssl_2_2.gemfile} +1 -1
  9. data/lib/cose/rsapkcs1_algorithm.rb +11 -0
  10. data/lib/webauthn/attestation_object.rb +2 -2
  11. data/lib/webauthn/attestation_statement.rb +4 -1
  12. data/lib/webauthn/attestation_statement/android_key.rb +0 -11
  13. data/lib/webauthn/attestation_statement/android_safetynet.rb +1 -5
  14. data/lib/webauthn/attestation_statement/apple.rb +65 -0
  15. data/lib/webauthn/attestation_statement/base.rb +36 -14
  16. data/lib/webauthn/attestation_statement/fido_u2f.rb +2 -5
  17. data/lib/webauthn/attestation_statement/none.rb +7 -1
  18. data/lib/webauthn/attestation_statement/packed.rb +10 -23
  19. data/lib/webauthn/attestation_statement/tpm.rb +10 -20
  20. data/lib/webauthn/authenticator_assertion_response.rb +1 -4
  21. data/lib/webauthn/authenticator_attestation_response.rb +2 -2
  22. data/lib/webauthn/configuration.rb +2 -6
  23. data/lib/webauthn/credential_creation_options.rb +2 -0
  24. data/lib/webauthn/credential_request_options.rb +2 -0
  25. data/lib/webauthn/fake_authenticator.rb +16 -4
  26. data/lib/webauthn/fake_authenticator/attestation_object.rb +7 -3
  27. data/lib/webauthn/fake_client.rb +21 -4
  28. data/lib/webauthn/public_key.rb +21 -2
  29. data/lib/webauthn/public_key_credential.rb +13 -3
  30. data/lib/webauthn/public_key_credential/entity.rb +3 -4
  31. data/lib/webauthn/version.rb +1 -1
  32. data/webauthn.gemspec +7 -6
  33. metadata +34 -22
  34. data/.travis.yml +0 -26
  35. data/gemfiles/cose_head.gemfile +0 -7
  36. data/gemfiles/openssl_head.gemfile +0 -7
  37. data/lib/webauthn/signature_verifier.rb +0 -52
data/.travis.yml DELETED
@@ -1,26 +0,0 @@
1
- dist: bionic
2
- language: ruby
3
- cache: bundler
4
-
5
- rvm:
6
- - ruby-head
7
- - 2.7.0
8
- - 2.6.5
9
- - 2.5.7
10
- - 2.4.9
11
-
12
- gemfile:
13
- - gemfiles/cose_head.gemfile
14
- - gemfiles/openssl_head.gemfile
15
- - gemfiles/openssl_2_1.gemfile
16
- - gemfiles/openssl_2_0.gemfile
17
-
18
- matrix:
19
- fast_finish: true
20
- allow_failures:
21
- - rvm: ruby-head
22
- - gemfile: gemfiles/cose_head.gemfile
23
- - gemfile: gemfiles/openssl_head.gemfile
24
-
25
- before_install:
26
- - gem install bundler -v "~> 2.0"
data/gemfiles/cose_head.gemfile DELETED
@@ -1,7 +0,0 @@
1
- # This file was generated by Appraisal
2
-
3
- source "https://rubygems.org"
4
-
5
- gem "cose", git: "https://github.com/cedarcode/cose-ruby"
6
-
7
- gemspec path: "../"
data/gemfiles/openssl_head.gemfile DELETED
@@ -1,7 +0,0 @@
1
- # This file was generated by Appraisal
2
-
3
- source "https://rubygems.org"
4
-
5
- gem "openssl", git: "https://github.com/ruby/openssl"
6
-
7
- gemspec path: "../"
data/lib/webauthn/signature_verifier.rb DELETED
@@ -1,52 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "cose"
4
- require "cose/rsapkcs1_algorithm"
5
- require "openssl"
6
- require "webauthn/error"
7
-
8
- module WebAuthn
9
- class SignatureVerifier
10
- class UnsupportedAlgorithm < Error; end
11
-
12
- def initialize(algorithm, public_key)
13
- @algorithm = algorithm
14
- @public_key = public_key
15
-
16
- validate
17
- end
18
-
19
- def verify(signature, verification_data)
20
- cose_algorithm.verify(public_key, signature, verification_data)
21
- rescue COSE::Error
22
- false
23
- end
24
-
25
- private
26
-
27
- attr_reader :algorithm, :public_key
28
-
29
- def cose_algorithm
30
- case algorithm
31
- when COSE::Algorithm::Base
32
- algorithm
33
- else
34
- COSE::Algorithm.find(algorithm)
35
- end
36
- end
37
-
38
- def validate
39
- if !cose_algorithm
40
- raise UnsupportedAlgorithm, "Unsupported algorithm #{algorithm}"
41
- elsif !supported_algorithms.include?(cose_algorithm.name)
42
- raise UnsupportedAlgorithm, "Unsupported algorithm #{algorithm}"
43
- elsif !cose_algorithm.compatible_key?(public_key)
44
- raise("Incompatible algorithm and key")
45
- end
46
- end
47
-
48
- def supported_algorithms
49
- WebAuthn.configuration.algorithms
50
- end
51
- end
52
- end