webauthn 1.11.0 → 1.12.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 368f1cffa77727f2edab0c872a6e9414af8db2871edfbb3623f06273bb71f5ae
-  data.tar.gz: 4b21d7e5cd9ff589bb97f4264d0dbf7f3f04da53aa619893f88a1d831d7c2755
+  metadata.gz: c0b7730e28517a0a0c8490fe77a7f1826de3914f7af3ccf6aefcc1e5268e4a45
+  data.tar.gz: 5a9433f01315b4360388d4d08667b041539f5fef43d48034d1deece03d24b48b
 SHA512:
-  metadata.gz: c88fb415b6141de835c2d1536f8e859b1ba1a146b1e9c13971cf8bb07478bda5efa9c6a85f69c06466b91984b7f00e14f0cf29229cf14bc10f70040659411586
-  data.tar.gz: f94c85b184e96399f71bc7c070b691160640a5de898e381cd23f4bddc2fce139a2c523172cc8aeb682715b66a038f1ad3ed7798893a645d31eef53268784dc08
+  metadata.gz: cbfc86b1a82b1906a1adda4ab47e4cb7a523b520ecb533aa9587e047f463f74eccde0a88bff0ffb3acc037dc163cdbd40bad173c3e35a52492c230432897aeef
+  data.tar.gz: 887545a11d8d387deb137d228fb2f7a0c13f4462d7ca8b9247b68be7cdb40fcf478ee7b53bb5d39d7f89b6230d8c332676c20c7f5623f272522838f14b5213ef

data/.gitignore

@@ -11,4 +11,5 @@
 .rspec_status
 
 /Gemfile.lock
+/gemfiles/*.gemfile.lock
 /.byebug_history

data/.rubocop.yml

@@ -1,6 +1,8 @@
 AllCops:
   TargetRubyVersion: 2.3
   DisabledByDefault: true
+  Exclude:
+    - "gemfiles/**/*"
 
 Bundler:
   Enabled: true

data/.travis.yml

@@ -1,12 +1,18 @@
 dist: xenial
 language: ruby
 cache: bundler
+
 rvm:
   - ruby-head
   - 2.6.2
-  - 2.5.4
-  - 2.4.5
+  - 2.5.5
+  - 2.4.6
   - 2.3.8
+
+gemfile:
+  - gemfiles/openssl_2_1.gemfile
+  - gemfiles/openssl_2_0.gemfile
+
 matrix:
   fast_finish: true
   allow_failures:

data/Appraisals

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+appraise "openssl_2_1" do
+  gem "openssl", "~> 2.1.0"
+end
+
+appraise "openssl_2_0" do
+  gem "openssl", "~> 2.0.0"
+end

data/CHANGELOG.md

@@ -1,5 +1,21 @@
 # Changelog
 
+## [v1.12.0] - 2019-04-03
+
+### Added
+
+- Verification of the attestation certificate public key curve for `fido-u2f` attestation statements.
+
+### Changed
+
+- `Credential#public_key` now returns the COSE_Key formatted version of the credential public key, instead of the
+uncompressed EC point format.
+
+Note #1: A `Credential` instance is what is returned in `WebAuthn::AuthenticatorAttestationResponse#credential`.
+
+Note #2: You don't need to do any convesion before passing the public key in `AuthenticatorAssertionResponse#verify`'s
+`allowed_credentials` argument, `#verify` is backwards-compatible and will handle both public key formats properly.
+
 ## [v1.11.0] - 2019-03-15
 
 ### Added
@@ -137,6 +153,7 @@ Note: Both additions should help making it compatible with Chrome for Android 70
   - `WebAuthn::AuthenticatorAttestationResponse.valid?` can be used to validate fido-u2f attestations returned by the browser
 - Works with ruby 2.5
 
+[v1.12.0]: https://github.com/cedarcode/webauthn-ruby/compare/v1.12.0...v1.12.0/
 [v1.11.0]: https://github.com/cedarcode/webauthn-ruby/compare/v1.10.0...v1.11.0/
 [v1.10.0]: https://github.com/cedarcode/webauthn-ruby/compare/v1.9.0...v1.10.0/
 [v1.9.0]: https://github.com/cedarcode/webauthn-ruby/compare/v1.8.0...v1.9.0/

data/README.md

@@ -1,40 +1,38 @@
-# WebAuthn :key:
+# WebAuthn ruby library :key:
 
-Easily implement WebAuthn in your ruby/rails app
+Make your Ruby/Rails web server become a conformant WebAuthn Relying Party.
 
 [![Gem](https://img.shields.io/gem/v/webauthn.svg?style=flat-square)](https://rubygems.org/gems/webauthn)
 [![Travis](https://img.shields.io/travis/cedarcode/webauthn-ruby/master.svg?style=flat-square)](https://travis-ci.org/cedarcode/webauthn-ruby)
+[![Join the chat at https://gitter.im/cedarcode/webauthn-ruby](https://badges.gitter.im/cedarcode/webauthn-ruby.svg)](https://gitter.im/cedarcode/webauthn-ruby?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
 
 ## What is WebAuthn?
 
-- [WebAuthn W3C Recommendation](https://www.w3.org/TR/webauthn/)
-- [WebAuthn intro by Yubico](https://www.yubico.com/webauthn/)
-- [WebAuthn in Wikipedia](https://en.wikipedia.org/wiki/WebAuthn)
-- [Web Authentication API in MDN](https://developer.mozilla.org/en-US/docs/Web/API/Web_Authentication_API)
-- [WebAuthn article with Google IO 2018 talk](https://developers.google.com/web/updates/2018/05/webauthn)
+WebAuthn (Web Authentication) is a W3C standard for secure public-key authentication on the Web supported by all leading browsers and platforms.
+
+For more:
+
+- WebAuthn [W3C Recommendation](https://www.w3.org/TR/webauthn/) (i.e. "The Standard")
+- WebAuthn [intro](https://www.yubico.com/webauthn/) by Yubico
+- WebAuthn [article](https://en.wikipedia.org/wiki/WebAuthn) in Wikipedia
+- [Web Authentication API](https://developer.mozilla.org/en-US/docs/Web/API/Web_Authentication_API) in MDN
+- WebAuthn [article with talk](https://developers.google.com/web/updates/2018/05/webauthn) in Google Developers
 
 ## Prerequisites
 
-This gem will help your ruby server act as a conforming [_Relying-Party_](https://www.w3.org/TR/webauthn/#relying-party), in WebAuthn terminology. But for the [_Registration_](https://www.w3.org/TR/webauthn/#registration) and [_Authentication_](https://www.w3.org/TR/webauthn/#authentication) ceremonies to work, you will also need
+This ruby library will help your Ruby/Rails server act as a conforming [_Relying-Party_](https://www.w3.org/TR/webauthn/#relying-party), in WebAuthn terminology. But for the [_Registration_](https://www.w3.org/TR/webauthn/#registration) and [_Authentication_](https://www.w3.org/TR/webauthn/#authentication) ceremonies to fully work, you will also need to add two more pieces to the puzzle, a conforming [User Agent](https://www.w3.org/TR/webauthn/#conforming-user-agents) + [Authenticator](https://www.w3.org/TR/webauthn/#conforming-authenticators) pair.
 
-### A conforming User Agent
+A very small set of known conformant pairs are for example:
 
-Currently supporting [Web Authentication API](https://developer.mozilla.org/en-US/docs/Web/API/Web_Authentication_API):
-  - [Mozilla Firefox](https://www.mozilla.org/firefox/) 60+
-  - [Google Chrome](https://www.google.com/chrome/) 67+
-  - [Google Chrome for Android](https://play.google.com/store/apps/details?id=com.android.chrome) 70+
+- Google Chrome for Android 70+ and Android's Fingerprint-based platform authenticator
+- Microsoft Edge and Windows 10 platform authenticator
+- Mozilla Firefox for Desktop and Yubico's Security Key roaming authenticator via USB
 
-### A conforming Authenticator
+For a detailed picture about what is conformant and what not, you can refer to:
 
-* Roaming authenticators
-  * [Security Key by Yubico](https://www.yubico.com/product/security-key-by-yubico/)
-  * [YubiKey 5 Series](https://www.yubico.com/products/yubikey-5-overview/) key
-* Platform authenticators
-  * Android's Fingerprint Scanner
-  * MacBook [Touch ID](https://en.wikipedia.org/wiki/Touch_ID)
+- [apowers313/fido2-webauthn-status](https://github.com/apowers313/fido2-webauthn-status)
+- [FIDO certified products](https://fidoalliance.org/certification/fido-certified-products)
 
-NOTE: Firefox states ([Firefox 60 release notes](https://www.mozilla.org/en-US/firefox/60.0/releasenotes/)) they only support USB FIDO2 or FIDO U2F enabled devices in their current implementation (version 60).
-  It's up to the gem's user to verify user agent compatibility if any other device wants to be used as the authenticator component.
 
 ## Installation
 
@@ -175,9 +173,25 @@ rescue WebAuthn::VerificationError => e
 end
 ```
 
+## Attestation Statement Formats
+
+| Attestation Statement Format | Supported? |
+| -------- | :--------: |
+| packed (self attestation) | Yes |
+| packed (x5c attestation) | Yes |
+| packed (ECDAA attestation) | No |
+| tpm (x5c attestation) | No |
+| tpm (ECDAA attestation) | No |
+| android-key | Yes |
+| android-safetynet | Yes |
+| fido-u2f | Yes |
+| none | Yes |
+
+NOTE: Be aware that it is up to you to do "trust path validation" (steps 15 and 16 in [Registering a new credential](https://www.w3.org/TR/webauthn/#registering-a-new-credential)) if that's a requirement of your Relying Party policy. The gem doesn't perform that validation for you right now.
+
 ## Testing Your Integration
 
-The Webauthn spec requires for data that is signed and authenticated. As a result, it can be difficult to create valid test authenticator data when testing your integration. Webauthn-ruby exposes [WebAuthn::FakeAuthenticator](https://github.com/cedarcode/webauthn-ruby/blob/master/lib/webauthn/fake_authenticator.rb) for you to use in your tests. Example usage can be found in [webauthn-ruby/spec/webauthn/authenticator_assertion_response_spec.rb](https://github.com/cedarcode/webauthn-ruby/blob/master/spec/webauthn/authenticator_assertion_response_spec.rb).
+The Webauthn spec requires for data that is signed and authenticated. As a result, it can be difficult to create valid test authenticator data when testing your integration. webauthn-ruby exposes [WebAuthn::FakeClient](https://github.com/cedarcode/webauthn-ruby/blob/master/lib/webauthn/fake_client.rb) for you to use in your tests. Example usage can be found in [webauthn-ruby/spec/webauthn/authenticator_assertion_response_spec.rb](https://github.com/cedarcode/webauthn-ruby/blob/master/spec/webauthn/authenticator_assertion_response_spec.rb).
 
 ## Development
 

data/gemfiles/openssl_2_0.gemfile

@@ -0,0 +1,7 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "openssl", "~> 2.0.0"
+
+gemspec path: "../"

data/gemfiles/openssl_2_1.gemfile

@@ -0,0 +1,7 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "openssl", "~> 2.1.0"
+
+gemspec path: "../"

data/lib/webauthn/attestation_statement/android_key.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require "openssl"
+require "webauthn/attestation_statement/android_key/key_description"
 require "webauthn/attestation_statement/base"
 
 module WebAuthn
@@ -8,14 +9,6 @@ module WebAuthn
     class AndroidKey < Base
       EXTENSION_DATA_OID = "1.3.6.1.4.1.11129.2.1.17"
 
-      # https://developer.android.com/training/articles/security-key-attestation#certificate_schema
-      ATTESTATION_CHALLENGE_INDEX = 4
-      SOFTWARE_ENFORCED_INDEX = 6
-      TEE_ENFORCED_INDEX = 7
-      PURPOSE_TAG = 1
-      ALL_APPLICATIONS_TAG = 600
-      ORIGIN_TAG = 702
-
       # https://android.googlesource.com/platform/hardware/libhardware/+/master/include/hardware/keymaster_defs.h
       KM_ORIGIN_GENERATED = 0
       KM_PURPOSE_SIGN = 2
@@ -45,38 +38,35 @@ module WebAuthn
       end
 
       def valid_attestation_challenge?(client_data_hash)
-        WebAuthn::SecurityUtils.secure_compare(key_description[ATTESTATION_CHALLENGE_INDEX].value, client_data_hash)
+        WebAuthn::SecurityUtils.secure_compare(key_description.attestation_challenge, client_data_hash)
       end
 
       def all_applications_field_not_present?
-        tee_enforced.none? { |data| data.tag == ALL_APPLICATIONS_TAG } &&
-          software_enforced.none? { |data| data.tag == ALL_APPLICATIONS_TAG }
+        tee_enforced.all_applications.nil? && software_enforced.all_applications.nil?
       end
 
       def valid_authorization_list_origin?
-        tee_enforced.detect { |data| data.tag == ORIGIN_TAG }&.value&.at(0)&.value == KM_ORIGIN_GENERATED ||
-          software_enforced.detect { |data| data.tag == ORIGIN_TAG }&.value&.at(0)&.value == KM_ORIGIN_GENERATED
+        tee_enforced.origin == KM_ORIGIN_GENERATED || software_enforced.origin == KM_ORIGIN_GENERATED
       end
 
       def valid_authorization_list_purpose?
-        tee_enforced.detect { |data| data.tag == PURPOSE_TAG }&.value&.at(0)&.value&.at(0)&.value == KM_PURPOSE_SIGN ||
-          software_enforced.detect { |data| data.tag == PURPOSE_TAG }&.value&.at(0)&.value&.at(0)&.value ==
-            KM_PURPOSE_SIGN
+        tee_enforced.purpose == KM_PURPOSE_SIGN || software_enforced.purpose == KM_PURPOSE_SIGN
       end
 
       def tee_enforced
-        key_description[SOFTWARE_ENFORCED_INDEX].value
+        key_description.tee_enforced
       end
 
       def software_enforced
-        key_description[TEE_ENFORCED_INDEX].value
+        key_description.software_enforced
       end
 
       def key_description
         @key_description ||= begin
           extension_data = attestation_certificate.extensions.detect { |ext| ext.oid == EXTENSION_DATA_OID }
           raw_key_description = OpenSSL::ASN1.decode(extension_data).value.last
-          OpenSSL::ASN1.decode(raw_key_description.value).value
+
+          KeyDescription.new(OpenSSL::ASN1.decode(raw_key_description.value).value)
         end
       end
 

data/lib/webauthn/attestation_statement/android_key/authorization_list.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+require "webauthn/attestation_statement/base"
+
+module WebAuthn
+  module AttestationStatement
+    class AndroidKey < Base
+      class AuthorizationList
+        PURPOSE_TAG = 1
+        ALL_APPLICATIONS_TAG = 600
+        ORIGIN_TAG = 702
+
+        def initialize(sequence)
+          @sequence = sequence
+        end
+
+        def purpose
+          find_by_tag(PURPOSE_TAG)&.value&.at(0)&.value&.at(0)&.value
+        end
+
+        def all_applications
+          find_by_tag(ALL_APPLICATIONS_TAG)&.value
+        end
+
+        def origin
+          find_by_tag(ORIGIN_TAG)&.value&.at(0)&.value
+        end
+
+        private
+
+        attr_reader :sequence
+
+        def find_by_tag(tag)
+          sequence.detect { |data| data.tag == tag }
+        end
+      end
+    end
+  end
+end

data/lib/webauthn/attestation_statement/android_key/key_description.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+require "webauthn/attestation_statement/android_key/authorization_list"
+require "webauthn/attestation_statement/base"
+
+module WebAuthn
+  module AttestationStatement
+    class AndroidKey < Base
+      class KeyDescription
+        # https://developer.android.com/training/articles/security-key-attestation#certificate_schema
+        ATTESTATION_CHALLENGE_INDEX = 4
+        SOFTWARE_ENFORCED_INDEX = 6
+        TEE_ENFORCED_INDEX = 7
+
+        def initialize(sequence)
+          @sequence = sequence
+        end
+
+        def attestation_challenge
+          sequence[ATTESTATION_CHALLENGE_INDEX].value
+        end
+
+        def tee_enforced
+          @tee_enforced ||= AuthorizationList.new(sequence[TEE_ENFORCED_INDEX].value)
+        end
+
+        def software_enforced
+          @software_enforced ||= AuthorizationList.new(sequence[SOFTWARE_ENFORCED_INDEX].value)
+        end
+
+        private
+
+        attr_reader :sequence
+      end
+    end
+  end
+end

data/lib/webauthn/attestation_statement/fido_u2f.rb

@@ -2,15 +2,18 @@
 
 require "openssl"
 require "webauthn/attestation_statement/base"
+require "webauthn/attestation_statement/fido_u2f/public_key"
 
 module WebAuthn
   module AttestationStatement
     class FidoU2f < Base
       VALID_ATTESTATION_CERTIFICATE_COUNT = 1
+      VALID_ATTESTATION_CERTIFICATE_KEY_CURVE = "prime256v1"
 
       def valid?(authenticator_data, client_data_hash)
         valid_format? &&
           valid_certificate_public_key? &&
+          valid_credential_public_key?(authenticator_data.credential.public_key) &&
           valid_signature?(authenticator_data, client_data_hash) &&
           [WebAuthn::AttestationStatement::ATTESTATION_TYPE_BASIC_OR_ATTCA, [attestation_certificate]]
       end
@@ -27,7 +30,13 @@ module WebAuthn
       end
 
       def valid_certificate_public_key?
-        certificate_public_key.is_a?(OpenSSL::PKey::EC) && certificate_public_key.check_key
+        certificate_public_key.is_a?(OpenSSL::PKey::EC) &&
+          certificate_public_key.group.curve_name == VALID_ATTESTATION_CERTIFICATE_KEY_CURVE &&
+          certificate_public_key.check_key
+      end
+
+      def valid_credential_public_key?(public_key_bytes)
+        public_key_u2f(public_key_bytes).valid?
       end
 
       def certificate_public_key
@@ -55,7 +64,11 @@ module WebAuthn
           authenticator_data.rp_id_hash +
           client_data_hash +
           authenticator_data.credential.id +
-          authenticator_data.credential.public_key
+          public_key_u2f(authenticator_data.credential.public_key).to_uncompressed_point
+      end
+
+      def public_key_u2f(cose_key_data)
+        PublicKey.new(cose_key_data)
       end
     end
   end

data/lib/webauthn/attestation_statement/fido_u2f/public_key.rb

@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+
+require "cose/ecdsa"
+require "cose/key/ec2"
+require "webauthn/attestation_statement/base"
+
+module WebAuthn
+  module AttestationStatement
+    class FidoU2f < Base
+      class PublicKey
+        COORDINATE_LENGTH = 32
+        UNCOMPRESSED_FORM_INDICATOR = "\x04"
+
+        def self.uncompressed_point?(data)
+          data.size &&
+            data.length == UNCOMPRESSED_FORM_INDICATOR.length + COORDINATE_LENGTH * 2 &&
+            data[0] == UNCOMPRESSED_FORM_INDICATOR
+        end
+
+        def initialize(data)
+          @data = data
+        end
+
+        def valid?
+          data.size >= COORDINATE_LENGTH * 2 &&
+            cose_key.x.length == COORDINATE_LENGTH &&
+            cose_key.y.length == COORDINATE_LENGTH &&
+            cose_key.alg == COSE::ECDSA::ALG_ES256
+        end
+
+        def to_uncompressed_point
+          UNCOMPRESSED_FORM_INDICATOR + cose_key.x + cose_key.y
+        end
+
+        private
+
+        attr_reader :data
+
+        def cose_key
+          @cose_key ||= COSE::Key::EC2.deserialize(data)
+        end
+      end
+    end
+  end
+end

data/lib/webauthn/authenticator_assertion_response.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require "cose/key"
+require "webauthn/attestation_statement/fido_u2f/public_key"
 require "webauthn/authenticator_response"
 
 module WebAuthn
@@ -32,14 +34,8 @@ module WebAuthn
 
     attr_reader :credential_id, :authenticator_data_bytes, :signature
 
-    def valid_signature?(public_key_bytes)
-      group = OpenSSL::PKey::EC::Group.new("prime256v1")
-      key = OpenSSL::PKey::EC.new(group)
-      public_key_bn = OpenSSL::BN.new(public_key_bytes, 2)
-      public_key = OpenSSL::PKey::EC::Point.new(group, public_key_bn)
-      key.public_key = public_key
-
-      key.verify(
+    def valid_signature?(credential_public_key)
+      credential_public_key.verify(
         "SHA256",
         signature,
         authenticator_data_bytes + client_data.hash
@@ -57,7 +53,27 @@ module WebAuthn
         credential[:id] == credential_id
       end
 
-      matched_credential[:public_key]
+      if WebAuthn::AttestationStatement::FidoU2f::PublicKey.uncompressed_point?(matched_credential[:public_key])
+        # Gem version v1.11.0 and lower, used to behave so that Credential#public_key
+        # returned an EC P-256 uncompressed point.
+        #
+        # Because of https://github.com/cedarcode/webauthn-ruby/issues/137 this was changed
+        # and Credential#public_key started returning the unchanged COSE_Key formatted
+        # credentialPublicKey (as in https://www.w3.org/TR/webauthn/#credentialpublickey).
+        #
+        # Given that the credential public key is expected to be stored long-term by the gem
+        # user and later be passed as one of the allowed_credentials arguments in the
+        # AuthenticatorAssertionResponse.verify call, we then need to support the two formats.
+        group = OpenSSL::PKey::EC::Group.new("prime256v1")
+        key = OpenSSL::PKey::EC.new(group)
+        public_key_bn = OpenSSL::BN.new(matched_credential[:public_key], 2)
+        public_key = OpenSSL::PKey::EC::Point.new(group, public_key_bn)
+        key.public_key = public_key
+
+        key
+      else
+        COSE::Key.deserialize(matched_credential[:public_key]).to_pkey
+      end
     end
 
     def type

data/lib/webauthn/authenticator_data/attested_credential_data.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-require "webauthn/authenticator_data/attested_credential_data/public_key"
+require "cose/key"
 
 module WebAuthn
   class AuthenticatorData
@@ -14,14 +14,7 @@ module WebAuthn
       # FIXME: use keyword_init when we dropped Ruby 2.4 support
       Credential = Struct.new(:id, :public_key) do
         def public_key_object
-          group = OpenSSL::PKey::EC::Group.new("prime256v1")
-          key = OpenSSL::PKey::EC.new(group)
-
-          bn = OpenSSL::BN.new(public_key, 2)
-          point = OpenSSL::PKey::EC::Point.new(group, bn)
-          key.public_key = point
-
-          key
+          COSE::Key.deserialize(public_key).to_pkey
         end
       end
 
@@ -30,7 +23,7 @@ module WebAuthn
       end
 
       def valid?
-        data.length >= AAGUID_LENGTH + ID_LENGTH_LENGTH && public_key.valid?
+        data.length >= AAGUID_LENGTH + ID_LENGTH_LENGTH && valid_credential_public_key?
       end
 
       def aaguid
@@ -40,7 +33,7 @@ module WebAuthn
       def credential
         @credential ||=
           if id
-            Credential.new(id, public_key.to_str)
+            Credential.new(id, public_key)
           end
       end
 
@@ -54,6 +47,12 @@ module WebAuthn
 
       attr_reader :data
 
+      def valid_credential_public_key?
+        cose_key = COSE::Key.deserialize(public_key)
+
+        !!cose_key.alg
+      end
+
       def id
         if valid?
           data_at(id_position, id_length)
@@ -61,7 +60,7 @@ module WebAuthn
       end
 
       def public_key
-        @public_key ||= PublicKey.new(data_at(public_key_position, public_key_length))
+        @public_key ||= data_at(public_key_position, public_key_length)
       end
 
       def id_position

data/lib/webauthn/fake_authenticator.rb

@@ -3,175 +3,69 @@
 require "cbor"
 require "openssl"
 require "securerandom"
+require "webauthn/fake_authenticator/attestation_object"
+require "webauthn/fake_authenticator/authenticator_data"
 
 module WebAuthn
   class FakeAuthenticator
-    class Base
-      def initialize(challenge: fake_challenge, rp_id: "localhost", sign_count: 0, context: {})
-        @challenge = challenge
-        @rp_id = rp_id
-        @sign_count = sign_count
-        @context = context
-      end
-
-      def authenticator_data
-        @authenticator_data ||= rp_id_hash + raw_flags + raw_sign_count + attested_credential_data + extension_data
-      end
-
-      def client_data_json
-        @client_data_json ||= { challenge: encode(challenge), origin: origin, type: type }.to_json
-      end
-
-      def credential_key
-        @credential_key ||= OpenSSL::PKey::EC.new("prime256v1").generate_key
-      end
-
-      def credential_id
-        @credential_id ||= SecureRandom.random_bytes(16)
-      end
-
-      def rp_id_hash
-        OpenSSL::Digest::SHA256.digest(rp_id)
-      end
-
-      private
-
-      attr_reader :challenge, :context, :rp_id
-
-      def raw_flags
-        [
-          [
-            bit(:user_present),
-            "0",
-            bit(:user_verified),
-            "000",
-            attested_credential_data_present_bit,
-            extension_data_present_bit
-          ].join
-        ].pack("b*")
-      end
-
-      def attested_credential_data_present_bit
-        if attested_credential_data.empty?
-          "0"
-        else
-          "1"
-        end
-      end
-
-      def extension_data_present_bit
-        if extension_data.empty?
-          "0"
-        else
-          "1"
-        end
-      end
-
-      def attested_credential_data
-        ""
-      end
-
-      def extension_data
-        CBOR.encode("fakeExtension" => "fakeValue")
-      end
-
-      def raw_sign_count
-        [@sign_count].pack('L>')
-      end
+    AAGUID = SecureRandom.random_bytes(16)
 
-      def bit(flag)
-        if context[flag].nil? || context[flag]
-          "1"
-        else
-          "0"
-        end
-      end
+    def initialize
+      @credentials = {}
+    end
 
-      def origin
-        @origin ||= context[:origin] || fake_origin
-      end
+    def make_credential(rp_id:, client_data_hash:, user_present: true, user_verified: false)
+      credential_id, credential_key = new_credential
 
-      def encode(bytes)
-        Base64.urlsafe_encode64(bytes, padding: false)
-      end
+      attestation_object = AttestationObject.new(
+        client_data_hash: client_data_hash,
+        rp_id_hash: hashed(rp_id),
+        credential_id: credential_id,
+        credential_key: credential_key,
+        user_present: user_present,
+        user_verified: user_verified
+      ).serialize
 
-      def fake_challenge
-        SecureRandom.random_bytes(32)
-      end
+      credentials[rp_id] ||= {}
+      credentials[rp_id][credential_id] = credential_key
 
-      def fake_origin
-        "http://localhost"
-      end
+      attestation_object
     end
 
-    class Create < Base
-      def attestation_object
-        CBOR.encode(
-          "fmt" => "none",
-          "attStmt" => {},
-          "authData" => authenticator_data
-        )
-      end
+    def get_assertion(rp_id:, client_data_hash:, user_present: true, user_verified: false)
+      credential_options = credentials[rp_id]
 
-      private
+      if credential_options
+        credential_id, credential_key = credential_options.first
 
-      def attested_credential_data
-        aaguid + [credential_id.length].pack("n*") + credential_id + cose_credential_public_key
-      end
+        authenticator_data = AuthenticatorData.new(
+          rp_id_hash: hashed(rp_id),
+          user_present: user_present,
+          user_verified: user_verified
+        ).serialize
 
-      def aaguid
-        @aaguid ||= SecureRandom.random_bytes(16)
-      end
+        signature = credential_key.sign("SHA256", authenticator_data + client_data_hash)
 
-      def cose_credential_public_key
-        fake_cose_credential_key(
-          x_coordinate: key_bytes(credential_key.public_key)[1..32],
-          y_coordinate: key_bytes(credential_key.public_key)[33..64]
-        )
+        {
+          credential_id: credential_id,
+          authenticator_data: authenticator_data,
+          signature: signature
+        }
+      else
+        raise "No credentials found for RP #{rp_id}"
       end
+    end
 
-      def type
-        "webauthn.create"
-      end
+    private
 
-      def fake_cose_credential_key(algorithm: nil, x_coordinate: nil, y_coordinate: nil)
-        kty_label = 1
-        alg_label = 3
-        crv_label = -1
-        x_label = -2
-        y_label = -3
-
-        kty_ec2 = 2
-        alg_es256 = -7
-        crv_p256 = 1
-
-        CBOR.encode(
-          kty_label => kty_ec2,
-          alg_label => algorithm || alg_es256,
-          crv_label => crv_p256,
-          x_label => x_coordinate || SecureRandom.random_bytes(32),
-          y_label => y_coordinate || SecureRandom.random_bytes(32)
-        )
-      end
+    attr_reader :credentials
 
-      def key_bytes(public_key)
-        public_key.to_bn.to_s(2)
-      end
+    def new_credential
+      [SecureRandom.random_bytes(16), OpenSSL::PKey::EC.new("prime256v1").generate_key]
     end
 
-    class Get < Base
-      def signature
-        @signature ||= credential_key.sign(
-          "SHA256",
-          authenticator_data + OpenSSL::Digest::SHA256.digest(client_data_json)
-        )
-      end
-
-      private
-
-      def type
-        "webauthn.get"
-      end
+    def hashed(target)
+      OpenSSL::Digest::SHA256.digest(target)
     end
   end
 end

data/lib/webauthn/fake_authenticator/attestation_object.rb

@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+require "cbor"
+require "webauthn/fake_authenticator/authenticator_data"
+
+module WebAuthn
+  class FakeAuthenticator
+    class AttestationObject
+      def initialize(
+        client_data_hash:,
+        rp_id_hash:,
+        credential_id:,
+        credential_key:,
+        user_present: true,
+        user_verified: false
+      )
+        @client_data_hash = client_data_hash
+        @rp_id_hash = rp_id_hash
+        @credential_id = credential_id
+        @credential_key = credential_key
+        @user_present = user_present
+        @user_verified = user_verified
+      end
+
+      def serialize
+        CBOR.encode(
+          "fmt" => "none",
+          "attStmt" => {},
+          "authData" => authenticator_data.serialize
+        )
+      end
+
+      private
+
+      attr_reader :client_data_hash, :rp_id_hash, :credential_id, :credential_key, :user_present, :user_verified
+
+      def authenticator_data
+        @authenticator_data ||= AuthenticatorData.new(
+          rp_id_hash: rp_id_hash,
+          credential: { id: credential_id, public_key: credential_key.public_key },
+          user_present: user_present,
+          user_verified: user_verified
+        )
+      end
+    end
+  end
+end

data/lib/webauthn/fake_authenticator/authenticator_data.rb

@@ -0,0 +1,113 @@
+# frozen_string_literal: true
+
+require "cose/key"
+require "cbor"
+require "securerandom"
+
+module WebAuthn
+  class FakeAuthenticator
+    class AuthenticatorData
+      def initialize(rp_id_hash:, credential: nil, sign_count: 0, user_present: true, user_verified: !user_present)
+        @rp_id_hash = rp_id_hash
+        @credential = credential
+        @sign_count = sign_count
+        @user_present = user_present
+        @user_verified = user_verified
+      end
+
+      def serialize
+        rp_id_hash + flags + serialized_sign_count + attested_credential_data + extensions
+      end
+
+      private
+
+      attr_reader :rp_id_hash, :credential, :sign_count, :user_present, :user_verified
+
+      def flags
+        [
+          [
+            bit(:user_present),
+            reserved_for_future_use_bit,
+            bit(:user_verified),
+            reserved_for_future_use_bit,
+            reserved_for_future_use_bit,
+            reserved_for_future_use_bit,
+            attested_credential_data_included_bit,
+            extension_data_included_bit
+          ].join
+        ].pack("b*")
+      end
+
+      def serialized_sign_count
+        [sign_count].pack('L>')
+      end
+
+      def attested_credential_data
+        @attested_credential_data ||=
+          if credential
+            WebAuthn::FakeAuthenticator::AAGUID +
+              [credential[:id].length].pack("n*") +
+              credential[:id] +
+              cose_credential_public_key
+          else
+            ""
+          end
+      end
+
+      def extensions
+        CBOR.encode("fakeExtension" => "fakeExtensionValue")
+      end
+
+      def bit(flag)
+        if context[flag]
+          "1"
+        else
+          "0"
+        end
+      end
+
+      def attested_credential_data_included_bit
+        if attested_credential_data.empty?
+          "0"
+        else
+          "1"
+        end
+      end
+
+      def extension_data_included_bit
+        if extensions.empty?
+          "0"
+        else
+          "1"
+        end
+      end
+
+      def reserved_for_future_use_bit
+        "0"
+      end
+
+      def context
+        { user_present: user_present, user_verified: user_verified }
+      end
+
+      def cose_credential_public_key
+        alg = {
+          COSE::Key::EC2::CRV_P256 => -7,
+          COSE::Key::EC2::CRV_P384 => -35,
+          COSE::Key::EC2::CRV_P521 => -36
+        }
+
+        key = COSE::Key::EC2.from_pkey(credential[:public_key])
+
+        # FIXME: Remove once writer in cose
+        key.instance_variable_set(:@alg, alg[key.crv])
+
+        key.serialize
+      end
+
+      def key_bytes(public_key)
+        public_key.to_bn.to_s(2)
+      end
+    end
+  end
+end

data/lib/webauthn/fake_client.rb

@@ -0,0 +1,97 @@
+# frozen_string_literal: true
+
+require "openssl"
+require "webauthn/authenticator_data"
+require "webauthn/fake_authenticator"
+
+module WebAuthn
+  class FakeClient
+    TYPES = { create: "webauthn.create", get: "webauthn.get" }.freeze
+
+    attr_reader :origin
+
+    def initialize(origin = fake_origin, authenticator: WebAuthn::FakeAuthenticator.new)
+      @origin = origin
+      @authenticator = authenticator
+    end
+
+    def create(challenge: fake_challenge, rp_id: nil, user_present: true, user_verified: false)
+      rp_id ||= URI.parse(origin).host
+
+      client_data_json = data_json_for(:create, challenge)
+      client_data_hash = hashed(client_data_json)
+
+      attestation_object = authenticator.make_credential(
+        rp_id: rp_id,
+        client_data_hash: client_data_hash,
+        user_present: user_present,
+        user_verified: user_verified
+      )
+
+      id = WebAuthn::AuthenticatorData.new(CBOR.decode(attestation_object)["authData"]).credential.id
+
+      {
+        id: id,
+        response: {
+          attestation_object: attestation_object,
+          client_data_json: client_data_json
+        }
+      }
+    end
+
+    def get(challenge: fake_challenge, rp_id: nil, user_present: true, user_verified: false)
+      rp_id ||= URI.parse(origin).host
+
+      client_data_json = data_json_for(:get, challenge)
+      client_data_hash = hashed(client_data_json)
+
+      assertion = authenticator.get_assertion(
+        rp_id: rp_id,
+        client_data_hash: client_data_hash,
+        user_present: user_present,
+        user_verified: user_verified
+      )
+
+      {
+        id: assertion[:credential_id],
+        response: {
+          client_data_json: client_data_json,
+          authenticator_data: assertion[:authenticator_data],
+          signature: assertion[:signature]
+        }
+      }
+    end
+
+    private
+
+    attr_reader :authenticator
+
+    def data_json_for(method, challenge)
+      {
+        type: type_for(method),
+        challenge: encode(challenge),
+        origin: origin
+      }.to_json
+    end
+
+    def encode(data)
+      Base64.urlsafe_encode64(data, padding: false)
+    end
+
+    def hashed(data)
+      OpenSSL::Digest::SHA256.digest(data)
+    end
+
+    def fake_challenge
+      SecureRandom.random_bytes(32)
+    end
+
+    def fake_origin
+      "http://localhost#{rand(1000)}"
+    end
+
+    def type_for(method)
+      TYPES[method]
+    end
+  end
+end

data/lib/webauthn/security_utils.rb

@@ -10,8 +10,8 @@ module WebAuthn
     # The values are first processed by SHA256, so that we don't leak length info
     # via timing attacks.
     def secure_compare(first_string, second_string)
-      first_string_sha256 = ::Digest::SHA256.hexdigest(first_string)
-      second_string_sha256 = ::Digest::SHA256.hexdigest(second_string)
+      first_string_sha256 = ::Digest::SHA256.digest(first_string)
+      second_string_sha256 = ::Digest::SHA256.digest(second_string)
 
       SecureCompare.compare(first_string_sha256, second_string_sha256) && first_string == second_string
     end

data/lib/webauthn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module WebAuthn
-  VERSION = "1.11.0"
+  VERSION = "1.12.0"
 end

data/webauthn.gemspec

@@ -10,7 +10,8 @@ Gem::Specification.new do |spec|
   spec.authors       = ["Gonzalo Rodriguez", "Braulio Martinez"]
   spec.email         = ["gonzalo@cedarcode.com", "braulio@cedarcode.com"]
 
-  spec.summary       = "WebAuthn in ruby ― Ruby implementation of a WebAuthn Relying Party"
+  spec.summary       = "WebAuthn ruby library"
+  spec.description   = "Make your Ruby/Rails web server become a conformant WebAuthn Relying Party"
   spec.homepage      = "https://github.com/cedarcode/webauthn-ruby"
   spec.license       = "MIT"
 
@@ -30,11 +31,12 @@ Gem::Specification.new do |spec|
   spec.required_ruby_version = ">= 2.3"
 
   spec.add_dependency "cbor", "~> 0.5.9"
-  spec.add_dependency "cose", "~> 0.4.1"
+  spec.add_dependency "cose", "~> 0.6.0"
   spec.add_dependency "jwt", [">= 1.5", "< 3.0"]
   spec.add_dependency "openssl", "~> 2.0"
   spec.add_dependency "securecompare", "~> 1.0"
 
+  spec.add_development_dependency "appraisal", "~> 2.2.0"
   spec.add_development_dependency "bundler", ">= 1.17", "< 3.0"
   spec.add_development_dependency "byebug", "~> 11.0"
   spec.add_development_dependency "rake", "~> 12.3"

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: webauthn
 version: !ruby/object:Gem::Version
-  version: 1.11.0
+  version: 1.12.0
 platform: ruby
 authors:
 - Gonzalo Rodriguez
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2019-03-15 00:00:00.000000000 Z
+date: 2019-04-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: cbor
@@ -31,14 +31,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.4.1
+        version: 0.6.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.4.1
+        version: 0.6.0
 - !ruby/object:Gem::Dependency
   name: jwt
   requirement: !ruby/object:Gem::Requirement
@@ -87,6 +87,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: appraisal
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.2.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.2.0
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -163,7 +177,8 @@ dependencies:
     - - '='
       - !ruby/object:Gem::Version
         version: 0.65.0
-description: 
+description: Make your Ruby/Rails web server become a conformant WebAuthn Relying
+  Party
 email:
 - gonzalo@cedarcode.com
 - braulio@cedarcode.com
@@ -175,6 +190,7 @@ files:
 - ".rspec"
 - ".rubocop.yml"
 - ".travis.yml"
+- Appraisals
 - CHANGELOG.md
 - Gemfile
 - LICENSE.txt
@@ -182,24 +198,31 @@ files:
 - Rakefile
 - bin/console
 - bin/setup
+- gemfiles/openssl_2_0.gemfile
+- gemfiles/openssl_2_1.gemfile
 - lib/cose/ecdsa.rb
 - lib/webauthn.rb
 - lib/webauthn/attestation_statement.rb
 - lib/webauthn/attestation_statement/android_key.rb
+- lib/webauthn/attestation_statement/android_key/authorization_list.rb
+- lib/webauthn/attestation_statement/android_key/key_description.rb
 - lib/webauthn/attestation_statement/android_safetynet.rb
 - lib/webauthn/attestation_statement/base.rb
 - lib/webauthn/attestation_statement/fido_u2f.rb
+- lib/webauthn/attestation_statement/fido_u2f/public_key.rb
 - lib/webauthn/attestation_statement/none.rb
 - lib/webauthn/attestation_statement/packed.rb
 - lib/webauthn/authenticator_assertion_response.rb
 - lib/webauthn/authenticator_attestation_response.rb
 - lib/webauthn/authenticator_data.rb
 - lib/webauthn/authenticator_data/attested_credential_data.rb
-- lib/webauthn/authenticator_data/attested_credential_data/public_key.rb
 - lib/webauthn/authenticator_response.rb
 - lib/webauthn/client_data.rb
 - lib/webauthn/error.rb
 - lib/webauthn/fake_authenticator.rb
+- lib/webauthn/fake_authenticator/attestation_object.rb
+- lib/webauthn/fake_authenticator/authenticator_data.rb
+- lib/webauthn/fake_client.rb
 - lib/webauthn/security_utils.rb
 - lib/webauthn/version.rb
 - webauthn.gemspec
@@ -228,5 +251,5 @@ requirements: []
 rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
-summary: WebAuthn in ruby ― Ruby implementation of a WebAuthn Relying Party
+summary: WebAuthn ruby library
 test_files: []

data/lib/webauthn/authenticator_data/attested_credential_data/public_key.rb

@@ -1,37 +0,0 @@
-# frozen_string_literal: true
-
-require "cose/ecdsa"
-require "cose/key/ec2"
-
-module WebAuthn
-  class AuthenticatorData
-    class AttestedCredentialData
-      class PublicKey
-        COORDINATE_LENGTH = 32
-
-        def initialize(data)
-          @data = data
-        end
-
-        def valid?
-          data.size >= COORDINATE_LENGTH * 2 &&
-            cose_key.x_coordinate.length == COORDINATE_LENGTH &&
-            cose_key.y_coordinate.length == COORDINATE_LENGTH &&
-            cose_key.algorithm == COSE::ECDSA::ALG_ES256
-        end
-
-        def to_str
-          "\x04" + cose_key.x_coordinate + cose_key.y_coordinate
-        end
-
-        private
-
-        attr_reader :data
-
-        def cose_key
-          @cose_key ||= COSE::Key::EC2.deserialize(data)
-        end
-      end
-    end
-  end
-end