@bradford-tech/supabase-integrity-attest 0.2.2 → 0.2.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"assertion.d.ts","sourceRoot":"","sources":["../../src/src/assertion.ts"],"names":[],"mappings":"AAaA,MAAM,WAAW,OAAO;IACtB,KAAK,EAAE,MAAM,CAAC;IACd,cAAc,CAAC,EAAE,OAAO,CAAC;CAC1B;AAED,MAAM,WAAW,eAAe;IAC9B,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,wBAAsB,eAAe,CACnC,OAAO,EAAE,OAAO,EAChB,SAAS,EAAE,UAAU,GAAG,MAAM,EAC9B,UAAU,EAAE,UAAU,GAAG,MAAM,EAC/B,YAAY,EAAE,MAAM,EACpB,iBAAiB,EAAE,MAAM,GACxB,OAAO,CAAC,eAAe,CAAC,
|
|
1
|
+
{"version":3,"file":"assertion.d.ts","sourceRoot":"","sources":["../../src/src/assertion.ts"],"names":[],"mappings":"AAaA,MAAM,WAAW,OAAO;IACtB,KAAK,EAAE,MAAM,CAAC;IACd,cAAc,CAAC,EAAE,OAAO,CAAC;CAC1B;AAED,MAAM,WAAW,eAAe;IAC9B,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,wBAAsB,eAAe,CACnC,OAAO,EAAE,OAAO,EAChB,SAAS,EAAE,UAAU,GAAG,MAAM,EAC9B,UAAU,EAAE,UAAU,GAAG,MAAM,EAC/B,YAAY,EAAE,MAAM,EACpB,iBAAiB,EAAE,MAAM,GACxB,OAAO,CAAC,eAAe,CAAC,CA2G1B"}
|
package/esm/src/assertion.js
CHANGED
|
@@ -37,8 +37,9 @@ export async function verifyAssertion(appInfo, assertion, clientData, publicKeyP
|
|
|
37
37
|
}
|
|
38
38
|
// Step 5: Compute clientDataHash
|
|
39
39
|
const clientDataHash = new Uint8Array(await crypto.subtle.digest("SHA-256", clientDataBytes));
|
|
40
|
-
// Step 6:
|
|
41
|
-
|
|
40
|
+
// Step 6: Compute nonce = SHA-256(authenticatorData || clientDataHash)
|
|
41
|
+
// Apple signs this nonce as the message to ES256 (not authData || clientDataHash directly)
|
|
42
|
+
const nonce = new Uint8Array(await crypto.subtle.digest("SHA-256", concat(decoded.authenticatorData, clientDataHash)));
|
|
42
43
|
// Step 7: Convert DER signature to raw r||s
|
|
43
44
|
let signatureRaw;
|
|
44
45
|
try {
|
|
@@ -55,8 +56,8 @@ export async function verifyAssertion(appInfo, assertion, clientData, publicKeyP
|
|
|
55
56
|
catch (e) {
|
|
56
57
|
throw new AssertionError(AssertionErrorCode.INVALID_FORMAT, `Invalid public key PEM: ${e instanceof Error ? e.message : String(e)}`);
|
|
57
58
|
}
|
|
58
|
-
// Step 9: Verify ECDSA signature
|
|
59
|
-
const valid = await crypto.subtle.verify({ name: "ECDSA", hash: "SHA-256" }, publicKey, signatureRaw,
|
|
59
|
+
// Step 9: Verify ECDSA signature over nonce
|
|
60
|
+
const valid = await crypto.subtle.verify({ name: "ECDSA", hash: "SHA-256" }, publicKey, signatureRaw, nonce);
|
|
60
61
|
if (!valid) {
|
|
61
62
|
throw new AssertionError(AssertionErrorCode.SIGNATURE_INVALID, "ECDSA signature verification failed");
|
|
62
63
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"certificate.d.ts","sourceRoot":"","sources":["../../src/src/certificate.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"certificate.d.ts","sourceRoot":"","sources":["../../src/src/certificate.ts"],"names":[],"mappings":"AA+UA;;;;;GAKG;AACH,wBAAsB,sBAAsB,CAC1C,GAAG,EAAE,UAAU,EAAE,EACjB,SAAS,CAAC,EAAE,IAAI,GACf,OAAO,CAAC,IAAI,CAAC,CAkEf;AAED;;;;;;;;GAQG;AACH,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,UAAU,GAAG,UAAU,CA6BpE;AAED;;;;;GAKG;AACH,wBAAsB,wBAAwB,CAC5C,OAAO,EAAE,UAAU,GAClB,OAAO,CAAC,UAAU,CAAC,CAqBrB"}
|
package/esm/src/certificate.js
CHANGED
|
@@ -192,10 +192,14 @@ async function verifySignature(child, parent) {
|
|
|
192
192
|
// Use @noble/curves p384 to verify instead.
|
|
193
193
|
if (namedCurve === "P-384" && hash === "SHA-256") {
|
|
194
194
|
// Pre-hash TBS, then verify with @noble/curves.
|
|
195
|
-
//
|
|
195
|
+
// lowS: false — X.509 signatures don't enforce BIP-62 low-S normalization.
|
|
196
|
+
// prehash: false — we hash manually since the hash algorithm differs from the curve's default.
|
|
196
197
|
const digest = new Uint8Array(await crypto.subtle.digest(hash, child.tbsCertificateDer));
|
|
197
198
|
const rawPubKey = extractRawPublicKeyFromSpki(parent.subjectPublicKeyInfoDer);
|
|
198
|
-
return p384.verify(sigRaw, digest, rawPubKey, {
|
|
199
|
+
return p384.verify(sigRaw, digest, rawPubKey, {
|
|
200
|
+
prehash: false,
|
|
201
|
+
lowS: false,
|
|
202
|
+
});
|
|
199
203
|
}
|
|
200
204
|
// Standard pairing — WebCrypto
|
|
201
205
|
const parentKey = await crypto.subtle.importKey("spki", parent.subjectPublicKeyInfoDer, { name: "ECDSA", namedCurve }, false, ["verify"]);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"generate-assertion.d.ts","sourceRoot":"","sources":["../../../src/tests/fixtures/generate-assertion.ts"],"names":[],"mappings":"AAKA,MAAM,WAAW,yBAAyB;IACxC,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,UAAU,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,aAAa,CAAC;CACzB;AAED,MAAM,WAAW,wBAAwB;IACvC,SAAS,EAAE,UAAU,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,UAAU,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,aAAa,CAAC;CACxB;AAED;;;GAGG;AACH,wBAAsB,0BAA0B,CAC9C,IAAI,EAAE,yBAAyB,GAC9B,OAAO,CAAC,wBAAwB,CAAC,
|
|
1
|
+
{"version":3,"file":"generate-assertion.d.ts","sourceRoot":"","sources":["../../../src/tests/fixtures/generate-assertion.ts"],"names":[],"mappings":"AAKA,MAAM,WAAW,yBAAyB;IACxC,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,UAAU,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,aAAa,CAAC;CACzB;AAED,MAAM,WAAW,wBAAwB;IACvC,SAAS,EAAE,UAAU,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,UAAU,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,aAAa,CAAC;CACxB;AAED;;;GAGG;AACH,wBAAsB,0BAA0B,CAC9C,IAAI,EAAE,yBAAyB,GAC9B,OAAO,CAAC,wBAAwB,CAAC,CAuDnC"}
|