@simplewebauthn/server 4.0.0 → 4.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/authentication/verifyAuthenticationResponse.d.ts +1 -1
- package/dist/authentication/verifyAuthenticationResponse.js +6 -1
- package/dist/authentication/verifyAuthenticationResponse.js.map +1 -1
- package/dist/helpers/logging.d.ts +16 -0
- package/dist/helpers/logging.js +27 -0
- package/dist/helpers/logging.js.map +1 -0
- package/dist/helpers/validateCertificatePath.js +29 -4
- package/dist/helpers/validateCertificatePath.js.map +1 -1
- package/dist/metadata/verifyAttestationWithMetadata.d.ts +1 -1
- package/dist/metadata/verifyAttestationWithMetadata.js +43 -7
- package/dist/metadata/verifyAttestationWithMetadata.js.map +1 -1
- package/dist/registration/verifications/tpm/verifyTPM.js +1 -1
- package/dist/registration/verifications/tpm/verifyTPM.js.map +1 -1
- package/dist/registration/verifications/verifyAndroidKey.js +1 -1
- package/dist/registration/verifications/verifyAndroidKey.js.map +1 -1
- package/dist/registration/verifications/verifyAndroidSafetyNet.js +2 -4
- package/dist/registration/verifications/verifyAndroidSafetyNet.js.map +1 -1
- package/dist/registration/verifications/verifyPacked.js +1 -1
- package/dist/registration/verifications/verifyPacked.js.map +1 -1
- package/dist/registration/verifyRegistrationResponse.d.ts +1 -1
- package/dist/registration/verifyRegistrationResponse.js +6 -1
- package/dist/registration/verifyRegistrationResponse.js.map +1 -1
- package/dist/services/defaultRootCerts/android-safetynet.d.ts +0 -11
- package/dist/services/defaultRootCerts/android-safetynet.js +1 -34
- package/dist/services/defaultRootCerts/android-safetynet.js.map +1 -1
- package/dist/services/metadataService.d.ts +14 -1
- package/dist/services/metadataService.js +42 -25
- package/dist/services/metadataService.js.map +1 -1
- package/dist/services/settingsService.js +1 -1
- package/dist/services/settingsService.js.map +1 -1
- package/package.json +4 -2
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
import { AuthenticationCredentialJSON, AuthenticatorDevice, UserVerificationRequirement } from '@simplewebauthn/typescript-types';
|
|
3
3
|
export declare type VerifyAuthenticationResponseOpts = {
|
|
4
4
|
credential: AuthenticationCredentialJSON;
|
|
5
|
-
expectedChallenge: string;
|
|
5
|
+
expectedChallenge: string | ((challenge: string) => boolean);
|
|
6
6
|
expectedOrigin: string | string[];
|
|
7
7
|
expectedRPID: string | string[];
|
|
8
8
|
authenticator: AuthenticatorDevice;
|
|
@@ -53,7 +53,12 @@ function verifyAuthenticationResponse(options) {
|
|
|
53
53
|
throw new Error(`Unexpected authentication response type: ${type}`);
|
|
54
54
|
}
|
|
55
55
|
// Ensure the device provided the challenge we gave it
|
|
56
|
-
if (
|
|
56
|
+
if (typeof expectedChallenge === 'function') {
|
|
57
|
+
if (!expectedChallenge(challenge)) {
|
|
58
|
+
throw new Error(`Custom challenge verifier returned false for registration response challenge "${challenge}"`);
|
|
59
|
+
}
|
|
60
|
+
}
|
|
61
|
+
else if (challenge !== expectedChallenge) {
|
|
57
62
|
throw new Error(`Unexpected authentication response challenge "${challenge}", expected "${expectedChallenge}"`);
|
|
58
63
|
}
|
|
59
64
|
// Check that the origin is our site
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verifyAuthenticationResponse.js","sourceRoot":"","sources":["../../src/authentication/verifyAuthenticationResponse.ts"],"names":[],"mappings":";;;;;AAAA,0DAAkC;AAOlC,2FAAmE;AACnE,+DAAuC;AACvC,6FAAqE;AACrE,iFAAyD;AACzD,+FAAuE;AACvE,qFAA6D;AAW7D;;;;;;;;;;;;;;GAcG;AACH,SAAwB,4BAA4B,CAClD,OAAyC;IAEzC,MAAM,EACJ,UAAU,EACV,iBAAiB,EACjB,cAAc,EACd,YAAY,EACZ,aAAa,EACb,oBAAoB,GACrB,GAAG,OAAO,CAAC;IACZ,MAAM,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,GAAG,UAAU,CAAC;IAEjE,oCAAoC;IACpC,IAAI,CAAC,EAAE,EAAE;QACP,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;KAC1C;IAED,iCAAiC;IACjC,IAAI,EAAE,KAAK,KAAK,EAAE;QAChB,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;KAC5D;IAED,0CAA0C;IAC1C,IAAI,cAAc,KAAK,YAAY,EAAE;QACnC,MAAM,IAAI,KAAK,CAAC,8BAA8B,cAAc,yBAAyB,CAAC,CAAC;KACxF;IAED,IAAI,CAAC,QAAQ,EAAE;QACb,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;KAChD;IAED,IAAI,OAAO,CAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,cAAc,CAAA,KAAK,QAAQ,EAAE;QAChD,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;KACxE;IAED,MAAM,cAAc,GAAG,8BAAoB,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;IAErE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,YAAY,EAAE,GAAG,cAAc,CAAC;IAEjE,6CAA6C;IAC7C,IAAI,IAAI,KAAK,cAAc,EAAE;QAC3B,MAAM,IAAI,KAAK,CAAC,4CAA4C,IAAI,EAAE,CAAC,CAAC;KACrE;IAED,sDAAsD;IACtD,IAAI,SAAS,KAAK,iBAAiB,EAAE;
|
|
1
|
+
{"version":3,"file":"verifyAuthenticationResponse.js","sourceRoot":"","sources":["../../src/authentication/verifyAuthenticationResponse.ts"],"names":[],"mappings":";;;;;AAAA,0DAAkC;AAOlC,2FAAmE;AACnE,+DAAuC;AACvC,6FAAqE;AACrE,iFAAyD;AACzD,+FAAuE;AACvE,qFAA6D;AAW7D;;;;;;;;;;;;;;GAcG;AACH,SAAwB,4BAA4B,CAClD,OAAyC;IAEzC,MAAM,EACJ,UAAU,EACV,iBAAiB,EACjB,cAAc,EACd,YAAY,EACZ,aAAa,EACb,oBAAoB,GACrB,GAAG,OAAO,CAAC;IACZ,MAAM,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,GAAG,UAAU,CAAC;IAEjE,oCAAoC;IACpC,IAAI,CAAC,EAAE,EAAE;QACP,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;KAC1C;IAED,iCAAiC;IACjC,IAAI,EAAE,KAAK,KAAK,EAAE;QAChB,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;KAC5D;IAED,0CAA0C;IAC1C,IAAI,cAAc,KAAK,YAAY,EAAE;QACnC,MAAM,IAAI,KAAK,CAAC,8BAA8B,cAAc,yBAAyB,CAAC,CAAC;KACxF;IAED,IAAI,CAAC,QAAQ,EAAE;QACb,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;KAChD;IAED,IAAI,OAAO,CAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,cAAc,CAAA,KAAK,QAAQ,EAAE;QAChD,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;KACxE;IAED,MAAM,cAAc,GAAG,8BAAoB,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;IAErE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,YAAY,EAAE,GAAG,cAAc,CAAC;IAEjE,6CAA6C;IAC7C,IAAI,IAAI,KAAK,cAAc,EAAE;QAC3B,MAAM,IAAI,KAAK,CAAC,4CAA4C,IAAI,EAAE,CAAC,CAAC;KACrE;IAED,sDAAsD;IACtD,IAAI,OAAO,iBAAiB,KAAK,UAAU,EAAE;QAC3C,IAAI,CAAC,iBAAiB,CAAC,SAAS,CAAC,EAAE;YACjC,MAAM,IAAI,KAAK,CACb,iFAAiF,SAAS,GAAG,CAC9F,CAAC;SACH;KACF;SAAM,IAAI,SAAS,KAAK,iBAAiB,EAAE;QAC1C,MAAM,IAAI,KAAK,CACb,iDAAiD,SAAS,gBAAgB,iBAAiB,GAAG,CAC/F,CAAC;KACH;IAED,oCAAoC;IACpC,IAAI,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE;QACjC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE;YACpC,MAAM,oBAAoB,GAAG,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACvD,MAAM,IAAI,KAAK,CACb,8CAA8C,MAAM,uBAAuB,oBAAoB,EAAE,CAClG,CAAC;SACH;KACF;SAAM;QACL,IAAI,MAAM,KAAK,cAAc,EAAE;YAC7B,MAAM,IAAI,KAAK,CACb,8CAA8C,MAAM,gBAAgB,cAAc,GAAG,CACtF,CAAC;SACH;KACF;IAED,IAAI,CAAC,2BAAiB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,EAAE;QAClD,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;KACrF;IAED,IAAI,CAAC,2BAAiB,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE;QAC1C,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAC;KAC7E;IAED,IAAI,QAAQ,CAAC,UAAU,IAAI,OAAO,QAAQ,CAAC,UAAU,KAAK,QAAQ,EAAE;QAClE,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;KACpE;IAED,IAAI,YAAY,EAAE;QAChB,IAAI,OAAO,YAAY,KAAK,QAAQ,EAAE;YACpC,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;SAClE;QAED,IAAI,CAAC,SAAS,EAAE,WAAW,EAAE,cAAc,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE;YAC7E,MAAM,IAAI,KAAK,CAAC,kCAAkC,YAAY,CAAC,MAAM,EAAE,CAAC,CAAC;SAC1E;KACF;IAED,MAAM,cAAc,GAAG,mBAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC;IACtE,MAAM,cAAc,GAAG,gCAAsB,CAAC,cAAc,CAAC,CAAC;IAC9D,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,cAAc,CAAC;IAEpD,yCAAyC;IACzC,IAAI,OAAO,YAAY,KAAK,QAAQ,EAAE;QACpC,MAAM,gBAAgB,GAAG,gBAAM,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC,CAAC;QACpE,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,gBAAgB,CAAC,EAAE;YACtC,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;SAC1C;KACF;SAAM;QACL,kEAAkE;QAClE,MAAM,UAAU,GAAG,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;YAC9C,MAAM,gBAAgB,GAAG,gBAAM,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC;YAChE,OAAO,QAAQ,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;QAC3C,CAAC,CAAC,CAAC;QAEH,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;SAC1C;KACF;IAED,wCAAwC;IACxC,IAAI,oBAAoB,EAAE;QACxB,IAAI,oBAAoB,KAAK,UAAU,EAAE;YACvC,0DAA0D;YAC1D,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE;gBACb,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;aAC/E;SACF;aAAM,IAAI,oBAAoB,KAAK,WAAW,IAAI,oBAAoB,KAAK,aAAa,EAAE;YACzF,oBAAoB;SACrB;KACF;SAAM;QACL,wDAAwD;QACxD,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE;YACb,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;SAC3D;KACF;IAED,MAAM,cAAc,GAAG,gBAAM,CAAC,mBAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,CAAC;IAC3E,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,cAAc,EAAE,cAAc,CAAC,CAAC,CAAC;IAEtE,MAAM,SAAS,GAAG,+BAAqB,CAAC,aAAa,CAAC,mBAAmB,CAAC,CAAC;IAC3E,MAAM,SAAS,GAAG,mBAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;IAEzD,IAAI,CAAC,OAAO,GAAG,CAAC,IAAI,aAAa,CAAC,OAAO,GAAG,CAAC,CAAC,IAAI,OAAO,IAAI,aAAa,CAAC,OAAO,EAAE;QAClF,sFAAsF;QACtF,2FAA2F;QAC3F,sFAAsF;QACtF,gDAAgD;QAChD,MAAM,IAAI,KAAK,CACb,0BAA0B,OAAO,4BAA4B,aAAa,CAAC,OAAO,EAAE,CACrF,CAAC;KACH;IAED,MAAM,QAAQ,GAAG;QACf,QAAQ,EAAE,yBAAe,CAAC,SAAS,EAAE,aAAa,EAAE,SAAS,CAAC;QAC9D,kBAAkB,EAAE;YAClB,UAAU,EAAE,OAAO;YACnB,YAAY,EAAE,aAAa,CAAC,YAAY;SACzC;KACF,CAAC;IAEF,OAAO,QAAQ,CAAC;AAClB,CAAC;AAhKD,+CAgKC"}
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
import { Debugger } from 'debug';
|
|
2
|
+
/**
|
|
3
|
+
* Generate an instance of a `debug` logger that extends off of the "simplewebauthn" namespace for
|
|
4
|
+
* consistent naming.
|
|
5
|
+
*
|
|
6
|
+
* See https://www.npmjs.com/package/debug for information on how to control logging output when
|
|
7
|
+
* using @simplewebauthn/server
|
|
8
|
+
*
|
|
9
|
+
* Example:
|
|
10
|
+
*
|
|
11
|
+
* ```
|
|
12
|
+
* const log = getLogger('mds');
|
|
13
|
+
* log('hello'); // simplewebauthn:mds hello +0ms
|
|
14
|
+
* ```
|
|
15
|
+
*/
|
|
16
|
+
export declare function getLogger(name: string): Debugger;
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.getLogger = void 0;
|
|
7
|
+
const debug_1 = __importDefault(require("debug"));
|
|
8
|
+
const defaultLogger = debug_1.default('SimpleWebAuthn');
|
|
9
|
+
/**
|
|
10
|
+
* Generate an instance of a `debug` logger that extends off of the "simplewebauthn" namespace for
|
|
11
|
+
* consistent naming.
|
|
12
|
+
*
|
|
13
|
+
* See https://www.npmjs.com/package/debug for information on how to control logging output when
|
|
14
|
+
* using @simplewebauthn/server
|
|
15
|
+
*
|
|
16
|
+
* Example:
|
|
17
|
+
*
|
|
18
|
+
* ```
|
|
19
|
+
* const log = getLogger('mds');
|
|
20
|
+
* log('hello'); // simplewebauthn:mds hello +0ms
|
|
21
|
+
* ```
|
|
22
|
+
*/
|
|
23
|
+
function getLogger(name) {
|
|
24
|
+
return defaultLogger.extend(name);
|
|
25
|
+
}
|
|
26
|
+
exports.getLogger = getLogger;
|
|
27
|
+
//# sourceMappingURL=logging.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"logging.js","sourceRoot":"","sources":["../../src/helpers/logging.ts"],"names":[],"mappings":";;;;;;AAAA,kDAAwC;AAExC,MAAM,aAAa,GAAG,eAAK,CAAC,gBAAgB,CAAC,CAAC;AAE9C;;;;;;;;;;;;;GAaG;AACH,SAAgB,SAAS,CAAC,IAAY;IACpC,OAAO,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;AACpC,CAAC;AAFD,8BAEC"}
|
|
@@ -21,18 +21,24 @@ async function validateCertificatePath(certificates, rootCertificates = []) {
|
|
|
21
21
|
return true;
|
|
22
22
|
}
|
|
23
23
|
let invalidSubjectAndIssuerError = false;
|
|
24
|
+
let certificateNotYetValidOrExpiredErrorMessage = undefined;
|
|
24
25
|
for (const rootCert of rootCertificates) {
|
|
25
26
|
try {
|
|
26
27
|
const certsWithRoot = certificates.concat([rootCert]);
|
|
27
28
|
await _validatePath(certsWithRoot);
|
|
28
|
-
// If we successfully validated a path then there's no need to continue
|
|
29
|
+
// If we successfully validated a path then there's no need to continue. Reset any existing
|
|
30
|
+
// errors that were thrown by earlier root certificates
|
|
29
31
|
invalidSubjectAndIssuerError = false;
|
|
32
|
+
certificateNotYetValidOrExpiredErrorMessage = undefined;
|
|
30
33
|
break;
|
|
31
34
|
}
|
|
32
35
|
catch (err) {
|
|
33
36
|
if (err instanceof InvalidSubjectAndIssuer) {
|
|
34
37
|
invalidSubjectAndIssuerError = true;
|
|
35
38
|
}
|
|
39
|
+
else if (err instanceof CertificateNotYetValidOrExpired) {
|
|
40
|
+
certificateNotYetValidOrExpiredErrorMessage = err.message;
|
|
41
|
+
}
|
|
36
42
|
else {
|
|
37
43
|
throw err;
|
|
38
44
|
}
|
|
@@ -42,6 +48,9 @@ async function validateCertificatePath(certificates, rootCertificates = []) {
|
|
|
42
48
|
if (invalidSubjectAndIssuerError) {
|
|
43
49
|
throw new InvalidSubjectAndIssuer();
|
|
44
50
|
}
|
|
51
|
+
else if (certificateNotYetValidOrExpiredErrorMessage) {
|
|
52
|
+
throw new CertificateNotYetValidOrExpired(certificateNotYetValidOrExpiredErrorMessage);
|
|
53
|
+
}
|
|
45
54
|
return true;
|
|
46
55
|
}
|
|
47
56
|
exports.default = validateCertificatePath;
|
|
@@ -54,8 +63,10 @@ async function _validatePath(certificates) {
|
|
|
54
63
|
const subjectPem = certificates[i];
|
|
55
64
|
const subjectCert = new jsrsasign_1.X509();
|
|
56
65
|
subjectCert.readCertPEM(subjectPem);
|
|
66
|
+
const isLeafCert = i === 0;
|
|
67
|
+
const isRootCert = i + 1 >= certificates.length;
|
|
57
68
|
let issuerPem = '';
|
|
58
|
-
if (
|
|
69
|
+
if (isRootCert) {
|
|
59
70
|
issuerPem = subjectPem;
|
|
60
71
|
}
|
|
61
72
|
else {
|
|
@@ -71,9 +82,17 @@ async function _validatePath(certificates) {
|
|
|
71
82
|
// Check that intermediate certificate is within its valid time window
|
|
72
83
|
const notBefore = jsrsasign_1.zulutodate(issuerCert.getNotBefore());
|
|
73
84
|
const notAfter = jsrsasign_1.zulutodate(issuerCert.getNotAfter());
|
|
74
|
-
const now = new Date();
|
|
85
|
+
const now = new Date(Date.now());
|
|
75
86
|
if (notBefore > now || notAfter < now) {
|
|
76
|
-
|
|
87
|
+
if (isLeafCert) {
|
|
88
|
+
throw new CertificateNotYetValidOrExpired(`Leaf certificate is not yet valid or expired: ${issuerPem}`);
|
|
89
|
+
}
|
|
90
|
+
else if (isRootCert) {
|
|
91
|
+
throw new CertificateNotYetValidOrExpired(`Root certificate is not yet valid or expired: ${issuerPem}`);
|
|
92
|
+
}
|
|
93
|
+
else {
|
|
94
|
+
throw new CertificateNotYetValidOrExpired(`Intermediate certificate is not yet valid or expired: ${issuerPem}`);
|
|
95
|
+
}
|
|
77
96
|
}
|
|
78
97
|
if (subjectCert.getIssuerString() !== issuerCert.getSubjectString()) {
|
|
79
98
|
throw new InvalidSubjectAndIssuer();
|
|
@@ -98,4 +117,10 @@ class InvalidSubjectAndIssuer extends Error {
|
|
|
98
117
|
this.name = 'InvalidSubjectAndIssuer';
|
|
99
118
|
}
|
|
100
119
|
}
|
|
120
|
+
class CertificateNotYetValidOrExpired extends Error {
|
|
121
|
+
constructor(message) {
|
|
122
|
+
super(message);
|
|
123
|
+
this.name = 'CertificateNotYetValidOrExpired';
|
|
124
|
+
}
|
|
125
|
+
}
|
|
101
126
|
//# sourceMappingURL=validateCertificatePath.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"validateCertificatePath.js","sourceRoot":"","sources":["../../src/helpers/validateCertificatePath.ts"],"names":[],"mappings":";;;;;AAAA,sDAAsD;AACtD,qDAAqD;AACrD,kBAAkB;AAClB,yCAA4D;AAE5D,oEAA4C;AAE5C,MAAM,EAAE,MAAM,EAAE,GAAG,gBAAI,CAAC;AAExB;;;;GAIG;AACY,KAAK,UAAU,uBAAuB,CACnD,YAAsB,EACtB,mBAA6B,EAAE;IAE/B,IAAI,gBAAgB,CAAC,MAAM,KAAK,CAAC,EAAE;QACjC,kFAAkF;QAClF,0DAA0D;QAC1D,OAAO,IAAI,CAAC;KACb;IAED,IAAI,4BAA4B,GAAG,KAAK,CAAC;IACzC,KAAK,MAAM,QAAQ,IAAI,gBAAgB,EAAE;QACvC,IAAI;YACF,MAAM,aAAa,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;YACtD,MAAM,aAAa,CAAC,aAAa,CAAC,CAAC;YACnC,
|
|
1
|
+
{"version":3,"file":"validateCertificatePath.js","sourceRoot":"","sources":["../../src/helpers/validateCertificatePath.ts"],"names":[],"mappings":";;;;;AAAA,sDAAsD;AACtD,qDAAqD;AACrD,kBAAkB;AAClB,yCAA4D;AAE5D,oEAA4C;AAE5C,MAAM,EAAE,MAAM,EAAE,GAAG,gBAAI,CAAC;AAExB;;;;GAIG;AACY,KAAK,UAAU,uBAAuB,CACnD,YAAsB,EACtB,mBAA6B,EAAE;IAE/B,IAAI,gBAAgB,CAAC,MAAM,KAAK,CAAC,EAAE;QACjC,kFAAkF;QAClF,0DAA0D;QAC1D,OAAO,IAAI,CAAC;KACb;IAED,IAAI,4BAA4B,GAAG,KAAK,CAAC;IACzC,IAAI,2CAA2C,GAAG,SAAS,CAAC;IAC5D,KAAK,MAAM,QAAQ,IAAI,gBAAgB,EAAE;QACvC,IAAI;YACF,MAAM,aAAa,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;YACtD,MAAM,aAAa,CAAC,aAAa,CAAC,CAAC;YACnC,2FAA2F;YAC3F,uDAAuD;YACvD,4BAA4B,GAAG,KAAK,CAAC;YACrC,2CAA2C,GAAG,SAAS,CAAC;YACxD,MAAM;SACP;QAAC,OAAO,GAAG,EAAE;YACZ,IAAI,GAAG,YAAY,uBAAuB,EAAE;gBAC1C,4BAA4B,GAAG,IAAI,CAAC;aACrC;iBAAM,IAAI,GAAG,YAAY,+BAA+B,EAAE;gBACzD,2CAA2C,GAAG,GAAG,CAAC,OAAO,CAAC;aAC3D;iBAAM;gBACL,MAAM,GAAG,CAAC;aACX;SACF;KACF;IAED,uDAAuD;IACvD,IAAI,4BAA4B,EAAE;QAChC,MAAM,IAAI,uBAAuB,EAAE,CAAC;KACrC;SAAM,IAAI,2CAA2C,EAAE;QACtD,MAAM,IAAI,+BAA+B,CAAC,2CAA2C,CAAC,CAAC;KACxF;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAxCD,0CAwCC;AAED,KAAK,UAAU,aAAa,CAAC,YAAsB;IACjD,IAAI,IAAI,GAAG,CAAC,YAAY,CAAC,CAAC,IAAI,KAAK,YAAY,CAAC,MAAM,EAAE;QACtD,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;KAC3E;IAED,wFAAwF;IACxF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,YAAY,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE;QAC/C,MAAM,UAAU,GAAG,YAAY,CAAC,CAAC,CAAC,CAAC;QAEnC,MAAM,WAAW,GAAG,IAAI,gBAAI,EAAE,CAAC;QAC/B,WAAW,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;QAEpC,MAAM,UAAU,GAAG,CAAC,KAAK,CAAC,CAAC;QAC3B,MAAM,UAAU,GAAG,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,MAAM,CAAC;QAEhD,IAAI,SAAS,GAAG,EAAE,CAAC;QACnB,IAAI,UAAU,EAAE;YACd,SAAS,GAAG,UAAU,CAAC;SACxB;aAAM;YACL,SAAS,GAAG,YAAY,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;SACjC;QAED,MAAM,UAAU,GAAG,IAAI,gBAAI,EAAE,CAAC;QAC9B,UAAU,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;QAElC,mCAAmC;QACnC,MAAM,kBAAkB,GAAG,MAAM,uBAAa,CAAC,WAAW,CAAC,CAAC;QAE5D,IAAI,kBAAkB,EAAE;YACtB,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;SAClE;QAED,sEAAsE;QACtE,MAAM,SAAS,GAAG,sBAAU,CAAC,UAAU,CAAC,YAAY,EAAE,CAAC,CAAC;QACxD,MAAM,QAAQ,GAAG,sBAAU,CAAC,UAAU,CAAC,WAAW,EAAE,CAAC,CAAC;QAEtD,MAAM,GAAG,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;QACjC,IAAI,SAAS,GAAG,GAAG,IAAI,QAAQ,GAAG,GAAG,EAAE;YACrC,IAAI,UAAU,EAAE;gBACd,MAAM,IAAI,+BAA+B,CACvC,iDAAiD,SAAS,EAAE,CAC7D,CAAC;aACH;iBAAM,IAAI,UAAU,EAAE;gBACrB,MAAM,IAAI,+BAA+B,CACvC,iDAAiD,SAAS,EAAE,CAC7D,CAAC;aACH;iBAAM;gBACL,MAAM,IAAI,+BAA+B,CACvC,yDAAyD,SAAS,EAAE,CACrE,CAAC;aACH;SACF;QAED,IAAI,WAAW,CAAC,eAAe,EAAE,KAAK,UAAU,CAAC,gBAAgB,EAAE,EAAE;YACnE,MAAM,IAAI,uBAAuB,EAAE,CAAC;SACrC;QAED,MAAM,iBAAiB,GAAG,mBAAO,CAAC,YAAY,CAAC,WAAW,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QACxE,MAAM,GAAG,GAAG,WAAW,CAAC,0BAA0B,EAAE,CAAC;QACrD,MAAM,YAAY,GAAG,WAAW,CAAC,oBAAoB,EAAE,CAAC;QAExD,MAAM,SAAS,GAAG,IAAI,MAAM,CAAC,SAAS,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;QAChD,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAC1B,SAAS,CAAC,SAAS,CAAC,iBAAiB,CAAC,CAAC;QAEvC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,YAAY,CAAC,EAAE;YACnC,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;SAChE;KACF;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,+CAA+C;AAC/C,MAAM,uBAAwB,SAAQ,KAAK;IACzC;QACE,MAAM,OAAO,GAAG,6CAA6C,CAAC;QAC9D,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,yBAAyB,CAAC;IACxC,CAAC;CACF;AAED,MAAM,+BAAgC,SAAQ,KAAK;IACjD,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,iCAAiC,CAAC;IAChD,CAAC;CACF"}
|
|
@@ -5,4 +5,4 @@ import { MetadataStatement } from '../metadata/mdsTypes';
|
|
|
5
5
|
* Match properties of the authenticator's attestation statement against expected values as
|
|
6
6
|
* registered with the FIDO Alliance Metadata Service
|
|
7
7
|
*/
|
|
8
|
-
export default function verifyAttestationWithMetadata(statement: MetadataStatement,
|
|
8
|
+
export default function verifyAttestationWithMetadata(statement: MetadataStatement, credentialPublicKey: Buffer, x5c: Buffer[] | Base64URLString[]): Promise<boolean>;
|
|
@@ -5,29 +5,65 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
6
|
const convertCertBufferToPEM_1 = __importDefault(require("../helpers/convertCertBufferToPEM"));
|
|
7
7
|
const validateCertificatePath_1 = __importDefault(require("../helpers/validateCertificatePath"));
|
|
8
|
+
const decodeCredentialPublicKey_1 = __importDefault(require("../helpers/decodeCredentialPublicKey"));
|
|
9
|
+
const convertCOSEtoPKCS_1 = require("../helpers/convertCOSEtoPKCS");
|
|
8
10
|
/**
|
|
9
11
|
* Match properties of the authenticator's attestation statement against expected values as
|
|
10
12
|
* registered with the FIDO Alliance Metadata Service
|
|
11
13
|
*/
|
|
12
|
-
async function verifyAttestationWithMetadata(statement,
|
|
14
|
+
async function verifyAttestationWithMetadata(statement, credentialPublicKey, x5c) {
|
|
13
15
|
// Make sure the alg in the attestation statement matches one of the ones specified in metadata
|
|
14
|
-
const
|
|
16
|
+
const keypairCOSEAlgs = new Set();
|
|
15
17
|
statement.authenticationAlgorithms.forEach(algSign => {
|
|
16
18
|
// Convert algSign string to { kty, alg, crv }
|
|
17
19
|
const algSignCOSEINFO = algSignToCOSEInfo(algSign);
|
|
18
20
|
if (algSignCOSEINFO) {
|
|
19
|
-
|
|
21
|
+
keypairCOSEAlgs.add(algSignCOSEINFO);
|
|
20
22
|
}
|
|
21
23
|
});
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
24
|
+
// Extract the public key's COSE info for comparison
|
|
25
|
+
const decodedPublicKey = decodeCredentialPublicKey_1.default(credentialPublicKey);
|
|
26
|
+
// Assume everything is a number because these values should be
|
|
27
|
+
const publicKeyCOSEInfo = {
|
|
28
|
+
kty: decodedPublicKey.get(convertCOSEtoPKCS_1.COSEKEYS.kty),
|
|
29
|
+
alg: decodedPublicKey.get(convertCOSEtoPKCS_1.COSEKEYS.alg),
|
|
30
|
+
crv: decodedPublicKey.get(convertCOSEtoPKCS_1.COSEKEYS.crv),
|
|
31
|
+
};
|
|
32
|
+
if (!publicKeyCOSEInfo.crv) {
|
|
33
|
+
delete publicKeyCOSEInfo.crv;
|
|
34
|
+
}
|
|
35
|
+
/**
|
|
36
|
+
* Attempt to match the credential public key's algorithm to one specified in the device's
|
|
37
|
+
* metadata
|
|
38
|
+
*/
|
|
39
|
+
let foundMatch = false;
|
|
40
|
+
for (const keypairAlg of keypairCOSEAlgs) {
|
|
41
|
+
// Make sure algorithm and key type match
|
|
42
|
+
if (keypairAlg.alg === publicKeyCOSEInfo.alg && keypairAlg.kty === publicKeyCOSEInfo.kty) {
|
|
43
|
+
// If not an RSA keypair then make sure curve numbers match too
|
|
44
|
+
if ((keypairAlg.kty === convertCOSEtoPKCS_1.COSEKTY.EC2 || keypairAlg.kty === convertCOSEtoPKCS_1.COSEKTY.OKP)
|
|
45
|
+
&& keypairAlg.crv === publicKeyCOSEInfo.crv) {
|
|
46
|
+
foundMatch = true;
|
|
47
|
+
}
|
|
48
|
+
else {
|
|
49
|
+
// We've matched an RSA public key's properties
|
|
50
|
+
foundMatch = true;
|
|
51
|
+
}
|
|
52
|
+
}
|
|
53
|
+
if (foundMatch) {
|
|
54
|
+
break;
|
|
55
|
+
}
|
|
56
|
+
}
|
|
57
|
+
// Make sure the public key is one of the allowed algorithms
|
|
58
|
+
if (!foundMatch) {
|
|
59
|
+
const debugAlgs = Array.from(keypairCOSEAlgs).join(', ');
|
|
60
|
+
throw new Error(`Public key algorithm ${publicKeyCOSEInfo} did not match any metadata algorithms [${debugAlgs}]`);
|
|
25
61
|
}
|
|
26
62
|
try {
|
|
27
63
|
await validateCertificatePath_1.default(x5c.map(convertCertBufferToPEM_1.default), statement.attestationRootCertificates.map(convertCertBufferToPEM_1.default));
|
|
28
64
|
}
|
|
29
65
|
catch (err) {
|
|
30
|
-
throw new Error(`Could not validate certificate path with any metadata root certificates`);
|
|
66
|
+
throw new Error(`Could not validate certificate path with any metadata root certificates: ${err.message}`);
|
|
31
67
|
}
|
|
32
68
|
return true;
|
|
33
69
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verifyAttestationWithMetadata.js","sourceRoot":"","sources":["../../src/metadata/verifyAttestationWithMetadata.ts"],"names":[],"mappings":";;;;;AAGA,+FAAuE;AACvE,iGAAyE;
|
|
1
|
+
{"version":3,"file":"verifyAttestationWithMetadata.js","sourceRoot":"","sources":["../../src/metadata/verifyAttestationWithMetadata.ts"],"names":[],"mappings":";;;;;AAGA,+FAAuE;AACvE,iGAAyE;AACzE,qGAA6E;AAC7E,oEAAiE;AAEjE;;;GAGG;AACY,KAAK,UAAU,6BAA6B,CACzD,SAA4B,EAC5B,mBAA2B,EAC3B,GAAiC;IAEjC,+FAA+F;IAC/F,MAAM,eAAe,GAAkB,IAAI,GAAG,EAAE,CAAC;IACjD,SAAS,CAAC,wBAAwB,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE;QACnD,8CAA8C;QAC9C,MAAM,eAAe,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;QAEnD,IAAI,eAAe,EAAE;YACnB,eAAe,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;SACtC;IACH,CAAC,CAAC,CAAC;IAEH,oDAAoD;IACpD,MAAM,gBAAgB,GAAG,mCAAyB,CAAC,mBAAmB,CAAC,CAAC;IACxE,+DAA+D;IAC/D,MAAM,iBAAiB,GAAa;QAClC,GAAG,EAAE,gBAAgB,CAAC,GAAG,CAAC,4BAAQ,CAAC,GAAG,CAAW;QACjD,GAAG,EAAE,gBAAgB,CAAC,GAAG,CAAC,4BAAQ,CAAC,GAAG,CAAW;QACjD,GAAG,EAAE,gBAAgB,CAAC,GAAG,CAAC,4BAAQ,CAAC,GAAG,CAAW;KAClD,CAAC;IACF,IAAI,CAAC,iBAAiB,CAAC,GAAG,EAAE;QAC1B,OAAO,iBAAiB,CAAC,GAAG,CAAC;KAC9B;IAED;;;OAGG;IACH,IAAI,UAAU,GAAG,KAAK,CAAC;IACvB,KAAK,MAAM,UAAU,IAAI,eAAe,EAAE;QACxC,yCAAyC;QACzC,IAAI,UAAU,CAAC,GAAG,KAAK,iBAAiB,CAAC,GAAG,IAAI,UAAU,CAAC,GAAG,KAAK,iBAAiB,CAAC,GAAG,EAAE;YACxF,+DAA+D;YAC/D,IACE,CAAC,UAAU,CAAC,GAAG,KAAK,2BAAO,CAAC,GAAG,IAAI,UAAU,CAAC,GAAG,KAAK,2BAAO,CAAC,GAAG,CAAC;mBAC/D,UAAU,CAAC,GAAG,KAAK,iBAAiB,CAAC,GAAG,EAC3C;gBACA,UAAU,GAAG,IAAI,CAAC;aACnB;iBAAM;gBACL,+CAA+C;gBAC/C,UAAU,GAAG,IAAI,CAAC;aACnB;SACF;QAED,IAAI,UAAU,EAAE;YACd,MAAM;SACP;KACF;IAED,4DAA4D;IAC5D,IAAI,CAAC,UAAU,EAAE;QACf,MAAM,SAAS,GAAG,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACzD,MAAM,IAAI,KAAK,CAAC,wBAAwB,iBAAiB,2CAA2C,SAAS,GAAG,CAAC,CAAC;KACnH;IAED,IAAI;QACF,MAAM,iCAAuB,CAC3B,GAAG,CAAC,GAAG,CAAC,gCAAsB,CAAC,EAC/B,SAAS,CAAC,2BAA2B,CAAC,GAAG,CAAC,gCAAsB,CAAC,CAClE,CAAC;KACH;IAAC,OAAO,GAAG,EAAE;QACZ,MAAM,IAAI,KAAK,CAAC,4EAA4E,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;KAC5G;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AArED,gDAqEC;AAQD;;;GAGG;AACH,SAAS,iBAAiB,CAAC,OAAgB;IACzC,QAAQ,OAAO,EAAE;QACf,KAAK,4BAA4B,CAAC;QAClC,KAAK,4BAA4B;YAC/B,OAAO,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;QACrC,KAAK,uBAAuB,CAAC;QAC7B,KAAK,uBAAuB;YAC1B,OAAO,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAC9B,KAAK,4BAA4B,CAAC;QAClC,KAAK,4BAA4B;YAC/B,OAAO,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;QACrC,KAAK,uBAAuB;YAC1B,OAAO,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAC9B,KAAK,2BAA2B;YAC9B,OAAO,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,EAAE,CAAC;QAC/B,KAAK,2BAA2B;YAC9B,OAAO,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,EAAE,CAAC;QAC/B,KAAK,2BAA2B;YAC9B,OAAO,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,EAAE,CAAC;QAC/B,KAAK,yBAAyB;YAC5B,OAAO,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,KAAK,EAAE,CAAC;QACjC,KAAK,4BAA4B;YAC/B,OAAO,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;QACtC,KAAK,4BAA4B;YAC/B,OAAO,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;QACtC,KAAK,0BAA0B;YAC7B,OAAO,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;QACrC,8FAA8F;QAC9F,sBAAsB;QACtB,eAAe;QACf,oCAAoC;QACpC,oCAAoC;QACpC,eAAe;QACf;YACE,OAAO,SAAS,CAAC;KACpB;AACH,CAAC"}
|
|
@@ -206,7 +206,7 @@ async function verifyTPM(options) {
|
|
|
206
206
|
const statement = await metadataService_1.default.getStatement(aaguid);
|
|
207
207
|
if (statement) {
|
|
208
208
|
try {
|
|
209
|
-
await verifyAttestationWithMetadata_1.default(statement,
|
|
209
|
+
await verifyAttestationWithMetadata_1.default(statement, credentialPublicKey, x5c);
|
|
210
210
|
}
|
|
211
211
|
catch (err) {
|
|
212
212
|
throw new Error(`${err.message} (TPM)`);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verifyTPM.js","sourceRoot":"","sources":["../../../../src/registration/verifications/tpm/verifyTPM.ts"],"names":[],"mappings":";;;;;AAAA,uDAAkD;AAClD,mDAO6B;AAI7B,2GAAmF;AACnF,0EAA2E;AAC3E,qEAA6C;AAC7C,qGAA6E;AAC7E,uGAA+E;AAC/E,6FAAqE;AACrE,uFAA+D;AAC/D,wFAAgE;AAChE,oHAA4F;AAE5F,2CAA+D;AAC/D,oEAA4C;AAC5C,kEAA0C;AAE3B,KAAK,UAAU,SAAS,CAAC,OAAsC;;IAC5E,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,mBAAmB,EAAE,cAAc,EAAE,gBAAgB,EAAE,GACxF,OAAO,CAAC;IACV,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,OAAO,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC;IAE1D;;OAEG;IACH,IAAI,GAAG,KAAK,KAAK,EAAE;QACjB,MAAM,IAAI,KAAK,CAAC,mBAAmB,GAAG,yBAAyB,CAAC,CAAC;KAClE;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;KACrF;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;KACpE;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,oEAAoE,CAAC,CAAC;KACvF;IAED,IAAI,CAAC,OAAO,EAAE;QACZ,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;KACxE;IAED,IAAI,CAAC,QAAQ,EAAE;QACb,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;KACzE;IAED,MAAM,aAAa,GAAG,sBAAY,CAAC,OAAO,CAAC,CAAC;IAC5C,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,UAAU,EAAE,GAAG,aAAa,CAAC;IAE5D,yFAAyF;IACzF,2FAA2F;IAC3F,MAAM,aAAa,GAAG,mCAAyB,CAAC,mBAAmB,CAAC,CAAC;IAErE,IAAI,OAAO,KAAK,aAAa,EAAE;QAC7B,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,CAAC,CAAC,CAAC;QACxC,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,CAAC,CAAC,CAAC;QAExC,IAAI,CAAC,CAAC,EAAE;YACN,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;SACxD;QACD,IAAI,CAAC,CAAC,EAAE;YACN,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;SACxD;QAED,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAW,CAAC,EAAE;YAC/B,MAAM,IAAI,KAAK,CAAC,6DAA6D,CAAC,CAAC;SAChF;QAED,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE;YACnB,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;SACrF;QAED,MAAM,OAAO,GAAG,CAAW,CAAC;QAC5B,8FAA8F;QAC9F,MAAM,eAAe,GAAG,UAAU,CAAC,GAAG,CAAC,QAAQ,IAAI,KAAK,CAAC;QAEzD,4CAA4C;QAC5C,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAEjE,IAAI,eAAe,KAAK,IAAI,EAAE;YAC5B,MAAM,IAAI,KAAK,CAAC,6BAA6B,IAAI,cAAc,eAAe,YAAY,CAAC,CAAC;SAC7F;KACF;SAAM,IAAI,OAAO,KAAK,aAAa,EAAE;QACpC;;;WAGG;QACH,MAAM,GAAG,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,GAAG,CAAC,CAAC;QAC5C,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,CAAC,CAAC,CAAC;QACxC,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,CAAC,CAAC,CAAC;QAExC,IAAI,CAAC,GAAG,EAAE;YACR,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;SAC1D;QACD,IAAI,CAAC,CAAC,EAAE;YACN,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;SACxD;QACD,IAAI,CAAC,CAAC,EAAE;YACN,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;SACxD;QAED,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAW,EAAE,CAAW,CAAC,CAAC,CAAC,EAAE;YAC7D,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;SAC/E;QAED,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE;YACnB,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;SACrF;QAED,MAAM,cAAc,GAAG,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC;QAC9C,MAAM,aAAa,GAAG,yBAAa,CAAE,GAAc,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC;QACrE,IAAI,cAAc,KAAK,aAAa,EAAE;YACpC,MAAM,IAAI,KAAK,CACb,mCAAmC,aAAa,gBAAgB,cAAc,aAAa,CAC5F,CAAC;SACH;KACF;SAAM;QACL,MAAM,IAAI,KAAK,CAAC,6BAA6B,OAAO,GAAG,CAAC,CAAC;KAC1D;IAED,MAAM,cAAc,GAAG,uBAAa,CAAC,QAAQ,CAAC,CAAC;IAC/C,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,cAAc,CAAC;IAEtE,IAAI,KAAK,KAAK,UAAU,EAAE;QACxB,MAAM,IAAI,KAAK,CAAC,2BAA2B,KAAK,gCAAgC,CAAC,CAAC;KACnF;IAED,IAAI,QAAQ,KAAK,uBAAuB,EAAE;QACxC,MAAM,IAAI,KAAK,CAAC,oBAAoB,QAAQ,2CAA2C,CAAC,CAAC;KAC1F;IAED,mEAAmE;IACnE,MAAM,WAAW,GAAG,gBAAM,CAAC,OAAO,EAAE,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC,CAAC;IAE9E,uEAAuE;IACvE,MAAM,YAAY,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,aAAa,EAAE,WAAW,CAAC,CAAC,CAAC;IAE1E,+DAA+D;IAC/D,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,EAAE;QACvC,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;KAC1D;IAED,mEAAmE;IACnE,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC,CAAC;IAEhE,8FAA8F;IAC9F,MAAM,OAAO,GAAW,+BAAW,CAAC,GAAa,CAAC,CAAC;IACnD,MAAM,iBAAiB,GAAG,gBAAM,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;IAEzD,gEAAgE;IAChE,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,iBAAiB,CAAC,EAAE;QACxC,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;KAC/E;IAED;;OAEG;IACH,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE;QAClB,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;KAC/D;IAED,6DAA6D;IAC7D,MAAM,YAAY,GAAG,4BAAkB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAChD,MAAM,EAAE,kBAAkB,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,YAAY,CAAC;IAEnF,IAAI,kBAAkB,EAAE;QACtB,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;KAC3E;IAED,mEAAmE;IACnE,IAAI,OAAO,KAAK,CAAC,EAAE;QACjB,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAC;KAC7E;IAED,wCAAwC;IACxC,IAAI,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE;QACnC,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;KAC5D;IAED,4CAA4C;IAC5C,IAAI,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IACrB,IAAI,SAAS,GAAG,GAAG,EAAE;QACnB,MAAM,IAAI,KAAK,CAAC,gCAAgC,SAAS,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;KAChF;IAED,yCAAyC;IACzC,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IACjB,IAAI,QAAQ,GAAG,GAAG,EAAE;QAClB,MAAM,IAAI,KAAK,CAAC,+BAA+B,QAAQ,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;KAC9E;IAED;;OAEG;IACH,MAAM,UAAU,GAAG,uBAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,uBAAW,CAAC,CAAC;IAExD,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,UAAU,EAAE;QACzC,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;KAC7D;IAED,IAAI,qBAAyD,CAAC;IAC9D,IAAI,WAAyC,CAAC;IAC9C,UAAU,CAAC,cAAc,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE;QACjD,IAAI,GAAG,CAAC,MAAM,KAAK,gCAAoB,EAAE;YACvC,qBAAqB,GAAG,uBAAS,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,kCAAsB,CAAC,CAAC;SAChF;aAAM,IAAI,GAAG,CAAC,MAAM,KAAK,6BAAiB,EAAE;YAC3C,WAAW,GAAG,uBAAS,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,4BAAgB,CAAC,CAAC;SAChE;IACH,CAAC,CAAC,CAAC;IAEH,wEAAwE;IACxE,IAAI,CAAC,qBAAqB,EAAE;QAC1B,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;KAC/E;IAED,6FAA6F;IAC7F,SAAS;IACT,IAAI,CAAC,CAAA,MAAA,qBAAqB,CAAC,CAAC,CAAC,CAAC,aAAa,0CAAG,CAAC,EAAE,MAAM,CAAA,EAAE;QACvD,MAAM,IAAI,KAAK,CAAC,oEAAoE,CAAC,CAAC;KACvF;IAED,MAAM,EAAE,oBAAoB,EAAE,aAAa,EAAE,eAAe,EAAE,GAAG,iBAAiB,CAChF,qBAAqB,CAAC,CAAC,CAAC,CAAC,aAAa,CACvC,CAAC;IAEF,IAAI,CAAC,oBAAoB,IAAI,CAAC,aAAa,IAAI,CAAC,eAAe,EAAE;QAC/D,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;KAC/E;IAED,IAAI,CAAC,WAAW,EAAE;QAChB,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;KACjF;IAED,yFAAyF;IACzF,IAAI,CAAC,6BAAiB,CAAC,oBAAoB,CAAC,EAAE;QAC5C,MAAM,IAAI,KAAK,CAAC,qCAAqC,oBAAoB,SAAS,CAAC,CAAC;KACrF;IAED,wFAAwF;IACxF,4CAA4C;IAC5C,IAAI,WAAW,CAAC,CAAC,CAAC,KAAK,cAAc,EAAE;QACrC,MAAM,IAAI,KAAK,CAAC,2BAA2B,WAAW,CAAC,CAAC,CAAC,kCAAkC,CAAC,CAAC;KAC9F;IAED,gGAAgG;IAChG,4DAA4D;IAE5D,wEAAwE;IACxE,MAAM,SAAS,GAAG,MAAM,yBAAe,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;IAC7D,IAAI,SAAS,EAAE;QACb,IAAI;YACF,MAAM,uCAA6B,CAAC,SAAS,EAAE,
|
|
1
|
+
{"version":3,"file":"verifyTPM.js","sourceRoot":"","sources":["../../../../src/registration/verifications/tpm/verifyTPM.ts"],"names":[],"mappings":";;;;;AAAA,uDAAkD;AAClD,mDAO6B;AAI7B,2GAAmF;AACnF,0EAA2E;AAC3E,qEAA6C;AAC7C,qGAA6E;AAC7E,uGAA+E;AAC/E,6FAAqE;AACrE,uFAA+D;AAC/D,wFAAgE;AAChE,oHAA4F;AAE5F,2CAA+D;AAC/D,oEAA4C;AAC5C,kEAA0C;AAE3B,KAAK,UAAU,SAAS,CAAC,OAAsC;;IAC5E,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,mBAAmB,EAAE,cAAc,EAAE,gBAAgB,EAAE,GACxF,OAAO,CAAC;IACV,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,OAAO,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC;IAE1D;;OAEG;IACH,IAAI,GAAG,KAAK,KAAK,EAAE;QACjB,MAAM,IAAI,KAAK,CAAC,mBAAmB,GAAG,yBAAyB,CAAC,CAAC;KAClE;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;KACrF;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;KACpE;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,oEAAoE,CAAC,CAAC;KACvF;IAED,IAAI,CAAC,OAAO,EAAE;QACZ,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;KACxE;IAED,IAAI,CAAC,QAAQ,EAAE;QACb,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;KACzE;IAED,MAAM,aAAa,GAAG,sBAAY,CAAC,OAAO,CAAC,CAAC;IAC5C,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,UAAU,EAAE,GAAG,aAAa,CAAC;IAE5D,yFAAyF;IACzF,2FAA2F;IAC3F,MAAM,aAAa,GAAG,mCAAyB,CAAC,mBAAmB,CAAC,CAAC;IAErE,IAAI,OAAO,KAAK,aAAa,EAAE;QAC7B,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,CAAC,CAAC,CAAC;QACxC,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,CAAC,CAAC,CAAC;QAExC,IAAI,CAAC,CAAC,EAAE;YACN,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;SACxD;QACD,IAAI,CAAC,CAAC,EAAE;YACN,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;SACxD;QAED,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAW,CAAC,EAAE;YAC/B,MAAM,IAAI,KAAK,CAAC,6DAA6D,CAAC,CAAC;SAChF;QAED,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE;YACnB,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;SACrF;QAED,MAAM,OAAO,GAAG,CAAW,CAAC;QAC5B,8FAA8F;QAC9F,MAAM,eAAe,GAAG,UAAU,CAAC,GAAG,CAAC,QAAQ,IAAI,KAAK,CAAC;QAEzD,4CAA4C;QAC5C,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAEjE,IAAI,eAAe,KAAK,IAAI,EAAE;YAC5B,MAAM,IAAI,KAAK,CAAC,6BAA6B,IAAI,cAAc,eAAe,YAAY,CAAC,CAAC;SAC7F;KACF;SAAM,IAAI,OAAO,KAAK,aAAa,EAAE;QACpC;;;WAGG;QACH,MAAM,GAAG,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,GAAG,CAAC,CAAC;QAC5C,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,CAAC,CAAC,CAAC;QACxC,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,CAAC,CAAC,CAAC;QAExC,IAAI,CAAC,GAAG,EAAE;YACR,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;SAC1D;QACD,IAAI,CAAC,CAAC,EAAE;YACN,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;SACxD;QACD,IAAI,CAAC,CAAC,EAAE;YACN,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;SACxD;QAED,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAW,EAAE,CAAW,CAAC,CAAC,CAAC,EAAE;YAC7D,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;SAC/E;QAED,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE;YACnB,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;SACrF;QAED,MAAM,cAAc,GAAG,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC;QAC9C,MAAM,aAAa,GAAG,yBAAa,CAAE,GAAc,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC;QACrE,IAAI,cAAc,KAAK,aAAa,EAAE;YACpC,MAAM,IAAI,KAAK,CACb,mCAAmC,aAAa,gBAAgB,cAAc,aAAa,CAC5F,CAAC;SACH;KACF;SAAM;QACL,MAAM,IAAI,KAAK,CAAC,6BAA6B,OAAO,GAAG,CAAC,CAAC;KAC1D;IAED,MAAM,cAAc,GAAG,uBAAa,CAAC,QAAQ,CAAC,CAAC;IAC/C,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,cAAc,CAAC;IAEtE,IAAI,KAAK,KAAK,UAAU,EAAE;QACxB,MAAM,IAAI,KAAK,CAAC,2BAA2B,KAAK,gCAAgC,CAAC,CAAC;KACnF;IAED,IAAI,QAAQ,KAAK,uBAAuB,EAAE;QACxC,MAAM,IAAI,KAAK,CAAC,oBAAoB,QAAQ,2CAA2C,CAAC,CAAC;KAC1F;IAED,mEAAmE;IACnE,MAAM,WAAW,GAAG,gBAAM,CAAC,OAAO,EAAE,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC,CAAC;IAE9E,uEAAuE;IACvE,MAAM,YAAY,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,aAAa,EAAE,WAAW,CAAC,CAAC,CAAC;IAE1E,+DAA+D;IAC/D,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,EAAE;QACvC,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;KAC1D;IAED,mEAAmE;IACnE,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC,CAAC;IAEhE,8FAA8F;IAC9F,MAAM,OAAO,GAAW,+BAAW,CAAC,GAAa,CAAC,CAAC;IACnD,MAAM,iBAAiB,GAAG,gBAAM,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;IAEzD,gEAAgE;IAChE,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,iBAAiB,CAAC,EAAE;QACxC,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;KAC/E;IAED;;OAEG;IACH,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE;QAClB,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;KAC/D;IAED,6DAA6D;IAC7D,MAAM,YAAY,GAAG,4BAAkB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAChD,MAAM,EAAE,kBAAkB,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,YAAY,CAAC;IAEnF,IAAI,kBAAkB,EAAE;QACtB,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;KAC3E;IAED,mEAAmE;IACnE,IAAI,OAAO,KAAK,CAAC,EAAE;QACjB,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAC;KAC7E;IAED,wCAAwC;IACxC,IAAI,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE;QACnC,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;KAC5D;IAED,4CAA4C;IAC5C,IAAI,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IACrB,IAAI,SAAS,GAAG,GAAG,EAAE;QACnB,MAAM,IAAI,KAAK,CAAC,gCAAgC,SAAS,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;KAChF;IAED,yCAAyC;IACzC,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IACjB,IAAI,QAAQ,GAAG,GAAG,EAAE;QAClB,MAAM,IAAI,KAAK,CAAC,+BAA+B,QAAQ,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;KAC9E;IAED;;OAEG;IACH,MAAM,UAAU,GAAG,uBAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,uBAAW,CAAC,CAAC;IAExD,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,UAAU,EAAE;QACzC,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;KAC7D;IAED,IAAI,qBAAyD,CAAC;IAC9D,IAAI,WAAyC,CAAC;IAC9C,UAAU,CAAC,cAAc,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE;QACjD,IAAI,GAAG,CAAC,MAAM,KAAK,gCAAoB,EAAE;YACvC,qBAAqB,GAAG,uBAAS,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,kCAAsB,CAAC,CAAC;SAChF;aAAM,IAAI,GAAG,CAAC,MAAM,KAAK,6BAAiB,EAAE;YAC3C,WAAW,GAAG,uBAAS,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,4BAAgB,CAAC,CAAC;SAChE;IACH,CAAC,CAAC,CAAC;IAEH,wEAAwE;IACxE,IAAI,CAAC,qBAAqB,EAAE;QAC1B,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;KAC/E;IAED,6FAA6F;IAC7F,SAAS;IACT,IAAI,CAAC,CAAA,MAAA,qBAAqB,CAAC,CAAC,CAAC,CAAC,aAAa,0CAAG,CAAC,EAAE,MAAM,CAAA,EAAE;QACvD,MAAM,IAAI,KAAK,CAAC,oEAAoE,CAAC,CAAC;KACvF;IAED,MAAM,EAAE,oBAAoB,EAAE,aAAa,EAAE,eAAe,EAAE,GAAG,iBAAiB,CAChF,qBAAqB,CAAC,CAAC,CAAC,CAAC,aAAa,CACvC,CAAC;IAEF,IAAI,CAAC,oBAAoB,IAAI,CAAC,aAAa,IAAI,CAAC,eAAe,EAAE;QAC/D,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;KAC/E;IAED,IAAI,CAAC,WAAW,EAAE;QAChB,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;KACjF;IAED,yFAAyF;IACzF,IAAI,CAAC,6BAAiB,CAAC,oBAAoB,CAAC,EAAE;QAC5C,MAAM,IAAI,KAAK,CAAC,qCAAqC,oBAAoB,SAAS,CAAC,CAAC;KACrF;IAED,wFAAwF;IACxF,4CAA4C;IAC5C,IAAI,WAAW,CAAC,CAAC,CAAC,KAAK,cAAc,EAAE;QACrC,MAAM,IAAI,KAAK,CAAC,2BAA2B,WAAW,CAAC,CAAC,CAAC,kCAAkC,CAAC,CAAC;KAC9F;IAED,gGAAgG;IAChG,4DAA4D;IAE5D,wEAAwE;IACxE,MAAM,SAAS,GAAG,MAAM,yBAAe,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;IAC7D,IAAI,SAAS,EAAE;QACb,IAAI;YACF,MAAM,uCAA6B,CAAC,SAAS,EAAE,mBAAmB,EAAE,GAAG,CAAC,CAAC;SAC1E;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,KAAK,CAAC,GAAG,GAAG,CAAC,OAAO,QAAQ,CAAC,CAAC;SACzC;KACF;SAAM;QACL,IAAI;YACF,0FAA0F;YAC1F,MAAM,iCAAuB,CAAC,GAAG,CAAC,GAAG,CAAC,gCAAsB,CAAC,EAAE,gBAAgB,CAAC,CAAC;SAClF;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,KAAK,CAAC,GAAG,GAAG,CAAC,OAAO,QAAQ,CAAC,CAAC;SACzC;KACF;IAED,qFAAqF;IACrF,4EAA4E;IAC5E,MAAM,WAAW,GAAG,gCAAsB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACnD,OAAO,yBAAe,CAAC,GAAG,EAAE,QAAQ,EAAE,WAAW,EAAE,OAAO,CAAC,CAAC;AAC9D,CAAC;AA9PD,4BA8PC;AAED;;GAEG;AACH,SAAS,iBAAiB,CAAC,IAAU;IAKnC,MAAM,eAAe,GAAG,cAAc,CAAC;IACvC,MAAM,QAAQ,GAAG,cAAc,CAAC;IAChC,MAAM,UAAU,GAAG,cAAc,CAAC;IAElC,IAAI,oBAAwC,CAAC;IAC7C,IAAI,aAAiC,CAAC;IACtC,IAAI,eAAmC,CAAC;IAExC;;;;;;;;;;;;;;;;;;;;;;;;;;;OA2BG;IACH,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE;QACrB,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE;YACrB,IAAI,IAAI,CAAC,IAAI,KAAK,eAAe,EAAE;gBACjC,oBAAoB,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;aAC9C;iBAAM,IAAI,IAAI,CAAC,IAAI,KAAK,QAAQ,EAAE;gBACjC,aAAa,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;aACvC;iBAAM,IAAI,IAAI,CAAC,IAAI,KAAK,UAAU,EAAE;gBACnC,eAAe,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;aACzC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,oBAAoB;QACpB,aAAa;QACb,eAAe;KAChB,CAAC;AACJ,CAAC"}
|
|
@@ -78,7 +78,7 @@ async function verifyAttestationAndroidKey(options) {
|
|
|
78
78
|
const statement = await metadataService_1.default.getStatement(aaguid);
|
|
79
79
|
if (statement) {
|
|
80
80
|
try {
|
|
81
|
-
await verifyAttestationWithMetadata_1.default(statement,
|
|
81
|
+
await verifyAttestationWithMetadata_1.default(statement, credentialPublicKey, x5c);
|
|
82
82
|
}
|
|
83
83
|
catch (err) {
|
|
84
84
|
throw new Error(`${err.message} (AndroidKey)`);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verifyAndroidKey.js","sourceRoot":"","sources":["../../../src/registration/verifications/verifyAndroidKey.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,uDAAkD;AAClD,mDAAkD;AAClD,yDAA8E;AAI9E,kGAA0E;AAC1E,oGAA4E;AAC5E,oFAA4D;AAC5D,qFAAiF;AACjF,qFAA6D;AAC7D,iHAAyF;AAEzF;;GAEG;AACY,KAAK,UAAU,2BAA2B,CACvD,OAAsC;;IAEtC,MAAM,EAAE,QAAQ,EAAE,cAAc,EAAE,OAAO,EAAE,mBAAmB,EAAE,MAAM,EAAE,gBAAgB,EAAE,GACxF,OAAO,CAAC;IACV,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;IAElC,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,2EAA2E,CAAC,CAAC;KAC9F;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,yEAAyE,CAAC,CAAC;KAC5F;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;KAC3E;IAED,uFAAuF;IACvF,kDAAkD;IAClD,MAAM,UAAU,GAAG,uBAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,uBAAW,CAAC,CAAC;IACxD,MAAM,gBAAgB,GAAG,MAAM,CAAC,IAAI,CAClC,UAAU,CAAC,cAAc,CAAC,oBAAoB,CAAC,gBAAgB,CAChE,CAAC;IAEF,0CAA0C;IAC1C,MAAM,cAAc,GAAG,2BAAiB,CAAC,mBAAmB,CAAC,CAAC;IAE9D,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,gBAAgB,CAAC,EAAE;QAC5C,MAAM,IAAI,KAAK,CAAC,wEAAwE,CAAC,CAAC;KAC3F;IAED,4DAA4D;IAC5D,MAAM,WAAW,GAAG,MAAA,UAAU,CAAC,cAAc,CAAC,UAAU,0CAAE,IAAI,CAC5D,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,MAAM,KAAK,mCAAoB,CAC3C,CAAC;IAEF,IAAI,CAAC,WAAW,EAAE;QAChB,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;KACzE;IAED,MAAM,iBAAiB,GAAG,uBAAS,CAAC,KAAK,CAAC,WAAW,CAAC,SAAS,EAAE,6BAAc,CAAC,CAAC;IAEjF,4BAA4B;IAC5B,MAAM,EAAE,oBAAoB,EAAE,WAAW,EAAE,gBAAgB,EAAE,GAAG,iBAAiB,CAAC;IAElF,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,EAAE;QACpE,MAAM,IAAI,KAAK,CAAC,sEAAsE,CAAC,CAAC;KACzF;IAED,4FAA4F;IAC5F,aAAa;IACb,IAAI,WAAW,CAAC,eAAe,KAAK,SAAS,EAAE;QAC7C,MAAM,IAAI,KAAK,CAAC,gEAAgE,CAAC,CAAC;KACnF;IAED,IAAI,gBAAgB,CAAC,eAAe,KAAK,SAAS,EAAE;QAClD,MAAM,IAAI,KAAK,CAAC,gEAAgE,CAAC,CAAC;KACnF;IAED,MAAM,SAAS,GAAG,MAAM,yBAAe,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;IAC7D,IAAI,SAAS,EAAE;QACb,IAAI;YACF,MAAM,uCAA6B,CAAC,SAAS,EAAE,
|
|
1
|
+
{"version":3,"file":"verifyAndroidKey.js","sourceRoot":"","sources":["../../../src/registration/verifications/verifyAndroidKey.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,uDAAkD;AAClD,mDAAkD;AAClD,yDAA8E;AAI9E,kGAA0E;AAC1E,oGAA4E;AAC5E,oFAA4D;AAC5D,qFAAiF;AACjF,qFAA6D;AAC7D,iHAAyF;AAEzF;;GAEG;AACY,KAAK,UAAU,2BAA2B,CACvD,OAAsC;;IAEtC,MAAM,EAAE,QAAQ,EAAE,cAAc,EAAE,OAAO,EAAE,mBAAmB,EAAE,MAAM,EAAE,gBAAgB,EAAE,GACxF,OAAO,CAAC;IACV,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;IAElC,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,2EAA2E,CAAC,CAAC;KAC9F;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,yEAAyE,CAAC,CAAC;KAC5F;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;KAC3E;IAED,uFAAuF;IACvF,kDAAkD;IAClD,MAAM,UAAU,GAAG,uBAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,uBAAW,CAAC,CAAC;IACxD,MAAM,gBAAgB,GAAG,MAAM,CAAC,IAAI,CAClC,UAAU,CAAC,cAAc,CAAC,oBAAoB,CAAC,gBAAgB,CAChE,CAAC;IAEF,0CAA0C;IAC1C,MAAM,cAAc,GAAG,2BAAiB,CAAC,mBAAmB,CAAC,CAAC;IAE9D,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,gBAAgB,CAAC,EAAE;QAC5C,MAAM,IAAI,KAAK,CAAC,wEAAwE,CAAC,CAAC;KAC3F;IAED,4DAA4D;IAC5D,MAAM,WAAW,GAAG,MAAA,UAAU,CAAC,cAAc,CAAC,UAAU,0CAAE,IAAI,CAC5D,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,MAAM,KAAK,mCAAoB,CAC3C,CAAC;IAEF,IAAI,CAAC,WAAW,EAAE;QAChB,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;KACzE;IAED,MAAM,iBAAiB,GAAG,uBAAS,CAAC,KAAK,CAAC,WAAW,CAAC,SAAS,EAAE,6BAAc,CAAC,CAAC;IAEjF,4BAA4B;IAC5B,MAAM,EAAE,oBAAoB,EAAE,WAAW,EAAE,gBAAgB,EAAE,GAAG,iBAAiB,CAAC;IAElF,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,EAAE;QACpE,MAAM,IAAI,KAAK,CAAC,sEAAsE,CAAC,CAAC;KACzF;IAED,4FAA4F;IAC5F,aAAa;IACb,IAAI,WAAW,CAAC,eAAe,KAAK,SAAS,EAAE;QAC7C,MAAM,IAAI,KAAK,CAAC,gEAAgE,CAAC,CAAC;KACnF;IAED,IAAI,gBAAgB,CAAC,eAAe,KAAK,SAAS,EAAE;QAClD,MAAM,IAAI,KAAK,CAAC,gEAAgE,CAAC,CAAC;KACnF;IAED,MAAM,SAAS,GAAG,MAAM,yBAAe,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;IAC7D,IAAI,SAAS,EAAE;QACb,IAAI;YACF,MAAM,uCAA6B,CAAC,SAAS,EAAE,mBAAmB,EAAE,GAAG,CAAC,CAAC;SAC1E;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,KAAK,CAAC,GAAG,GAAG,CAAC,OAAO,eAAe,CAAC,CAAC;SAChD;KACF;SAAM;QACL,IAAI;YACF,0FAA0F;YAC1F,MAAM,iCAAuB,CAAC,GAAG,CAAC,GAAG,CAAC,gCAAsB,CAAC,EAAE,gBAAgB,CAAC,CAAC;SAClF;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,KAAK,CAAC,GAAG,GAAG,CAAC,OAAO,eAAe,CAAC,CAAC;SAChD;KACF;IAED,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC,CAAC;IAChE,MAAM,WAAW,GAAG,gCAAsB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACnD,MAAM,OAAO,GAAG,+BAAW,CAAC,GAAa,CAAC,CAAC;IAE3C,OAAO,yBAAe,CAAC,GAAG,EAAE,aAAa,EAAE,WAAW,EAAE,OAAO,CAAC,CAAC;AACnE,CAAC;AAlFD,8CAkFC"}
|
|
@@ -15,7 +15,7 @@ const verifyAttestationWithMetadata_1 = __importDefault(require("../../metadata/
|
|
|
15
15
|
* Verify an attestation response with fmt 'android-safetynet'
|
|
16
16
|
*/
|
|
17
17
|
async function verifyAttestationAndroidSafetyNet(options) {
|
|
18
|
-
const { attStmt, clientDataHash, authData, aaguid, rootCertificates, verifyTimestampMS = true, } = options;
|
|
18
|
+
const { attStmt, clientDataHash, authData, aaguid, rootCertificates, verifyTimestampMS = true, credentialPublicKey, } = options;
|
|
19
19
|
const { response, ver } = attStmt;
|
|
20
20
|
if (!ver) {
|
|
21
21
|
throw new Error('No ver value in attestation (SafetyNet)');
|
|
@@ -72,9 +72,7 @@ async function verifyAttestationAndroidSafetyNet(options) {
|
|
|
72
72
|
const statement = await metadataService_1.default.getStatement(aaguid);
|
|
73
73
|
if (statement) {
|
|
74
74
|
try {
|
|
75
|
-
|
|
76
|
-
const alg = HEADER.alg === 'RS256' ? -257 : -99999;
|
|
77
|
-
await verifyAttestationWithMetadata_1.default(statement, alg, HEADER.x5c);
|
|
75
|
+
await verifyAttestationWithMetadata_1.default(statement, credentialPublicKey, HEADER.x5c);
|
|
78
76
|
}
|
|
79
77
|
catch (err) {
|
|
80
78
|
throw new Error(`${err.message} (SafetyNet)`);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verifyAndroidSafetyNet.js","sourceRoot":"","sources":["../../../src/registration/verifications/verifyAndroidSafetyNet.ts"],"names":[],"mappings":";;;;;AAAA,0DAAkC;AAIlC,kEAA0C;AAC1C,oFAA4D;AAC5D,0FAAkE;AAClE,oGAA4E;AAC5E,kGAA0E;AAC1E,qFAA6D;AAC7D,iHAAyF;AAEzF;;GAEG;AACY,KAAK,UAAU,iCAAiC,CAC7D,OAAsC;IAEtC,MAAM,EACJ,OAAO,EACP,cAAc,EACd,QAAQ,EACR,MAAM,EACN,gBAAgB,EAChB,iBAAiB,GAAG,IAAI,
|
|
1
|
+
{"version":3,"file":"verifyAndroidSafetyNet.js","sourceRoot":"","sources":["../../../src/registration/verifications/verifyAndroidSafetyNet.ts"],"names":[],"mappings":";;;;;AAAA,0DAAkC;AAIlC,kEAA0C;AAC1C,oFAA4D;AAC5D,0FAAkE;AAClE,oGAA4E;AAC5E,kGAA0E;AAC1E,qFAA6D;AAC7D,iHAAyF;AAEzF;;GAEG;AACY,KAAK,UAAU,iCAAiC,CAC7D,OAAsC;IAEtC,MAAM,EACJ,OAAO,EACP,cAAc,EACd,QAAQ,EACR,MAAM,EACN,gBAAgB,EAChB,iBAAiB,GAAG,IAAI,EACxB,mBAAmB,GACpB,GAAG,OAAO,CAAC;IACZ,MAAM,EAAE,QAAQ,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;IAElC,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;KAC5D;IAED,IAAI,CAAC,QAAQ,EAAE;QACb,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;KACrF;IAED,0BAA0B;IAC1B,MAAM,GAAG,GAAG,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IACtC,MAAM,QAAQ,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAEhC,MAAM,MAAM,GAAuB,IAAI,CAAC,KAAK,CAAC,mBAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC7E,MAAM,OAAO,GAAwB,IAAI,CAAC,KAAK,CAAC,mBAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC/E,MAAM,SAAS,GAA0B,QAAQ,CAAC,CAAC,CAAC,CAAC;IAErD;;OAEG;IACH,MAAM,EAAE,KAAK,EAAE,eAAe,EAAE,WAAW,EAAE,GAAG,OAAO,CAAC;IAExD,IAAI,iBAAiB,EAAE;QACrB,qCAAqC;QACrC,IAAI,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACrB,IAAI,WAAW,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE;YAC5B,MAAM,IAAI,KAAK,CAAC,sBAAsB,WAAW,qBAAqB,GAAG,eAAe,CAAC,CAAC;SAC3F;QAED,+EAA+E;QAC/E,MAAM,kBAAkB,GAAG,WAAW,GAAG,EAAE,GAAG,IAAI,CAAC;QACnD,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACjB,IAAI,kBAAkB,GAAG,GAAG,EAAE;YAC5B,MAAM,IAAI,KAAK,CAAC,sBAAsB,kBAAkB,2BAA2B,CAAC,CAAC;SACtF;KACF;IAED,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC,CAAC;IAC5D,MAAM,WAAW,GAAG,gBAAM,CAAC,SAAS,CAAC,CAAC;IACtC,MAAM,aAAa,GAAG,WAAW,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAErD,IAAI,KAAK,KAAK,aAAa,EAAE;QAC3B,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;KAC/D;IAED,IAAI,CAAC,eAAe,EAAE;QACpB,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;KAClE;IACD;;OAEG;IAEH;;OAEG;IACH,MAAM,cAAc,GAAG,mBAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACzD,MAAM,YAAY,GAAG,4BAAkB,CAAC,cAAc,CAAC,CAAC;IAExD,MAAM,EAAE,OAAO,EAAE,GAAG,YAAY,CAAC;IAEjC,qDAAqD;IACrD,+FAA+F;IAC/F,IAAI,OAAO,CAAC,EAAE,KAAK,oBAAoB,EAAE;QACvC,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;KACrF;IAED,MAAM,SAAS,GAAG,MAAM,yBAAe,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;IAC7D,IAAI,SAAS,EAAE;QACb,IAAI;YACF,MAAM,uCAA6B,CAAC,SAAS,EAAE,mBAAmB,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC;SACjF;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,KAAK,CAAC,GAAG,GAAG,CAAC,OAAO,cAAc,CAAC,CAAC;SAC/C;KACF;SAAM;QACL,IAAI;YACF,0FAA0F;YAC1F,MAAM,iCAAuB,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,gCAAsB,CAAC,EAAE,gBAAgB,CAAC,CAAC;SACzF;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,KAAK,CAAC,GAAG,GAAG,CAAC,OAAO,cAAc,CAAC,CAAC;SAC/C;KACF;IACD;;OAEG;IAEH;;OAEG;IACH,MAAM,mBAAmB,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IACzE,MAAM,eAAe,GAAG,mBAAS,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;IAEtD,MAAM,WAAW,GAAG,gCAAsB,CAAC,cAAc,CAAC,CAAC;IAC3D,MAAM,QAAQ,GAAG,yBAAe,CAAC,eAAe,EAAE,mBAAmB,EAAE,WAAW,CAAC,CAAC;IACpF;;OAEG;IAEH,OAAO,QAAQ,CAAC;AAClB,CAAC;AA/GD,oDA+GC"}
|
|
@@ -89,7 +89,7 @@ async function verifyAttestationPacked(options) {
|
|
|
89
89
|
throw new Error('Metadata does not indicate support for full attestations (Packed|Full)');
|
|
90
90
|
}
|
|
91
91
|
try {
|
|
92
|
-
await verifyAttestationWithMetadata_1.default(statement,
|
|
92
|
+
await verifyAttestationWithMetadata_1.default(statement, credentialPublicKey, x5c);
|
|
93
93
|
}
|
|
94
94
|
catch (err) {
|
|
95
95
|
throw new Error(`${err.message} (Packed|Full)`);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verifyPacked.js","sourceRoot":"","sources":["../../../src/registration/verifications/verifyPacked.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,wDAAgC;AAChC,wDAA+B;AAI/B,qFAMyC;AACzC,kEAA0C;AAC1C,kGAA0E;AAC1E,oGAA4E;AAC5E,0FAAkE;AAClE,oFAA4D;AAC5D,wGAAgF;AAChF,qFAA6D;AAC7D,iHAAyF;AAEzF;;GAEG;AACY,KAAK,UAAU,uBAAuB,CACnD,OAAsC;IAEtC,MAAM,EAAE,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,mBAAmB,EAAE,MAAM,EAAE,gBAAgB,EAAE,GACxF,OAAO,CAAC;IAEV,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;IAElC,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,qEAAqE,CAAC,CAAC;KACxF;IAED,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE;QAC3B,MAAM,IAAI,KAAK,CAAC,8BAA8B,GAAG,4BAA4B,CAAC,CAAC;KAChF;IAED,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC,CAAC;IAEhE,IAAI,QAAQ,GAAG,KAAK,CAAC;IACrB,MAAM,aAAa,GAAG,2BAAiB,CAAC,mBAAmB,CAAC,CAAC;IAE7D,IAAI,GAAG,EAAE;QACP,MAAM,QAAQ,GAAG,gCAAsB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAChD,MAAM,EAAE,OAAO,EAAE,kBAAkB,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,GAAG,4BAAkB,CACtF,GAAG,CAAC,CAAC,CAAC,CACP,CAAC;QAEF,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,OAAO,CAAC;QAEjC,IAAI,EAAE,KAAK,2BAA2B,EAAE;YACtC,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;SACrF;QAED,IAAI,CAAC,EAAE,EAAE;YACP,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;SAC3D;QAED,IAAI,CAAC,CAAC,EAAE;YACN,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;SAC1D;QAED,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE;YACxB,MAAM,IAAI,KAAK,CAAC,iEAAiE,CAAC,CAAC;SACpF;QAED,IAAI,kBAAkB,EAAE;YACtB,MAAM,IAAI,KAAK,CAAC,gEAAgE,CAAC,CAAC;SACnF;QAED,IAAI,OAAO,KAAK,CAAC,EAAE;YACjB,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;SACrF;QAED,IAAI,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACrB,IAAI,SAAS,GAAG,GAAG,EAAE;YACnB,MAAM,IAAI,KAAK,CAAC,gCAAgC,SAAS,CAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAC;SACxF;QAED,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACjB,IAAI,QAAQ,GAAG,GAAG,EAAE;YAClB,MAAM,IAAI,KAAK,CAAC,+BAA+B,QAAQ,CAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAC;SACtF;QAED,gGAAgG;QAChG,4DAA4D;QAE5D,qFAAqF;QACrF,MAAM,SAAS,GAAG,MAAM,yBAAe,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;QAC7D,IAAI,SAAS,EAAE;YACb,yFAAyF;YACzF,gCAAgC;YAChC,IAAI,SAAS,CAAC,gBAAgB,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,EAAE;gBACxD,MAAM,IAAI,KAAK,CAAC,wEAAwE,CAAC,CAAC;aAC3F;YAED,IAAI;gBACF,MAAM,uCAA6B,CAAC,SAAS,EAAE,
|
|
1
|
+
{"version":3,"file":"verifyPacked.js","sourceRoot":"","sources":["../../../src/registration/verifications/verifyPacked.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,wDAAgC;AAChC,wDAA+B;AAI/B,qFAMyC;AACzC,kEAA0C;AAC1C,kGAA0E;AAC1E,oGAA4E;AAC5E,0FAAkE;AAClE,oFAA4D;AAC5D,wGAAgF;AAChF,qFAA6D;AAC7D,iHAAyF;AAEzF;;GAEG;AACY,KAAK,UAAU,uBAAuB,CACnD,OAAsC;IAEtC,MAAM,EAAE,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,mBAAmB,EAAE,MAAM,EAAE,gBAAgB,EAAE,GACxF,OAAO,CAAC;IAEV,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;IAElC,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,qEAAqE,CAAC,CAAC;KACxF;IAED,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE;QAC3B,MAAM,IAAI,KAAK,CAAC,8BAA8B,GAAG,4BAA4B,CAAC,CAAC;KAChF;IAED,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC,CAAC;IAEhE,IAAI,QAAQ,GAAG,KAAK,CAAC;IACrB,MAAM,aAAa,GAAG,2BAAiB,CAAC,mBAAmB,CAAC,CAAC;IAE7D,IAAI,GAAG,EAAE;QACP,MAAM,QAAQ,GAAG,gCAAsB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAChD,MAAM,EAAE,OAAO,EAAE,kBAAkB,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,GAAG,4BAAkB,CACtF,GAAG,CAAC,CAAC,CAAC,CACP,CAAC;QAEF,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,OAAO,CAAC;QAEjC,IAAI,EAAE,KAAK,2BAA2B,EAAE;YACtC,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;SACrF;QAED,IAAI,CAAC,EAAE,EAAE;YACP,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;SAC3D;QAED,IAAI,CAAC,CAAC,EAAE;YACN,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;SAC1D;QAED,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE;YACxB,MAAM,IAAI,KAAK,CAAC,iEAAiE,CAAC,CAAC;SACpF;QAED,IAAI,kBAAkB,EAAE;YACtB,MAAM,IAAI,KAAK,CAAC,gEAAgE,CAAC,CAAC;SACnF;QAED,IAAI,OAAO,KAAK,CAAC,EAAE;YACjB,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;SACrF;QAED,IAAI,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACrB,IAAI,SAAS,GAAG,GAAG,EAAE;YACnB,MAAM,IAAI,KAAK,CAAC,gCAAgC,SAAS,CAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAC;SACxF;QAED,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACjB,IAAI,QAAQ,GAAG,GAAG,EAAE;YAClB,MAAM,IAAI,KAAK,CAAC,+BAA+B,QAAQ,CAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAC;SACtF;QAED,gGAAgG;QAChG,4DAA4D;QAE5D,qFAAqF;QACrF,MAAM,SAAS,GAAG,MAAM,yBAAe,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;QAC7D,IAAI,SAAS,EAAE;YACb,yFAAyF;YACzF,gCAAgC;YAChC,IAAI,SAAS,CAAC,gBAAgB,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,EAAE;gBACxD,MAAM,IAAI,KAAK,CAAC,wEAAwE,CAAC,CAAC;aAC3F;YAED,IAAI;gBACF,MAAM,uCAA6B,CAAC,SAAS,EAAE,mBAAmB,EAAE,GAAG,CAAC,CAAC;aAC1E;YAAC,OAAO,GAAG,EAAE;gBACZ,MAAM,IAAI,KAAK,CAAC,GAAG,GAAG,CAAC,OAAO,gBAAgB,CAAC,CAAC;aACjD;SACF;aAAM;YACL,IAAI;gBACF,0FAA0F;gBAC1F,MAAM,iCAAuB,CAAC,GAAG,CAAC,GAAG,CAAC,gCAAsB,CAAC,EAAE,gBAAgB,CAAC,CAAC;aAClF;YAAC,OAAO,GAAG,EAAE;gBACZ,MAAM,IAAI,KAAK,CAAC,GAAG,GAAG,CAAC,OAAO,gBAAgB,CAAC,CAAC;aACjD;SACF;QAED,QAAQ,GAAG,yBAAe,CAAC,GAAG,EAAE,aAAa,EAAE,QAAQ,CAAC,CAAC;KAC1D;SAAM;QACL,MAAM,aAAa,GAAG,mCAAyB,CAAC,mBAAmB,CAAC,CAAC;QAErE,MAAM,GAAG,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,GAAG,CAAC,CAAC;QAE5C,IAAI,CAAC,GAAG,EAAE;YACR,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;SAClE;QAED,MAAM,OAAO,GAAW,+BAAW,CAAC,GAAa,CAAC,CAAC;QAEnD,IAAI,GAAG,KAAK,2BAAO,CAAC,GAAG,EAAE;YACvB,MAAM,GAAG,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,GAAG,CAAC,CAAC;YAE5C,IAAI,CAAC,GAAG,EAAE;gBACR,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;aACrE;YAED,MAAM,iBAAiB,GAAG,gBAAM,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;YAEzD;;;;;;;;eAQG;YACH,MAAM,EAAE,GAAG,IAAI,kBAAQ,CAAC,EAAE,CAAC,2BAAO,CAAC,GAAa,CAAC,CAAC,CAAC;YACnD,MAAM,GAAG,GAAG,EAAE,CAAC,aAAa,CAAC,aAAa,CAAC,CAAC;YAE5C,QAAQ,GAAG,GAAG,CAAC,MAAM,CAAC,iBAAiB,EAAE,GAAG,CAAC,CAAC;SAC/C;aAAM,IAAI,GAAG,KAAK,2BAAO,CAAC,GAAG,EAAE;YAC9B,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,CAAC,CAAC,CAAC;YAExC,IAAI,CAAC,CAAC,EAAE;gBACN,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;aAC/D;YAED,MAAM,aAAa,GAAG,iCAAa,CAAC,GAAa,CAAC,CAAC;YAEnD,0BAA0B;YAC1B,MAAM,GAAG,GAAG,IAAI,kBAAO,EAAE,CAAC;YAC1B,GAAG,CAAC,UAAU,CAAC,EAAE,aAAa,EAAE,CAAC,CAAC;YAClC,GAAG,CAAC,SAAS,CACX;gBACE,CAAC,EAAE,CAAW;gBACd,CAAC,EAAE,KAAK;aACT,EACD,mBAAmB,CACpB,CAAC;YAEF,QAAQ,GAAG,GAAG,CAAC,MAAM,CAAC,aAAa,EAAE,GAAG,CAAC,CAAC;SAC3C;aAAM,IAAI,GAAG,KAAK,2BAAO,CAAC,GAAG,EAAE;YAC9B,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,CAAC,CAAC,CAAC;YAExC,IAAI,CAAC,CAAC,EAAE;gBACN,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;aAC/D;YAED,MAAM,iBAAiB,GAAG,gBAAM,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;YAEzD,MAAM,GAAG,GAAG,IAAI,kBAAQ,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;YAC1C,GAAG,CAAC,aAAa,CAAC,CAAW,CAAC,CAAC;YAE/B,mCAAmC;YACnC,QAAQ,GAAG,GAAG,CAAC,MAAM,CAAC,iBAAiB,EAAE,GAAG,EAAE,aAAa,CAAC,CAAC;SAC9D;KACF;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAlKD,0CAkKC"}
|
|
@@ -3,7 +3,7 @@ import { RegistrationCredentialJSON, COSEAlgorithmIdentifier } from '@simpleweba
|
|
|
3
3
|
import { AttestationFormat, AttestationStatement } from '../helpers/decodeAttestationObject';
|
|
4
4
|
export declare type VerifyRegistrationResponseOpts = {
|
|
5
5
|
credential: RegistrationCredentialJSON;
|
|
6
|
-
expectedChallenge: string;
|
|
6
|
+
expectedChallenge: string | ((challenge: string) => boolean);
|
|
7
7
|
expectedOrigin: string | string[];
|
|
8
8
|
expectedRPID?: string | string[];
|
|
9
9
|
requireUserVerification?: boolean;
|
|
@@ -56,7 +56,12 @@ async function verifyRegistrationResponse(options) {
|
|
|
56
56
|
throw new Error(`Unexpected registration response type: ${type}`);
|
|
57
57
|
}
|
|
58
58
|
// Ensure the device provided the challenge we gave it
|
|
59
|
-
if (
|
|
59
|
+
if (typeof expectedChallenge === 'function') {
|
|
60
|
+
if (!expectedChallenge(challenge)) {
|
|
61
|
+
throw new Error(`Custom challenge verifier returned false for registration response challenge "${challenge}"`);
|
|
62
|
+
}
|
|
63
|
+
}
|
|
64
|
+
else if (challenge !== expectedChallenge) {
|
|
60
65
|
throw new Error(`Unexpected registration response challenge "${challenge}", expected "${expectedChallenge}"`);
|
|
61
66
|
}
|
|
62
67
|
// Check that the origin is our site
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verifyRegistrationResponse.js","sourceRoot":"","sources":["../../src/registration/verifyRegistrationResponse.ts"],"names":[],"mappings":";;;;;AAAA,0DAAkC;AAMlC,iGAG4C;AAC5C,2FAAmE;AACnE,+FAAuE;AACvE,+DAAuC;AACvC,qGAA6E;AAC7E,oEAAwD;AACxD,6FAAqE;AACrE,kFAA0D;AAE1D,+EAAkF;AAClF,kFAA0D;AAC1D,gFAAwD;AACxD,oGAA4E;AAC5E,8EAAsD;AACtD,wFAAgE;AAChE,8EAAsD;AAWtD;;;;;;;;;;;;;;GAcG;AACY,KAAK,UAAU,0BAA0B,CACtD,OAAuC;IAEvC,MAAM,EACJ,UAAU,EACV,iBAAiB,EACjB,cAAc,EACd,YAAY,EACZ,uBAAuB,GAAG,KAAK,EAC/B,qBAAqB,GAAG,+DAAiC,GAC1D,GAAG,OAAO,CAAC;IACZ,MAAM,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,GAAG,UAAU,CAAC;IAEjE,oCAAoC;IACpC,IAAI,CAAC,EAAE,EAAE;QACP,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;KAC1C;IAED,iCAAiC;IACjC,IAAI,EAAE,KAAK,KAAK,EAAE;QAChB,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;KAC5D;IAED,0CAA0C;IAC1C,IAAI,cAAc,KAAK,YAAY,EAAE;QACnC,MAAM,IAAI,KAAK,CAAC,8BAA8B,cAAc,yBAAyB,CAAC,CAAC;KACxF;IAED,MAAM,cAAc,GAAG,8BAAoB,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;IAErE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,YAAY,EAAE,GAAG,cAAc,CAAC;IAEjE,2CAA2C;IAC3C,IAAI,IAAI,KAAK,iBAAiB,EAAE;QAC9B,MAAM,IAAI,KAAK,CAAC,0CAA0C,IAAI,EAAE,CAAC,CAAC;KACnE;IAED,sDAAsD;IACtD,IAAI,SAAS,KAAK,iBAAiB,EAAE;
|
|
1
|
+
{"version":3,"file":"verifyRegistrationResponse.js","sourceRoot":"","sources":["../../src/registration/verifyRegistrationResponse.ts"],"names":[],"mappings":";;;;;AAAA,0DAAkC;AAMlC,iGAG4C;AAC5C,2FAAmE;AACnE,+FAAuE;AACvE,+DAAuC;AACvC,qGAA6E;AAC7E,oEAAwD;AACxD,6FAAqE;AACrE,kFAA0D;AAE1D,+EAAkF;AAClF,kFAA0D;AAC1D,gFAAwD;AACxD,oGAA4E;AAC5E,8EAAsD;AACtD,wFAAgE;AAChE,8EAAsD;AAWtD;;;;;;;;;;;;;;GAcG;AACY,KAAK,UAAU,0BAA0B,CACtD,OAAuC;IAEvC,MAAM,EACJ,UAAU,EACV,iBAAiB,EACjB,cAAc,EACd,YAAY,EACZ,uBAAuB,GAAG,KAAK,EAC/B,qBAAqB,GAAG,+DAAiC,GAC1D,GAAG,OAAO,CAAC;IACZ,MAAM,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,GAAG,UAAU,CAAC;IAEjE,oCAAoC;IACpC,IAAI,CAAC,EAAE,EAAE;QACP,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;KAC1C;IAED,iCAAiC;IACjC,IAAI,EAAE,KAAK,KAAK,EAAE;QAChB,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;KAC5D;IAED,0CAA0C;IAC1C,IAAI,cAAc,KAAK,YAAY,EAAE;QACnC,MAAM,IAAI,KAAK,CAAC,8BAA8B,cAAc,yBAAyB,CAAC,CAAC;KACxF;IAED,MAAM,cAAc,GAAG,8BAAoB,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;IAErE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,YAAY,EAAE,GAAG,cAAc,CAAC;IAEjE,2CAA2C;IAC3C,IAAI,IAAI,KAAK,iBAAiB,EAAE;QAC9B,MAAM,IAAI,KAAK,CAAC,0CAA0C,IAAI,EAAE,CAAC,CAAC;KACnE;IAED,sDAAsD;IACtD,IAAI,OAAO,iBAAiB,KAAK,UAAU,EAAE;QAC3C,IAAI,CAAC,iBAAiB,CAAC,SAAS,CAAC,EAAE;YACjC,MAAM,IAAI,KAAK,CACb,iFAAiF,SAAS,GAAG,CAC9F,CAAC;SACH;KACF;SAAM,IAAI,SAAS,KAAK,iBAAiB,EAAE;QAC1C,MAAM,IAAI,KAAK,CACb,+CAA+C,SAAS,gBAAgB,iBAAiB,GAAG,CAC7F,CAAC;KACH;IAED,oCAAoC;IACpC,IAAI,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE;QACjC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE;YACpC,MAAM,IAAI,KAAK,CACb,4CAA4C,MAAM,uBAAuB,cAAc,CAAC,IAAI,CAC1F,IAAI,CACL,EAAE,CACJ,CAAC;SACH;KACF;SAAM;QACL,IAAI,MAAM,KAAK,cAAc,EAAE;YAC7B,MAAM,IAAI,KAAK,CACb,4CAA4C,MAAM,gBAAgB,cAAc,GAAG,CACpF,CAAC;SACH;KACF;IAED,IAAI,YAAY,EAAE;QAChB,IAAI,OAAO,YAAY,KAAK,QAAQ,EAAE;YACpC,MAAM,IAAI,KAAK,CAAC,sCAAsC,YAAY,GAAG,CAAC,CAAC;SACxE;QAED,IAAI,CAAC,SAAS,EAAE,WAAW,EAAE,eAAe,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE;YAC9E,MAAM,IAAI,KAAK,CAAC,4CAA4C,YAAY,CAAC,MAAM,GAAG,CAAC,CAAC;SACrF;KACF;IAED,MAAM,iBAAiB,GAAG,mBAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC;IACzE,MAAM,wBAAwB,GAAG,iCAAuB,CAAC,iBAAiB,CAAC,CAAC;IAC5E,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,GAAG,wBAAwB,CAAC;IAE5D,MAAM,cAAc,GAAG,gCAAsB,CAAC,QAAQ,CAAC,CAAC;IACxD,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,YAAY,EAAE,OAAO,EAAE,mBAAmB,EAAE,GAAG,cAAc,CAAC;IAE/F,yCAAyC;IACzC,IAAI,YAAY,EAAE;QAChB,IAAI,OAAO,YAAY,KAAK,QAAQ,EAAE;YACpC,MAAM,gBAAgB,GAAG,gBAAM,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC,CAAC;YACpE,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,gBAAgB,CAAC,EAAE;gBACtC,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;aAC1C;SACF;aAAM;YACL,kEAAkE;YAClE,MAAM,UAAU,GAAG,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;gBAC9C,MAAM,gBAAgB,GAAG,gBAAM,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC;gBAChE,OAAO,QAAQ,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;YAC3C,CAAC,CAAC,CAAC;YAEH,IAAI,CAAC,UAAU,EAAE;gBACf,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;aAC1C;SACF;KACF;IAED,2CAA2C;IAC3C,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE;QACb,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;KACzD;IAED,yCAAyC;IACzC,IAAI,uBAAuB,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE;QACxC,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;KAC/E;IAED,IAAI,CAAC,YAAY,EAAE;QACjB,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;KACnE;IAED,IAAI,CAAC,mBAAmB,EAAE;QACxB,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;KAChE;IAED,IAAI,CAAC,MAAM,EAAE;QACX,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;KAC9D;IAED,MAAM,gBAAgB,GAAG,mCAAyB,CAAC,mBAAmB,CAAC,CAAC;IACxE,MAAM,GAAG,GAAG,gBAAgB,CAAC,GAAG,CAAC,4BAAQ,CAAC,GAAG,CAAC,CAAC;IAE/C,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE;QAC3B,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;KAClE;IAED,kFAAkF;IAClF,IAAI,CAAC,qBAAqB,CAAC,QAAQ,CAAC,GAAa,CAAC,EAAE;QAClD,MAAM,SAAS,GAAG,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACnD,MAAM,IAAI,KAAK,CAAC,8BAA8B,GAAG,uBAAuB,SAAS,GAAG,CAAC,CAAC;KACvF;IAED,MAAM,cAAc,GAAG,gBAAM,CAAC,mBAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,CAAC;IAC3E,MAAM,gBAAgB,GAAG,yBAAe,CAAC,mBAAmB,CAAC,EAAE,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC;IAElF,gEAAgE;IAChE,MAAM,YAAY,GAAkC;QAClD,MAAM;QACN,OAAO;QACP,QAAQ;QACR,cAAc;QACd,YAAY;QACZ,mBAAmB;QACnB,gBAAgB;QAChB,QAAQ;KACT,CAAC;IAEF;;OAEG;IACH,IAAI,QAAQ,GAAG,KAAK,CAAC;IACrB,IAAI,GAAG,KAAK,UAAU,EAAE;QACtB,QAAQ,GAAG,MAAM,uBAAa,CAAC,YAAY,CAAC,CAAC;KAC9C;SAAM,IAAI,GAAG,KAAK,QAAQ,EAAE;QAC3B,QAAQ,GAAG,MAAM,sBAAY,CAAC,YAAY,CAAC,CAAC;KAC7C;SAAM,IAAI,GAAG,KAAK,mBAAmB,EAAE;QACtC,QAAQ,GAAG,MAAM,gCAAsB,CAAC,YAAY,CAAC,CAAC;KACvD;SAAM,IAAI,GAAG,KAAK,aAAa,EAAE;QAChC,QAAQ,GAAG,MAAM,0BAAgB,CAAC,YAAY,CAAC,CAAC;KACjD;SAAM,IAAI,GAAG,KAAK,KAAK,EAAE;QACxB,QAAQ,GAAG,MAAM,mBAAS,CAAC,YAAY,CAAC,CAAC;KAC1C;SAAM,IAAI,GAAG,KAAK,OAAO,EAAE;QAC1B,QAAQ,GAAG,MAAM,qBAAW,CAAC,YAAY,CAAC,CAAC;KAC5C;SAAM,IAAI,GAAG,KAAK,MAAM,EAAE;QACzB,IAAI,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE;YACnC,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;SAC1E;QACD,kFAAkF;QAClF,QAAQ,GAAG,IAAI,CAAC;KACjB;SAAM;QACL,MAAM,IAAI,KAAK,CAAC,mCAAmC,GAAG,EAAE,CAAC,CAAC;KAC3D;IAED,MAAM,QAAQ,GAAiC;QAC7C,QAAQ;KACT,CAAC;IAEF,IAAI,QAAQ,CAAC,QAAQ,EAAE;QACrB,QAAQ,CAAC,gBAAgB,GAAG;YAC1B,GAAG;YACH,OAAO;YACP,MAAM,EAAE,+BAAqB,CAAC,MAAM,CAAC;YACrC,mBAAmB;YACnB,YAAY;YACZ,cAAc;YACd,YAAY,EAAE,KAAK,CAAC,EAAE;YACtB,iBAAiB;SAClB,CAAC;KACH;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAtMD,6CAsMC"}
|
|
@@ -9,14 +9,3 @@
|
|
|
9
9
|
* EB:D4:10:40:E4:BB:3E:C7:42:C9:E3:81:D3:1E:F2:A4:1A:48:B6:68:5C:96:E7:CE:F3:C1:DF:6C:D4:33:1C:99
|
|
10
10
|
*/
|
|
11
11
|
export declare const GlobalSign_Root_CA = "-----BEGIN CERTIFICATE-----\nMIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG\nA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv\nb3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw\nMDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i\nYWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT\naWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ\njc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp\nxy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp\n1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG\nsnUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ\nU26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8\n9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E\nBTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B\nAQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz\nyj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE\n38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP\nAbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad\nDKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME\nHMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==\n-----END CERTIFICATE-----\n";
|
|
12
|
-
/**
|
|
13
|
-
* GlobalSign R2
|
|
14
|
-
*
|
|
15
|
-
* Downloaded from https://pki.goog/repo/certs/gsr2.pem
|
|
16
|
-
*
|
|
17
|
-
* Valid until 2021-12-15 @ 00:00 PST
|
|
18
|
-
*
|
|
19
|
-
* SHA256 Fingerprint
|
|
20
|
-
* 69:E2:D0:6C:30:F3:66:16:61:65:E9:1D:68:D1:CE:E5:CC:47:58:4A:80:22:7E:76:66:60:86:C0:10:72:41:EB
|
|
21
|
-
*/
|
|
22
|
-
export declare const GlobalSign_R2 = "-----BEGIN CERTIFICATE-----\nMIIDvDCCAqSgAwIBAgINAgPk9GHsmdnVeWbKejANBgkqhkiG9w0BAQUFADBMMSAw\nHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEGA1UEChMKR2xvYmFs\nU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0wNjEyMTUwODAwMDBaFw0yMTEy\nMTUwODAwMDBaMEwxIDAeBgNVBAsTF0dsb2JhbFNpZ24gUm9vdCBDQSAtIFIyMRMw\nEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMIIBIjANBgkq\nhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAps8kDr4ubyiZRULEqz4hVJsL03+EcPoS\ns8u/h1/Gf4bTsjBc1v2t8Xvc5fhglgmSEPXQU977e35ziKxSiHtKpspJpl6op4xa\nEbx6guu+jOmzrJYlB5dKmSoHL7Qed7+KD7UCfBuWuMW5Oiy81hK561l94tAGhl9e\nSWq1OV6INOy8eAwImIRsqM1LtKB9DHlN8LgtyyHK1WxbfeGgKYSh+dOUScskYpEg\nvN0L1dnM+eonCitzkcadG6zIy+jgoPQvkItN+7A2G/YZeoXgbfJhE4hcn+CTClGX\nilrOr6vV96oJqmC93Nlf33KpYBNeAAHJSvo/pOoHAyECjoLKA8KbjwIDAQABo4Gc\nMIGZMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSb\n4gdXZxwewGoG3lm0mi3f3BmGLjAfBgNVHSMEGDAWgBSb4gdXZxwewGoG3lm0mi3f\n3BmGLjA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vY3JsLmdsb2JhbHNpZ24ubmV0\nL3Jvb3QtcjIuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQANeX81Z1YqDIs4EaLjG0qP\nOxIzaJI/y4kiRj3a+y3KOx74clIkLuMgi/9/5iv/n+1LyhGU9g7174slbzJOPbSp\np1eT19ST2mYbdgTLx/hm3tTLoHIY/w4ZbnQYwfnPwAG4RefnEFYPQJmpD+Wh8BJw\nBgtm2drTale/T6NBwmwnEFunfaMfMX3g6IBrx7VKnxIkJh/3p190WveLKgl9n7i5\nSWce/4woPimEn9WfEQWRvp6wKhaCKFjuCMuulEZusoOUJ4LfJnXxcuQTgIrSnwI7\nKfSSjsd42w3lX1fbgJp7vPmLM6OBRvAXuYRKTFqMAWbb7OaGIEE+cbxY6PDepnva\n-----END CERTIFICATE-----\n";
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.
|
|
3
|
+
exports.GlobalSign_Root_CA = void 0;
|
|
4
4
|
/**
|
|
5
5
|
* GlobalSign Root CA
|
|
6
6
|
*
|
|
@@ -33,37 +33,4 @@ DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME
|
|
|
33
33
|
HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==
|
|
34
34
|
-----END CERTIFICATE-----
|
|
35
35
|
`;
|
|
36
|
-
/**
|
|
37
|
-
* GlobalSign R2
|
|
38
|
-
*
|
|
39
|
-
* Downloaded from https://pki.goog/repo/certs/gsr2.pem
|
|
40
|
-
*
|
|
41
|
-
* Valid until 2021-12-15 @ 00:00 PST
|
|
42
|
-
*
|
|
43
|
-
* SHA256 Fingerprint
|
|
44
|
-
* 69:E2:D0:6C:30:F3:66:16:61:65:E9:1D:68:D1:CE:E5:CC:47:58:4A:80:22:7E:76:66:60:86:C0:10:72:41:EB
|
|
45
|
-
*/
|
|
46
|
-
exports.GlobalSign_R2 = `-----BEGIN CERTIFICATE-----
|
|
47
|
-
MIIDvDCCAqSgAwIBAgINAgPk9GHsmdnVeWbKejANBgkqhkiG9w0BAQUFADBMMSAw
|
|
48
|
-
HgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEGA1UEChMKR2xvYmFs
|
|
49
|
-
U2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0wNjEyMTUwODAwMDBaFw0yMTEy
|
|
50
|
-
MTUwODAwMDBaMEwxIDAeBgNVBAsTF0dsb2JhbFNpZ24gUm9vdCBDQSAtIFIyMRMw
|
|
51
|
-
EQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMIIBIjANBgkq
|
|
52
|
-
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAps8kDr4ubyiZRULEqz4hVJsL03+EcPoS
|
|
53
|
-
s8u/h1/Gf4bTsjBc1v2t8Xvc5fhglgmSEPXQU977e35ziKxSiHtKpspJpl6op4xa
|
|
54
|
-
Ebx6guu+jOmzrJYlB5dKmSoHL7Qed7+KD7UCfBuWuMW5Oiy81hK561l94tAGhl9e
|
|
55
|
-
SWq1OV6INOy8eAwImIRsqM1LtKB9DHlN8LgtyyHK1WxbfeGgKYSh+dOUScskYpEg
|
|
56
|
-
vN0L1dnM+eonCitzkcadG6zIy+jgoPQvkItN+7A2G/YZeoXgbfJhE4hcn+CTClGX
|
|
57
|
-
ilrOr6vV96oJqmC93Nlf33KpYBNeAAHJSvo/pOoHAyECjoLKA8KbjwIDAQABo4Gc
|
|
58
|
-
MIGZMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSb
|
|
59
|
-
4gdXZxwewGoG3lm0mi3f3BmGLjAfBgNVHSMEGDAWgBSb4gdXZxwewGoG3lm0mi3f
|
|
60
|
-
3BmGLjA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vY3JsLmdsb2JhbHNpZ24ubmV0
|
|
61
|
-
L3Jvb3QtcjIuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQANeX81Z1YqDIs4EaLjG0qP
|
|
62
|
-
OxIzaJI/y4kiRj3a+y3KOx74clIkLuMgi/9/5iv/n+1LyhGU9g7174slbzJOPbSp
|
|
63
|
-
p1eT19ST2mYbdgTLx/hm3tTLoHIY/w4ZbnQYwfnPwAG4RefnEFYPQJmpD+Wh8BJw
|
|
64
|
-
Bgtm2drTale/T6NBwmwnEFunfaMfMX3g6IBrx7VKnxIkJh/3p190WveLKgl9n7i5
|
|
65
|
-
SWce/4woPimEn9WfEQWRvp6wKhaCKFjuCMuulEZusoOUJ4LfJnXxcuQTgIrSnwI7
|
|
66
|
-
KfSSjsd42w3lX1fbgJp7vPmLM6OBRvAXuYRKTFqMAWbb7OaGIEE+cbxY6PDepnva
|
|
67
|
-
-----END CERTIFICATE-----
|
|
68
|
-
`;
|
|
69
36
|
//# sourceMappingURL=android-safetynet.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"android-safetynet.js","sourceRoot":"","sources":["../../../src/services/defaultRootCerts/android-safetynet.ts"],"names":[],"mappings":";;;AAAA;;;;;;;;;GASG;AACU,QAAA,kBAAkB,GAAG;;;;;;;;;;;;;;;;;;;;;CAqBjC,CAAC
|
|
1
|
+
{"version":3,"file":"android-safetynet.js","sourceRoot":"","sources":["../../../src/services/defaultRootCerts/android-safetynet.ts"],"names":[],"mappings":";;;AAAA;;;;;;;;;GASG;AACU,QAAA,kBAAkB,GAAG;;;;;;;;;;;;;;;;;;;;;CAqBjC,CAAC"}
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
/// <reference types="node" />
|
|
2
2
|
import type { MetadataStatement } from '../metadata/mdsTypes';
|
|
3
|
+
declare type VerificationMode = 'permissive' | 'strict';
|
|
3
4
|
/**
|
|
4
5
|
* A basic service for coordinating interactions with the FIDO Metadata Service. This includes BLOB
|
|
5
6
|
* download and parsing, and on-demand requesting and caching of individual metadata statements.
|
|
@@ -10,15 +11,27 @@ export declare class BaseMetadataService {
|
|
|
10
11
|
private mdsCache;
|
|
11
12
|
private statementCache;
|
|
12
13
|
private state;
|
|
14
|
+
private verificationMode;
|
|
13
15
|
/**
|
|
14
16
|
* Prepare the service to handle remote MDS servers and/or cache local metadata statements.
|
|
17
|
+
*
|
|
18
|
+
* **Options:**
|
|
19
|
+
*
|
|
20
|
+
* @param opts.mdsServers An array of URLs to FIDO Alliance Metadata Service
|
|
21
|
+
* (version 3.0)-compatible servers. Defaults to the official FIDO MDS server
|
|
22
|
+
* @param opts.statements An array of local metadata statements
|
|
23
|
+
* @param opts.verificationMode How MetadataService will handle unregistered AAGUIDs. Defaults to
|
|
24
|
+
* `"strict"` which throws errors during registration response verification when an
|
|
25
|
+
* unregistered AAGUID is encountered. Set to `"permissive"` to allow registration by
|
|
26
|
+
* authenticators with unregistered AAGUIDs
|
|
15
27
|
*/
|
|
16
28
|
initialize(opts?: {
|
|
17
29
|
mdsServers?: string[];
|
|
18
30
|
statements?: MetadataStatement[];
|
|
31
|
+
verificationMode?: VerificationMode;
|
|
19
32
|
}): Promise<void>;
|
|
20
33
|
/**
|
|
21
|
-
* Get a metadata statement for a given
|
|
34
|
+
* Get a metadata statement for a given AAGUID.
|
|
22
35
|
*
|
|
23
36
|
* This method will coordinate updating the cache as per the `nextUpdate` property in the initial
|
|
24
37
|
* BLOB download.
|
|
@@ -10,8 +10,7 @@ const validateCertificatePath_1 = __importDefault(require("../helpers/validateCe
|
|
|
10
10
|
const convertCertBufferToPEM_1 = __importDefault(require("../helpers/convertCertBufferToPEM"));
|
|
11
11
|
const convertAAGUIDToString_1 = __importDefault(require("../helpers/convertAAGUIDToString"));
|
|
12
12
|
const settingsService_1 = __importDefault(require("../services/settingsService"));
|
|
13
|
-
|
|
14
|
-
// import { log } from '../helpers/logging';
|
|
13
|
+
const logging_1 = require("../helpers/logging");
|
|
15
14
|
const parseJWT_1 = __importDefault(require("../metadata/parseJWT"));
|
|
16
15
|
const defaultURLMDS = 'https://mds.fidoalliance.org/'; // v3
|
|
17
16
|
var SERVICE_STATE;
|
|
@@ -20,6 +19,7 @@ var SERVICE_STATE;
|
|
|
20
19
|
SERVICE_STATE[SERVICE_STATE["REFRESHING"] = 1] = "REFRESHING";
|
|
21
20
|
SERVICE_STATE[SERVICE_STATE["READY"] = 2] = "READY";
|
|
22
21
|
})(SERVICE_STATE || (SERVICE_STATE = {}));
|
|
22
|
+
const log = logging_1.getLogger('MetadataService');
|
|
23
23
|
/**
|
|
24
24
|
* A basic service for coordinating interactions with the FIDO Metadata Service. This includes BLOB
|
|
25
25
|
* download and parsing, and on-demand requesting and caching of individual metadata statements.
|
|
@@ -31,15 +31,27 @@ class BaseMetadataService {
|
|
|
31
31
|
this.mdsCache = {};
|
|
32
32
|
this.statementCache = {};
|
|
33
33
|
this.state = SERVICE_STATE.DISABLED;
|
|
34
|
+
this.verificationMode = 'strict';
|
|
34
35
|
}
|
|
35
36
|
/**
|
|
36
37
|
* Prepare the service to handle remote MDS servers and/or cache local metadata statements.
|
|
38
|
+
*
|
|
39
|
+
* **Options:**
|
|
40
|
+
*
|
|
41
|
+
* @param opts.mdsServers An array of URLs to FIDO Alliance Metadata Service
|
|
42
|
+
* (version 3.0)-compatible servers. Defaults to the official FIDO MDS server
|
|
43
|
+
* @param opts.statements An array of local metadata statements
|
|
44
|
+
* @param opts.verificationMode How MetadataService will handle unregistered AAGUIDs. Defaults to
|
|
45
|
+
* `"strict"` which throws errors during registration response verification when an
|
|
46
|
+
* unregistered AAGUID is encountered. Set to `"permissive"` to allow registration by
|
|
47
|
+
* authenticators with unregistered AAGUIDs
|
|
37
48
|
*/
|
|
38
49
|
async initialize(opts = {}) {
|
|
39
|
-
const { mdsServers = [defaultURLMDS], statements } = opts;
|
|
50
|
+
const { mdsServers = [defaultURLMDS], statements, verificationMode, } = opts;
|
|
40
51
|
this.setState(SERVICE_STATE.REFRESHING);
|
|
41
52
|
// If metadata statements are provided, load them into the cache first
|
|
42
53
|
if (statements === null || statements === void 0 ? void 0 : statements.length) {
|
|
54
|
+
let statementsAdded = 0;
|
|
43
55
|
statements.forEach(statement => {
|
|
44
56
|
// Only cache statements that are for FIDO2-compatible authenticators
|
|
45
57
|
if (statement.aaguid) {
|
|
@@ -51,14 +63,16 @@ class BaseMetadataService {
|
|
|
51
63
|
},
|
|
52
64
|
url: '',
|
|
53
65
|
};
|
|
66
|
+
statementsAdded += 1;
|
|
54
67
|
}
|
|
55
68
|
});
|
|
69
|
+
log(`Cached ${statementsAdded} local statements`);
|
|
56
70
|
}
|
|
57
71
|
// If MDS servers are provided, then process them and add their statements to the cache
|
|
58
72
|
if (mdsServers === null || mdsServers === void 0 ? void 0 : mdsServers.length) {
|
|
59
|
-
//
|
|
60
|
-
|
|
61
|
-
|
|
73
|
+
// Get a current count so we know how many new statements we've added from MDS servers
|
|
74
|
+
const currentCacheCount = Object.keys(this.statementCache).length;
|
|
75
|
+
let numServers = mdsServers.length;
|
|
62
76
|
for (const url of mdsServers) {
|
|
63
77
|
try {
|
|
64
78
|
await this.downloadBlob({
|
|
@@ -69,20 +83,22 @@ class BaseMetadataService {
|
|
|
69
83
|
}
|
|
70
84
|
catch (err) {
|
|
71
85
|
// Notify of the error and move on
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
// numServers -= 1;
|
|
86
|
+
log(`Could not download BLOB from ${url}:`, err);
|
|
87
|
+
numServers -= 1;
|
|
75
88
|
}
|
|
76
89
|
}
|
|
77
|
-
//
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
90
|
+
// Calculate the difference to get the total number of new statements we successfully added
|
|
91
|
+
const newCacheCount = Object.keys(this.statementCache).length;
|
|
92
|
+
const cacheDiff = newCacheCount - currentCacheCount;
|
|
93
|
+
log(`Cached ${cacheDiff} statements from ${numServers} metadata server(s)`);
|
|
94
|
+
}
|
|
95
|
+
if (verificationMode) {
|
|
96
|
+
this.verificationMode = verificationMode;
|
|
81
97
|
}
|
|
82
98
|
this.setState(SERVICE_STATE.READY);
|
|
83
99
|
}
|
|
84
100
|
/**
|
|
85
|
-
* Get a metadata statement for a given
|
|
101
|
+
* Get a metadata statement for a given AAGUID.
|
|
86
102
|
*
|
|
87
103
|
* This method will coordinate updating the cache as per the `nextUpdate` property in the initial
|
|
88
104
|
* BLOB download.
|
|
@@ -102,9 +118,12 @@ class BaseMetadataService {
|
|
|
102
118
|
// Try to grab a cached statement
|
|
103
119
|
const cachedStatement = this.statementCache[aaguid];
|
|
104
120
|
if (!cachedStatement) {
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
121
|
+
if (this.verificationMode === 'strict') {
|
|
122
|
+
// FIDO conformance requires RP's to only support registered AAGUID's
|
|
123
|
+
throw new Error(`No metadata statement found for aaguid "${aaguid}"`);
|
|
124
|
+
}
|
|
125
|
+
// Allow registration verification to continue without using metadata
|
|
126
|
+
return;
|
|
108
127
|
}
|
|
109
128
|
// If the statement points to an MDS API, check the MDS' nextUpdate to see if we need to refresh
|
|
110
129
|
if (cachedStatement.url) {
|
|
@@ -156,10 +175,11 @@ class BaseMetadataService {
|
|
|
156
175
|
const rootCerts = settingsService_1.default.getRootCertificates({ identifier: 'mds' });
|
|
157
176
|
await validateCertificatePath_1.default(headerCertsPEM, rootCerts);
|
|
158
177
|
}
|
|
159
|
-
catch (
|
|
178
|
+
catch (error) {
|
|
179
|
+
const _error = error;
|
|
160
180
|
// From FIDO MDS docs: "ignore the file if the chain cannot be verified or if one of the
|
|
161
181
|
// chain certificates is revoked"
|
|
162
|
-
throw new Error(`BLOB certificate path could not be validated: ${
|
|
182
|
+
throw new Error(`BLOB certificate path could not be validated: ${_error.message}`);
|
|
163
183
|
}
|
|
164
184
|
// Verify the BLOB JWT signature
|
|
165
185
|
const leafCert = headerCertsPEM[0];
|
|
@@ -226,16 +246,13 @@ class BaseMetadataService {
|
|
|
226
246
|
setState(newState) {
|
|
227
247
|
this.state = newState;
|
|
228
248
|
if (newState === SERVICE_STATE.DISABLED) {
|
|
229
|
-
|
|
230
|
-
// log('MetadataService is DISABLED');
|
|
249
|
+
log('MetadataService is DISABLED');
|
|
231
250
|
}
|
|
232
251
|
else if (newState === SERVICE_STATE.REFRESHING) {
|
|
233
|
-
|
|
234
|
-
// log('MetadataService is REFRESHING');
|
|
252
|
+
log('MetadataService is REFRESHING');
|
|
235
253
|
}
|
|
236
254
|
else if (newState === SERVICE_STATE.READY) {
|
|
237
|
-
|
|
238
|
-
// log('MetadataService is READY');
|
|
255
|
+
log('MetadataService is READY');
|
|
239
256
|
}
|
|
240
257
|
}
|
|
241
258
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"metadataService.js","sourceRoot":"","sources":["../../src/services/metadataService.ts"],"names":[],"mappings":";;;;;;AAAA,4DAA+B;AAC/B,yCAAiC;AAEjC,iGAAyE;AACzE,+FAAuE;AACvE,6FAAqE;AAOrE,kFAA0D;AAC1D,
|
|
1
|
+
{"version":3,"file":"metadataService.js","sourceRoot":"","sources":["../../src/services/metadataService.ts"],"names":[],"mappings":";;;;;;AAAA,4DAA+B;AAC/B,yCAAiC;AAEjC,iGAAyE;AACzE,+FAAuE;AACvE,6FAAqE;AAOrE,kFAA0D;AAC1D,gDAA+C;AAE/C,oEAA4C;AAc5C,MAAM,aAAa,GAAG,+BAA+B,CAAC,CAAC,KAAK;AAE5D,IAAK,aAIJ;AAJD,WAAK,aAAa;IAChB,yDAAQ,CAAA;IACR,6DAAU,CAAA;IACV,mDAAK,CAAA;AACP,CAAC,EAJI,aAAa,KAAb,aAAa,QAIjB;AAMD,MAAM,GAAG,GAAG,mBAAS,CAAC,iBAAiB,CAAC,CAAC;AAEzC;;;;;GAKG;AACH,MAAa,mBAAmB;IAAhC;QACU,aAAQ,GAAiC,EAAE,CAAC;QAC5C,mBAAc,GAA0C,EAAE,CAAC;QAC3D,UAAK,GAAkB,aAAa,CAAC,QAAQ,CAAC;QAC9C,qBAAgB,GAAqB,QAAQ,CAAC;IA6QxD,CAAC;IA3QC;;;;;;;;;;;;OAYG;IACH,KAAK,CAAC,UAAU,CACd,OAII,EAAE;QAEN,MAAM,EACJ,UAAU,GAAG,CAAC,aAAa,CAAC,EAC5B,UAAU,EACV,gBAAgB,GACjB,GAAG,IAAI,CAAC;QAET,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC;QAExC,sEAAsE;QACtE,IAAI,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,MAAM,EAAE;YACtB,IAAI,eAAe,GAAG,CAAC,CAAC;YAExB,UAAU,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE;gBAC7B,qEAAqE;gBACrE,IAAI,SAAS,CAAC,MAAM,EAAE;oBACpB,IAAI,CAAC,cAAc,CAAC,SAAS,CAAC,MAAM,CAAC,GAAG;wBACtC,KAAK,EAAE;4BACL,iBAAiB,EAAE,SAAS;4BAC5B,aAAa,EAAE,EAAE;4BACjB,sBAAsB,EAAE,YAAY;yBACrC;wBACD,GAAG,EAAE,EAAE;qBACR,CAAC;oBAEF,eAAe,IAAI,CAAC,CAAC;iBACtB;YACH,CAAC,CAAC,CAAC;YAEH,GAAG,CAAC,UAAU,eAAe,mBAAmB,CAAC,CAAC;SACnD;QAED,uFAAuF;QACvF,IAAI,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,MAAM,EAAE;YACtB,sFAAsF;YACtF,MAAM,iBAAiB,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,MAAM,CAAC;YAClE,IAAI,UAAU,GAAG,UAAU,CAAC,MAAM,CAAC;YAEnC,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE;gBAC5B,IAAI;oBACF,MAAM,IAAI,CAAC,YAAY,CAAC;wBACtB,GAAG;wBACH,EAAE,EAAE,CAAC;wBACL,UAAU,EAAE,IAAI,IAAI,CAAC,CAAC,CAAC;qBACxB,CAAC,CAAC;iBACJ;gBAAC,OAAO,GAAG,EAAE;oBACZ,kCAAkC;oBAClC,GAAG,CAAC,gCAAgC,GAAG,GAAG,EAAE,GAAG,CAAC,CAAC;oBACjD,UAAU,IAAI,CAAC,CAAC;iBACjB;aACF;YAED,2FAA2F;YAC3F,MAAM,aAAa,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,MAAM,CAAC;YAC9D,MAAM,SAAS,GAAG,aAAa,GAAG,iBAAiB,CAAC;YACpD,GAAG,CAAC,UAAU,SAAS,oBAAoB,UAAU,qBAAqB,CAAC,CAAC;SAC7E;QAED,IAAI,gBAAgB,EAAE;YACpB,IAAI,CAAC,gBAAgB,GAAG,gBAAgB,CAAC;SAC1C;QAED,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;IACrC,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,YAAY,CAAC,MAAuB;QACxC,IAAI,IAAI,CAAC,KAAK,KAAK,aAAa,CAAC,QAAQ,EAAE;YACzC,OAAO;SACR;QAED,IAAI,CAAC,MAAM,EAAE;YACX,OAAO;SACR;QAED,IAAI,MAAM,YAAY,MAAM,EAAE;YAC5B,MAAM,GAAG,+BAAqB,CAAC,MAAM,CAAC,CAAC;SACxC;QAED,+EAA+E;QAC/E,MAAM,IAAI,CAAC,eAAe,EAAE,CAAC;QAE7B,iCAAiC;QACjC,MAAM,eAAe,GAAG,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;QAEpD,IAAI,CAAC,eAAe,EAAE;YACpB,IAAI,IAAI,CAAC,gBAAgB,KAAK,QAAQ,EAAE;gBACtC,qEAAqE;gBACrE,MAAM,IAAI,KAAK,CAAC,2CAA2C,MAAM,GAAG,CAAC,CAAC;aACvE;YAED,qEAAqE;YACrE,OAAO;SACR;QAED,gGAAgG;QAChG,IAAI,eAAe,CAAC,GAAG,EAAE;YACvB,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;YAC/C,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;YACvB,IAAI,GAAG,GAAG,GAAG,CAAC,UAAU,EAAE;gBACxB,IAAI;oBACF,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC;oBACxC,MAAM,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC;iBAC9B;wBAAS;oBACR,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;iBACpC;aACF;SACF;QAED,MAAM,EAAE,KAAK,EAAE,GAAG,eAAe,CAAC;QAElC,kFAAkF;QAClF,KAAK,MAAM,MAAM,IAAI,KAAK,CAAC,aAAa,EAAE;YACxC,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,CAAC;YAC1B,IACE,MAAM,KAAK,0BAA0B;gBACrC,MAAM,KAAK,4BAA4B;gBACvC,MAAM,KAAK,4BAA4B;gBACvC,MAAM,KAAK,8BAA8B,EACzC;gBACA,MAAM,IAAI,KAAK,CAAC,gCAAgC,MAAM,GAAG,CAAC,CAAC;aAC5D;SACF;QAED,OAAO,KAAK,CAAC,iBAAiB,CAAC;IACjC,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,YAAY,CAAC,GAAc;QACvC,MAAM,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC;QACxB,mDAAmD;QACnD,MAAM,IAAI,GAAG,MAAM,oBAAK,CAAC,GAAG,CAAC,CAAC;QAC9B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAE/B,gBAAgB;QAChB,MAAM,SAAS,GAAG,kBAAQ,CAA8B,IAAI,CAAC,CAAC;QAC9D,MAAM,MAAM,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;QAC5B,MAAM,OAAO,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;QAE7B,IAAI,OAAO,CAAC,EAAE,IAAI,EAAE,EAAE;YACpB,uFAAuF;YACvF,2CAA2C;YAC3C,MAAM,IAAI,KAAK,CAAC,oBAAoB,OAAO,CAAC,EAAE,kCAAkC,EAAE,EAAE,CAAC,CAAC;SACvF;QAED,MAAM,cAAc,GAAG,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,gCAAsB,CAAC,CAAC;QAC9D,IAAI;YACF,iCAAiC;YACjC,MAAM,SAAS,GAAG,yBAAe,CAAC,mBAAmB,CAAC,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,CAAC;YAC7E,MAAM,iCAAuB,CAAC,cAAc,EAAE,SAAS,CAAC,CAAC;SAC1D;QAAC,OAAO,KAAK,EAAE;YACd,MAAM,MAAM,GAAU,KAAc,CAAC;YACrC,wFAAwF;YACxF,iCAAiC;YACjC,MAAM,IAAI,KAAK,CAAC,iDAAiD,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;SACpF;QAED,gCAAgC;QAChC,MAAM,QAAQ,GAAG,cAAc,CAAC,CAAC,CAAC,CAAC;QACnC,MAAM,QAAQ,GAAG,gBAAI,CAAC,GAAG,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,EAAE,QAAQ,EAAE;YACtD,GAAG,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC;YACjB,4FAA4F;YAC5F,GAAG,EAAE,EAAE;YACP,GAAG,EAAE,EAAE;YACP,GAAG,EAAE,EAAE;SACR,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,EAAE;YACb,4FAA4F;YAC5F,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;SACzD;QAED,qCAAqC;QACrC,KAAK,MAAM,KAAK,IAAI,OAAO,CAAC,OAAO,EAAE;YACnC,sCAAsC;YACtC,IAAI,KAAK,CAAC,MAAM,EAAE;gBAChB,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;aACpD;SACF;QAED,yDAAyD;QACzD,MAAM,CAAC,IAAI,EAAE,KAAK,EAAE,GAAG,CAAC,GAAG,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACzD,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG;YACnB,GAAG,GAAG;YACN,kFAAkF;YAClF,EAAE,EAAE,OAAO,CAAC,EAAE;YACd,sFAAsF;YACtF,UAAU,EAAE,IAAI,IAAI,CAClB,QAAQ,CAAC,IAAI,EAAE,EAAE,CAAC;YAClB,iCAAiC;YACjC,QAAQ,CAAC,KAAK,EAAE,EAAE,CAAC,GAAG,CAAC,EACvB,QAAQ,CAAC,GAAG,EAAE,EAAE,CAAC,CAClB;SACF,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,eAAe;QAC3B,IAAI,IAAI,CAAC,KAAK,KAAK,aAAa,CAAC,KAAK,EAAE;YACtC,OAAO;SACR;QAED,uCAAuC;QACvC,MAAM,YAAY,GAAG,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACzD,MAAM,cAAc,GAAG,KAAK,CAAC;YAC7B,MAAM,UAAU,GAAG,GAAG,CAAC;YACvB,IAAI,UAAU,GAAG,cAAc,GAAG,UAAU,CAAC;YAE7C,sDAAsD;YACtD,MAAM,UAAU,GAAmB,MAAM,CAAC,WAAW,CAAC,GAAG,EAAE;gBACzD,IAAI,UAAU,GAAG,CAAC,EAAE;oBAClB,aAAa,CAAC,UAAU,CAAC,CAAC;oBAC1B,MAAM,CAAC,iCAAiC,cAAc,GAAG,IAAI,UAAU,CAAC,CAAC;iBAC1E;qBAAM,IAAI,IAAI,CAAC,KAAK,KAAK,aAAa,CAAC,KAAK,EAAE;oBAC7C,aAAa,CAAC,UAAU,CAAC,CAAC;oBAC1B,OAAO,EAAE,CAAC;iBACX;gBAED,UAAU,IAAI,CAAC,CAAC;YAClB,CAAC,EAAE,UAAU,CAAC,CAAC;QACjB,CAAC,CAAC,CAAC;QAEH,OAAO,YAAY,CAAC;IACtB,CAAC;IAED;;OAEG;IACK,QAAQ,CAAC,QAAuB;QACtC,IAAI,CAAC,KAAK,GAAG,QAAQ,CAAC;QAEtB,IAAI,QAAQ,KAAK,aAAa,CAAC,QAAQ,EAAE;YACvC,GAAG,CAAC,6BAA6B,CAAC,CAAC;SACpC;aAAM,IAAI,QAAQ,KAAK,aAAa,CAAC,UAAU,EAAE;YAChD,GAAG,CAAC,+BAA+B,CAAC,CAAC;SACtC;aAAM,IAAI,QAAQ,KAAK,aAAa,CAAC,KAAK,EAAE;YAC3C,GAAG,CAAC,0BAA0B,CAAC,CAAC;SACjC;IACH,CAAC;CACF;AAjRD,kDAiRC;AAED,6BAA6B;AAC7B,MAAM,eAAe,GAAG,IAAI,mBAAmB,EAAE,CAAC;AAElD,kBAAe,eAAe,CAAC"}
|
|
@@ -49,7 +49,7 @@ settingsService.setRootCertificates({
|
|
|
49
49
|
});
|
|
50
50
|
settingsService.setRootCertificates({
|
|
51
51
|
identifier: 'android-safetynet',
|
|
52
|
-
certificates: [android_safetynet_1.
|
|
52
|
+
certificates: [android_safetynet_1.GlobalSign_Root_CA],
|
|
53
53
|
});
|
|
54
54
|
settingsService.setRootCertificates({
|
|
55
55
|
identifier: 'apple',
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"settingsService.js","sourceRoot":"","sources":["../../src/services/settingsService.ts"],"names":[],"mappings":";;;;;AACA,+FAAuE;AAEvE,
|
|
1
|
+
{"version":3,"file":"settingsService.js","sourceRoot":"","sources":["../../src/services/settingsService.ts"],"names":[],"mappings":";;;;;AACA,+FAAuE;AAEvE,4EAA0E;AAC1E,gEAGwC;AACxC,oDAAkE;AAClE,gDAA+D;AAI/D,MAAM,eAAe;IAInB;QACE,IAAI,CAAC,eAAe,GAAG,IAAI,GAAG,EAAE,CAAC;IACnC,CAAC;IAED;;;;;;OAMG;IACH,mBAAmB,CAAC,IAGnB;QACC,MAAM,EAAE,UAAU,EAAE,YAAY,EAAE,GAAG,IAAI,CAAC;QAE1C,MAAM,eAAe,GAAa,EAAE,CAAC;QACrC,KAAK,MAAM,IAAI,IAAI,YAAY,EAAE;YAC/B,IAAI,IAAI,YAAY,MAAM,EAAE;gBAC1B,eAAe,CAAC,IAAI,CAAC,gCAAsB,CAAC,IAAI,CAAC,CAAC,CAAC;aACpD;iBAAM;gBACL,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;aAC5B;SACF;QAED,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,UAAU,EAAE,eAAe,CAAC,CAAC;IACxD,CAAC;IAED;;OAEG;IACH,mBAAmB,CAAC,IAAwC;;QAC1D,MAAM,EAAE,UAAU,EAAE,GAAG,IAAI,CAAC;QAC5B,OAAO,MAAA,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,UAAU,CAAC,mCAAI,EAAE,CAAC;IACpD,CAAC;CACF;AAED,MAAM,eAAe,GAAG,IAAI,eAAe,EAAE,CAAC;AAE9C,kCAAkC;AAClC,eAAe,CAAC,mBAAmB,CAAC;IAClC,UAAU,EAAE,aAAa;IACzB,YAAY,EAAE,CAAC,gDAAkC,EAAE,gDAAkC,CAAC;CACvF,CAAC,CAAC;AAEH,eAAe,CAAC,mBAAmB,CAAC;IAClC,UAAU,EAAE,mBAAmB;IAC/B,YAAY,EAAE,CAAC,sCAAkB,CAAC;CACnC,CAAC,CAAC;AAEH,eAAe,CAAC,mBAAmB,CAAC;IAClC,UAAU,EAAE,OAAO;IACnB,YAAY,EAAE,CAAC,8BAAsB,CAAC;CACvC,CAAC,CAAC;AAEH,eAAe,CAAC,mBAAmB,CAAC;IAClC,UAAU,EAAE,KAAK;IACjB,YAAY,EAAE,CAAC,2BAAqB,CAAC;CACtC,CAAC,CAAC;AAEH,kBAAe,eAAe,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@simplewebauthn/server",
|
|
3
|
-
"version": "4.
|
|
3
|
+
"version": "4.4.0",
|
|
4
4
|
"description": "SimpleWebAuthn for Servers",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
@@ -52,15 +52,17 @@
|
|
|
52
52
|
"@simplewebauthn/typescript-types": "^4.0.0",
|
|
53
53
|
"base64url": "^3.0.1",
|
|
54
54
|
"cbor": "^5.1.0",
|
|
55
|
+
"debug": "^4.3.2",
|
|
55
56
|
"elliptic": "^6.5.3",
|
|
56
57
|
"jsrsasign": "^10.4.0",
|
|
57
58
|
"jwk-to-pem": "^2.0.4",
|
|
58
59
|
"node-fetch": "^2.6.0",
|
|
59
60
|
"node-rsa": "^1.1.1"
|
|
60
61
|
},
|
|
61
|
-
"gitHead": "
|
|
62
|
+
"gitHead": "4a8fb255d4fd6fbc146dedf0a2efc938b99f5973",
|
|
62
63
|
"devDependencies": {
|
|
63
64
|
"@types/cbor": "^5.0.1",
|
|
65
|
+
"@types/debug": "^4.1.7",
|
|
64
66
|
"@types/elliptic": "^6.4.13",
|
|
65
67
|
"@types/jsrsasign": "^8.0.13",
|
|
66
68
|
"@types/jwk-to-pem": "^2.0.1",
|