@simplewebauthn/server 5.3.0 → 5.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/authentication/generateAuthenticationOptions.d.ts +1 -1
- package/dist/authentication/generateAuthenticationOptions.js +4 -3
- package/dist/authentication/generateAuthenticationOptions.js.map +1 -1
- package/dist/authentication/verifyAuthenticationResponse.d.ts +5 -1
- package/dist/authentication/verifyAuthenticationResponse.js +19 -17
- package/dist/authentication/verifyAuthenticationResponse.js.map +1 -1
- package/dist/helpers/convertAAGUIDToString.d.ts +1 -1
- package/dist/helpers/convertAAGUIDToString.js +2 -1
- package/dist/helpers/convertAAGUIDToString.js.map +1 -1
- package/dist/helpers/convertCOSEtoPKCS.d.ts +1 -1
- package/dist/helpers/convertCOSEtoPKCS.js +2 -2
- package/dist/helpers/convertCOSEtoPKCS.js.map +1 -1
- package/dist/helpers/convertCertBufferToPEM.d.ts +1 -1
- package/dist/helpers/convertCertBufferToPEM.js +2 -1
- package/dist/helpers/convertCertBufferToPEM.js.map +1 -1
- package/dist/helpers/convertPublicKeyToPEM.d.ts +1 -1
- package/dist/helpers/convertPublicKeyToPEM.js +2 -1
- package/dist/helpers/convertPublicKeyToPEM.js.map +1 -1
- package/dist/helpers/decodeAttestationObject.d.ts +1 -1
- package/dist/helpers/decodeAttestationObject.js +2 -1
- package/dist/helpers/decodeAttestationObject.js.map +1 -1
- package/dist/helpers/decodeAuthenticatorExtensions.d.ts +20 -0
- package/dist/helpers/decodeAuthenticatorExtensions.js +25 -0
- package/dist/helpers/decodeAuthenticatorExtensions.js.map +1 -0
- package/dist/helpers/decodeClientDataJSON.d.ts +1 -1
- package/dist/helpers/decodeClientDataJSON.js +2 -1
- package/dist/helpers/decodeClientDataJSON.js.map +1 -1
- package/dist/helpers/decodeCredentialPublicKey.d.ts +1 -1
- package/dist/helpers/decodeCredentialPublicKey.js +2 -1
- package/dist/helpers/decodeCredentialPublicKey.js.map +1 -1
- package/dist/helpers/generateChallenge.d.ts +1 -1
- package/dist/helpers/generateChallenge.js +2 -1
- package/dist/helpers/generateChallenge.js.map +1 -1
- package/dist/helpers/getCertificateInfo.d.ts +1 -1
- package/dist/helpers/getCertificateInfo.js +2 -1
- package/dist/helpers/getCertificateInfo.js.map +1 -1
- package/dist/helpers/index.d.ts +15 -15
- package/dist/helpers/index.js +30 -33
- package/dist/helpers/index.js.map +1 -1
- package/dist/helpers/isBase64URLString.d.ts +1 -1
- package/dist/helpers/isBase64URLString.js +2 -1
- package/dist/helpers/isBase64URLString.js.map +1 -1
- package/dist/helpers/isCertRevoked.d.ts +1 -1
- package/dist/helpers/isCertRevoked.js +4 -3
- package/dist/helpers/isCertRevoked.js.map +1 -1
- package/dist/helpers/parseAuthenticatorData.d.ts +3 -1
- package/dist/helpers/parseAuthenticatorData.js +12 -7
- package/dist/helpers/parseAuthenticatorData.js.map +1 -1
- package/dist/helpers/parseBackupFlags.js.map +1 -1
- package/dist/helpers/toHash.d.ts +1 -1
- package/dist/helpers/toHash.js +2 -1
- package/dist/helpers/toHash.js.map +1 -1
- package/dist/helpers/validateCertificatePath.d.ts +1 -1
- package/dist/helpers/validateCertificatePath.js +4 -6
- package/dist/helpers/validateCertificatePath.js.map +1 -1
- package/dist/helpers/verifySignature.d.ts +1 -1
- package/dist/helpers/verifySignature.js +2 -1
- package/dist/helpers/verifySignature.js.map +1 -1
- package/dist/index.d.ts +6 -6
- package/dist/index.js +12 -15
- package/dist/index.js.map +1 -1
- package/dist/metadata/parseJWT.d.ts +1 -1
- package/dist/metadata/parseJWT.js +2 -1
- package/dist/metadata/parseJWT.js.map +1 -1
- package/dist/metadata/verifyAttestationWithMetadata.d.ts +1 -1
- package/dist/metadata/verifyAttestationWithMetadata.js +9 -11
- package/dist/metadata/verifyAttestationWithMetadata.js.map +1 -1
- package/dist/registration/generateRegistrationOptions.d.ts +1 -1
- package/dist/registration/generateRegistrationOptions.js +4 -4
- package/dist/registration/generateRegistrationOptions.js.map +1 -1
- package/dist/registration/verifications/tpm/parseCertInfo.d.ts +1 -1
- package/dist/registration/verifications/tpm/parseCertInfo.js +2 -1
- package/dist/registration/verifications/tpm/parseCertInfo.js.map +1 -1
- package/dist/registration/verifications/tpm/parsePubArea.d.ts +1 -1
- package/dist/registration/verifications/tpm/parsePubArea.js +2 -1
- package/dist/registration/verifications/tpm/parsePubArea.js.map +1 -1
- package/dist/registration/verifications/tpm/verifyAttestationTPM.d.ts +2 -0
- package/dist/registration/verifications/tpm/{verifyTPM.js → verifyAttestationTPM.js} +25 -27
- package/dist/registration/verifications/tpm/verifyAttestationTPM.js.map +1 -0
- package/dist/registration/verifications/{verifyAndroidKey.d.ts → verifyAttestationAndroidKey.d.ts} +1 -1
- package/dist/registration/verifications/{verifyAndroidKey.js → verifyAttestationAndroidKey.js} +15 -40
- package/dist/registration/verifications/verifyAttestationAndroidKey.js.map +1 -0
- package/dist/registration/verifications/{verifyAndroidSafetyNet.d.ts → verifyAttestationAndroidSafetyNet.d.ts} +1 -1
- package/dist/registration/verifications/{verifyAndroidSafetyNet.js → verifyAttestationAndroidSafetyNet.js} +17 -16
- package/dist/registration/verifications/verifyAttestationAndroidSafetyNet.js.map +1 -0
- package/dist/registration/verifications/verifyAttestationApple.d.ts +2 -0
- package/dist/registration/verifications/{verifyApple.js → verifyAttestationApple.js} +11 -13
- package/dist/registration/verifications/verifyAttestationApple.js.map +1 -0
- package/dist/registration/verifications/{verifyFIDOU2F.d.ts → verifyAttestationFIDOU2F.d.ts} +1 -1
- package/dist/registration/verifications/{verifyFIDOU2F.js → verifyAttestationFIDOU2F.js} +11 -13
- package/dist/registration/verifications/verifyAttestationFIDOU2F.js.map +1 -0
- package/dist/registration/verifications/{verifyPacked.d.ts → verifyAttestationPacked.d.ts} +1 -1
- package/dist/registration/verifications/{verifyPacked.js → verifyAttestationPacked.js} +22 -44
- package/dist/registration/verifications/verifyAttestationPacked.js.map +1 -0
- package/dist/registration/verifyRegistrationResponse.d.ts +6 -2
- package/dist/registration/verifyRegistrationResponse.js +32 -30
- package/dist/registration/verifyRegistrationResponse.js.map +1 -1
- package/dist/services/metadataService.d.ts +2 -2
- package/dist/services/metadataService.js +13 -14
- package/dist/services/metadataService.js.map +1 -1
- package/dist/services/settingsService.d.ts +3 -3
- package/dist/services/settingsService.js +9 -12
- package/dist/services/settingsService.js.map +1 -1
- package/package.json +3 -3
- package/dist/registration/verifications/tpm/verifyTPM.d.ts +0 -2
- package/dist/registration/verifications/tpm/verifyTPM.js.map +0 -1
- package/dist/registration/verifications/verifyAndroidKey.js.map +0 -1
- package/dist/registration/verifications/verifyAndroidSafetyNet.js.map +0 -1
- package/dist/registration/verifications/verifyApple.d.ts +0 -2
- package/dist/registration/verifications/verifyApple.js.map +0 -1
- package/dist/registration/verifications/verifyFIDOU2F.js.map +0 -1
- package/dist/registration/verifications/verifyPacked.js.map +0 -1
|
@@ -1,42 +1,20 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
-
if (k2 === undefined) k2 = k;
|
|
4
|
-
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
-
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
-
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
-
}
|
|
8
|
-
Object.defineProperty(o, k2, desc);
|
|
9
|
-
}) : (function(o, m, k, k2) {
|
|
10
|
-
if (k2 === undefined) k2 = k;
|
|
11
|
-
o[k2] = m[k];
|
|
12
|
-
}));
|
|
13
|
-
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
-
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
-
}) : function(o, v) {
|
|
16
|
-
o["default"] = v;
|
|
17
|
-
});
|
|
18
|
-
var __importStar = (this && this.__importStar) || function (mod) {
|
|
19
|
-
if (mod && mod.__esModule) return mod;
|
|
20
|
-
var result = {};
|
|
21
|
-
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
|
|
22
|
-
__setModuleDefault(result, mod);
|
|
23
|
-
return result;
|
|
24
|
-
};
|
|
25
2
|
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
26
3
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
27
4
|
};
|
|
28
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.verifyAttestationPacked = void 0;
|
|
29
7
|
const elliptic_1 = __importDefault(require("elliptic"));
|
|
30
8
|
const node_rsa_1 = __importDefault(require("node-rsa"));
|
|
31
|
-
const convertCOSEtoPKCS_1 =
|
|
32
|
-
const toHash_1 =
|
|
33
|
-
const convertCertBufferToPEM_1 =
|
|
34
|
-
const validateCertificatePath_1 =
|
|
35
|
-
const getCertificateInfo_1 =
|
|
36
|
-
const verifySignature_1 =
|
|
37
|
-
const decodeCredentialPublicKey_1 =
|
|
38
|
-
const metadataService_1 =
|
|
39
|
-
const verifyAttestationWithMetadata_1 =
|
|
9
|
+
const convertCOSEtoPKCS_1 = require("../../helpers/convertCOSEtoPKCS");
|
|
10
|
+
const toHash_1 = require("../../helpers/toHash");
|
|
11
|
+
const convertCertBufferToPEM_1 = require("../../helpers/convertCertBufferToPEM");
|
|
12
|
+
const validateCertificatePath_1 = require("../../helpers/validateCertificatePath");
|
|
13
|
+
const getCertificateInfo_1 = require("../../helpers/getCertificateInfo");
|
|
14
|
+
const verifySignature_1 = require("../../helpers/verifySignature");
|
|
15
|
+
const decodeCredentialPublicKey_1 = require("../../helpers/decodeCredentialPublicKey");
|
|
16
|
+
const metadataService_1 = require("../../services/metadataService");
|
|
17
|
+
const verifyAttestationWithMetadata_1 = require("../../metadata/verifyAttestationWithMetadata");
|
|
40
18
|
/**
|
|
41
19
|
* Verify an attestation response with fmt 'packed'
|
|
42
20
|
*/
|
|
@@ -51,10 +29,10 @@ async function verifyAttestationPacked(options) {
|
|
|
51
29
|
}
|
|
52
30
|
const signatureBase = Buffer.concat([authData, clientDataHash]);
|
|
53
31
|
let verified = false;
|
|
54
|
-
const pkcsPublicKey = (0, convertCOSEtoPKCS_1.
|
|
32
|
+
const pkcsPublicKey = (0, convertCOSEtoPKCS_1.convertCOSEtoPKCS)(credentialPublicKey);
|
|
55
33
|
if (x5c) {
|
|
56
|
-
const leafCert = (0, convertCertBufferToPEM_1.
|
|
57
|
-
const { subject, basicConstraintsCA, version, notBefore, notAfter } = (0, getCertificateInfo_1.
|
|
34
|
+
const leafCert = (0, convertCertBufferToPEM_1.convertCertBufferToPEM)(x5c[0]);
|
|
35
|
+
const { subject, basicConstraintsCA, version, notBefore, notAfter } = (0, getCertificateInfo_1.getCertificateInfo)(x5c[0]);
|
|
58
36
|
const { OU, CN, O, C } = subject;
|
|
59
37
|
if (OU !== 'Authenticator Attestation') {
|
|
60
38
|
throw new Error('Certificate OU was not "Authenticator Attestation" (Packed|Full)');
|
|
@@ -85,7 +63,7 @@ async function verifyAttestationPacked(options) {
|
|
|
85
63
|
// TODO: If certificate contains id-fido-gen-ce-aaguid(1.3.6.1.4.1.45724.1.1.4) extension, check
|
|
86
64
|
// that it’s value is set to the same AAGUID as in authData.
|
|
87
65
|
// If available, validate attestation alg and x5c with info in the metadata statement
|
|
88
|
-
const statement = await metadataService_1.
|
|
66
|
+
const statement = await metadataService_1.MetadataService.getStatement(aaguid);
|
|
89
67
|
if (statement) {
|
|
90
68
|
// The presence of x5c means this is a full attestation. Check to see if attestationTypes
|
|
91
69
|
// includes packed attestations.
|
|
@@ -93,7 +71,7 @@ async function verifyAttestationPacked(options) {
|
|
|
93
71
|
throw new Error('Metadata does not indicate support for full attestations (Packed|Full)');
|
|
94
72
|
}
|
|
95
73
|
try {
|
|
96
|
-
await (0, verifyAttestationWithMetadata_1.
|
|
74
|
+
await (0, verifyAttestationWithMetadata_1.verifyAttestationWithMetadata)(statement, credentialPublicKey, x5c);
|
|
97
75
|
}
|
|
98
76
|
catch (err) {
|
|
99
77
|
const _err = err;
|
|
@@ -103,17 +81,17 @@ async function verifyAttestationPacked(options) {
|
|
|
103
81
|
else {
|
|
104
82
|
try {
|
|
105
83
|
// Try validating the certificate path using the root certificates set via SettingsService
|
|
106
|
-
await (0, validateCertificatePath_1.
|
|
84
|
+
await (0, validateCertificatePath_1.validateCertificatePath)(x5c.map(convertCertBufferToPEM_1.convertCertBufferToPEM), rootCertificates);
|
|
107
85
|
}
|
|
108
86
|
catch (err) {
|
|
109
87
|
const _err = err;
|
|
110
88
|
throw new Error(`${_err.message} (Packed|Full)`);
|
|
111
89
|
}
|
|
112
90
|
}
|
|
113
|
-
verified = (0, verifySignature_1.
|
|
91
|
+
verified = (0, verifySignature_1.verifySignature)(sig, signatureBase, leafCert);
|
|
114
92
|
}
|
|
115
93
|
else {
|
|
116
|
-
const cosePublicKey = (0, decodeCredentialPublicKey_1.
|
|
94
|
+
const cosePublicKey = (0, decodeCredentialPublicKey_1.decodeCredentialPublicKey)(credentialPublicKey);
|
|
117
95
|
const kty = cosePublicKey.get(convertCOSEtoPKCS_1.COSEKEYS.kty);
|
|
118
96
|
if (!kty) {
|
|
119
97
|
throw new Error('COSE public key was missing kty (Packed|Self)');
|
|
@@ -124,7 +102,7 @@ async function verifyAttestationPacked(options) {
|
|
|
124
102
|
if (!crv) {
|
|
125
103
|
throw new Error('COSE public key was missing kty crv (Packed|EC2)');
|
|
126
104
|
}
|
|
127
|
-
const signatureBaseHash = (0, toHash_1.
|
|
105
|
+
const signatureBaseHash = (0, toHash_1.toHash)(signatureBase, hashAlg);
|
|
128
106
|
/**
|
|
129
107
|
* Instantiating the curve here is _very_ computationally heavy - a bit of profiling
|
|
130
108
|
* (in compiled JS, not TS) reported an average of ~125ms to execute this line. The elliptic
|
|
@@ -158,7 +136,7 @@ async function verifyAttestationPacked(options) {
|
|
|
158
136
|
if (!x) {
|
|
159
137
|
throw new Error('COSE public key was missing x (Packed|OKP)');
|
|
160
138
|
}
|
|
161
|
-
const signatureBaseHash = (0, toHash_1.
|
|
139
|
+
const signatureBaseHash = (0, toHash_1.toHash)(signatureBase, hashAlg);
|
|
162
140
|
const key = new elliptic_1.default.eddsa('ed25519');
|
|
163
141
|
key.keyFromPublic(x);
|
|
164
142
|
// TODO: is `publicKey` right here?
|
|
@@ -167,5 +145,5 @@ async function verifyAttestationPacked(options) {
|
|
|
167
145
|
}
|
|
168
146
|
return verified;
|
|
169
147
|
}
|
|
170
|
-
exports.
|
|
171
|
-
//# sourceMappingURL=
|
|
148
|
+
exports.verifyAttestationPacked = verifyAttestationPacked;
|
|
149
|
+
//# sourceMappingURL=verifyAttestationPacked.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"verifyAttestationPacked.js","sourceRoot":"","sources":["../../../src/registration/verifications/verifyAttestationPacked.ts"],"names":[],"mappings":";;;;;;AAAA,wDAAgC;AAChC,wDAA+B;AAI/B,uEAOyC;AACzC,iDAA8C;AAC9C,iFAA8E;AAC9E,mFAAgF;AAChF,yEAAsE;AACtE,mEAAgE;AAChE,uFAAoF;AACpF,oEAAiE;AACjE,gGAA6F;AAE7F;;GAEG;AACI,KAAK,UAAU,uBAAuB,CAC3C,OAAsC;IAEtC,MAAM,EAAE,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,mBAAmB,EAAE,MAAM,EAAE,gBAAgB,EAAE,GACxF,OAAO,CAAC;IAEV,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;IAElC,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,qEAAqE,CAAC,CAAC;KACxF;IAED,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE;QAC3B,MAAM,IAAI,KAAK,CAAC,8BAA8B,GAAG,4BAA4B,CAAC,CAAC;KAChF;IAED,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC,CAAC;IAEhE,IAAI,QAAQ,GAAG,KAAK,CAAC;IACrB,MAAM,aAAa,GAAG,IAAA,qCAAiB,EAAC,mBAAmB,CAAC,CAAC;IAE7D,IAAI,GAAG,EAAE;QACP,MAAM,QAAQ,GAAG,IAAA,+CAAsB,EAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAChD,MAAM,EAAE,OAAO,EAAE,kBAAkB,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,GAAG,IAAA,uCAAkB,EACtF,GAAG,CAAC,CAAC,CAAC,CACP,CAAC;QAEF,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,OAAO,CAAC;QAEjC,IAAI,EAAE,KAAK,2BAA2B,EAAE;YACtC,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;SACrF;QAED,IAAI,CAAC,EAAE,EAAE;YACP,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;SAC3D;QAED,IAAI,CAAC,CAAC,EAAE;YACN,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;SAC1D;QAED,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE;YACxB,MAAM,IAAI,KAAK,CAAC,iEAAiE,CAAC,CAAC;SACpF;QAED,IAAI,kBAAkB,EAAE;YACtB,MAAM,IAAI,KAAK,CAAC,gEAAgE,CAAC,CAAC;SACnF;QAED,IAAI,OAAO,KAAK,CAAC,EAAE;YACjB,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;SACrF;QAED,IAAI,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACrB,IAAI,SAAS,GAAG,GAAG,EAAE;YACnB,MAAM,IAAI,KAAK,CAAC,gCAAgC,SAAS,CAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAC;SACxF;QAED,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACjB,IAAI,QAAQ,GAAG,GAAG,EAAE;YAClB,MAAM,IAAI,KAAK,CAAC,+BAA+B,QAAQ,CAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAC;SACtF;QAED,gGAAgG;QAChG,4DAA4D;QAE5D,qFAAqF;QACrF,MAAM,SAAS,GAAG,MAAM,iCAAe,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;QAC7D,IAAI,SAAS,EAAE;YACb,yFAAyF;YACzF,gCAAgC;YAChC,IAAI,SAAS,CAAC,gBAAgB,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,EAAE;gBACxD,MAAM,IAAI,KAAK,CAAC,wEAAwE,CAAC,CAAC;aAC3F;YAED,IAAI;gBACF,MAAM,IAAA,6DAA6B,EAAC,SAAS,EAAE,mBAAmB,EAAE,GAAG,CAAC,CAAC;aAC1E;YAAC,OAAO,GAAG,EAAE;gBACZ,MAAM,IAAI,GAAG,GAAY,CAAC;gBAC1B,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,gBAAgB,CAAC,CAAC;aAClD;SACF;aAAM;YACL,IAAI;gBACF,0FAA0F;gBAC1F,MAAM,IAAA,iDAAuB,EAAC,GAAG,CAAC,GAAG,CAAC,+CAAsB,CAAC,EAAE,gBAAgB,CAAC,CAAC;aAClF;YAAC,OAAO,GAAG,EAAE;gBACZ,MAAM,IAAI,GAAG,GAAY,CAAC;gBAC1B,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,gBAAgB,CAAC,CAAC;aAClD;SACF;QAED,QAAQ,GAAG,IAAA,iCAAe,EAAC,GAAG,EAAE,aAAa,EAAE,QAAQ,CAAC,CAAC;KAC1D;SAAM;QACL,MAAM,aAAa,GAAG,IAAA,qDAAyB,EAAC,mBAAmB,CAAC,CAAC;QAErE,MAAM,GAAG,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,GAAG,CAAC,CAAC;QAE5C,IAAI,CAAC,GAAG,EAAE;YACR,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;SAClE;QAED,MAAM,OAAO,GAAW,+BAAW,CAAC,GAAa,CAAC,CAAC;QAEnD,IAAI,GAAG,KAAK,2BAAO,CAAC,GAAG,EAAE;YACvB,MAAM,GAAG,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,GAAG,CAAC,CAAC;YAE5C,IAAI,CAAC,GAAG,EAAE;gBACR,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;aACrE;YAED,MAAM,iBAAiB,GAAG,IAAA,eAAM,EAAC,aAAa,EAAE,OAAO,CAAC,CAAC;YAEzD;;;;;;;;eAQG;YACH,MAAM,EAAE,GAAG,IAAI,kBAAQ,CAAC,EAAE,CAAC,2BAAO,CAAC,GAAa,CAAC,CAAC,CAAC;YACnD,MAAM,GAAG,GAAG,EAAE,CAAC,aAAa,CAAC,aAAa,CAAC,CAAC;YAE5C,QAAQ,GAAG,GAAG,CAAC,MAAM,CAAC,iBAAiB,EAAE,GAAG,CAAC,CAAC;SAC/C;aAAM,IAAI,GAAG,KAAK,2BAAO,CAAC,GAAG,EAAE;YAC9B,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,CAAC,CAAC,CAAC;YAExC,IAAI,CAAC,CAAC,EAAE;gBACN,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;aAC/D;YAED,MAAM,aAAa,GAAG,iCAAa,CAAC,GAAa,CAAC,CAAC;YAEnD,0BAA0B;YAC1B,MAAM,GAAG,GAAG,IAAI,kBAAO,EAAE,CAAC;YAC1B,GAAG,CAAC,UAAU,CAAC,EAAE,aAAa,EAAE,CAAC,CAAC;YAClC,GAAG,CAAC,SAAS,CACX;gBACE,CAAC,EAAE,CAAW;gBACd,CAAC,EAAE,KAAK;aACT,EACD,mBAAmB,CACpB,CAAC;YAEF,QAAQ,GAAG,GAAG,CAAC,MAAM,CAAC,aAAa,EAAE,GAAG,CAAC,CAAC;SAC3C;aAAM,IAAI,GAAG,KAAK,2BAAO,CAAC,GAAG,EAAE;YAC9B,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,CAAC,CAAC,CAAC;YAExC,IAAI,CAAC,CAAC,EAAE;gBACN,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;aAC/D;YAED,MAAM,iBAAiB,GAAG,IAAA,eAAM,EAAC,aAAa,EAAE,OAAO,CAAC,CAAC;YAEzD,MAAM,GAAG,GAAG,IAAI,kBAAQ,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;YAC1C,GAAG,CAAC,aAAa,CAAC,CAAW,CAAC,CAAC;YAE/B,mCAAmC;YACnC,QAAQ,GAAG,GAAG,CAAC,MAAM,CAAC,iBAAiB,EAAE,GAAG,EAAE,aAAa,CAAC,CAAC;SAC9D;KACF;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AApKD,0DAoKC"}
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
/// <reference types="node" />
|
|
2
2
|
import { RegistrationCredentialJSON, COSEAlgorithmIdentifier, CredentialDeviceType } from '@simplewebauthn/typescript-types';
|
|
3
3
|
import { AttestationFormat, AttestationStatement } from '../helpers/decodeAttestationObject';
|
|
4
|
+
import { AuthenticationExtensionsAuthenticatorOutputs } from '../helpers/decodeAuthenticatorExtensions';
|
|
4
5
|
export declare type VerifyRegistrationResponseOpts = {
|
|
5
6
|
credential: RegistrationCredentialJSON;
|
|
6
7
|
expectedChallenge: string | ((challenge: string) => boolean);
|
|
@@ -24,7 +25,7 @@ export declare type VerifyRegistrationResponseOpts = {
|
|
|
24
25
|
* @param supportedAlgorithmIDs Array of numeric COSE algorithm identifiers supported for
|
|
25
26
|
* attestation by this RP. See https://www.iana.org/assignments/cose/cose.xhtml#algorithms
|
|
26
27
|
*/
|
|
27
|
-
export
|
|
28
|
+
export declare function verifyRegistrationResponse(options: VerifyRegistrationResponseOpts): Promise<VerifiedRegistrationResponse>;
|
|
28
29
|
/**
|
|
29
30
|
* Result of registration verification
|
|
30
31
|
*
|
|
@@ -45,6 +46,8 @@ export default function verifyRegistrationResponse(options: VerifyRegistrationRe
|
|
|
45
46
|
* @param registrationInfo.credentialBackedUp Whether or not the multi-device credential has been
|
|
46
47
|
* backed up. Always `false` for single-device credentials. **Should be kept in a DB for later
|
|
47
48
|
* reference!**
|
|
49
|
+
* @param registrationInfo?.authenticatorExtensionResults The authenticator extensions returned
|
|
50
|
+
* by the browser
|
|
48
51
|
*/
|
|
49
52
|
export declare type VerifiedRegistrationResponse = {
|
|
50
53
|
verified: boolean;
|
|
@@ -54,11 +57,12 @@ export declare type VerifiedRegistrationResponse = {
|
|
|
54
57
|
aaguid: string;
|
|
55
58
|
credentialID: Buffer;
|
|
56
59
|
credentialPublicKey: Buffer;
|
|
57
|
-
credentialType:
|
|
60
|
+
credentialType: 'public-key';
|
|
58
61
|
attestationObject: Buffer;
|
|
59
62
|
userVerified: boolean;
|
|
60
63
|
credentialDeviceType: CredentialDeviceType;
|
|
61
64
|
credentialBackedUp: boolean;
|
|
65
|
+
authenticatorExtensionResults?: AuthenticationExtensionsAuthenticatorOutputs;
|
|
62
66
|
};
|
|
63
67
|
};
|
|
64
68
|
/**
|
|
@@ -3,23 +3,24 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
3
3
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
4
|
};
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.verifyRegistrationResponse = void 0;
|
|
6
7
|
const base64url_1 = __importDefault(require("base64url"));
|
|
7
|
-
const decodeAttestationObject_1 =
|
|
8
|
-
const decodeClientDataJSON_1 =
|
|
9
|
-
const parseAuthenticatorData_1 =
|
|
10
|
-
const toHash_1 =
|
|
11
|
-
const decodeCredentialPublicKey_1 =
|
|
8
|
+
const decodeAttestationObject_1 = require("../helpers/decodeAttestationObject");
|
|
9
|
+
const decodeClientDataJSON_1 = require("../helpers/decodeClientDataJSON");
|
|
10
|
+
const parseAuthenticatorData_1 = require("../helpers/parseAuthenticatorData");
|
|
11
|
+
const toHash_1 = require("../helpers/toHash");
|
|
12
|
+
const decodeCredentialPublicKey_1 = require("../helpers/decodeCredentialPublicKey");
|
|
12
13
|
const convertCOSEtoPKCS_1 = require("../helpers/convertCOSEtoPKCS");
|
|
13
|
-
const convertAAGUIDToString_1 =
|
|
14
|
+
const convertAAGUIDToString_1 = require("../helpers/convertAAGUIDToString");
|
|
14
15
|
const parseBackupFlags_1 = require("../helpers/parseBackupFlags");
|
|
15
|
-
const settingsService_1 =
|
|
16
|
+
const settingsService_1 = require("../services/settingsService");
|
|
16
17
|
const generateRegistrationOptions_1 = require("./generateRegistrationOptions");
|
|
17
|
-
const
|
|
18
|
-
const
|
|
19
|
-
const
|
|
20
|
-
const
|
|
21
|
-
const
|
|
22
|
-
const
|
|
18
|
+
const verifyAttestationFIDOU2F_1 = require("./verifications/verifyAttestationFIDOU2F");
|
|
19
|
+
const verifyAttestationPacked_1 = require("./verifications/verifyAttestationPacked");
|
|
20
|
+
const verifyAttestationAndroidSafetyNet_1 = require("./verifications/verifyAttestationAndroidSafetyNet");
|
|
21
|
+
const verifyAttestationTPM_1 = require("./verifications/tpm/verifyAttestationTPM");
|
|
22
|
+
const verifyAttestationAndroidKey_1 = require("./verifications/verifyAttestationAndroidKey");
|
|
23
|
+
const verifyAttestationApple_1 = require("./verifications/verifyAttestationApple");
|
|
23
24
|
/**
|
|
24
25
|
* Verify that the user has legitimately completed the registration process
|
|
25
26
|
*
|
|
@@ -50,7 +51,7 @@ async function verifyRegistrationResponse(options) {
|
|
|
50
51
|
if (credentialType !== 'public-key') {
|
|
51
52
|
throw new Error(`Unexpected credential type ${credentialType}, expected "public-key"`);
|
|
52
53
|
}
|
|
53
|
-
const clientDataJSON = (0, decodeClientDataJSON_1.
|
|
54
|
+
const clientDataJSON = (0, decodeClientDataJSON_1.decodeClientDataJSON)(response.clientDataJSON);
|
|
54
55
|
const { type, origin, challenge, tokenBinding } = clientDataJSON;
|
|
55
56
|
// Make sure we're handling an registration
|
|
56
57
|
if (type !== 'webauthn.create') {
|
|
@@ -85,14 +86,14 @@ async function verifyRegistrationResponse(options) {
|
|
|
85
86
|
}
|
|
86
87
|
}
|
|
87
88
|
const attestationObject = base64url_1.default.toBuffer(response.attestationObject);
|
|
88
|
-
const decodedAttestationObject = (0, decodeAttestationObject_1.
|
|
89
|
+
const decodedAttestationObject = (0, decodeAttestationObject_1.decodeAttestationObject)(attestationObject);
|
|
89
90
|
const { fmt, authData, attStmt } = decodedAttestationObject;
|
|
90
|
-
const parsedAuthData = (0, parseAuthenticatorData_1.
|
|
91
|
-
const { aaguid, rpIdHash, flags, credentialID, counter, credentialPublicKey } = parsedAuthData;
|
|
91
|
+
const parsedAuthData = (0, parseAuthenticatorData_1.parseAuthenticatorData)(authData);
|
|
92
|
+
const { aaguid, rpIdHash, flags, credentialID, counter, credentialPublicKey, extensionsData } = parsedAuthData;
|
|
92
93
|
// Make sure the response's RP ID is ours
|
|
93
94
|
if (expectedRPID) {
|
|
94
95
|
if (typeof expectedRPID === 'string') {
|
|
95
|
-
const expectedRPIDHash = (0, toHash_1.
|
|
96
|
+
const expectedRPIDHash = (0, toHash_1.toHash)(Buffer.from(expectedRPID, 'ascii'));
|
|
96
97
|
if (!rpIdHash.equals(expectedRPIDHash)) {
|
|
97
98
|
throw new Error(`Unexpected RP ID hash`);
|
|
98
99
|
}
|
|
@@ -100,7 +101,7 @@ async function verifyRegistrationResponse(options) {
|
|
|
100
101
|
else {
|
|
101
102
|
// Go through each expected RP ID and try to find one that matches
|
|
102
103
|
const foundMatch = expectedRPID.some(expected => {
|
|
103
|
-
const expectedRPIDHash = (0, toHash_1.
|
|
104
|
+
const expectedRPIDHash = (0, toHash_1.toHash)(Buffer.from(expected, 'ascii'));
|
|
104
105
|
return rpIdHash.equals(expectedRPIDHash);
|
|
105
106
|
});
|
|
106
107
|
if (!foundMatch) {
|
|
@@ -125,7 +126,7 @@ async function verifyRegistrationResponse(options) {
|
|
|
125
126
|
if (!aaguid) {
|
|
126
127
|
throw new Error('No AAGUID was present during registration');
|
|
127
128
|
}
|
|
128
|
-
const decodedPublicKey = (0, decodeCredentialPublicKey_1.
|
|
129
|
+
const decodedPublicKey = (0, decodeCredentialPublicKey_1.decodeCredentialPublicKey)(credentialPublicKey);
|
|
129
130
|
const alg = decodedPublicKey.get(convertCOSEtoPKCS_1.COSEKEYS.alg);
|
|
130
131
|
if (typeof alg !== 'number') {
|
|
131
132
|
throw new Error('Credential public key was missing numeric alg');
|
|
@@ -135,8 +136,8 @@ async function verifyRegistrationResponse(options) {
|
|
|
135
136
|
const supported = supportedAlgorithmIDs.join(', ');
|
|
136
137
|
throw new Error(`Unexpected public key alg "${alg}", expected one of "${supported}"`);
|
|
137
138
|
}
|
|
138
|
-
const clientDataHash = (0, toHash_1.
|
|
139
|
-
const rootCertificates = settingsService_1.
|
|
139
|
+
const clientDataHash = (0, toHash_1.toHash)(base64url_1.default.toBuffer(response.clientDataJSON));
|
|
140
|
+
const rootCertificates = settingsService_1.SettingsService.getRootCertificates({ identifier: fmt });
|
|
140
141
|
// Prepare arguments to pass to the relevant verification method
|
|
141
142
|
const verifierOpts = {
|
|
142
143
|
aaguid,
|
|
@@ -153,22 +154,22 @@ async function verifyRegistrationResponse(options) {
|
|
|
153
154
|
*/
|
|
154
155
|
let verified = false;
|
|
155
156
|
if (fmt === 'fido-u2f') {
|
|
156
|
-
verified = await (0,
|
|
157
|
+
verified = await (0, verifyAttestationFIDOU2F_1.verifyAttestationFIDOU2F)(verifierOpts);
|
|
157
158
|
}
|
|
158
159
|
else if (fmt === 'packed') {
|
|
159
|
-
verified = await (0,
|
|
160
|
+
verified = await (0, verifyAttestationPacked_1.verifyAttestationPacked)(verifierOpts);
|
|
160
161
|
}
|
|
161
162
|
else if (fmt === 'android-safetynet') {
|
|
162
|
-
verified = await (0,
|
|
163
|
+
verified = await (0, verifyAttestationAndroidSafetyNet_1.verifyAttestationAndroidSafetyNet)(verifierOpts);
|
|
163
164
|
}
|
|
164
165
|
else if (fmt === 'android-key') {
|
|
165
|
-
verified = await (0,
|
|
166
|
+
verified = await (0, verifyAttestationAndroidKey_1.verifyAttestationAndroidKey)(verifierOpts);
|
|
166
167
|
}
|
|
167
168
|
else if (fmt === 'tpm') {
|
|
168
|
-
verified = await (0,
|
|
169
|
+
verified = await (0, verifyAttestationTPM_1.verifyAttestationTPM)(verifierOpts);
|
|
169
170
|
}
|
|
170
171
|
else if (fmt === 'apple') {
|
|
171
|
-
verified = await (0,
|
|
172
|
+
verified = await (0, verifyAttestationApple_1.verifyAttestationApple)(verifierOpts);
|
|
172
173
|
}
|
|
173
174
|
else if (fmt === 'none') {
|
|
174
175
|
if (Object.keys(attStmt).length > 0) {
|
|
@@ -188,7 +189,7 @@ async function verifyRegistrationResponse(options) {
|
|
|
188
189
|
toReturn.registrationInfo = {
|
|
189
190
|
fmt,
|
|
190
191
|
counter,
|
|
191
|
-
aaguid: (0, convertAAGUIDToString_1.
|
|
192
|
+
aaguid: (0, convertAAGUIDToString_1.convertAAGUIDToString)(aaguid),
|
|
192
193
|
credentialID,
|
|
193
194
|
credentialPublicKey,
|
|
194
195
|
credentialType,
|
|
@@ -196,9 +197,10 @@ async function verifyRegistrationResponse(options) {
|
|
|
196
197
|
userVerified: flags.uv,
|
|
197
198
|
credentialDeviceType,
|
|
198
199
|
credentialBackedUp,
|
|
200
|
+
authenticatorExtensionResults: extensionsData,
|
|
199
201
|
};
|
|
200
202
|
}
|
|
201
203
|
return toReturn;
|
|
202
204
|
}
|
|
203
|
-
exports.
|
|
205
|
+
exports.verifyRegistrationResponse = verifyRegistrationResponse;
|
|
204
206
|
//# sourceMappingURL=verifyRegistrationResponse.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verifyRegistrationResponse.js","sourceRoot":"","sources":["../../src/registration/verifyRegistrationResponse.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"verifyRegistrationResponse.js","sourceRoot":"","sources":["../../src/registration/verifyRegistrationResponse.ts"],"names":[],"mappings":";;;;;;AAAA,0DAAkC;AAOlC,gFAI4C;AAE5C,0EAAuE;AACvE,8EAA2E;AAC3E,8CAA2C;AAC3C,oFAAiF;AACjF,oEAAwD;AACxD,4EAAyE;AACzE,kEAA+D;AAC/D,iEAA8D;AAE9D,+EAAkF;AAClF,uFAAoF;AACpF,qFAAkF;AAClF,yGAAsG;AACtG,mFAAgF;AAChF,6FAA0F;AAC1F,mFAAgF;AAWhF;;;;;;;;;;;;;;GAcG;AACI,KAAK,UAAU,0BAA0B,CAC9C,OAAuC;IAEvC,MAAM,EACJ,UAAU,EACV,iBAAiB,EACjB,cAAc,EACd,YAAY,EACZ,uBAAuB,GAAG,KAAK,EAC/B,qBAAqB,GAAG,+DAAiC,GAC1D,GAAG,OAAO,CAAC;IACZ,MAAM,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,GAAG,UAAU,CAAC;IAEjE,oCAAoC;IACpC,IAAI,CAAC,EAAE,EAAE;QACP,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;KAC1C;IAED,iCAAiC;IACjC,IAAI,EAAE,KAAK,KAAK,EAAE;QAChB,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;KAC5D;IAED,0CAA0C;IAC1C,IAAI,cAAc,KAAK,YAAY,EAAE;QACnC,MAAM,IAAI,KAAK,CAAC,8BAA8B,cAAc,yBAAyB,CAAC,CAAC;KACxF;IAED,MAAM,cAAc,GAAG,IAAA,2CAAoB,EAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;IAErE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,YAAY,EAAE,GAAG,cAAc,CAAC;IAEjE,2CAA2C;IAC3C,IAAI,IAAI,KAAK,iBAAiB,EAAE;QAC9B,MAAM,IAAI,KAAK,CAAC,0CAA0C,IAAI,EAAE,CAAC,CAAC;KACnE;IAED,sDAAsD;IACtD,IAAI,OAAO,iBAAiB,KAAK,UAAU,EAAE;QAC3C,IAAI,CAAC,iBAAiB,CAAC,SAAS,CAAC,EAAE;YACjC,MAAM,IAAI,KAAK,CACb,iFAAiF,SAAS,GAAG,CAC9F,CAAC;SACH;KACF;SAAM,IAAI,SAAS,KAAK,iBAAiB,EAAE;QAC1C,MAAM,IAAI,KAAK,CACb,+CAA+C,SAAS,gBAAgB,iBAAiB,GAAG,CAC7F,CAAC;KACH;IAED,oCAAoC;IACpC,IAAI,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE;QACjC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE;YACpC,MAAM,IAAI,KAAK,CACb,4CAA4C,MAAM,uBAAuB,cAAc,CAAC,IAAI,CAC1F,IAAI,CACL,EAAE,CACJ,CAAC;SACH;KACF;SAAM;QACL,IAAI,MAAM,KAAK,cAAc,EAAE;YAC7B,MAAM,IAAI,KAAK,CACb,4CAA4C,MAAM,gBAAgB,cAAc,GAAG,CACpF,CAAC;SACH;KACF;IAED,IAAI,YAAY,EAAE;QAChB,IAAI,OAAO,YAAY,KAAK,QAAQ,EAAE;YACpC,MAAM,IAAI,KAAK,CAAC,sCAAsC,YAAY,GAAG,CAAC,CAAC;SACxE;QAED,IAAI,CAAC,SAAS,EAAE,WAAW,EAAE,eAAe,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE;YAC9E,MAAM,IAAI,KAAK,CAAC,4CAA4C,YAAY,CAAC,MAAM,GAAG,CAAC,CAAC;SACrF;KACF;IAED,MAAM,iBAAiB,GAAG,mBAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC;IACzE,MAAM,wBAAwB,GAAG,IAAA,iDAAuB,EAAC,iBAAiB,CAAC,CAAC;IAC5E,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,GAAG,wBAAwB,CAAC;IAE5D,MAAM,cAAc,GAAG,IAAA,+CAAsB,EAAC,QAAQ,CAAC,CAAC;IACxD,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,YAAY,EAAE,OAAO,EAAE,mBAAmB,EAAE,cAAc,EAAE,GAC3F,cAAc,CAAC;IAEjB,yCAAyC;IACzC,IAAI,YAAY,EAAE;QAChB,IAAI,OAAO,YAAY,KAAK,QAAQ,EAAE;YACpC,MAAM,gBAAgB,GAAG,IAAA,eAAM,EAAC,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC,CAAC;YACpE,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,gBAAgB,CAAC,EAAE;gBACtC,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;aAC1C;SACF;aAAM;YACL,kEAAkE;YAClE,MAAM,UAAU,GAAG,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;gBAC9C,MAAM,gBAAgB,GAAG,IAAA,eAAM,EAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC;gBAChE,OAAO,QAAQ,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;YAC3C,CAAC,CAAC,CAAC;YAEH,IAAI,CAAC,UAAU,EAAE;gBACf,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;aAC1C;SACF;KACF;IAED,2CAA2C;IAC3C,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE;QACb,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;KACzD;IAED,yCAAyC;IACzC,IAAI,uBAAuB,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE;QACxC,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;KAC/E;IAED,IAAI,CAAC,YAAY,EAAE;QACjB,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;KACnE;IAED,IAAI,CAAC,mBAAmB,EAAE;QACxB,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;KAChE;IAED,IAAI,CAAC,MAAM,EAAE;QACX,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;KAC9D;IAED,MAAM,gBAAgB,GAAG,IAAA,qDAAyB,EAAC,mBAAmB,CAAC,CAAC;IACxE,MAAM,GAAG,GAAG,gBAAgB,CAAC,GAAG,CAAC,4BAAQ,CAAC,GAAG,CAAC,CAAC;IAE/C,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE;QAC3B,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;KAClE;IAED,kFAAkF;IAClF,IAAI,CAAC,qBAAqB,CAAC,QAAQ,CAAC,GAAa,CAAC,EAAE;QAClD,MAAM,SAAS,GAAG,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACnD,MAAM,IAAI,KAAK,CAAC,8BAA8B,GAAG,uBAAuB,SAAS,GAAG,CAAC,CAAC;KACvF;IAED,MAAM,cAAc,GAAG,IAAA,eAAM,EAAC,mBAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,CAAC;IAC3E,MAAM,gBAAgB,GAAG,iCAAe,CAAC,mBAAmB,CAAC,EAAE,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC;IAElF,gEAAgE;IAChE,MAAM,YAAY,GAAkC;QAClD,MAAM;QACN,OAAO;QACP,QAAQ;QACR,cAAc;QACd,YAAY;QACZ,mBAAmB;QACnB,gBAAgB;QAChB,QAAQ;KACT,CAAC;IAEF;;OAEG;IACH,IAAI,QAAQ,GAAG,KAAK,CAAC;IACrB,IAAI,GAAG,KAAK,UAAU,EAAE;QACtB,QAAQ,GAAG,MAAM,IAAA,mDAAwB,EAAC,YAAY,CAAC,CAAC;KACzD;SAAM,IAAI,GAAG,KAAK,QAAQ,EAAE;QAC3B,QAAQ,GAAG,MAAM,IAAA,iDAAuB,EAAC,YAAY,CAAC,CAAC;KACxD;SAAM,IAAI,GAAG,KAAK,mBAAmB,EAAE;QACtC,QAAQ,GAAG,MAAM,IAAA,qEAAiC,EAAC,YAAY,CAAC,CAAC;KAClE;SAAM,IAAI,GAAG,KAAK,aAAa,EAAE;QAChC,QAAQ,GAAG,MAAM,IAAA,yDAA2B,EAAC,YAAY,CAAC,CAAC;KAC5D;SAAM,IAAI,GAAG,KAAK,KAAK,EAAE;QACxB,QAAQ,GAAG,MAAM,IAAA,2CAAoB,EAAC,YAAY,CAAC,CAAC;KACrD;SAAM,IAAI,GAAG,KAAK,OAAO,EAAE;QAC1B,QAAQ,GAAG,MAAM,IAAA,+CAAsB,EAAC,YAAY,CAAC,CAAC;KACvD;SAAM,IAAI,GAAG,KAAK,MAAM,EAAE;QACzB,IAAI,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE;YACnC,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;SAC1E;QACD,kFAAkF;QAClF,QAAQ,GAAG,IAAI,CAAC;KACjB;SAAM;QACL,MAAM,IAAI,KAAK,CAAC,mCAAmC,GAAG,EAAE,CAAC,CAAC;KAC3D;IAED,MAAM,QAAQ,GAAiC;QAC7C,QAAQ;KACT,CAAC;IAEF,IAAI,QAAQ,CAAC,QAAQ,EAAE;QACrB,MAAM,EAAE,oBAAoB,EAAE,kBAAkB,EAAE,GAAG,IAAA,mCAAgB,EAAC,KAAK,CAAC,CAAC;QAE7E,QAAQ,CAAC,gBAAgB,GAAG;YAC1B,GAAG;YACH,OAAO;YACP,MAAM,EAAE,IAAA,6CAAqB,EAAC,MAAM,CAAC;YACrC,YAAY;YACZ,mBAAmB;YACnB,cAAc;YACd,iBAAiB;YACjB,YAAY,EAAE,KAAK,CAAC,EAAE;YACtB,oBAAoB;YACpB,kBAAkB;YAClB,6BAA6B,EAAE,cAAc;SAC9C,CAAC;KACH;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AA5MD,gEA4MC"}
|
|
@@ -3,15 +3,15 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
3
3
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
4
|
};
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
-
exports.BaseMetadataService = void 0;
|
|
6
|
+
exports.MetadataService = exports.BaseMetadataService = void 0;
|
|
7
7
|
const node_fetch_1 = __importDefault(require("node-fetch"));
|
|
8
8
|
const jsrsasign_1 = require("jsrsasign");
|
|
9
|
-
const validateCertificatePath_1 =
|
|
10
|
-
const convertCertBufferToPEM_1 =
|
|
11
|
-
const convertAAGUIDToString_1 =
|
|
12
|
-
const settingsService_1 =
|
|
9
|
+
const validateCertificatePath_1 = require("../helpers/validateCertificatePath");
|
|
10
|
+
const convertCertBufferToPEM_1 = require("../helpers/convertCertBufferToPEM");
|
|
11
|
+
const convertAAGUIDToString_1 = require("../helpers/convertAAGUIDToString");
|
|
12
|
+
const settingsService_1 = require("../services/settingsService");
|
|
13
13
|
const logging_1 = require("../helpers/logging");
|
|
14
|
-
const parseJWT_1 =
|
|
14
|
+
const parseJWT_1 = require("../metadata/parseJWT");
|
|
15
15
|
const defaultURLMDS = 'https://mds.fidoalliance.org/'; // v3
|
|
16
16
|
var SERVICE_STATE;
|
|
17
17
|
(function (SERVICE_STATE) {
|
|
@@ -47,7 +47,7 @@ class BaseMetadataService {
|
|
|
47
47
|
* authenticators with unregistered AAGUIDs
|
|
48
48
|
*/
|
|
49
49
|
async initialize(opts = {}) {
|
|
50
|
-
const { mdsServers = [defaultURLMDS], statements, verificationMode
|
|
50
|
+
const { mdsServers = [defaultURLMDS], statements, verificationMode } = opts;
|
|
51
51
|
this.setState(SERVICE_STATE.REFRESHING);
|
|
52
52
|
// If metadata statements are provided, load them into the cache first
|
|
53
53
|
if (statements === null || statements === void 0 ? void 0 : statements.length) {
|
|
@@ -111,7 +111,7 @@ class BaseMetadataService {
|
|
|
111
111
|
return;
|
|
112
112
|
}
|
|
113
113
|
if (aaguid instanceof Buffer) {
|
|
114
|
-
aaguid = (0, convertAAGUIDToString_1.
|
|
114
|
+
aaguid = (0, convertAAGUIDToString_1.convertAAGUIDToString)(aaguid);
|
|
115
115
|
}
|
|
116
116
|
// If a cache refresh is in progress then pause this until the service is ready
|
|
117
117
|
await this.pauseUntilReady();
|
|
@@ -161,7 +161,7 @@ class BaseMetadataService {
|
|
|
161
161
|
const resp = await (0, node_fetch_1.default)(url);
|
|
162
162
|
const data = await resp.text();
|
|
163
163
|
// Parse the JWT
|
|
164
|
-
const parsedJWT = (0, parseJWT_1.
|
|
164
|
+
const parsedJWT = (0, parseJWT_1.parseJWT)(data);
|
|
165
165
|
const header = parsedJWT[0];
|
|
166
166
|
const payload = parsedJWT[1];
|
|
167
167
|
if (payload.no <= no) {
|
|
@@ -169,11 +169,11 @@ class BaseMetadataService {
|
|
|
169
169
|
// number of the last BLOB cached locally."
|
|
170
170
|
throw new Error(`Latest BLOB no. "${payload.no}" is not greater than previous ${no}`);
|
|
171
171
|
}
|
|
172
|
-
const headerCertsPEM = header.x5c.map(convertCertBufferToPEM_1.
|
|
172
|
+
const headerCertsPEM = header.x5c.map(convertCertBufferToPEM_1.convertCertBufferToPEM);
|
|
173
173
|
try {
|
|
174
174
|
// Validate the certificate chain
|
|
175
|
-
const rootCerts = settingsService_1.
|
|
176
|
-
await (0, validateCertificatePath_1.
|
|
175
|
+
const rootCerts = settingsService_1.SettingsService.getRootCertificates({ identifier: 'mds' });
|
|
176
|
+
await (0, validateCertificatePath_1.validateCertificatePath)(headerCertsPEM, rootCerts);
|
|
177
177
|
}
|
|
178
178
|
catch (error) {
|
|
179
179
|
const _error = error;
|
|
@@ -258,6 +258,5 @@ class BaseMetadataService {
|
|
|
258
258
|
}
|
|
259
259
|
exports.BaseMetadataService = BaseMetadataService;
|
|
260
260
|
// Export a service singleton
|
|
261
|
-
|
|
262
|
-
exports.default = MetadataService;
|
|
261
|
+
exports.MetadataService = new BaseMetadataService();
|
|
263
262
|
//# sourceMappingURL=metadataService.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"metadataService.js","sourceRoot":"","sources":["../../src/services/metadataService.ts"],"names":[],"mappings":";;;;;;AAAA,4DAA+B;AAC/B,yCAAiC;AAEjC,
|
|
1
|
+
{"version":3,"file":"metadataService.js","sourceRoot":"","sources":["../../src/services/metadataService.ts"],"names":[],"mappings":";;;;;;AAAA,4DAA+B;AAC/B,yCAAiC;AAEjC,gFAA6E;AAC7E,8EAA2E;AAC3E,4EAAyE;AAOzE,iEAA8D;AAC9D,gDAA+C;AAE/C,mDAAgD;AAchD,MAAM,aAAa,GAAG,+BAA+B,CAAC,CAAC,KAAK;AAE5D,IAAK,aAIJ;AAJD,WAAK,aAAa;IAChB,yDAAQ,CAAA;IACR,6DAAU,CAAA;IACV,mDAAK,CAAA;AACP,CAAC,EAJI,aAAa,KAAb,aAAa,QAIjB;AAMD,MAAM,GAAG,GAAG,IAAA,mBAAS,EAAC,iBAAiB,CAAC,CAAC;AAEzC;;;;;GAKG;AACH,MAAa,mBAAmB;IAAhC;QACU,aAAQ,GAAiC,EAAE,CAAC;QAC5C,mBAAc,GAA0C,EAAE,CAAC;QAC3D,UAAK,GAAkB,aAAa,CAAC,QAAQ,CAAC;QAC9C,qBAAgB,GAAqB,QAAQ,CAAC;IAyQxD,CAAC;IAvQC;;;;;;;;;;;;OAYG;IACH,KAAK,CAAC,UAAU,CACd,OAII,EAAE;QAEN,MAAM,EAAE,UAAU,GAAG,CAAC,aAAa,CAAC,EAAE,UAAU,EAAE,gBAAgB,EAAE,GAAG,IAAI,CAAC;QAE5E,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC;QAExC,sEAAsE;QACtE,IAAI,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,MAAM,EAAE;YACtB,IAAI,eAAe,GAAG,CAAC,CAAC;YAExB,UAAU,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE;gBAC7B,qEAAqE;gBACrE,IAAI,SAAS,CAAC,MAAM,EAAE;oBACpB,IAAI,CAAC,cAAc,CAAC,SAAS,CAAC,MAAM,CAAC,GAAG;wBACtC,KAAK,EAAE;4BACL,iBAAiB,EAAE,SAAS;4BAC5B,aAAa,EAAE,EAAE;4BACjB,sBAAsB,EAAE,YAAY;yBACrC;wBACD,GAAG,EAAE,EAAE;qBACR,CAAC;oBAEF,eAAe,IAAI,CAAC,CAAC;iBACtB;YACH,CAAC,CAAC,CAAC;YAEH,GAAG,CAAC,UAAU,eAAe,mBAAmB,CAAC,CAAC;SACnD;QAED,uFAAuF;QACvF,IAAI,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,MAAM,EAAE;YACtB,sFAAsF;YACtF,MAAM,iBAAiB,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,MAAM,CAAC;YAClE,IAAI,UAAU,GAAG,UAAU,CAAC,MAAM,CAAC;YAEnC,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE;gBAC5B,IAAI;oBACF,MAAM,IAAI,CAAC,YAAY,CAAC;wBACtB,GAAG;wBACH,EAAE,EAAE,CAAC;wBACL,UAAU,EAAE,IAAI,IAAI,CAAC,CAAC,CAAC;qBACxB,CAAC,CAAC;iBACJ;gBAAC,OAAO,GAAG,EAAE;oBACZ,kCAAkC;oBAClC,GAAG,CAAC,gCAAgC,GAAG,GAAG,EAAE,GAAG,CAAC,CAAC;oBACjD,UAAU,IAAI,CAAC,CAAC;iBACjB;aACF;YAED,2FAA2F;YAC3F,MAAM,aAAa,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,MAAM,CAAC;YAC9D,MAAM,SAAS,GAAG,aAAa,GAAG,iBAAiB,CAAC;YACpD,GAAG,CAAC,UAAU,SAAS,oBAAoB,UAAU,qBAAqB,CAAC,CAAC;SAC7E;QAED,IAAI,gBAAgB,EAAE;YACpB,IAAI,CAAC,gBAAgB,GAAG,gBAAgB,CAAC;SAC1C;QAED,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;IACrC,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,YAAY,CAAC,MAAuB;QACxC,IAAI,IAAI,CAAC,KAAK,KAAK,aAAa,CAAC,QAAQ,EAAE;YACzC,OAAO;SACR;QAED,IAAI,CAAC,MAAM,EAAE;YACX,OAAO;SACR;QAED,IAAI,MAAM,YAAY,MAAM,EAAE;YAC5B,MAAM,GAAG,IAAA,6CAAqB,EAAC,MAAM,CAAC,CAAC;SACxC;QAED,+EAA+E;QAC/E,MAAM,IAAI,CAAC,eAAe,EAAE,CAAC;QAE7B,iCAAiC;QACjC,MAAM,eAAe,GAAG,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;QAEpD,IAAI,CAAC,eAAe,EAAE;YACpB,IAAI,IAAI,CAAC,gBAAgB,KAAK,QAAQ,EAAE;gBACtC,qEAAqE;gBACrE,MAAM,IAAI,KAAK,CAAC,2CAA2C,MAAM,GAAG,CAAC,CAAC;aACvE;YAED,qEAAqE;YACrE,OAAO;SACR;QAED,gGAAgG;QAChG,IAAI,eAAe,CAAC,GAAG,EAAE;YACvB,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;YAC/C,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;YACvB,IAAI,GAAG,GAAG,GAAG,CAAC,UAAU,EAAE;gBACxB,IAAI;oBACF,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC;oBACxC,MAAM,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC;iBAC9B;wBAAS;oBACR,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;iBACpC;aACF;SACF;QAED,MAAM,EAAE,KAAK,EAAE,GAAG,eAAe,CAAC;QAElC,kFAAkF;QAClF,KAAK,MAAM,MAAM,IAAI,KAAK,CAAC,aAAa,EAAE;YACxC,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,CAAC;YAC1B,IACE,MAAM,KAAK,0BAA0B;gBACrC,MAAM,KAAK,4BAA4B;gBACvC,MAAM,KAAK,4BAA4B;gBACvC,MAAM,KAAK,8BAA8B,EACzC;gBACA,MAAM,IAAI,KAAK,CAAC,gCAAgC,MAAM,GAAG,CAAC,CAAC;aAC5D;SACF;QAED,OAAO,KAAK,CAAC,iBAAiB,CAAC;IACjC,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,YAAY,CAAC,GAAc;QACvC,MAAM,EAAE,GAAG,EAAE,EAAE,EAAE,GAAG,GAAG,CAAC;QACxB,mDAAmD;QACnD,MAAM,IAAI,GAAG,MAAM,IAAA,oBAAK,EAAC,GAAG,CAAC,CAAC;QAC9B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAE/B,gBAAgB;QAChB,MAAM,SAAS,GAAG,IAAA,mBAAQ,EAA8B,IAAI,CAAC,CAAC;QAC9D,MAAM,MAAM,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;QAC5B,MAAM,OAAO,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;QAE7B,IAAI,OAAO,CAAC,EAAE,IAAI,EAAE,EAAE;YACpB,uFAAuF;YACvF,2CAA2C;YAC3C,MAAM,IAAI,KAAK,CAAC,oBAAoB,OAAO,CAAC,EAAE,kCAAkC,EAAE,EAAE,CAAC,CAAC;SACvF;QAED,MAAM,cAAc,GAAG,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,+CAAsB,CAAC,CAAC;QAC9D,IAAI;YACF,iCAAiC;YACjC,MAAM,SAAS,GAAG,iCAAe,CAAC,mBAAmB,CAAC,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,CAAC;YAC7E,MAAM,IAAA,iDAAuB,EAAC,cAAc,EAAE,SAAS,CAAC,CAAC;SAC1D;QAAC,OAAO,KAAK,EAAE;YACd,MAAM,MAAM,GAAU,KAAc,CAAC;YACrC,wFAAwF;YACxF,iCAAiC;YACjC,MAAM,IAAI,KAAK,CAAC,iDAAiD,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;SACpF;QAED,gCAAgC;QAChC,MAAM,QAAQ,GAAG,cAAc,CAAC,CAAC,CAAC,CAAC;QACnC,MAAM,QAAQ,GAAG,gBAAI,CAAC,GAAG,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,EAAE,QAAQ,EAAE;YACtD,GAAG,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC;YACjB,4FAA4F;YAC5F,GAAG,EAAE,EAAE;YACP,GAAG,EAAE,EAAE;YACP,GAAG,EAAE,EAAE;SACR,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,EAAE;YACb,4FAA4F;YAC5F,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;SACzD;QAED,qCAAqC;QACrC,KAAK,MAAM,KAAK,IAAI,OAAO,CAAC,OAAO,EAAE;YACnC,sCAAsC;YACtC,IAAI,KAAK,CAAC,MAAM,EAAE;gBAChB,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;aACpD;SACF;QAED,yDAAyD;QACzD,MAAM,CAAC,IAAI,EAAE,KAAK,EAAE,GAAG,CAAC,GAAG,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACzD,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG;YACnB,GAAG,GAAG;YACN,kFAAkF;YAClF,EAAE,EAAE,OAAO,CAAC,EAAE;YACd,sFAAsF;YACtF,UAAU,EAAE,IAAI,IAAI,CAClB,QAAQ,CAAC,IAAI,EAAE,EAAE,CAAC;YAClB,iCAAiC;YACjC,QAAQ,CAAC,KAAK,EAAE,EAAE,CAAC,GAAG,CAAC,EACvB,QAAQ,CAAC,GAAG,EAAE,EAAE,CAAC,CAClB;SACF,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,eAAe;QAC3B,IAAI,IAAI,CAAC,KAAK,KAAK,aAAa,CAAC,KAAK,EAAE;YACtC,OAAO;SACR;QAED,uCAAuC;QACvC,MAAM,YAAY,GAAG,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACzD,MAAM,cAAc,GAAG,KAAK,CAAC;YAC7B,MAAM,UAAU,GAAG,GAAG,CAAC;YACvB,IAAI,UAAU,GAAG,cAAc,GAAG,UAAU,CAAC;YAE7C,sDAAsD;YACtD,MAAM,UAAU,GAAmB,MAAM,CAAC,WAAW,CAAC,GAAG,EAAE;gBACzD,IAAI,UAAU,GAAG,CAAC,EAAE;oBAClB,aAAa,CAAC,UAAU,CAAC,CAAC;oBAC1B,MAAM,CAAC,iCAAiC,cAAc,GAAG,IAAI,UAAU,CAAC,CAAC;iBAC1E;qBAAM,IAAI,IAAI,CAAC,KAAK,KAAK,aAAa,CAAC,KAAK,EAAE;oBAC7C,aAAa,CAAC,UAAU,CAAC,CAAC;oBAC1B,OAAO,EAAE,CAAC;iBACX;gBAED,UAAU,IAAI,CAAC,CAAC;YAClB,CAAC,EAAE,UAAU,CAAC,CAAC;QACjB,CAAC,CAAC,CAAC;QAEH,OAAO,YAAY,CAAC;IACtB,CAAC;IAED;;OAEG;IACK,QAAQ,CAAC,QAAuB;QACtC,IAAI,CAAC,KAAK,GAAG,QAAQ,CAAC;QAEtB,IAAI,QAAQ,KAAK,aAAa,CAAC,QAAQ,EAAE;YACvC,GAAG,CAAC,6BAA6B,CAAC,CAAC;SACpC;aAAM,IAAI,QAAQ,KAAK,aAAa,CAAC,UAAU,EAAE;YAChD,GAAG,CAAC,+BAA+B,CAAC,CAAC;SACtC;aAAM,IAAI,QAAQ,KAAK,aAAa,CAAC,KAAK,EAAE;YAC3C,GAAG,CAAC,0BAA0B,CAAC,CAAC;SACjC;IACH,CAAC;CACF;AA7QD,kDA6QC;AAED,6BAA6B;AAChB,QAAA,eAAe,GAAG,IAAI,mBAAmB,EAAE,CAAC"}
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
/// <reference types="node" />
|
|
2
2
|
import { AttestationFormat } from '../helpers/decodeAttestationObject';
|
|
3
3
|
declare type RootCertIdentifier = AttestationFormat | 'mds';
|
|
4
|
-
declare class
|
|
4
|
+
declare class BaseSettingsService {
|
|
5
5
|
private pemCertificates;
|
|
6
6
|
constructor();
|
|
7
7
|
/**
|
|
@@ -22,5 +22,5 @@ declare class SettingsService {
|
|
|
22
22
|
identifier: RootCertIdentifier;
|
|
23
23
|
}): string[];
|
|
24
24
|
}
|
|
25
|
-
declare const
|
|
26
|
-
export
|
|
25
|
+
export declare const SettingsService: BaseSettingsService;
|
|
26
|
+
export {};
|
|
@@ -1,14 +1,12 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
-
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
-
};
|
|
5
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
-
|
|
3
|
+
exports.SettingsService = void 0;
|
|
4
|
+
const convertCertBufferToPEM_1 = require("../helpers/convertCertBufferToPEM");
|
|
7
5
|
const android_safetynet_1 = require("./defaultRootCerts/android-safetynet");
|
|
8
6
|
const android_key_1 = require("./defaultRootCerts/android-key");
|
|
9
7
|
const apple_1 = require("./defaultRootCerts/apple");
|
|
10
8
|
const mds_1 = require("./defaultRootCerts/mds");
|
|
11
|
-
class
|
|
9
|
+
class BaseSettingsService {
|
|
12
10
|
constructor() {
|
|
13
11
|
this.pemCertificates = new Map();
|
|
14
12
|
}
|
|
@@ -24,7 +22,7 @@ class SettingsService {
|
|
|
24
22
|
const newCertificates = [];
|
|
25
23
|
for (const cert of certificates) {
|
|
26
24
|
if (cert instanceof Buffer) {
|
|
27
|
-
newCertificates.push((0, convertCertBufferToPEM_1.
|
|
25
|
+
newCertificates.push((0, convertCertBufferToPEM_1.convertCertBufferToPEM)(cert));
|
|
28
26
|
}
|
|
29
27
|
else {
|
|
30
28
|
newCertificates.push(cert);
|
|
@@ -41,23 +39,22 @@ class SettingsService {
|
|
|
41
39
|
return (_a = this.pemCertificates.get(identifier)) !== null && _a !== void 0 ? _a : [];
|
|
42
40
|
}
|
|
43
41
|
}
|
|
44
|
-
|
|
42
|
+
exports.SettingsService = new BaseSettingsService();
|
|
45
43
|
// Initialize default certificates
|
|
46
|
-
|
|
44
|
+
exports.SettingsService.setRootCertificates({
|
|
47
45
|
identifier: 'android-key',
|
|
48
46
|
certificates: [android_key_1.Google_Hardware_Attestation_Root_1, android_key_1.Google_Hardware_Attestation_Root_2],
|
|
49
47
|
});
|
|
50
|
-
|
|
48
|
+
exports.SettingsService.setRootCertificates({
|
|
51
49
|
identifier: 'android-safetynet',
|
|
52
50
|
certificates: [android_safetynet_1.GlobalSign_Root_CA],
|
|
53
51
|
});
|
|
54
|
-
|
|
52
|
+
exports.SettingsService.setRootCertificates({
|
|
55
53
|
identifier: 'apple',
|
|
56
54
|
certificates: [apple_1.Apple_WebAuthn_Root_CA],
|
|
57
55
|
});
|
|
58
|
-
|
|
56
|
+
exports.SettingsService.setRootCertificates({
|
|
59
57
|
identifier: 'mds',
|
|
60
58
|
certificates: [mds_1.GlobalSign_Root_CA_R3],
|
|
61
59
|
});
|
|
62
|
-
exports.default = settingsService;
|
|
63
60
|
//# sourceMappingURL=settingsService.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"settingsService.js","sourceRoot":"","sources":["../../src/services/settingsService.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"settingsService.js","sourceRoot":"","sources":["../../src/services/settingsService.ts"],"names":[],"mappings":";;;AACA,8EAA2E;AAE3E,4EAA0E;AAC1E,gEAGwC;AACxC,oDAAkE;AAClE,gDAA+D;AAI/D,MAAM,mBAAmB;IAIvB;QACE,IAAI,CAAC,eAAe,GAAG,IAAI,GAAG,EAAE,CAAC;IACnC,CAAC;IAED;;;;;;OAMG;IACH,mBAAmB,CAAC,IAGnB;QACC,MAAM,EAAE,UAAU,EAAE,YAAY,EAAE,GAAG,IAAI,CAAC;QAE1C,MAAM,eAAe,GAAa,EAAE,CAAC;QACrC,KAAK,MAAM,IAAI,IAAI,YAAY,EAAE;YAC/B,IAAI,IAAI,YAAY,MAAM,EAAE;gBAC1B,eAAe,CAAC,IAAI,CAAC,IAAA,+CAAsB,EAAC,IAAI,CAAC,CAAC,CAAC;aACpD;iBAAM;gBACL,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;aAC5B;SACF;QAED,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,UAAU,EAAE,eAAe,CAAC,CAAC;IACxD,CAAC;IAED;;OAEG;IACH,mBAAmB,CAAC,IAAwC;;QAC1D,MAAM,EAAE,UAAU,EAAE,GAAG,IAAI,CAAC;QAC5B,OAAO,MAAA,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,UAAU,CAAC,mCAAI,EAAE,CAAC;IACpD,CAAC;CACF;AAEY,QAAA,eAAe,GAAG,IAAI,mBAAmB,EAAE,CAAC;AAEzD,kCAAkC;AAClC,uBAAe,CAAC,mBAAmB,CAAC;IAClC,UAAU,EAAE,aAAa;IACzB,YAAY,EAAE,CAAC,gDAAkC,EAAE,gDAAkC,CAAC;CACvF,CAAC,CAAC;AAEH,uBAAe,CAAC,mBAAmB,CAAC;IAClC,UAAU,EAAE,mBAAmB;IAC/B,YAAY,EAAE,CAAC,sCAAkB,CAAC;CACnC,CAAC,CAAC;AAEH,uBAAe,CAAC,mBAAmB,CAAC;IAClC,UAAU,EAAE,OAAO;IACnB,YAAY,EAAE,CAAC,8BAAsB,CAAC;CACvC,CAAC,CAAC;AAEH,uBAAe,CAAC,mBAAmB,CAAC;IAClC,UAAU,EAAE,KAAK;IACjB,YAAY,EAAE,CAAC,2BAAqB,CAAC;CACtC,CAAC,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@simplewebauthn/server",
|
|
3
|
-
"version": "5.
|
|
3
|
+
"version": "5.4.0",
|
|
4
4
|
"description": "SimpleWebAuthn for Servers",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
@@ -49,7 +49,7 @@
|
|
|
49
49
|
"@peculiar/asn1-android": "^2.1.7",
|
|
50
50
|
"@peculiar/asn1-schema": "^2.1.7",
|
|
51
51
|
"@peculiar/asn1-x509": "^2.1.7",
|
|
52
|
-
"@simplewebauthn/typescript-types": "^5.
|
|
52
|
+
"@simplewebauthn/typescript-types": "^5.4.0",
|
|
53
53
|
"base64url": "^3.0.1",
|
|
54
54
|
"cbor": "^5.1.0",
|
|
55
55
|
"debug": "^4.3.2",
|
|
@@ -59,7 +59,7 @@
|
|
|
59
59
|
"node-fetch": "^2.6.0",
|
|
60
60
|
"node-rsa": "^1.1.1"
|
|
61
61
|
},
|
|
62
|
-
"gitHead": "
|
|
62
|
+
"gitHead": "c41351664e47b0606d49da435298ef588bfe137f",
|
|
63
63
|
"devDependencies": {
|
|
64
64
|
"@types/cbor": "^5.0.1",
|
|
65
65
|
"@types/debug": "^4.1.7",
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"verifyTPM.js","sourceRoot":"","sources":["../../../../src/registration/verifications/tpm/verifyTPM.ts"],"names":[],"mappings":";;;;;AAAA,uDAAkD;AAClD,mDAO6B;AAI7B,2GAAmF;AACnF,0EAA2E;AAC3E,qEAA6C;AAC7C,qGAA6E;AAC7E,uGAA+E;AAC/E,6FAAqE;AACrE,uFAA+D;AAC/D,wFAAgE;AAChE,oHAA4F;AAE5F,2CAA+D;AAC/D,oEAA4C;AAC5C,kEAA0C;AAE3B,KAAK,UAAU,SAAS,CAAC,OAAsC;;IAC5E,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,mBAAmB,EAAE,cAAc,EAAE,gBAAgB,EAAE,GACxF,OAAO,CAAC;IACV,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,OAAO,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC;IAE1D;;OAEG;IACH,IAAI,GAAG,KAAK,KAAK,EAAE;QACjB,MAAM,IAAI,KAAK,CAAC,mBAAmB,GAAG,yBAAyB,CAAC,CAAC;KAClE;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;KACrF;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;KACpE;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,oEAAoE,CAAC,CAAC;KACvF;IAED,IAAI,CAAC,OAAO,EAAE;QACZ,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;KACxE;IAED,IAAI,CAAC,QAAQ,EAAE;QACb,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;KACzE;IAED,MAAM,aAAa,GAAG,IAAA,sBAAY,EAAC,OAAO,CAAC,CAAC;IAC5C,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,UAAU,EAAE,GAAG,aAAa,CAAC;IAE5D,yFAAyF;IACzF,2FAA2F;IAC3F,MAAM,aAAa,GAAG,IAAA,mCAAyB,EAAC,mBAAmB,CAAC,CAAC;IAErE,IAAI,OAAO,KAAK,aAAa,EAAE;QAC7B,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,CAAC,CAAC,CAAC;QACxC,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,CAAC,CAAC,CAAC;QAExC,IAAI,CAAC,CAAC,EAAE;YACN,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;SACxD;QACD,IAAI,CAAC,CAAC,EAAE;YACN,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;SACxD;QAED,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAW,CAAC,EAAE;YAC/B,MAAM,IAAI,KAAK,CAAC,6DAA6D,CAAC,CAAC;SAChF;QAED,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE;YACnB,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;SACrF;QAED,MAAM,OAAO,GAAG,CAAW,CAAC;QAC5B,8FAA8F;QAC9F,MAAM,eAAe,GAAG,UAAU,CAAC,GAAG,CAAC,QAAQ,IAAI,KAAK,CAAC;QAEzD,4CAA4C;QAC5C,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAEjE,IAAI,eAAe,KAAK,IAAI,EAAE;YAC5B,MAAM,IAAI,KAAK,CAAC,6BAA6B,IAAI,cAAc,eAAe,YAAY,CAAC,CAAC;SAC7F;KACF;SAAM,IAAI,OAAO,KAAK,aAAa,EAAE;QACpC;;;WAGG;QACH,MAAM,GAAG,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,GAAG,CAAC,CAAC;QAC5C,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,CAAC,CAAC,CAAC;QACxC,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,CAAC,CAAC,CAAC;QAExC,IAAI,CAAC,GAAG,EAAE;YACR,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;SAC1D;QACD,IAAI,CAAC,CAAC,EAAE;YACN,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;SACxD;QACD,IAAI,CAAC,CAAC,EAAE;YACN,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;SACxD;QAED,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAW,EAAE,CAAW,CAAC,CAAC,CAAC,EAAE;YAC7D,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;SAC/E;QAED,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE;YACnB,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;SACrF;QAED,MAAM,cAAc,GAAG,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC;QAC9C,MAAM,aAAa,GAAG,yBAAa,CAAE,GAAc,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC;QACrE,IAAI,cAAc,KAAK,aAAa,EAAE;YACpC,MAAM,IAAI,KAAK,CACb,mCAAmC,aAAa,gBAAgB,cAAc,aAAa,CAC5F,CAAC;SACH;KACF;SAAM;QACL,MAAM,IAAI,KAAK,CAAC,6BAA6B,OAAO,GAAG,CAAC,CAAC;KAC1D;IAED,MAAM,cAAc,GAAG,IAAA,uBAAa,EAAC,QAAQ,CAAC,CAAC;IAC/C,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,cAAc,CAAC;IAEtE,IAAI,KAAK,KAAK,UAAU,EAAE;QACxB,MAAM,IAAI,KAAK,CAAC,2BAA2B,KAAK,gCAAgC,CAAC,CAAC;KACnF;IAED,IAAI,QAAQ,KAAK,uBAAuB,EAAE;QACxC,MAAM,IAAI,KAAK,CAAC,oBAAoB,QAAQ,2CAA2C,CAAC,CAAC;KAC1F;IAED,mEAAmE;IACnE,MAAM,WAAW,GAAG,IAAA,gBAAM,EAAC,OAAO,EAAE,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC,CAAC;IAE9E,uEAAuE;IACvE,MAAM,YAAY,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,aAAa,EAAE,WAAW,CAAC,CAAC,CAAC;IAE1E,+DAA+D;IAC/D,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,EAAE;QACvC,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;KAC1D;IAED,mEAAmE;IACnE,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC,CAAC;IAEhE,8FAA8F;IAC9F,MAAM,OAAO,GAAW,+BAAW,CAAC,GAAa,CAAC,CAAC;IACnD,MAAM,iBAAiB,GAAG,IAAA,gBAAM,EAAC,aAAa,EAAE,OAAO,CAAC,CAAC;IAEzD,gEAAgE;IAChE,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,iBAAiB,CAAC,EAAE;QACxC,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;KAC/E;IAED;;OAEG;IACH,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE;QAClB,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;KAC/D;IAED,6DAA6D;IAC7D,MAAM,YAAY,GAAG,IAAA,4BAAkB,EAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAChD,MAAM,EAAE,kBAAkB,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,YAAY,CAAC;IAEnF,IAAI,kBAAkB,EAAE;QACtB,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;KAC3E;IAED,mEAAmE;IACnE,IAAI,OAAO,KAAK,CAAC,EAAE;QACjB,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAC;KAC7E;IAED,wCAAwC;IACxC,IAAI,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE;QACnC,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;KAC5D;IAED,4CAA4C;IAC5C,IAAI,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IACrB,IAAI,SAAS,GAAG,GAAG,EAAE;QACnB,MAAM,IAAI,KAAK,CAAC,gCAAgC,SAAS,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;KAChF;IAED,yCAAyC;IACzC,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IACjB,IAAI,QAAQ,GAAG,GAAG,EAAE;QAClB,MAAM,IAAI,KAAK,CAAC,+BAA+B,QAAQ,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;KAC9E;IAED;;OAEG;IACH,MAAM,UAAU,GAAG,uBAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,uBAAW,CAAC,CAAC;IAExD,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,UAAU,EAAE;QACzC,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;KAC7D;IAED,IAAI,qBAAyD,CAAC;IAC9D,IAAI,WAAyC,CAAC;IAC9C,UAAU,CAAC,cAAc,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE;QACjD,IAAI,GAAG,CAAC,MAAM,KAAK,gCAAoB,EAAE;YACvC,qBAAqB,GAAG,uBAAS,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,kCAAsB,CAAC,CAAC;SAChF;aAAM,IAAI,GAAG,CAAC,MAAM,KAAK,6BAAiB,EAAE;YAC3C,WAAW,GAAG,uBAAS,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,4BAAgB,CAAC,CAAC;SAChE;IACH,CAAC,CAAC,CAAC;IAEH,wEAAwE;IACxE,IAAI,CAAC,qBAAqB,EAAE;QAC1B,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;KAC/E;IAED,6FAA6F;IAC7F,SAAS;IACT,IAAI,CAAC,CAAA,MAAA,qBAAqB,CAAC,CAAC,CAAC,CAAC,aAAa,0CAAG,CAAC,EAAE,MAAM,CAAA,EAAE;QACvD,MAAM,IAAI,KAAK,CAAC,oEAAoE,CAAC,CAAC;KACvF;IAED,MAAM,EAAE,oBAAoB,EAAE,aAAa,EAAE,eAAe,EAAE,GAAG,iBAAiB,CAChF,qBAAqB,CAAC,CAAC,CAAC,CAAC,aAAa,CACvC,CAAC;IAEF,IAAI,CAAC,oBAAoB,IAAI,CAAC,aAAa,IAAI,CAAC,eAAe,EAAE;QAC/D,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;KAC/E;IAED,IAAI,CAAC,WAAW,EAAE;QAChB,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;KACjF;IAED,yFAAyF;IACzF,IAAI,CAAC,6BAAiB,CAAC,oBAAoB,CAAC,EAAE;QAC5C,MAAM,IAAI,KAAK,CAAC,qCAAqC,oBAAoB,SAAS,CAAC,CAAC;KACrF;IAED,wFAAwF;IACxF,4CAA4C;IAC5C,IAAI,WAAW,CAAC,CAAC,CAAC,KAAK,cAAc,EAAE;QACrC,MAAM,IAAI,KAAK,CAAC,2BAA2B,WAAW,CAAC,CAAC,CAAC,kCAAkC,CAAC,CAAC;KAC9F;IAED,gGAAgG;IAChG,4DAA4D;IAE5D,wEAAwE;IACxE,MAAM,SAAS,GAAG,MAAM,yBAAe,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;IAC7D,IAAI,SAAS,EAAE;QACb,IAAI;YACF,MAAM,IAAA,uCAA6B,EAAC,SAAS,EAAE,mBAAmB,EAAE,GAAG,CAAC,CAAC;SAC1E;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,GAAG,GAAY,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,QAAQ,CAAC,CAAC;SAC1C;KACF;SAAM;QACL,IAAI;YACF,0FAA0F;YAC1F,MAAM,IAAA,iCAAuB,EAAC,GAAG,CAAC,GAAG,CAAC,gCAAsB,CAAC,EAAE,gBAAgB,CAAC,CAAC;SAClF;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,GAAG,GAAY,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,QAAQ,CAAC,CAAC;SAC1C;KACF;IAED,qFAAqF;IACrF,4EAA4E;IAC5E,MAAM,WAAW,GAAG,IAAA,gCAAsB,EAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACnD,OAAO,IAAA,yBAAe,EAAC,GAAG,EAAE,QAAQ,EAAE,WAAW,EAAE,OAAO,CAAC,CAAC;AAC9D,CAAC;AAhQD,4BAgQC;AAED;;GAEG;AACH,SAAS,iBAAiB,CAAC,IAAU;IAKnC,MAAM,eAAe,GAAG,cAAc,CAAC;IACvC,MAAM,QAAQ,GAAG,cAAc,CAAC;IAChC,MAAM,UAAU,GAAG,cAAc,CAAC;IAElC,IAAI,oBAAwC,CAAC;IAC7C,IAAI,aAAiC,CAAC;IACtC,IAAI,eAAmC,CAAC;IAExC;;;;;;;;;;;;;;;;;;;;;;;;;;;OA2BG;IACH,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE;QACrB,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE;YACrB,IAAI,IAAI,CAAC,IAAI,KAAK,eAAe,EAAE;gBACjC,oBAAoB,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;aAC9C;iBAAM,IAAI,IAAI,CAAC,IAAI,KAAK,QAAQ,EAAE;gBACjC,aAAa,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;aACvC;iBAAM,IAAI,IAAI,CAAC,IAAI,KAAK,UAAU,EAAE;gBACnC,eAAe,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;aACzC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,oBAAoB;QACpB,aAAa;QACb,eAAe;KAChB,CAAC;AACJ,CAAC"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"verifyAndroidKey.js","sourceRoot":"","sources":["../../../src/registration/verifications/verifyAndroidKey.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uDAAkD;AAClD,mDAAkD;AAClD,yDAA8E;AAI9E,kGAA0E;AAC1E,oGAA4E;AAC5E,oFAA4D;AAC5D,qFAAiF;AACjF,qFAA6D;AAC7D,iHAAyF;AAEzF;;GAEG;AACY,KAAK,UAAU,2BAA2B,CACvD,OAAsC;;IAEtC,MAAM,EAAE,QAAQ,EAAE,cAAc,EAAE,OAAO,EAAE,mBAAmB,EAAE,MAAM,EAAE,gBAAgB,EAAE,GACxF,OAAO,CAAC;IACV,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;IAElC,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,2EAA2E,CAAC,CAAC;KAC9F;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,yEAAyE,CAAC,CAAC;KAC5F;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;KAC3E;IAED,uFAAuF;IACvF,kDAAkD;IAClD,MAAM,UAAU,GAAG,uBAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,uBAAW,CAAC,CAAC;IACxD,MAAM,gBAAgB,GAAG,MAAM,CAAC,IAAI,CAClC,UAAU,CAAC,cAAc,CAAC,oBAAoB,CAAC,gBAAgB,CAChE,CAAC;IAEF,0CAA0C;IAC1C,MAAM,cAAc,GAAG,IAAA,2BAAiB,EAAC,mBAAmB,CAAC,CAAC;IAE9D,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,gBAAgB,CAAC,EAAE;QAC5C,MAAM,IAAI,KAAK,CAAC,wEAAwE,CAAC,CAAC;KAC3F;IAED,4DAA4D;IAC5D,MAAM,WAAW,GAAG,MAAA,UAAU,CAAC,cAAc,CAAC,UAAU,0CAAE,IAAI,CAC5D,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,MAAM,KAAK,mCAAoB,CAC3C,CAAC;IAEF,IAAI,CAAC,WAAW,EAAE;QAChB,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;KACzE;IAED,MAAM,iBAAiB,GAAG,uBAAS,CAAC,KAAK,CAAC,WAAW,CAAC,SAAS,EAAE,6BAAc,CAAC,CAAC;IAEjF,4BAA4B;IAC5B,MAAM,EAAE,oBAAoB,EAAE,WAAW,EAAE,gBAAgB,EAAE,GAAG,iBAAiB,CAAC;IAElF,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,EAAE;QACpE,MAAM,IAAI,KAAK,CAAC,sEAAsE,CAAC,CAAC;KACzF;IAED,4FAA4F;IAC5F,aAAa;IACb,IAAI,WAAW,CAAC,eAAe,KAAK,SAAS,EAAE;QAC7C,MAAM,IAAI,KAAK,CAAC,gEAAgE,CAAC,CAAC;KACnF;IAED,IAAI,gBAAgB,CAAC,eAAe,KAAK,SAAS,EAAE;QAClD,MAAM,IAAI,KAAK,CAAC,gEAAgE,CAAC,CAAC;KACnF;IAED,MAAM,SAAS,GAAG,MAAM,yBAAe,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;IAC7D,IAAI,SAAS,EAAE;QACb,IAAI;YACF,MAAM,IAAA,uCAA6B,EAAC,SAAS,EAAE,mBAAmB,EAAE,GAAG,CAAC,CAAC;SAC1E;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,GAAG,GAAY,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,eAAe,CAAC,CAAC;SACjD;KACF;SAAM;QACL,IAAI;YACF,0FAA0F;YAC1F,MAAM,IAAA,iCAAuB,EAAC,GAAG,CAAC,GAAG,CAAC,gCAAsB,CAAC,EAAE,gBAAgB,CAAC,CAAC;SAClF;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,GAAG,GAAY,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,eAAe,CAAC,CAAC;SACjD;KACF;IAED,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC,CAAC;IAChE,MAAM,WAAW,GAAG,IAAA,gCAAsB,EAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACnD,MAAM,OAAO,GAAG,+BAAW,CAAC,GAAa,CAAC,CAAC;IAE3C,OAAO,IAAA,yBAAe,EAAC,GAAG,EAAE,aAAa,EAAE,WAAW,EAAE,OAAO,CAAC,CAAC;AACnE,CAAC;AApFD,8CAoFC"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"verifyAndroidSafetyNet.js","sourceRoot":"","sources":["../../../src/registration/verifications/verifyAndroidSafetyNet.ts"],"names":[],"mappings":";;;;;AAAA,0DAAkC;AAIlC,kEAA0C;AAC1C,oFAA4D;AAC5D,0FAAkE;AAClE,oGAA4E;AAC5E,kGAA0E;AAC1E,qFAA6D;AAC7D,iHAAyF;AAEzF;;GAEG;AACY,KAAK,UAAU,iCAAiC,CAC7D,OAAsC;IAEtC,MAAM,EACJ,OAAO,EACP,cAAc,EACd,QAAQ,EACR,MAAM,EACN,gBAAgB,EAChB,iBAAiB,GAAG,IAAI,EACxB,mBAAmB,GACpB,GAAG,OAAO,CAAC;IACZ,MAAM,EAAE,QAAQ,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;IAElC,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;KAC5D;IAED,IAAI,CAAC,QAAQ,EAAE;QACb,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;KACrF;IAED,0BAA0B;IAC1B,MAAM,GAAG,GAAG,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IACtC,MAAM,QAAQ,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAEhC,MAAM,MAAM,GAAuB,IAAI,CAAC,KAAK,CAAC,mBAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC7E,MAAM,OAAO,GAAwB,IAAI,CAAC,KAAK,CAAC,mBAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC/E,MAAM,SAAS,GAA0B,QAAQ,CAAC,CAAC,CAAC,CAAC;IAErD;;OAEG;IACH,MAAM,EAAE,KAAK,EAAE,eAAe,EAAE,WAAW,EAAE,GAAG,OAAO,CAAC;IAExD,IAAI,iBAAiB,EAAE;QACrB,qCAAqC;QACrC,IAAI,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACrB,IAAI,WAAW,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE;YAC5B,MAAM,IAAI,KAAK,CAAC,sBAAsB,WAAW,qBAAqB,GAAG,eAAe,CAAC,CAAC;SAC3F;QAED,+EAA+E;QAC/E,MAAM,kBAAkB,GAAG,WAAW,GAAG,EAAE,GAAG,IAAI,CAAC;QACnD,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACjB,IAAI,kBAAkB,GAAG,GAAG,EAAE;YAC5B,MAAM,IAAI,KAAK,CAAC,sBAAsB,kBAAkB,2BAA2B,CAAC,CAAC;SACtF;KACF;IAED,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC,CAAC;IAC5D,MAAM,WAAW,GAAG,IAAA,gBAAM,EAAC,SAAS,CAAC,CAAC;IACtC,MAAM,aAAa,GAAG,WAAW,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAErD,IAAI,KAAK,KAAK,aAAa,EAAE;QAC3B,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;KAC/D;IAED,IAAI,CAAC,eAAe,EAAE;QACpB,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;KAClE;IACD;;OAEG;IAEH;;OAEG;IACH,MAAM,cAAc,GAAG,mBAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACzD,MAAM,YAAY,GAAG,IAAA,4BAAkB,EAAC,cAAc,CAAC,CAAC;IAExD,MAAM,EAAE,OAAO,EAAE,GAAG,YAAY,CAAC;IAEjC,qDAAqD;IACrD,+FAA+F;IAC/F,IAAI,OAAO,CAAC,EAAE,KAAK,oBAAoB,EAAE;QACvC,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;KACrF;IAED,MAAM,SAAS,GAAG,MAAM,yBAAe,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;IAC7D,IAAI,SAAS,EAAE;QACb,IAAI;YACF,MAAM,IAAA,uCAA6B,EAAC,SAAS,EAAE,mBAAmB,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC;SACjF;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,GAAG,GAAY,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,cAAc,CAAC,CAAC;SAChD;KACF;SAAM;QACL,IAAI;YACF,0FAA0F;YAC1F,MAAM,IAAA,iCAAuB,EAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,gCAAsB,CAAC,EAAE,gBAAgB,CAAC,CAAC;SACzF;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,GAAG,GAAY,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,cAAc,CAAC,CAAC;SAChD;KACF;IACD;;OAEG;IAEH;;OAEG;IACH,MAAM,mBAAmB,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IACzE,MAAM,eAAe,GAAG,mBAAS,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;IAEtD,MAAM,WAAW,GAAG,IAAA,gCAAsB,EAAC,cAAc,CAAC,CAAC;IAC3D,MAAM,QAAQ,GAAG,IAAA,yBAAe,EAAC,eAAe,EAAE,mBAAmB,EAAE,WAAW,CAAC,CAAC;IACpF;;OAEG;IAEH,OAAO,QAAQ,CAAC;AAClB,CAAC;AAjHD,oDAiHC"}
|