@simplewebauthn/server 5.4.4 → 6.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/authentication/verifyAuthenticationResponse.d.ts +10 -2
- package/dist/authentication/verifyAuthenticationResponse.js +38 -11
- package/dist/authentication/verifyAuthenticationResponse.js.map +1 -1
- package/dist/helpers/convertCOSEtoPKCS.d.ts +5 -1
- package/dist/helpers/convertCOSEtoPKCS.js +6 -5
- package/dist/helpers/convertCOSEtoPKCS.js.map +1 -1
- package/dist/helpers/decodeAuthenticatorExtensions.d.ts +1 -1
- package/dist/helpers/verifySignature.d.ts +14 -1
- package/dist/helpers/verifySignature.js +56 -2
- package/dist/helpers/verifySignature.js.map +1 -1
- package/dist/registration/generateRegistrationOptions.js +30 -9
- package/dist/registration/generateRegistrationOptions.js.map +1 -1
- package/dist/registration/verifications/tpm/verifyAttestationTPM.js +6 -2
- package/dist/registration/verifications/tpm/verifyAttestationTPM.js.map +1 -1
- package/dist/registration/verifications/verifyAttestationAndroidKey.js +6 -2
- package/dist/registration/verifications/verifyAttestationAndroidKey.js.map +1 -1
- package/dist/registration/verifications/verifyAttestationAndroidSafetyNet.js +5 -2
- package/dist/registration/verifications/verifyAttestationAndroidSafetyNet.js.map +1 -1
- package/dist/registration/verifications/verifyAttestationFIDOU2F.js +5 -2
- package/dist/registration/verifications/verifyAttestationFIDOU2F.js.map +1 -1
- package/dist/registration/verifications/verifyAttestationPacked.js +11 -60
- package/dist/registration/verifications/verifyAttestationPacked.js.map +1 -1
- package/package.json +7 -10
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
/// <reference types="node" />
|
|
2
|
-
import { AuthenticationCredentialJSON, AuthenticatorDevice, CredentialDeviceType } from '@simplewebauthn/typescript-types';
|
|
2
|
+
import { AuthenticationCredentialJSON, AuthenticatorDevice, CredentialDeviceType, UserVerificationRequirement } from '@simplewebauthn/typescript-types';
|
|
3
3
|
import { AuthenticationExtensionsAuthenticatorOutputs } from '../helpers/decodeAuthenticatorExtensions';
|
|
4
4
|
export declare type VerifyAuthenticationResponseOpts = {
|
|
5
5
|
credential: AuthenticationCredentialJSON;
|
|
@@ -8,6 +8,9 @@ export declare type VerifyAuthenticationResponseOpts = {
|
|
|
8
8
|
expectedRPID: string | string[];
|
|
9
9
|
authenticator: AuthenticatorDevice;
|
|
10
10
|
requireUserVerification?: boolean;
|
|
11
|
+
advancedFIDOConfig?: {
|
|
12
|
+
userVerification?: UserVerificationRequirement;
|
|
13
|
+
};
|
|
11
14
|
};
|
|
12
15
|
/**
|
|
13
16
|
* Verify that the user has legitimately completed the login process
|
|
@@ -22,8 +25,13 @@ export declare type VerifyAuthenticationResponseOpts = {
|
|
|
22
25
|
* @param authenticator An internal {@link AuthenticatorDevice} matching the credential's ID
|
|
23
26
|
* @param requireUserVerification (Optional) Enforce user verification by the authenticator
|
|
24
27
|
* (via PIN, fingerprint, etc...)
|
|
28
|
+
* @param advancedFIDOConfig (Optional) Options for satisfying more stringent FIDO RP feature
|
|
29
|
+
* requirements
|
|
30
|
+
* @param advancedFIDOConfig.userVerification (Optional) Enable alternative rules for evaluating the
|
|
31
|
+
* User Presence and User Verified flags in authenticator data: UV (and UP) flags are optional
|
|
32
|
+
* unless this value is `"required"`
|
|
25
33
|
*/
|
|
26
|
-
export declare function verifyAuthenticationResponse(options: VerifyAuthenticationResponseOpts): VerifiedAuthenticationResponse
|
|
34
|
+
export declare function verifyAuthenticationResponse(options: VerifyAuthenticationResponseOpts): Promise<VerifiedAuthenticationResponse>;
|
|
27
35
|
/**
|
|
28
36
|
* Result of authentication verification
|
|
29
37
|
*
|
|
@@ -7,7 +7,6 @@ exports.verifyAuthenticationResponse = void 0;
|
|
|
7
7
|
const base64url_1 = __importDefault(require("base64url"));
|
|
8
8
|
const decodeClientDataJSON_1 = require("../helpers/decodeClientDataJSON");
|
|
9
9
|
const toHash_1 = require("../helpers/toHash");
|
|
10
|
-
const convertPublicKeyToPEM_1 = require("../helpers/convertPublicKeyToPEM");
|
|
11
10
|
const verifySignature_1 = require("../helpers/verifySignature");
|
|
12
11
|
const parseAuthenticatorData_1 = require("../helpers/parseAuthenticatorData");
|
|
13
12
|
const isBase64URLString_1 = require("../helpers/isBase64URLString");
|
|
@@ -25,9 +24,14 @@ const parseBackupFlags_1 = require("../helpers/parseBackupFlags");
|
|
|
25
24
|
* @param authenticator An internal {@link AuthenticatorDevice} matching the credential's ID
|
|
26
25
|
* @param requireUserVerification (Optional) Enforce user verification by the authenticator
|
|
27
26
|
* (via PIN, fingerprint, etc...)
|
|
27
|
+
* @param advancedFIDOConfig (Optional) Options for satisfying more stringent FIDO RP feature
|
|
28
|
+
* requirements
|
|
29
|
+
* @param advancedFIDOConfig.userVerification (Optional) Enable alternative rules for evaluating the
|
|
30
|
+
* User Presence and User Verified flags in authenticator data: UV (and UP) flags are optional
|
|
31
|
+
* unless this value is `"required"`
|
|
28
32
|
*/
|
|
29
|
-
function verifyAuthenticationResponse(options) {
|
|
30
|
-
const { credential, expectedChallenge, expectedOrigin, expectedRPID, authenticator, requireUserVerification, } = options;
|
|
33
|
+
async function verifyAuthenticationResponse(options) {
|
|
34
|
+
const { credential, expectedChallenge, expectedOrigin, expectedRPID, authenticator, requireUserVerification, advancedFIDOConfig, } = options;
|
|
31
35
|
const { id, rawId, type: credentialType, response } = credential;
|
|
32
36
|
// Ensure credential specified an ID
|
|
33
37
|
if (!id) {
|
|
@@ -111,17 +115,36 @@ function verifyAuthenticationResponse(options) {
|
|
|
111
115
|
throw new Error(`Unexpected RP ID hash`);
|
|
112
116
|
}
|
|
113
117
|
}
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
|
|
118
|
+
if (advancedFIDOConfig !== undefined) {
|
|
119
|
+
const { userVerification: fidoUserVerification } = advancedFIDOConfig;
|
|
120
|
+
/**
|
|
121
|
+
* Use FIDO Conformance-defined rules for verifying UP and UV flags
|
|
122
|
+
*/
|
|
123
|
+
if (fidoUserVerification === 'required') {
|
|
124
|
+
// Require `flags.uv` be true (implies `flags.up` is true)
|
|
125
|
+
if (!flags.uv) {
|
|
126
|
+
throw new Error('User verification required, but user could not be verified');
|
|
127
|
+
}
|
|
128
|
+
}
|
|
129
|
+
else if (fidoUserVerification === 'preferred' || fidoUserVerification === 'discouraged') {
|
|
130
|
+
// Ignore `flags.uv`
|
|
131
|
+
}
|
|
117
132
|
}
|
|
118
|
-
|
|
119
|
-
|
|
120
|
-
|
|
133
|
+
else {
|
|
134
|
+
/**
|
|
135
|
+
* Use WebAuthn spec-defined rules for verifying UP and UV flags
|
|
136
|
+
*/
|
|
137
|
+
// WebAuthn only requires the user presence flag be true
|
|
138
|
+
if (!flags.up) {
|
|
139
|
+
throw new Error('User not present during authentication');
|
|
140
|
+
}
|
|
141
|
+
// Enforce user verification if required
|
|
142
|
+
if (requireUserVerification && !flags.uv) {
|
|
143
|
+
throw new Error('User verification required, but user could not be verified');
|
|
144
|
+
}
|
|
121
145
|
}
|
|
122
146
|
const clientDataHash = (0, toHash_1.toHash)(base64url_1.default.toBuffer(response.clientDataJSON));
|
|
123
147
|
const signatureBase = Buffer.concat([authDataBuffer, clientDataHash]);
|
|
124
|
-
const publicKey = (0, convertPublicKeyToPEM_1.convertPublicKeyToPEM)(authenticator.credentialPublicKey);
|
|
125
148
|
const signature = base64url_1.default.toBuffer(response.signature);
|
|
126
149
|
if ((counter > 0 || authenticator.counter > 0) && counter <= authenticator.counter) {
|
|
127
150
|
// Error out when the counter in the DB is greater than or equal to the counter in the
|
|
@@ -132,7 +155,11 @@ function verifyAuthenticationResponse(options) {
|
|
|
132
155
|
}
|
|
133
156
|
const { credentialDeviceType, credentialBackedUp } = (0, parseBackupFlags_1.parseBackupFlags)(flags);
|
|
134
157
|
const toReturn = {
|
|
135
|
-
verified: (0, verifySignature_1.verifySignature)(
|
|
158
|
+
verified: await (0, verifySignature_1.verifySignature)({
|
|
159
|
+
signature,
|
|
160
|
+
signatureBase,
|
|
161
|
+
credentialPublicKey: authenticator.credentialPublicKey,
|
|
162
|
+
}),
|
|
136
163
|
authenticationInfo: {
|
|
137
164
|
newCounter: counter,
|
|
138
165
|
credentialID: authenticator.credentialID,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verifyAuthenticationResponse.js","sourceRoot":"","sources":["../../src/authentication/verifyAuthenticationResponse.ts"],"names":[],"mappings":";;;;;;AAAA,0DAAkC;
|
|
1
|
+
{"version":3,"file":"verifyAuthenticationResponse.js","sourceRoot":"","sources":["../../src/authentication/verifyAuthenticationResponse.ts"],"names":[],"mappings":";;;;;;AAAA,0DAAkC;AAQlC,0EAAuE;AACvE,8CAA2C;AAC3C,gEAA6D;AAC7D,8EAA2E;AAC3E,oEAAiE;AACjE,kEAA+D;AAe/D;;;;;;;;;;;;;;;;;;GAkBG;AACI,KAAK,UAAU,4BAA4B,CAChD,OAAyC;IAEzC,MAAM,EACJ,UAAU,EACV,iBAAiB,EACjB,cAAc,EACd,YAAY,EACZ,aAAa,EACb,uBAAuB,EACvB,kBAAkB,GACnB,GAAG,OAAO,CAAC;IACZ,MAAM,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,GAAG,UAAU,CAAC;IAEjE,oCAAoC;IACpC,IAAI,CAAC,EAAE,EAAE;QACP,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;KAC1C;IAED,iCAAiC;IACjC,IAAI,EAAE,KAAK,KAAK,EAAE;QAChB,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;KAC5D;IAED,0CAA0C;IAC1C,IAAI,cAAc,KAAK,YAAY,EAAE;QACnC,MAAM,IAAI,KAAK,CAAC,8BAA8B,cAAc,yBAAyB,CAAC,CAAC;KACxF;IAED,IAAI,CAAC,QAAQ,EAAE;QACb,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;KAChD;IAED,IAAI,OAAO,CAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,cAAc,CAAA,KAAK,QAAQ,EAAE;QAChD,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;KACxE;IAED,MAAM,cAAc,GAAG,IAAA,2CAAoB,EAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;IAErE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,YAAY,EAAE,GAAG,cAAc,CAAC;IAEjE,6CAA6C;IAC7C,IAAI,IAAI,KAAK,cAAc,EAAE;QAC3B,MAAM,IAAI,KAAK,CAAC,4CAA4C,IAAI,EAAE,CAAC,CAAC;KACrE;IAED,sDAAsD;IACtD,IAAI,OAAO,iBAAiB,KAAK,UAAU,EAAE;QAC3C,IAAI,CAAC,iBAAiB,CAAC,SAAS,CAAC,EAAE;YACjC,MAAM,IAAI,KAAK,CACb,iFAAiF,SAAS,GAAG,CAC9F,CAAC;SACH;KACF;SAAM,IAAI,SAAS,KAAK,iBAAiB,EAAE;QAC1C,MAAM,IAAI,KAAK,CACb,iDAAiD,SAAS,gBAAgB,iBAAiB,GAAG,CAC/F,CAAC;KACH;IAED,oCAAoC;IACpC,IAAI,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE;QACjC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE;YACpC,MAAM,oBAAoB,GAAG,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACvD,MAAM,IAAI,KAAK,CACb,8CAA8C,MAAM,uBAAuB,oBAAoB,EAAE,CAClG,CAAC;SACH;KACF;SAAM;QACL,IAAI,MAAM,KAAK,cAAc,EAAE;YAC7B,MAAM,IAAI,KAAK,CACb,8CAA8C,MAAM,gBAAgB,cAAc,GAAG,CACtF,CAAC;SACH;KACF;IAED,IAAI,CAAC,IAAA,qCAAiB,EAAC,QAAQ,CAAC,iBAAiB,CAAC,EAAE;QAClD,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;KACrF;IAED,IAAI,CAAC,IAAA,qCAAiB,EAAC,QAAQ,CAAC,SAAS,CAAC,EAAE;QAC1C,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAC;KAC7E;IAED,IAAI,QAAQ,CAAC,UAAU,IAAI,OAAO,QAAQ,CAAC,UAAU,KAAK,QAAQ,EAAE;QAClE,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;KACpE;IAED,IAAI,YAAY,EAAE;QAChB,IAAI,OAAO,YAAY,KAAK,QAAQ,EAAE;YACpC,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;SAClE;QAED,IAAI,CAAC,SAAS,EAAE,WAAW,EAAE,cAAc,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE;YAC7E,MAAM,IAAI,KAAK,CAAC,kCAAkC,YAAY,CAAC,MAAM,EAAE,CAAC,CAAC;SAC1E;KACF;IAED,MAAM,cAAc,GAAG,mBAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC;IACtE,MAAM,cAAc,GAAG,IAAA,+CAAsB,EAAC,cAAc,CAAC,CAAC;IAC9D,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,OAAO,EAAE,cAAc,EAAE,GAAG,cAAc,CAAC;IAEpE,yCAAyC;IACzC,IAAI,OAAO,YAAY,KAAK,QAAQ,EAAE;QACpC,MAAM,gBAAgB,GAAG,IAAA,eAAM,EAAC,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC,CAAC;QACpE,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,gBAAgB,CAAC,EAAE;YACtC,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;SAC1C;KACF;SAAM;QACL,kEAAkE;QAClE,MAAM,UAAU,GAAG,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;YAC9C,MAAM,gBAAgB,GAAG,IAAA,eAAM,EAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC;YAChE,OAAO,QAAQ,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;QAC3C,CAAC,CAAC,CAAC;QAEH,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;SAC1C;KACF;IAED,IAAI,kBAAkB,KAAK,SAAS,EAAE;QACpC,MAAM,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,GAAG,kBAAkB,CAAC;QAEtE;;WAEG;QACH,IAAI,oBAAoB,KAAK,UAAU,EAAE;YACvC,0DAA0D;YAC1D,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE;gBACb,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;aAC/E;SACF;aAAM,IAAI,oBAAoB,KAAK,WAAW,IAAI,oBAAoB,KAAK,aAAa,EAAE;YACzF,oBAAoB;SACrB;KACF;SAAM;QACL;;WAEG;QACH,wDAAwD;QACxD,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE;YACb,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;SAC3D;QAED,wCAAwC;QACxC,IAAI,uBAAuB,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE;YACxC,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;SAC/E;KACF;IAED,MAAM,cAAc,GAAG,IAAA,eAAM,EAAC,mBAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,CAAC;IAC3E,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,cAAc,EAAE,cAAc,CAAC,CAAC,CAAC;IAEtE,MAAM,SAAS,GAAG,mBAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;IAEzD,IAAI,CAAC,OAAO,GAAG,CAAC,IAAI,aAAa,CAAC,OAAO,GAAG,CAAC,CAAC,IAAI,OAAO,IAAI,aAAa,CAAC,OAAO,EAAE;QAClF,sFAAsF;QACtF,2FAA2F;QAC3F,sFAAsF;QACtF,gDAAgD;QAChD,MAAM,IAAI,KAAK,CACb,0BAA0B,OAAO,4BAA4B,aAAa,CAAC,OAAO,EAAE,CACrF,CAAC;KACH;IAED,MAAM,EAAE,oBAAoB,EAAE,kBAAkB,EAAE,GAAG,IAAA,mCAAgB,EAAC,KAAK,CAAC,CAAC;IAE7E,MAAM,QAAQ,GAAG;QACf,QAAQ,EAAE,MAAM,IAAA,iCAAe,EAAC;YAC9B,SAAS;YACT,aAAa;YACb,mBAAmB,EAAE,aAAa,CAAC,mBAAmB;SACvD,CAAC;QACF,kBAAkB,EAAE;YAClB,UAAU,EAAE,OAAO;YACnB,YAAY,EAAE,aAAa,CAAC,YAAY;YACxC,oBAAoB;YACpB,kBAAkB;YAClB,6BAA6B,EAAE,cAAc;SAC9C;KACF,CAAC;IAEF,OAAO,QAAQ,CAAC;AAClB,CAAC;AArLD,oEAqLC"}
|
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
/// <reference types="node" />
|
|
2
|
-
import type { SigningSchemeHash } from 'node-rsa';
|
|
3
2
|
import { COSEAlgorithmIdentifier } from '@simplewebauthn/typescript-types';
|
|
4
3
|
/**
|
|
5
4
|
* Takes COSE-encoded public key and converts it to PKCS key
|
|
@@ -29,3 +28,8 @@ export declare const COSECRV: {
|
|
|
29
28
|
export declare const COSEALGHASH: {
|
|
30
29
|
[key: string]: string;
|
|
31
30
|
};
|
|
31
|
+
/**
|
|
32
|
+
* Imported from node-rsa's types
|
|
33
|
+
*/
|
|
34
|
+
declare type SigningSchemeHash = 'pkcs1-ripemd160' | 'pkcs1-md4' | 'pkcs1-md5' | 'pkcs1-sha' | 'pkcs1-sha1' | 'pkcs1-sha224' | 'pkcs1-sha256' | 'pkcs1-sha384' | 'pkcs1-sha512' | 'pss-ripemd160' | 'pss-md4' | 'pss-md5' | 'pss-sha' | 'pss-sha1' | 'pss-sha224' | 'pss-sha256' | 'pss-sha384' | 'pss-sha512';
|
|
35
|
+
export {};
|
|
@@ -56,15 +56,16 @@ exports.COSECRV = {
|
|
|
56
56
|
6: 'ed25519',
|
|
57
57
|
};
|
|
58
58
|
exports.COSEALGHASH = {
|
|
59
|
-
'-257': 'sha256',
|
|
60
|
-
'-258': 'sha384',
|
|
61
|
-
'-259': 'sha512',
|
|
62
59
|
'-65535': 'sha1',
|
|
60
|
+
'-259': 'sha512',
|
|
61
|
+
'-258': 'sha384',
|
|
62
|
+
'-257': 'sha256',
|
|
63
63
|
'-39': 'sha512',
|
|
64
64
|
'-38': 'sha384',
|
|
65
65
|
'-37': 'sha256',
|
|
66
|
-
'-7': 'sha256',
|
|
67
|
-
'-8': 'sha512',
|
|
68
66
|
'-36': 'sha512',
|
|
67
|
+
'-35': 'sha384',
|
|
68
|
+
'-8': 'sha512',
|
|
69
|
+
'-7': 'sha256',
|
|
69
70
|
};
|
|
70
71
|
//# sourceMappingURL=convertCOSEtoPKCS.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"convertCOSEtoPKCS.js","sourceRoot":"","sources":["../../src/helpers/convertCOSEtoPKCS.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"convertCOSEtoPKCS.js","sourceRoot":"","sources":["../../src/helpers/convertCOSEtoPKCS.ts"],"names":[],"mappings":";;;AACA,6CAA+C;AAE/C;;GAEG;AACH,SAAgB,iBAAiB,CAAC,aAAqB;IACrD,MAAM,MAAM,GAAkB,IAAA,4BAAe,EAAC,aAAa,CAAC,CAAC;IAE7D,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IAChC,MAAM,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IACjC,MAAM,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IAEjC,IAAI,CAAC,CAAC,EAAE;QACN,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;KAClD;IAED,IAAI,CAAC,EAAE;QACL,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAW,EAAE,CAAW,CAAC,CAAC,CAAC;KACvD;IAED,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAW,CAAC,CAAC,CAAC;AAC3C,CAAC;AAhBD,8CAgBC;AAID,IAAY,QAQX;AARD,WAAY,QAAQ;IAClB,qCAAO,CAAA;IACP,qCAAO,CAAA;IACP,sCAAQ,CAAA;IACR,kCAAM,CAAA;IACN,kCAAM,CAAA;IACN,kCAAM,CAAA;IACN,kCAAM,CAAA;AACR,CAAC,EARW,QAAQ,GAAR,gBAAQ,KAAR,gBAAQ,QAQnB;AAED,IAAY,OAIX;AAJD,WAAY,OAAO;IACjB,mCAAO,CAAA;IACP,mCAAO,CAAA;IACP,mCAAO,CAAA;AACT,CAAC,EAJW,OAAO,GAAP,eAAO,KAAP,eAAO,QAIlB;AAEY,QAAA,aAAa,GAAyC;IACjE,IAAI,EAAE,YAAY;IAClB,KAAK,EAAE,YAAY;IACnB,KAAK,EAAE,YAAY;IACnB,QAAQ,EAAE,YAAY;IACtB,MAAM,EAAE,cAAc;IACtB,MAAM,EAAE,cAAc;IACtB,MAAM,EAAE,cAAc;CACvB,CAAC;AAEF,0DAA0D;AAC7C,QAAA,OAAO,GAA8B;IAChD,UAAU;IACV,CAAC,EAAE,MAAM;IACT,WAAW;IACX,CAAC,EAAE,MAAM;IACT,WAAW;IACX,CAAC,EAAE,MAAM;IACT,UAAU;IACV,CAAC,EAAE,SAAS;CACb,CAAC;AAEW,QAAA,WAAW,GAA8B;IACpD,QAAQ,EAAE,MAAM;IAChB,MAAM,EAAE,QAAQ;IAChB,MAAM,EAAE,QAAQ;IAChB,MAAM,EAAE,QAAQ;IAChB,KAAK,EAAE,QAAQ;IACf,KAAK,EAAE,QAAQ;IACf,KAAK,EAAE,QAAQ;IACf,KAAK,EAAE,QAAQ;IACf,KAAK,EAAE,QAAQ;IACf,IAAI,EAAE,QAAQ;IACd,IAAI,EAAE,QAAQ;CACf,CAAC"}
|
|
@@ -6,7 +6,7 @@
|
|
|
6
6
|
*/
|
|
7
7
|
export declare function decodeAuthenticatorExtensions(extensionData: Buffer): AuthenticationExtensionsAuthenticatorOutputs | undefined;
|
|
8
8
|
export declare type AuthenticationExtensionsAuthenticatorOutputs = {
|
|
9
|
-
|
|
9
|
+
devicePubKey?: DevicePublicKeyAuthenticatorOutput;
|
|
10
10
|
uvm?: UVMAuthenticatorOutput;
|
|
11
11
|
};
|
|
12
12
|
export declare type DevicePublicKeyAuthenticatorOutput = {
|
|
@@ -1,4 +1,16 @@
|
|
|
1
1
|
/// <reference types="node" />
|
|
2
|
+
declare type VerifySignatureOptsLeafCert = {
|
|
3
|
+
signature: Buffer;
|
|
4
|
+
signatureBase: Buffer;
|
|
5
|
+
leafCert: Buffer;
|
|
6
|
+
hashAlgorithm?: string;
|
|
7
|
+
};
|
|
8
|
+
declare type VerifySignatureOptsCredentialPublicKey = {
|
|
9
|
+
signature: Buffer;
|
|
10
|
+
signatureBase: Buffer;
|
|
11
|
+
credentialPublicKey: Buffer;
|
|
12
|
+
hashAlgorithm?: string;
|
|
13
|
+
};
|
|
2
14
|
/**
|
|
3
15
|
* Verify an authenticator's signature
|
|
4
16
|
*
|
|
@@ -7,4 +19,5 @@
|
|
|
7
19
|
* @param publicKey Authenticator's public key as a PEM certificate
|
|
8
20
|
* @param algo Which algorithm to use to verify the signature (default: `'sha256'`)
|
|
9
21
|
*/
|
|
10
|
-
export declare function verifySignature(
|
|
22
|
+
export declare function verifySignature(opts: VerifySignatureOptsLeafCert | VerifySignatureOptsCredentialPublicKey): Promise<boolean>;
|
|
23
|
+
export {};
|
|
@@ -5,6 +5,11 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
6
|
exports.verifySignature = void 0;
|
|
7
7
|
const crypto_1 = __importDefault(require("crypto"));
|
|
8
|
+
const cbor_1 = __importDefault(require("cbor"));
|
|
9
|
+
const ed25519_1 = require("@noble/ed25519");
|
|
10
|
+
const convertCOSEtoPKCS_1 = require("./convertCOSEtoPKCS");
|
|
11
|
+
const convertCertBufferToPEM_1 = require("./convertCertBufferToPEM");
|
|
12
|
+
const convertPublicKeyToPEM_1 = require("./convertPublicKeyToPEM");
|
|
8
13
|
/**
|
|
9
14
|
* Verify an authenticator's signature
|
|
10
15
|
*
|
|
@@ -13,8 +18,57 @@ const crypto_1 = __importDefault(require("crypto"));
|
|
|
13
18
|
* @param publicKey Authenticator's public key as a PEM certificate
|
|
14
19
|
* @param algo Which algorithm to use to verify the signature (default: `'sha256'`)
|
|
15
20
|
*/
|
|
16
|
-
function verifySignature(
|
|
17
|
-
|
|
21
|
+
async function verifySignature(opts) {
|
|
22
|
+
const { signature, signatureBase, hashAlgorithm = 'sha256' } = opts;
|
|
23
|
+
const _isLeafcertOpts = isLeafCertOpts(opts);
|
|
24
|
+
const _isCredPubKeyOpts = isCredPubKeyOpts(opts);
|
|
25
|
+
if (!_isLeafcertOpts && !_isCredPubKeyOpts) {
|
|
26
|
+
throw new Error('Must declare either "leafCert" or "credentialPublicKey"');
|
|
27
|
+
}
|
|
28
|
+
if (_isLeafcertOpts && _isCredPubKeyOpts) {
|
|
29
|
+
throw new Error('Must not declare both "leafCert" and "credentialPublicKey"');
|
|
30
|
+
}
|
|
31
|
+
let publicKeyPEM = '';
|
|
32
|
+
if (_isCredPubKeyOpts) {
|
|
33
|
+
const { credentialPublicKey } = opts;
|
|
34
|
+
// Decode CBOR to COSE
|
|
35
|
+
let struct;
|
|
36
|
+
try {
|
|
37
|
+
struct = cbor_1.default.decodeAllSync(credentialPublicKey)[0];
|
|
38
|
+
}
|
|
39
|
+
catch (err) {
|
|
40
|
+
const _err = err;
|
|
41
|
+
throw new Error(`Error decoding public key while converting to PEM: ${_err.message}`);
|
|
42
|
+
}
|
|
43
|
+
const kty = struct.get(convertCOSEtoPKCS_1.COSEKEYS.kty);
|
|
44
|
+
if (!kty) {
|
|
45
|
+
throw new Error('Public key was missing kty');
|
|
46
|
+
}
|
|
47
|
+
// Check key type
|
|
48
|
+
if (kty === convertCOSEtoPKCS_1.COSEKTY.OKP) {
|
|
49
|
+
// Verify Ed25519 slightly differently
|
|
50
|
+
const x = struct.get(convertCOSEtoPKCS_1.COSEKEYS.x);
|
|
51
|
+
if (!x) {
|
|
52
|
+
throw new Error('Public key was missing x (OKP)');
|
|
53
|
+
}
|
|
54
|
+
return (0, ed25519_1.verify)(signature, signatureBase, x);
|
|
55
|
+
}
|
|
56
|
+
else {
|
|
57
|
+
// Convert pubKey to PEM for ECC and RSA
|
|
58
|
+
publicKeyPEM = (0, convertPublicKeyToPEM_1.convertPublicKeyToPEM)(credentialPublicKey);
|
|
59
|
+
}
|
|
60
|
+
}
|
|
61
|
+
if (_isLeafcertOpts) {
|
|
62
|
+
const { leafCert } = opts;
|
|
63
|
+
publicKeyPEM = (0, convertCertBufferToPEM_1.convertCertBufferToPEM)(leafCert);
|
|
64
|
+
}
|
|
65
|
+
return crypto_1.default.createVerify(hashAlgorithm).update(signatureBase).verify(publicKeyPEM, signature);
|
|
18
66
|
}
|
|
19
67
|
exports.verifySignature = verifySignature;
|
|
68
|
+
function isLeafCertOpts(opts) {
|
|
69
|
+
return Object.keys(opts).indexOf('leafCert') >= 0;
|
|
70
|
+
}
|
|
71
|
+
function isCredPubKeyOpts(opts) {
|
|
72
|
+
return (Object.keys(opts).indexOf('credentialPublicKey') >= 0);
|
|
73
|
+
}
|
|
20
74
|
//# sourceMappingURL=verifySignature.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verifySignature.js","sourceRoot":"","sources":["../../src/helpers/verifySignature.ts"],"names":[],"mappings":";;;;;;AAAA,oDAA4B;
|
|
1
|
+
{"version":3,"file":"verifySignature.js","sourceRoot":"","sources":["../../src/helpers/verifySignature.ts"],"names":[],"mappings":";;;;;;AAAA,oDAA4B;AAC5B,gDAAwB;AACxB,4CAAyD;AAEzD,2DAAwD;AACxD,qEAAkE;AAClE,mEAAgE;AAgBhE;;;;;;;GAOG;AACI,KAAK,UAAU,eAAe,CACnC,IAA0E;IAE1E,MAAM,EAAE,SAAS,EAAE,aAAa,EAAE,aAAa,GAAG,QAAQ,EAAE,GAAG,IAAI,CAAC;IACpE,MAAM,eAAe,GAAG,cAAc,CAAC,IAAI,CAAC,CAAC;IAC7C,MAAM,iBAAiB,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC;IAEjD,IAAI,CAAC,eAAe,IAAI,CAAC,iBAAiB,EAAE;QAC1C,MAAM,IAAI,KAAK,CAAC,yDAAyD,CAAC,CAAC;KAC5E;IAED,IAAI,eAAe,IAAI,iBAAiB,EAAE;QACxC,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;KAC/E;IAED,IAAI,YAAY,GAAG,EAAE,CAAC;IAEtB,IAAI,iBAAiB,EAAE;QACrB,MAAM,EAAE,mBAAmB,EAAE,GAAG,IAAI,CAAC;QAErC,sBAAsB;QACtB,IAAI,MAAM,CAAC;QACX,IAAI;YACF,MAAM,GAAG,cAAI,CAAC,aAAa,CAAC,mBAAmB,CAAC,CAAC,CAAC,CAAC,CAAC;SACrD;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,GAAG,GAAY,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,sDAAsD,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC;SACvF;QAED,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,4BAAQ,CAAC,GAAG,CAAC,CAAC;QAErC,IAAI,CAAC,GAAG,EAAE;YACR,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;SAC/C;QAED,iBAAiB;QACjB,IAAI,GAAG,KAAK,2BAAO,CAAC,GAAG,EAAE;YACvB,sCAAsC;YACtC,MAAM,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,4BAAQ,CAAC,CAAC,CAAC,CAAC;YAEjC,IAAI,CAAC,CAAC,EAAE;gBACN,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;aACnD;YAED,OAAO,IAAA,gBAAa,EAAC,SAAS,EAAE,aAAa,EAAE,CAAC,CAAC,CAAC;SACnD;aAAM;YACL,wCAAwC;YACxC,YAAY,GAAG,IAAA,6CAAqB,EAAC,mBAAmB,CAAC,CAAC;SAC3D;KACF;IAED,IAAI,eAAe,EAAE;QACnB,MAAM,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC;QAC1B,YAAY,GAAG,IAAA,+CAAsB,EAAC,QAAQ,CAAC,CAAC;KACjD;IAED,OAAO,gBAAM,CAAC,YAAY,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;AAClG,CAAC;AAzDD,0CAyDC;AAED,SAAS,cAAc,CACrB,IAA0E;IAE1E,OAAO,MAAM,CAAC,IAAI,CAAC,IAAmC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;AACnF,CAAC;AAED,SAAS,gBAAgB,CACvB,IAA0E;IAE1E,OAAO,CACL,MAAM,CAAC,IAAI,CAAC,IAA8C,CAAC,CAAC,OAAO,CAAC,qBAAqB,CAAC,IAAI,CAAC,CAChG,CAAC;AACJ,CAAC"}
|
|
@@ -12,10 +12,10 @@ const generateChallenge_1 = require("../helpers/generateChallenge");
|
|
|
12
12
|
* and https://www.iana.org/assignments/cose/cose.xhtml#algorithms
|
|
13
13
|
*/
|
|
14
14
|
exports.supportedCOSEAlgorithmIdentifiers = [
|
|
15
|
+
// EdDSA (In first position to encourage authenticators to use this over ES256)
|
|
16
|
+
-8,
|
|
15
17
|
// ECDSA w/ SHA-256
|
|
16
18
|
-7,
|
|
17
|
-
// EdDSA
|
|
18
|
-
-8,
|
|
19
19
|
// ECDSA w/ SHA-512
|
|
20
20
|
-36,
|
|
21
21
|
// RSASSA-PSS w/ SHA-256
|
|
@@ -80,16 +80,37 @@ function generateRegistrationOptions(options) {
|
|
|
80
80
|
type: 'public-key',
|
|
81
81
|
}));
|
|
82
82
|
/**
|
|
83
|
-
*
|
|
84
|
-
*
|
|
85
|
-
*
|
|
86
|
-
* See https://www.w3.org/TR/webauthn-2/#dom-authenticatorselectioncriteria-requireresidentkey
|
|
83
|
+
* Capture some of the nuances of how `residentKey` and `requireResidentKey` how either is set
|
|
84
|
+
* depending on when either is defined in the options
|
|
87
85
|
*/
|
|
88
|
-
if (authenticatorSelection.residentKey ===
|
|
89
|
-
|
|
86
|
+
if (authenticatorSelection.residentKey === undefined) {
|
|
87
|
+
/**
|
|
88
|
+
* `residentKey`: "If no value is given then the effective value is `required` if
|
|
89
|
+
* requireResidentKey is true or `discouraged` if it is false or absent."
|
|
90
|
+
*
|
|
91
|
+
* See https://www.w3.org/TR/webauthn-2/#dom-authenticatorselectioncriteria-residentkey
|
|
92
|
+
*/
|
|
93
|
+
if (authenticatorSelection.requireResidentKey) {
|
|
94
|
+
authenticatorSelection.residentKey = 'required';
|
|
95
|
+
}
|
|
96
|
+
else {
|
|
97
|
+
/**
|
|
98
|
+
* FIDO Conformance v1.7.2 fails the first test if we do this, even though this is
|
|
99
|
+
* technically compatible with the WebAuthn L2 spec...
|
|
100
|
+
*/
|
|
101
|
+
// authenticatorSelection.residentKey = 'discouraged';
|
|
102
|
+
}
|
|
90
103
|
}
|
|
91
104
|
else {
|
|
92
|
-
|
|
105
|
+
/**
|
|
106
|
+
* `requireResidentKey`: "Relying Parties SHOULD set it to true if, and only if, residentKey is
|
|
107
|
+
* set to "required""
|
|
108
|
+
*
|
|
109
|
+
* Spec says this property defaults to `false` so we should still be okay to assign `false` too
|
|
110
|
+
*
|
|
111
|
+
* See https://www.w3.org/TR/webauthn-2/#dom-authenticatorselectioncriteria-requireresidentkey
|
|
112
|
+
*/
|
|
113
|
+
authenticatorSelection.requireResidentKey = authenticatorSelection.residentKey === 'required';
|
|
93
114
|
}
|
|
94
115
|
return {
|
|
95
116
|
challenge: base64url_1.default.encode(challenge),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"generateRegistrationOptions.js","sourceRoot":"","sources":["../../src/registration/generateRegistrationOptions.ts"],"names":[],"mappings":";;;;;;AASA,0DAAkC;AAElC,oEAAiE;AAiBjE;;;;GAIG;AACU,QAAA,iCAAiC,GAA8B;IAC1E
|
|
1
|
+
{"version":3,"file":"generateRegistrationOptions.js","sourceRoot":"","sources":["../../src/registration/generateRegistrationOptions.ts"],"names":[],"mappings":";;;;;;AASA,0DAAkC;AAElC,oEAAiE;AAiBjE;;;;GAIG;AACU,QAAA,iCAAiC,GAA8B;IAC1E,+EAA+E;IAC/E,CAAC,CAAC;IACF,mBAAmB;IACnB,CAAC,CAAC;IACF,mBAAmB;IACnB,CAAC,EAAE;IACH,wBAAwB;IACxB,CAAC,EAAE;IACH,wBAAwB;IACxB,CAAC,EAAE;IACH,wBAAwB;IACxB,CAAC,EAAE;IACH,+BAA+B;IAC/B,CAAC,GAAG;IACJ,+BAA+B;IAC/B,CAAC,GAAG;IACJ,+BAA+B;IAC/B,CAAC,GAAG;IACJ,mEAAmE;IACnE,CAAC,KAAK;CACP,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,6BAA6B,GAAmC;IACpE,kBAAkB,EAAE,KAAK;IACzB,gBAAgB,EAAE,WAAW;CAC9B,CAAC;AAEF;;;GAGG;AACH,MAAM,4BAA4B,GAAG,yCAAiC,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;AAEnG;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,SAAgB,2BAA2B,CACzC,OAAwC;IAExC,MAAM,EACJ,MAAM,EACN,IAAI,EACJ,MAAM,EACN,QAAQ,EACR,SAAS,GAAG,IAAA,qCAAiB,GAAE,EAC/B,eAAe,GAAG,QAAQ,EAC1B,OAAO,GAAG,KAAK,EACf,eAAe,GAAG,MAAM,EACxB,kBAAkB,GAAG,EAAE,EACvB,sBAAsB,GAAG,6BAA6B,EACtD,UAAU,EACV,qBAAqB,GAAG,4BAA4B,GACrD,GAAG,OAAO,CAAC;IAEZ;;OAEG;IACH,MAAM,gBAAgB,GAAoC,qBAAqB,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;QACzF,GAAG,EAAE,EAAE;QACP,IAAI,EAAE,YAAY;KACnB,CAAC,CAAC,CAAC;IAEJ;;;OAGG;IACH,IAAI,sBAAsB,CAAC,WAAW,KAAK,SAAS,EAAE;QACpD;;;;;WAKG;QACH,IAAI,sBAAsB,CAAC,kBAAkB,EAAE;YAC7C,sBAAsB,CAAC,WAAW,GAAG,UAAU,CAAC;SACjD;aAAM;YACL;;;eAGG;YACH,sDAAsD;SACvD;KACF;SAAM;QACL;;;;;;;WAOG;QACH,sBAAsB,CAAC,kBAAkB,GAAG,sBAAsB,CAAC,WAAW,KAAK,UAAU,CAAC;KAC/F;IAED,OAAO;QACL,SAAS,EAAE,mBAAS,CAAC,MAAM,CAAC,SAAS,CAAC;QACtC,EAAE,EAAE;YACF,IAAI,EAAE,MAAM;YACZ,EAAE,EAAE,IAAI;SACT;QACD,IAAI,EAAE;YACJ,EAAE,EAAE,MAAM;YACV,IAAI,EAAE,QAAQ;YACd,WAAW,EAAE,eAAe;SAC7B;QACD,gBAAgB;QAChB,OAAO;QACP,WAAW,EAAE,eAAe;QAC5B,kBAAkB,EAAE,kBAAkB,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YAClD,GAAG,IAAI;YACP,EAAE,EAAE,mBAAS,CAAC,MAAM,CAAC,IAAI,CAAC,EAAY,CAAC;SACxC,CAAC,CAAC;QACH,sBAAsB;QACtB,UAAU;KACX,CAAC;AACJ,CAAC;AA/ED,kEA+EC"}
|
|
@@ -224,8 +224,12 @@ async function verifyAttestationTPM(options) {
|
|
|
224
224
|
}
|
|
225
225
|
// Verify signature over certInfo with the public key extracted from AIK certificate.
|
|
226
226
|
// In the wise words of Yuriy Ackermann: "Get Martini friend, you are done!"
|
|
227
|
-
|
|
228
|
-
|
|
227
|
+
return (0, verifySignature_1.verifySignature)({
|
|
228
|
+
signature: sig,
|
|
229
|
+
signatureBase: certInfo,
|
|
230
|
+
leafCert: x5c[0],
|
|
231
|
+
hashAlgorithm: hashAlg
|
|
232
|
+
});
|
|
229
233
|
}
|
|
230
234
|
exports.verifyAttestationTPM = verifyAttestationTPM;
|
|
231
235
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verifyAttestationTPM.js","sourceRoot":"","sources":["../../../../src/registration/verifications/tpm/verifyAttestationTPM.ts"],"names":[],"mappings":";;;AAAA,uDAAkD;AAClD,mDAO6B;AAI7B,0FAAuF;AACvF,0EAA2E;AAC3E,oDAAiD;AACjD,oFAAiF;AACjF,sFAAmF;AACnF,4EAAyE;AACzE,sEAAmE;AACnE,uEAAoE;AACpE,mGAAgG;AAEhG,2CAA4E;AAC5E,mDAAgD;AAChD,iDAA8C;AAEvC,KAAK,UAAU,oBAAoB,CAAC,OAAsC;;IAC/E,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,mBAAmB,EAAE,cAAc,EAAE,gBAAgB,EAAE,GACxF,OAAO,CAAC;IACV,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,OAAO,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC;IAE1D;;OAEG;IACH,IAAI,GAAG,KAAK,KAAK,EAAE;QACjB,MAAM,IAAI,KAAK,CAAC,mBAAmB,GAAG,yBAAyB,CAAC,CAAC;KAClE;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;KACrF;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;KACpE;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,oEAAoE,CAAC,CAAC;KACvF;IAED,IAAI,CAAC,OAAO,EAAE;QACZ,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;KACxE;IAED,IAAI,CAAC,QAAQ,EAAE;QACb,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;KACzE;IAED,MAAM,aAAa,GAAG,IAAA,2BAAY,EAAC,OAAO,CAAC,CAAC;IAC5C,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,UAAU,EAAE,GAAG,aAAa,CAAC;IAE5D,yFAAyF;IACzF,2FAA2F;IAC3F,MAAM,aAAa,GAAG,IAAA,qDAAyB,EAAC,mBAAmB,CAAC,CAAC;IAErE,IAAI,OAAO,KAAK,aAAa,EAAE;QAC7B,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,CAAC,CAAC,CAAC;QACxC,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,CAAC,CAAC,CAAC;QAExC,IAAI,CAAC,CAAC,EAAE;YACN,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;SACxD;QACD,IAAI,CAAC,CAAC,EAAE;YACN,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;SACxD;QAED,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAW,CAAC,EAAE;YAC/B,MAAM,IAAI,KAAK,CAAC,6DAA6D,CAAC,CAAC;SAChF;QAED,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE;YACnB,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;SACrF;QAED,MAAM,OAAO,GAAG,CAAW,CAAC;QAC5B,8FAA8F;QAC9F,MAAM,eAAe,GAAG,UAAU,CAAC,GAAG,CAAC,QAAQ,IAAI,KAAK,CAAC;QAEzD,4CAA4C;QAC5C,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAEjE,IAAI,eAAe,KAAK,IAAI,EAAE;YAC5B,MAAM,IAAI,KAAK,CAAC,6BAA6B,IAAI,cAAc,eAAe,YAAY,CAAC,CAAC;SAC7F;KACF;SAAM,IAAI,OAAO,KAAK,aAAa,EAAE;QACpC,MAAM,GAAG,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,GAAG,CAAC,CAAC;QAC5C,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,CAAC,CAAC,CAAC;QACxC,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,CAAC,CAAC,CAAC;QAExC,IAAI,CAAC,GAAG,EAAE;YACR,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;SAC1D;QACD,IAAI,CAAC,CAAC,EAAE;YACN,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;SACxD;QACD,IAAI,CAAC,CAAC,EAAE;YACN,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;SACxD;QAED,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAW,EAAE,CAAW,CAAC,CAAC,CAAC,EAAE;YAC7D,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;SAC/E;QAED,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE;YACnB,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;SACrF;QAED,MAAM,cAAc,GAAG,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC;QAC9C,MAAM,0BAA0B,GAAG,sCAA0B,CAAC,cAAc,CAAC,CAAA;QAC7E,IAAI,0BAA0B,KAAK,GAAG,EAAE;YACtC,MAAM,IAAI,KAAK,CACb,6BAA6B,cAAc,gBAAgB,0BAA0B,4CAA4C,GAAG,aAAa,CAClJ,CAAC;SACH;KACF;SAAM;QACL,MAAM,IAAI,KAAK,CAAC,6BAA6B,OAAO,GAAG,CAAC,CAAC;KAC1D;IAED,MAAM,cAAc,GAAG,IAAA,6BAAa,EAAC,QAAQ,CAAC,CAAC;IAC/C,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,cAAc,CAAC;IAEtE,IAAI,KAAK,KAAK,UAAU,EAAE;QACxB,MAAM,IAAI,KAAK,CAAC,2BAA2B,KAAK,gCAAgC,CAAC,CAAC;KACnF;IAED,IAAI,QAAQ,KAAK,uBAAuB,EAAE;QACxC,MAAM,IAAI,KAAK,CAAC,oBAAoB,QAAQ,2CAA2C,CAAC,CAAC;KAC1F;IAED,mEAAmE;IACnE,MAAM,WAAW,GAAG,IAAA,eAAM,EAAC,OAAO,EAAE,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC,CAAC;IAE9E,uEAAuE;IACvE,MAAM,YAAY,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,aAAa,EAAE,WAAW,CAAC,CAAC,CAAC;IAE1E,+DAA+D;IAC/D,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,EAAE;QACvC,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;KAC1D;IAED,mEAAmE;IACnE,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC,CAAC;IAEhE,8FAA8F;IAC9F,MAAM,OAAO,GAAW,+BAAW,CAAC,GAAa,CAAC,CAAC;IACnD,MAAM,iBAAiB,GAAG,IAAA,eAAM,EAAC,aAAa,EAAE,OAAO,CAAC,CAAC;IAEzD,gEAAgE;IAChE,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,iBAAiB,CAAC,EAAE;QACxC,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;KAC/E;IAED;;OAEG;IACH,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE;QAClB,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;KAC/D;IAED,6DAA6D;IAC7D,MAAM,YAAY,GAAG,IAAA,uCAAkB,EAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAChD,MAAM,EAAE,kBAAkB,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,YAAY,CAAC;IAEnF,IAAI,kBAAkB,EAAE;QACtB,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;KAC3E;IAED,mEAAmE;IACnE,IAAI,OAAO,KAAK,CAAC,EAAE;QACjB,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAC;KAC7E;IAED,wCAAwC;IACxC,IAAI,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE;QACnC,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;KAC5D;IAED,4CAA4C;IAC5C,IAAI,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IACrB,IAAI,SAAS,GAAG,GAAG,EAAE;QACnB,MAAM,IAAI,KAAK,CAAC,gCAAgC,SAAS,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;KAChF;IAED,yCAAyC;IACzC,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IACjB,IAAI,QAAQ,GAAG,GAAG,EAAE;QAClB,MAAM,IAAI,KAAK,CAAC,+BAA+B,QAAQ,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;KAC9E;IAED;;OAEG;IACH,MAAM,UAAU,GAAG,uBAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,uBAAW,CAAC,CAAC;IAExD,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,UAAU,EAAE;QACzC,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;KAC7D;IAED,IAAI,qBAAyD,CAAC;IAC9D,IAAI,WAAyC,CAAC;IAC9C,UAAU,CAAC,cAAc,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE;QACjD,IAAI,GAAG,CAAC,MAAM,KAAK,gCAAoB,EAAE;YACvC,qBAAqB,GAAG,uBAAS,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,kCAAsB,CAAC,CAAC;SAChF;aAAM,IAAI,GAAG,CAAC,MAAM,KAAK,6BAAiB,EAAE;YAC3C,WAAW,GAAG,uBAAS,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,4BAAgB,CAAC,CAAC;SAChE;IACH,CAAC,CAAC,CAAC;IAEH,wEAAwE;IACxE,IAAI,CAAC,qBAAqB,EAAE;QAC1B,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;KAC/E;IAED,6FAA6F;IAC7F,SAAS;IACT,IAAI,CAAC,CAAA,MAAA,qBAAqB,CAAC,CAAC,CAAC,CAAC,aAAa,0CAAG,CAAC,EAAE,MAAM,CAAA,EAAE;QACvD,MAAM,IAAI,KAAK,CAAC,oEAAoE,CAAC,CAAC;KACvF;IAED,MAAM,EAAE,oBAAoB,EAAE,aAAa,EAAE,eAAe,EAAE,GAAG,iBAAiB,CAChF,qBAAqB,CAAC,CAAC,CAAC,CAAC,aAAa,CACvC,CAAC;IAEF,IAAI,CAAC,oBAAoB,IAAI,CAAC,aAAa,IAAI,CAAC,eAAe,EAAE;QAC/D,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;KAC/E;IAED,IAAI,CAAC,WAAW,EAAE;QAChB,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;KACjF;IAED,yFAAyF;IACzF,IAAI,CAAC,6BAAiB,CAAC,oBAAoB,CAAC,EAAE;QAC5C,MAAM,IAAI,KAAK,CAAC,qCAAqC,oBAAoB,SAAS,CAAC,CAAC;KACrF;IAED,wFAAwF;IACxF,4CAA4C;IAC5C,IAAI,WAAW,CAAC,CAAC,CAAC,KAAK,cAAc,EAAE;QACrC,MAAM,IAAI,KAAK,CAAC,2BAA2B,WAAW,CAAC,CAAC,CAAC,kCAAkC,CAAC,CAAC;KAC9F;IAED,gGAAgG;IAChG,4DAA4D;IAE5D,wEAAwE;IACxE,MAAM,SAAS,GAAG,MAAM,iCAAe,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;IAC7D,IAAI,SAAS,EAAE;QACb,IAAI;YACF,MAAM,IAAA,6DAA6B,EAAC;gBAClC,SAAS;gBACT,mBAAmB;gBACnB,GAAG;gBACH,uBAAuB,EAAE,GAAG;aAC7B,CAAC,CAAC;SACJ;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,GAAG,GAAY,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,QAAQ,CAAC,CAAC;SAC1C;KACF;SAAM;QACL,IAAI;YACF,0FAA0F;YAC1F,MAAM,IAAA,iDAAuB,EAAC,GAAG,CAAC,GAAG,CAAC,+CAAsB,CAAC,EAAE,gBAAgB,CAAC,CAAC;SAClF;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,GAAG,GAAY,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,QAAQ,CAAC,CAAC;SAC1C;KACF;IAED,qFAAqF;IACrF,4EAA4E;IAC5E,
|
|
1
|
+
{"version":3,"file":"verifyAttestationTPM.js","sourceRoot":"","sources":["../../../../src/registration/verifications/tpm/verifyAttestationTPM.ts"],"names":[],"mappings":";;;AAAA,uDAAkD;AAClD,mDAO6B;AAI7B,0FAAuF;AACvF,0EAA2E;AAC3E,oDAAiD;AACjD,oFAAiF;AACjF,sFAAmF;AACnF,4EAAyE;AACzE,sEAAmE;AACnE,uEAAoE;AACpE,mGAAgG;AAEhG,2CAA4E;AAC5E,mDAAgD;AAChD,iDAA8C;AAEvC,KAAK,UAAU,oBAAoB,CAAC,OAAsC;;IAC/E,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,mBAAmB,EAAE,cAAc,EAAE,gBAAgB,EAAE,GACxF,OAAO,CAAC;IACV,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,OAAO,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC;IAE1D;;OAEG;IACH,IAAI,GAAG,KAAK,KAAK,EAAE;QACjB,MAAM,IAAI,KAAK,CAAC,mBAAmB,GAAG,yBAAyB,CAAC,CAAC;KAClE;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;KACrF;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;KACpE;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,oEAAoE,CAAC,CAAC;KACvF;IAED,IAAI,CAAC,OAAO,EAAE;QACZ,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;KACxE;IAED,IAAI,CAAC,QAAQ,EAAE;QACb,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;KACzE;IAED,MAAM,aAAa,GAAG,IAAA,2BAAY,EAAC,OAAO,CAAC,CAAC;IAC5C,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,UAAU,EAAE,GAAG,aAAa,CAAC;IAE5D,yFAAyF;IACzF,2FAA2F;IAC3F,MAAM,aAAa,GAAG,IAAA,qDAAyB,EAAC,mBAAmB,CAAC,CAAC;IAErE,IAAI,OAAO,KAAK,aAAa,EAAE;QAC7B,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,CAAC,CAAC,CAAC;QACxC,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,CAAC,CAAC,CAAC;QAExC,IAAI,CAAC,CAAC,EAAE;YACN,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;SACxD;QACD,IAAI,CAAC,CAAC,EAAE;YACN,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;SACxD;QAED,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAW,CAAC,EAAE;YAC/B,MAAM,IAAI,KAAK,CAAC,6DAA6D,CAAC,CAAC;SAChF;QAED,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE;YACnB,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;SACrF;QAED,MAAM,OAAO,GAAG,CAAW,CAAC;QAC5B,8FAA8F;QAC9F,MAAM,eAAe,GAAG,UAAU,CAAC,GAAG,CAAC,QAAQ,IAAI,KAAK,CAAC;QAEzD,4CAA4C;QAC5C,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAEjE,IAAI,eAAe,KAAK,IAAI,EAAE;YAC5B,MAAM,IAAI,KAAK,CAAC,6BAA6B,IAAI,cAAc,eAAe,YAAY,CAAC,CAAC;SAC7F;KACF;SAAM,IAAI,OAAO,KAAK,aAAa,EAAE;QACpC,MAAM,GAAG,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,GAAG,CAAC,CAAC;QAC5C,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,CAAC,CAAC,CAAC;QACxC,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,CAAC,CAAC,CAAC;QAExC,IAAI,CAAC,GAAG,EAAE;YACR,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;SAC1D;QACD,IAAI,CAAC,CAAC,EAAE;YACN,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;SACxD;QACD,IAAI,CAAC,CAAC,EAAE;YACN,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;SACxD;QAED,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAW,EAAE,CAAW,CAAC,CAAC,CAAC,EAAE;YAC7D,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;SAC/E;QAED,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE;YACnB,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;SACrF;QAED,MAAM,cAAc,GAAG,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC;QAC9C,MAAM,0BAA0B,GAAG,sCAA0B,CAAC,cAAc,CAAC,CAAA;QAC7E,IAAI,0BAA0B,KAAK,GAAG,EAAE;YACtC,MAAM,IAAI,KAAK,CACb,6BAA6B,cAAc,gBAAgB,0BAA0B,4CAA4C,GAAG,aAAa,CAClJ,CAAC;SACH;KACF;SAAM;QACL,MAAM,IAAI,KAAK,CAAC,6BAA6B,OAAO,GAAG,CAAC,CAAC;KAC1D;IAED,MAAM,cAAc,GAAG,IAAA,6BAAa,EAAC,QAAQ,CAAC,CAAC;IAC/C,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,cAAc,CAAC;IAEtE,IAAI,KAAK,KAAK,UAAU,EAAE;QACxB,MAAM,IAAI,KAAK,CAAC,2BAA2B,KAAK,gCAAgC,CAAC,CAAC;KACnF;IAED,IAAI,QAAQ,KAAK,uBAAuB,EAAE;QACxC,MAAM,IAAI,KAAK,CAAC,oBAAoB,QAAQ,2CAA2C,CAAC,CAAC;KAC1F;IAED,mEAAmE;IACnE,MAAM,WAAW,GAAG,IAAA,eAAM,EAAC,OAAO,EAAE,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC,CAAC;IAE9E,uEAAuE;IACvE,MAAM,YAAY,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,aAAa,EAAE,WAAW,CAAC,CAAC,CAAC;IAE1E,+DAA+D;IAC/D,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,EAAE;QACvC,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;KAC1D;IAED,mEAAmE;IACnE,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC,CAAC;IAEhE,8FAA8F;IAC9F,MAAM,OAAO,GAAW,+BAAW,CAAC,GAAa,CAAC,CAAC;IACnD,MAAM,iBAAiB,GAAG,IAAA,eAAM,EAAC,aAAa,EAAE,OAAO,CAAC,CAAC;IAEzD,gEAAgE;IAChE,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,iBAAiB,CAAC,EAAE;QACxC,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;KAC/E;IAED;;OAEG;IACH,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE;QAClB,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;KAC/D;IAED,6DAA6D;IAC7D,MAAM,YAAY,GAAG,IAAA,uCAAkB,EAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAChD,MAAM,EAAE,kBAAkB,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,YAAY,CAAC;IAEnF,IAAI,kBAAkB,EAAE;QACtB,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;KAC3E;IAED,mEAAmE;IACnE,IAAI,OAAO,KAAK,CAAC,EAAE;QACjB,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAC;KAC7E;IAED,wCAAwC;IACxC,IAAI,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE;QACnC,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;KAC5D;IAED,4CAA4C;IAC5C,IAAI,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IACrB,IAAI,SAAS,GAAG,GAAG,EAAE;QACnB,MAAM,IAAI,KAAK,CAAC,gCAAgC,SAAS,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;KAChF;IAED,yCAAyC;IACzC,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IACjB,IAAI,QAAQ,GAAG,GAAG,EAAE;QAClB,MAAM,IAAI,KAAK,CAAC,+BAA+B,QAAQ,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;KAC9E;IAED;;OAEG;IACH,MAAM,UAAU,GAAG,uBAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,uBAAW,CAAC,CAAC;IAExD,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,UAAU,EAAE;QACzC,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;KAC7D;IAED,IAAI,qBAAyD,CAAC;IAC9D,IAAI,WAAyC,CAAC;IAC9C,UAAU,CAAC,cAAc,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE;QACjD,IAAI,GAAG,CAAC,MAAM,KAAK,gCAAoB,EAAE;YACvC,qBAAqB,GAAG,uBAAS,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,kCAAsB,CAAC,CAAC;SAChF;aAAM,IAAI,GAAG,CAAC,MAAM,KAAK,6BAAiB,EAAE;YAC3C,WAAW,GAAG,uBAAS,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,4BAAgB,CAAC,CAAC;SAChE;IACH,CAAC,CAAC,CAAC;IAEH,wEAAwE;IACxE,IAAI,CAAC,qBAAqB,EAAE;QAC1B,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;KAC/E;IAED,6FAA6F;IAC7F,SAAS;IACT,IAAI,CAAC,CAAA,MAAA,qBAAqB,CAAC,CAAC,CAAC,CAAC,aAAa,0CAAG,CAAC,EAAE,MAAM,CAAA,EAAE;QACvD,MAAM,IAAI,KAAK,CAAC,oEAAoE,CAAC,CAAC;KACvF;IAED,MAAM,EAAE,oBAAoB,EAAE,aAAa,EAAE,eAAe,EAAE,GAAG,iBAAiB,CAChF,qBAAqB,CAAC,CAAC,CAAC,CAAC,aAAa,CACvC,CAAC;IAEF,IAAI,CAAC,oBAAoB,IAAI,CAAC,aAAa,IAAI,CAAC,eAAe,EAAE;QAC/D,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;KAC/E;IAED,IAAI,CAAC,WAAW,EAAE;QAChB,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;KACjF;IAED,yFAAyF;IACzF,IAAI,CAAC,6BAAiB,CAAC,oBAAoB,CAAC,EAAE;QAC5C,MAAM,IAAI,KAAK,CAAC,qCAAqC,oBAAoB,SAAS,CAAC,CAAC;KACrF;IAED,wFAAwF;IACxF,4CAA4C;IAC5C,IAAI,WAAW,CAAC,CAAC,CAAC,KAAK,cAAc,EAAE;QACrC,MAAM,IAAI,KAAK,CAAC,2BAA2B,WAAW,CAAC,CAAC,CAAC,kCAAkC,CAAC,CAAC;KAC9F;IAED,gGAAgG;IAChG,4DAA4D;IAE5D,wEAAwE;IACxE,MAAM,SAAS,GAAG,MAAM,iCAAe,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;IAC7D,IAAI,SAAS,EAAE;QACb,IAAI;YACF,MAAM,IAAA,6DAA6B,EAAC;gBAClC,SAAS;gBACT,mBAAmB;gBACnB,GAAG;gBACH,uBAAuB,EAAE,GAAG;aAC7B,CAAC,CAAC;SACJ;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,GAAG,GAAY,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,QAAQ,CAAC,CAAC;SAC1C;KACF;SAAM;QACL,IAAI;YACF,0FAA0F;YAC1F,MAAM,IAAA,iDAAuB,EAAC,GAAG,CAAC,GAAG,CAAC,+CAAsB,CAAC,EAAE,gBAAgB,CAAC,CAAC;SAClF;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,GAAG,GAAY,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,QAAQ,CAAC,CAAC;SAC1C;KACF;IAED,qFAAqF;IACrF,4EAA4E;IAC5E,OAAO,IAAA,iCAAe,EAAC;QACrB,SAAS,EAAE,GAAG;QACd,aAAa,EAAE,QAAQ;QACvB,QAAQ,EAAE,GAAG,CAAC,CAAC,CAAC;QAChB,aAAa,EAAE,OAAO;KACvB,CAAC,CAAC;AACL,CAAC;AArQD,oDAqQC;AAED;;GAEG;AACH,SAAS,iBAAiB,CAAC,IAAU;IAKnC,MAAM,eAAe,GAAG,cAAc,CAAC;IACvC,MAAM,QAAQ,GAAG,cAAc,CAAC;IAChC,MAAM,UAAU,GAAG,cAAc,CAAC;IAElC,IAAI,oBAAwC,CAAC;IAC7C,IAAI,aAAiC,CAAC;IACtC,IAAI,eAAmC,CAAC;IAExC;;;;;;;;;;;;;;;;;;;;;;;;;;;OA2BG;IACH,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE;QACrB,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE;YACrB,IAAI,IAAI,CAAC,IAAI,KAAK,eAAe,EAAE;gBACjC,oBAAoB,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;aAC9C;iBAAM,IAAI,IAAI,CAAC,IAAI,KAAK,QAAQ,EAAE;gBACjC,aAAa,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;aACvC;iBAAM,IAAI,IAAI,CAAC,IAAI,KAAK,UAAU,EAAE;gBACnC,eAAe,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;aACzC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,oBAAoB;QACpB,aAAa;QACb,eAAe;KAChB,CAAC;AACJ,CAAC"}
|
|
@@ -80,9 +80,13 @@ async function verifyAttestationAndroidKey(options) {
|
|
|
80
80
|
}
|
|
81
81
|
}
|
|
82
82
|
const signatureBase = Buffer.concat([authData, clientDataHash]);
|
|
83
|
-
const leafCertPEM = (0, convertCertBufferToPEM_1.convertCertBufferToPEM)(x5c[0]);
|
|
84
83
|
const hashAlg = convertCOSEtoPKCS_1.COSEALGHASH[alg];
|
|
85
|
-
return (0, verifySignature_1.verifySignature)(
|
|
84
|
+
return (0, verifySignature_1.verifySignature)({
|
|
85
|
+
signature: sig,
|
|
86
|
+
signatureBase,
|
|
87
|
+
leafCert: x5c[0],
|
|
88
|
+
hashAlgorithm: hashAlg
|
|
89
|
+
});
|
|
86
90
|
}
|
|
87
91
|
exports.verifyAttestationAndroidKey = verifyAttestationAndroidKey;
|
|
88
92
|
//# sourceMappingURL=verifyAttestationAndroidKey.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verifyAttestationAndroidKey.js","sourceRoot":"","sources":["../../../src/registration/verifications/verifyAttestationAndroidKey.ts"],"names":[],"mappings":";;;AAAA,uDAAkD;AAClD,mDAAkD;AAClD,yDAA8E;AAI9E,iFAA8E;AAC9E,mFAAgF;AAChF,mEAAgE;AAChE,uEAAiF;AACjF,oEAAiE;AACjE,gGAA6F;AAE7F;;GAEG;AACI,KAAK,UAAU,2BAA2B,CAC/C,OAAsC;;IAEtC,MAAM,EAAE,QAAQ,EAAE,cAAc,EAAE,OAAO,EAAE,mBAAmB,EAAE,MAAM,EAAE,gBAAgB,EAAE,GACxF,OAAO,CAAC;IACV,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;IAElC,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,2EAA2E,CAAC,CAAC;KAC9F;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,yEAAyE,CAAC,CAAC;KAC5F;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;KAC3E;IAED,uFAAuF;IACvF,kDAAkD;IAClD,MAAM,UAAU,GAAG,uBAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,uBAAW,CAAC,CAAC;IACxD,MAAM,gBAAgB,GAAG,MAAM,CAAC,IAAI,CAClC,UAAU,CAAC,cAAc,CAAC,oBAAoB,CAAC,gBAAgB,CAChE,CAAC;IAEF,0CAA0C;IAC1C,MAAM,cAAc,GAAG,IAAA,qCAAiB,EAAC,mBAAmB,CAAC,CAAC;IAE9D,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,gBAAgB,CAAC,EAAE;QAC5C,MAAM,IAAI,KAAK,CAAC,wEAAwE,CAAC,CAAC;KAC3F;IAED,4DAA4D;IAC5D,MAAM,WAAW,GAAG,MAAA,UAAU,CAAC,cAAc,CAAC,UAAU,0CAAE,IAAI,CAC5D,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,MAAM,KAAK,mCAAoB,CAC3C,CAAC;IAEF,IAAI,CAAC,WAAW,EAAE;QAChB,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;KACzE;IAED,MAAM,iBAAiB,GAAG,uBAAS,CAAC,KAAK,CAAC,WAAW,CAAC,SAAS,EAAE,6BAAc,CAAC,CAAC;IAEjF,4BAA4B;IAC5B,MAAM,EAAE,oBAAoB,EAAE,WAAW,EAAE,gBAAgB,EAAE,GAAG,iBAAiB,CAAC;IAElF,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,EAAE;QACpE,MAAM,IAAI,KAAK,CAAC,sEAAsE,CAAC,CAAC;KACzF;IAED,4FAA4F;IAC5F,aAAa;IACb,IAAI,WAAW,CAAC,eAAe,KAAK,SAAS,EAAE;QAC7C,MAAM,IAAI,KAAK,CAAC,gEAAgE,CAAC,CAAC;KACnF;IAED,IAAI,gBAAgB,CAAC,eAAe,KAAK,SAAS,EAAE;QAClD,MAAM,IAAI,KAAK,CAAC,gEAAgE,CAAC,CAAC;KACnF;IAED,MAAM,SAAS,GAAG,MAAM,iCAAe,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;IAC7D,IAAI,SAAS,EAAE;QACb,IAAI;YACF,MAAM,IAAA,6DAA6B,EAAC;gBAClC,SAAS;gBACT,mBAAmB;gBACnB,GAAG;gBACH,uBAAuB,EAAE,GAAG;aAC7B,CAAC,CAAC;SACJ;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,GAAG,GAAY,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,eAAe,CAAC,CAAC;SACjD;KACF;SAAM;QACL,IAAI;YACF,0FAA0F;YAC1F,MAAM,IAAA,iDAAuB,EAAC,GAAG,CAAC,GAAG,CAAC,+CAAsB,CAAC,EAAE,gBAAgB,CAAC,CAAC;SAClF;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,GAAG,GAAY,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,eAAe,CAAC,CAAC;SACjD;KACF;IAED,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC,CAAC;IAChE,MAAM,
|
|
1
|
+
{"version":3,"file":"verifyAttestationAndroidKey.js","sourceRoot":"","sources":["../../../src/registration/verifications/verifyAttestationAndroidKey.ts"],"names":[],"mappings":";;;AAAA,uDAAkD;AAClD,mDAAkD;AAClD,yDAA8E;AAI9E,iFAA8E;AAC9E,mFAAgF;AAChF,mEAAgE;AAChE,uEAAiF;AACjF,oEAAiE;AACjE,gGAA6F;AAE7F;;GAEG;AACI,KAAK,UAAU,2BAA2B,CAC/C,OAAsC;;IAEtC,MAAM,EAAE,QAAQ,EAAE,cAAc,EAAE,OAAO,EAAE,mBAAmB,EAAE,MAAM,EAAE,gBAAgB,EAAE,GACxF,OAAO,CAAC;IACV,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;IAElC,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,2EAA2E,CAAC,CAAC;KAC9F;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,yEAAyE,CAAC,CAAC;KAC5F;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;KAC3E;IAED,uFAAuF;IACvF,kDAAkD;IAClD,MAAM,UAAU,GAAG,uBAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,uBAAW,CAAC,CAAC;IACxD,MAAM,gBAAgB,GAAG,MAAM,CAAC,IAAI,CAClC,UAAU,CAAC,cAAc,CAAC,oBAAoB,CAAC,gBAAgB,CAChE,CAAC;IAEF,0CAA0C;IAC1C,MAAM,cAAc,GAAG,IAAA,qCAAiB,EAAC,mBAAmB,CAAC,CAAC;IAE9D,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,gBAAgB,CAAC,EAAE;QAC5C,MAAM,IAAI,KAAK,CAAC,wEAAwE,CAAC,CAAC;KAC3F;IAED,4DAA4D;IAC5D,MAAM,WAAW,GAAG,MAAA,UAAU,CAAC,cAAc,CAAC,UAAU,0CAAE,IAAI,CAC5D,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,MAAM,KAAK,mCAAoB,CAC3C,CAAC;IAEF,IAAI,CAAC,WAAW,EAAE;QAChB,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;KACzE;IAED,MAAM,iBAAiB,GAAG,uBAAS,CAAC,KAAK,CAAC,WAAW,CAAC,SAAS,EAAE,6BAAc,CAAC,CAAC;IAEjF,4BAA4B;IAC5B,MAAM,EAAE,oBAAoB,EAAE,WAAW,EAAE,gBAAgB,EAAE,GAAG,iBAAiB,CAAC;IAElF,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,EAAE;QACpE,MAAM,IAAI,KAAK,CAAC,sEAAsE,CAAC,CAAC;KACzF;IAED,4FAA4F;IAC5F,aAAa;IACb,IAAI,WAAW,CAAC,eAAe,KAAK,SAAS,EAAE;QAC7C,MAAM,IAAI,KAAK,CAAC,gEAAgE,CAAC,CAAC;KACnF;IAED,IAAI,gBAAgB,CAAC,eAAe,KAAK,SAAS,EAAE;QAClD,MAAM,IAAI,KAAK,CAAC,gEAAgE,CAAC,CAAC;KACnF;IAED,MAAM,SAAS,GAAG,MAAM,iCAAe,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;IAC7D,IAAI,SAAS,EAAE;QACb,IAAI;YACF,MAAM,IAAA,6DAA6B,EAAC;gBAClC,SAAS;gBACT,mBAAmB;gBACnB,GAAG;gBACH,uBAAuB,EAAE,GAAG;aAC7B,CAAC,CAAC;SACJ;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,GAAG,GAAY,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,eAAe,CAAC,CAAC;SACjD;KACF;SAAM;QACL,IAAI;YACF,0FAA0F;YAC1F,MAAM,IAAA,iDAAuB,EAAC,GAAG,CAAC,GAAG,CAAC,+CAAsB,CAAC,EAAE,gBAAgB,CAAC,CAAC;SAClF;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,GAAG,GAAY,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,eAAe,CAAC,CAAC;SACjD;KACF;IAED,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC,CAAC;IAChE,MAAM,OAAO,GAAG,+BAAW,CAAC,GAAa,CAAC,CAAC;IAE3C,OAAO,IAAA,iCAAe,EAAC;QACrB,SAAS,EAAE,GAAG;QACd,aAAa;QACb,QAAQ,EAAE,GAAG,CAAC,CAAC,CAAC;QAChB,aAAa,EAAE,OAAO;KACvB,CAAC,CAAC;AACL,CAAC;AA7FD,kEA6FC"}
|
|
@@ -103,8 +103,11 @@ async function verifyAttestationAndroidSafetyNet(options) {
|
|
|
103
103
|
*/
|
|
104
104
|
const signatureBaseBuffer = Buffer.from(`${jwtParts[0]}.${jwtParts[1]}`);
|
|
105
105
|
const signatureBuffer = base64url_1.default.toBuffer(SIGNATURE);
|
|
106
|
-
const
|
|
107
|
-
|
|
106
|
+
const verified = await (0, verifySignature_1.verifySignature)({
|
|
107
|
+
signature: signatureBuffer,
|
|
108
|
+
signatureBase: signatureBaseBuffer,
|
|
109
|
+
leafCert: leafCertBuffer,
|
|
110
|
+
});
|
|
108
111
|
/**
|
|
109
112
|
* END Verify Signature
|
|
110
113
|
*/
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verifyAttestationAndroidSafetyNet.js","sourceRoot":"","sources":["../../../src/registration/verifications/verifyAttestationAndroidSafetyNet.ts"],"names":[],"mappings":";;;;;;AAAA,0DAAkC;AAIlC,iDAA8C;AAC9C,mEAAgE;AAChE,yEAAsE;AACtE,mFAAgF;AAChF,iFAA8E;AAC9E,oEAAiE;AACjE,gGAA6F;AAE7F;;GAEG;AACI,KAAK,UAAU,iCAAiC,CACrD,OAAsC;IAEtC,MAAM,EACJ,OAAO,EACP,cAAc,EACd,QAAQ,EACR,MAAM,EACN,gBAAgB,EAChB,iBAAiB,GAAG,IAAI,EACxB,mBAAmB,GACpB,GAAG,OAAO,CAAC;IACZ,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;IAEvC,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;KAC5D;IAED,IAAI,CAAC,QAAQ,EAAE;QACb,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;KACrF;IAED,0BAA0B;IAC1B,MAAM,GAAG,GAAG,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IACtC,MAAM,QAAQ,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAEhC,MAAM,MAAM,GAAuB,IAAI,CAAC,KAAK,CAAC,mBAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC7E,MAAM,OAAO,GAAwB,IAAI,CAAC,KAAK,CAAC,mBAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC/E,MAAM,SAAS,GAA0B,QAAQ,CAAC,CAAC,CAAC,CAAC;IAErD;;OAEG;IACH,MAAM,EAAE,KAAK,EAAE,eAAe,EAAE,WAAW,EAAE,GAAG,OAAO,CAAC;IAExD,IAAI,iBAAiB,EAAE;QACrB,qCAAqC;QACrC,IAAI,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACrB,IAAI,WAAW,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE;YAC5B,MAAM,IAAI,KAAK,CAAC,sBAAsB,WAAW,qBAAqB,GAAG,eAAe,CAAC,CAAC;SAC3F;QAED,+EAA+E;QAC/E,MAAM,kBAAkB,GAAG,WAAW,GAAG,EAAE,GAAG,IAAI,CAAC;QACnD,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACjB,IAAI,kBAAkB,GAAG,GAAG,EAAE;YAC5B,MAAM,IAAI,KAAK,CAAC,sBAAsB,kBAAkB,2BAA2B,CAAC,CAAC;SACtF;KACF;IAED,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC,CAAC;IAC5D,MAAM,WAAW,GAAG,IAAA,eAAM,EAAC,SAAS,CAAC,CAAC;IACtC,MAAM,aAAa,GAAG,WAAW,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAErD,IAAI,KAAK,KAAK,aAAa,EAAE;QAC3B,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;KAC/D;IAED,IAAI,CAAC,eAAe,EAAE;QACpB,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;KAClE;IACD;;OAEG;IAEH;;OAEG;IACH,MAAM,cAAc,GAAG,mBAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACzD,MAAM,YAAY,GAAG,IAAA,uCAAkB,EAAC,cAAc,CAAC,CAAC;IAExD,MAAM,EAAE,OAAO,EAAE,GAAG,YAAY,CAAC;IAEjC,qDAAqD;IACrD,+FAA+F;IAC/F,IAAI,OAAO,CAAC,EAAE,KAAK,oBAAoB,EAAE;QACvC,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;KACrF;IAED,MAAM,SAAS,GAAG,MAAM,iCAAe,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;IAC7D,IAAI,SAAS,EAAE;QACb,IAAI;YACF,MAAM,IAAA,6DAA6B,EAAC;gBAClC,SAAS;gBACT,mBAAmB;gBACnB,GAAG,EAAE,MAAM,CAAC,GAAG;gBACf,uBAAuB,EAAE,GAAG;aAC7B,CAAC,CAAC;SACJ;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,GAAG,GAAY,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,cAAc,CAAC,CAAC;SAChD;KACF;SAAM;QACL,IAAI;YACF,0FAA0F;YAC1F,MAAM,IAAA,iDAAuB,EAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,+CAAsB,CAAC,EAAE,gBAAgB,CAAC,CAAC;SACzF;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,GAAG,GAAY,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,cAAc,CAAC,CAAC;SAChD;KACF;IACD;;OAEG;IAEH;;OAEG;IACH,MAAM,mBAAmB,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IACzE,MAAM,eAAe,GAAG,mBAAS,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;IAEtD,MAAM,
|
|
1
|
+
{"version":3,"file":"verifyAttestationAndroidSafetyNet.js","sourceRoot":"","sources":["../../../src/registration/verifications/verifyAttestationAndroidSafetyNet.ts"],"names":[],"mappings":";;;;;;AAAA,0DAAkC;AAIlC,iDAA8C;AAC9C,mEAAgE;AAChE,yEAAsE;AACtE,mFAAgF;AAChF,iFAA8E;AAC9E,oEAAiE;AACjE,gGAA6F;AAE7F;;GAEG;AACI,KAAK,UAAU,iCAAiC,CACrD,OAAsC;IAEtC,MAAM,EACJ,OAAO,EACP,cAAc,EACd,QAAQ,EACR,MAAM,EACN,gBAAgB,EAChB,iBAAiB,GAAG,IAAI,EACxB,mBAAmB,GACpB,GAAG,OAAO,CAAC;IACZ,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;IAEvC,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;KAC5D;IAED,IAAI,CAAC,QAAQ,EAAE;QACb,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;KACrF;IAED,0BAA0B;IAC1B,MAAM,GAAG,GAAG,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IACtC,MAAM,QAAQ,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAEhC,MAAM,MAAM,GAAuB,IAAI,CAAC,KAAK,CAAC,mBAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC7E,MAAM,OAAO,GAAwB,IAAI,CAAC,KAAK,CAAC,mBAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC/E,MAAM,SAAS,GAA0B,QAAQ,CAAC,CAAC,CAAC,CAAC;IAErD;;OAEG;IACH,MAAM,EAAE,KAAK,EAAE,eAAe,EAAE,WAAW,EAAE,GAAG,OAAO,CAAC;IAExD,IAAI,iBAAiB,EAAE;QACrB,qCAAqC;QACrC,IAAI,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACrB,IAAI,WAAW,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE;YAC5B,MAAM,IAAI,KAAK,CAAC,sBAAsB,WAAW,qBAAqB,GAAG,eAAe,CAAC,CAAC;SAC3F;QAED,+EAA+E;QAC/E,MAAM,kBAAkB,GAAG,WAAW,GAAG,EAAE,GAAG,IAAI,CAAC;QACnD,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACjB,IAAI,kBAAkB,GAAG,GAAG,EAAE;YAC5B,MAAM,IAAI,KAAK,CAAC,sBAAsB,kBAAkB,2BAA2B,CAAC,CAAC;SACtF;KACF;IAED,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC,CAAC;IAC5D,MAAM,WAAW,GAAG,IAAA,eAAM,EAAC,SAAS,CAAC,CAAC;IACtC,MAAM,aAAa,GAAG,WAAW,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAErD,IAAI,KAAK,KAAK,aAAa,EAAE;QAC3B,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;KAC/D;IAED,IAAI,CAAC,eAAe,EAAE;QACpB,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;KAClE;IACD;;OAEG;IAEH;;OAEG;IACH,MAAM,cAAc,GAAG,mBAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACzD,MAAM,YAAY,GAAG,IAAA,uCAAkB,EAAC,cAAc,CAAC,CAAC;IAExD,MAAM,EAAE,OAAO,EAAE,GAAG,YAAY,CAAC;IAEjC,qDAAqD;IACrD,+FAA+F;IAC/F,IAAI,OAAO,CAAC,EAAE,KAAK,oBAAoB,EAAE;QACvC,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;KACrF;IAED,MAAM,SAAS,GAAG,MAAM,iCAAe,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;IAC7D,IAAI,SAAS,EAAE;QACb,IAAI;YACF,MAAM,IAAA,6DAA6B,EAAC;gBAClC,SAAS;gBACT,mBAAmB;gBACnB,GAAG,EAAE,MAAM,CAAC,GAAG;gBACf,uBAAuB,EAAE,GAAG;aAC7B,CAAC,CAAC;SACJ;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,GAAG,GAAY,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,cAAc,CAAC,CAAC;SAChD;KACF;SAAM;QACL,IAAI;YACF,0FAA0F;YAC1F,MAAM,IAAA,iDAAuB,EAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,+CAAsB,CAAC,EAAE,gBAAgB,CAAC,CAAC;SACzF;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,GAAG,GAAY,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,cAAc,CAAC,CAAC;SAChD;KACF;IACD;;OAEG;IAEH;;OAEG;IACH,MAAM,mBAAmB,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IACzE,MAAM,eAAe,GAAG,mBAAS,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;IAEtD,MAAM,QAAQ,GAAG,MAAM,IAAA,iCAAe,EAAC;QACrC,SAAS,EAAE,eAAe;QAC1B,aAAa,EAAE,mBAAmB;QAClC,QAAQ,EAAE,cAAc;KACzB,CAAC,CAAC;IACH;;OAEG;IAEH,OAAO,QAAQ,CAAC;AAClB,CAAC;AAzHD,8EAyHC"}
|
|
@@ -39,8 +39,11 @@ async function verifyAttestationFIDOU2F(options) {
|
|
|
39
39
|
const _err = err;
|
|
40
40
|
throw new Error(`${_err.message} (FIDOU2F)`);
|
|
41
41
|
}
|
|
42
|
-
|
|
43
|
-
|
|
42
|
+
return (0, verifySignature_1.verifySignature)({
|
|
43
|
+
signature: sig,
|
|
44
|
+
signatureBase,
|
|
45
|
+
leafCert: x5c[0],
|
|
46
|
+
});
|
|
44
47
|
}
|
|
45
48
|
exports.verifyAttestationFIDOU2F = verifyAttestationFIDOU2F;
|
|
46
49
|
//# sourceMappingURL=verifyAttestationFIDOU2F.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verifyAttestationFIDOU2F.js","sourceRoot":"","sources":["../../../src/registration/verifications/verifyAttestationFIDOU2F.ts"],"names":[],"mappings":";;;AAEA,uEAAoE;AACpE,iFAA8E;AAC9E,mFAAgF;AAChF,mEAAgE;AAEhE;;GAEG;AACI,KAAK,UAAU,wBAAwB,CAC5C,OAAsC;IAEtC,MAAM,EACJ,OAAO,EACP,cAAc,EACd,QAAQ,EACR,YAAY,EACZ,mBAAmB,EACnB,MAAM,GAAG,EAAE,EACX,gBAAgB,GACjB,GAAG,OAAO,CAAC;IAEZ,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IACzC,MAAM,SAAS,GAAG,IAAA,qCAAiB,EAAC,mBAAmB,CAAC,CAAC;IAEzD,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC;QAClC,YAAY;QACZ,QAAQ;QACR,cAAc;QACd,YAAY;QACZ,SAAS;KACV,CAAC,CAAC;IAEH,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;IAE7B,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,wEAAwE,CAAC,CAAC;KAC3F;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,sEAAsE,CAAC,CAAC;KACzF;IAED,gEAAgE;IAChE,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IAChE,IAAI,WAAW,KAAK,IAAI,EAAE;QACxB,MAAM,IAAI,KAAK,CAAC,WAAW,WAAW,0BAA0B,CAAC,CAAC;KACnE;IAED,IAAI;QACF,0FAA0F;QAC1F,MAAM,IAAA,iDAAuB,EAAC,GAAG,CAAC,GAAG,CAAC,+CAAsB,CAAC,EAAE,gBAAgB,CAAC,CAAC;KAClF;IAAC,OAAO,GAAG,EAAE;QACZ,MAAM,IAAI,GAAG,GAAY,CAAC;QAC1B,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,YAAY,CAAC,CAAC;KAC9C;IAED,
|
|
1
|
+
{"version":3,"file":"verifyAttestationFIDOU2F.js","sourceRoot":"","sources":["../../../src/registration/verifications/verifyAttestationFIDOU2F.ts"],"names":[],"mappings":";;;AAEA,uEAAoE;AACpE,iFAA8E;AAC9E,mFAAgF;AAChF,mEAAgE;AAEhE;;GAEG;AACI,KAAK,UAAU,wBAAwB,CAC5C,OAAsC;IAEtC,MAAM,EACJ,OAAO,EACP,cAAc,EACd,QAAQ,EACR,YAAY,EACZ,mBAAmB,EACnB,MAAM,GAAG,EAAE,EACX,gBAAgB,GACjB,GAAG,OAAO,CAAC;IAEZ,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IACzC,MAAM,SAAS,GAAG,IAAA,qCAAiB,EAAC,mBAAmB,CAAC,CAAC;IAEzD,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC;QAClC,YAAY;QACZ,QAAQ;QACR,cAAc;QACd,YAAY;QACZ,SAAS;KACV,CAAC,CAAC;IAEH,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;IAE7B,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,wEAAwE,CAAC,CAAC;KAC3F;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,sEAAsE,CAAC,CAAC;KACzF;IAED,gEAAgE;IAChE,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IAChE,IAAI,WAAW,KAAK,IAAI,EAAE;QACxB,MAAM,IAAI,KAAK,CAAC,WAAW,WAAW,0BAA0B,CAAC,CAAC;KACnE;IAED,IAAI;QACF,0FAA0F;QAC1F,MAAM,IAAA,iDAAuB,EAAC,GAAG,CAAC,GAAG,CAAC,+CAAsB,CAAC,EAAE,gBAAgB,CAAC,CAAC;KAClF;IAAC,OAAO,GAAG,EAAE;QACZ,MAAM,IAAI,GAAG,GAAY,CAAC;QAC1B,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,YAAY,CAAC,CAAC;KAC9C;IAED,OAAO,IAAA,iCAAe,EAAC;QACrB,SAAS,EAAE,GAAG;QACd,aAAa;QACb,QAAQ,EAAE,GAAG,CAAC,CAAC,CAAC;KACjB,CAAC,CAAC;AACL,CAAC;AArDD,4DAqDC"}
|
|
@@ -1,18 +1,11 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
-
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
-
};
|
|
5
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
3
|
exports.verifyAttestationPacked = void 0;
|
|
7
|
-
const elliptic_1 = __importDefault(require("elliptic"));
|
|
8
|
-
const node_rsa_1 = __importDefault(require("node-rsa"));
|
|
9
4
|
const convertCOSEtoPKCS_1 = require("../../helpers/convertCOSEtoPKCS");
|
|
10
|
-
const toHash_1 = require("../../helpers/toHash");
|
|
11
5
|
const convertCertBufferToPEM_1 = require("../../helpers/convertCertBufferToPEM");
|
|
12
6
|
const validateCertificatePath_1 = require("../../helpers/validateCertificatePath");
|
|
13
7
|
const getCertificateInfo_1 = require("../../helpers/getCertificateInfo");
|
|
14
8
|
const verifySignature_1 = require("../../helpers/verifySignature");
|
|
15
|
-
const decodeCredentialPublicKey_1 = require("../../helpers/decodeCredentialPublicKey");
|
|
16
9
|
const metadataService_1 = require("../../services/metadataService");
|
|
17
10
|
const verifyAttestationWithMetadata_1 = require("../../metadata/verifyAttestationWithMetadata");
|
|
18
11
|
/**
|
|
@@ -29,9 +22,7 @@ async function verifyAttestationPacked(options) {
|
|
|
29
22
|
}
|
|
30
23
|
const signatureBase = Buffer.concat([authData, clientDataHash]);
|
|
31
24
|
let verified = false;
|
|
32
|
-
const pkcsPublicKey = (0, convertCOSEtoPKCS_1.convertCOSEtoPKCS)(credentialPublicKey);
|
|
33
25
|
if (x5c) {
|
|
34
|
-
const leafCert = (0, convertCertBufferToPEM_1.convertCertBufferToPEM)(x5c[0]);
|
|
35
26
|
const { subject, basicConstraintsCA, version, notBefore, notAfter } = (0, getCertificateInfo_1.getCertificateInfo)(x5c[0]);
|
|
36
27
|
const { OU, CN, O, C } = subject;
|
|
37
28
|
if (OU !== 'Authenticator Attestation') {
|
|
@@ -93,60 +84,20 @@ async function verifyAttestationPacked(options) {
|
|
|
93
84
|
throw new Error(`${_err.message} (Packed|Full)`);
|
|
94
85
|
}
|
|
95
86
|
}
|
|
96
|
-
verified = (0, verifySignature_1.verifySignature)(
|
|
87
|
+
verified = await (0, verifySignature_1.verifySignature)({
|
|
88
|
+
signature: sig,
|
|
89
|
+
signatureBase,
|
|
90
|
+
leafCert: x5c[0],
|
|
91
|
+
});
|
|
97
92
|
}
|
|
98
93
|
else {
|
|
99
|
-
const cosePublicKey = (0, decodeCredentialPublicKey_1.decodeCredentialPublicKey)(credentialPublicKey);
|
|
100
|
-
const kty = cosePublicKey.get(convertCOSEtoPKCS_1.COSEKEYS.kty);
|
|
101
|
-
if (!kty) {
|
|
102
|
-
throw new Error('COSE public key was missing kty (Packed|Self)');
|
|
103
|
-
}
|
|
104
94
|
const hashAlg = convertCOSEtoPKCS_1.COSEALGHASH[alg];
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
/**
|
|
112
|
-
* Instantiating the curve here is _very_ computationally heavy - a bit of profiling
|
|
113
|
-
* (in compiled JS, not TS) reported an average of ~125ms to execute this line. The elliptic
|
|
114
|
-
* README states, "better do it once and reuse it", so maybe there's a better way to handle
|
|
115
|
-
* this in a server context, when we can re-use an existing instance.
|
|
116
|
-
*
|
|
117
|
-
* For now, it's worth noting that this line is probably the reason why it can take
|
|
118
|
-
* 5-6 seconds to run tests.
|
|
119
|
-
*/
|
|
120
|
-
const ec = new elliptic_1.default.ec(convertCOSEtoPKCS_1.COSECRV[crv]);
|
|
121
|
-
const key = ec.keyFromPublic(pkcsPublicKey);
|
|
122
|
-
verified = key.verify(signatureBaseHash, sig);
|
|
123
|
-
}
|
|
124
|
-
else if (kty === convertCOSEtoPKCS_1.COSEKTY.RSA) {
|
|
125
|
-
const n = cosePublicKey.get(convertCOSEtoPKCS_1.COSEKEYS.n);
|
|
126
|
-
if (!n) {
|
|
127
|
-
throw new Error('COSE public key was missing n (Packed|RSA)');
|
|
128
|
-
}
|
|
129
|
-
const signingScheme = convertCOSEtoPKCS_1.COSERSASCHEME[alg];
|
|
130
|
-
// TODO: Verify this works
|
|
131
|
-
const key = new node_rsa_1.default();
|
|
132
|
-
key.setOptions({ signingScheme });
|
|
133
|
-
key.importKey({
|
|
134
|
-
n: n,
|
|
135
|
-
e: 65537,
|
|
136
|
-
}, 'components-public');
|
|
137
|
-
verified = key.verify(signatureBase, sig);
|
|
138
|
-
}
|
|
139
|
-
else if (kty === convertCOSEtoPKCS_1.COSEKTY.OKP) {
|
|
140
|
-
const x = cosePublicKey.get(convertCOSEtoPKCS_1.COSEKEYS.x);
|
|
141
|
-
if (!x) {
|
|
142
|
-
throw new Error('COSE public key was missing x (Packed|OKP)');
|
|
143
|
-
}
|
|
144
|
-
const signatureBaseHash = (0, toHash_1.toHash)(signatureBase, hashAlg);
|
|
145
|
-
const key = new elliptic_1.default.eddsa('ed25519');
|
|
146
|
-
key.keyFromPublic(x);
|
|
147
|
-
// TODO: is `publicKey` right here?
|
|
148
|
-
verified = key.verify(signatureBaseHash, sig, pkcsPublicKey);
|
|
149
|
-
}
|
|
95
|
+
verified = await (0, verifySignature_1.verifySignature)({
|
|
96
|
+
signature: sig,
|
|
97
|
+
signatureBase,
|
|
98
|
+
credentialPublicKey,
|
|
99
|
+
hashAlgorithm: hashAlg
|
|
100
|
+
});
|
|
150
101
|
}
|
|
151
102
|
return verified;
|
|
152
103
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verifyAttestationPacked.js","sourceRoot":"","sources":["../../../src/registration/verifications/verifyAttestationPacked.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"verifyAttestationPacked.js","sourceRoot":"","sources":["../../../src/registration/verifications/verifyAttestationPacked.ts"],"names":[],"mappings":";;;AAEA,uEAA8D;AAC9D,iFAA8E;AAC9E,mFAAgF;AAChF,yEAAsE;AACtE,mEAAgE;AAChE,oEAAiE;AACjE,gGAA6F;AAE7F;;GAEG;AACI,KAAK,UAAU,uBAAuB,CAC3C,OAAsC;IAEtC,MAAM,EAAE,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,mBAAmB,EAAE,MAAM,EAAE,gBAAgB,EAAE,GACxF,OAAO,CAAC;IAEV,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;IAElC,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,qEAAqE,CAAC,CAAC;KACxF;IAED,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE;QAC3B,MAAM,IAAI,KAAK,CAAC,8BAA8B,GAAG,4BAA4B,CAAC,CAAC;KAChF;IAED,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC,CAAC;IAEhE,IAAI,QAAQ,GAAG,KAAK,CAAC;IAErB,IAAI,GAAG,EAAE;QACP,MAAM,EAAE,OAAO,EAAE,kBAAkB,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,GAAG,IAAA,uCAAkB,EACtF,GAAG,CAAC,CAAC,CAAC,CACP,CAAC;QAEF,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,OAAO,CAAC;QAEjC,IAAI,EAAE,KAAK,2BAA2B,EAAE;YACtC,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;SACrF;QAED,IAAI,CAAC,EAAE,EAAE;YACP,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;SAC3D;QAED,IAAI,CAAC,CAAC,EAAE;YACN,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;SAC1D;QAED,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE;YACxB,MAAM,IAAI,KAAK,CAAC,iEAAiE,CAAC,CAAC;SACpF;QAED,IAAI,kBAAkB,EAAE;YACtB,MAAM,IAAI,KAAK,CAAC,gEAAgE,CAAC,CAAC;SACnF;QAED,IAAI,OAAO,KAAK,CAAC,EAAE;YACjB,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;SACrF;QAED,IAAI,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACrB,IAAI,SAAS,GAAG,GAAG,EAAE;YACnB,MAAM,IAAI,KAAK,CAAC,gCAAgC,SAAS,CAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAC;SACxF;QAED,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACjB,IAAI,QAAQ,GAAG,GAAG,EAAE;YAClB,MAAM,IAAI,KAAK,CAAC,+BAA+B,QAAQ,CAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAC;SACtF;QAED,gGAAgG;QAChG,4DAA4D;QAE5D,qFAAqF;QACrF,MAAM,SAAS,GAAG,MAAM,iCAAe,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;QAC7D,IAAI,SAAS,EAAE;YACb,yFAAyF;YACzF,gCAAgC;YAChC,IAAI,SAAS,CAAC,gBAAgB,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,EAAE;gBACxD,MAAM,IAAI,KAAK,CAAC,wEAAwE,CAAC,CAAC;aAC3F;YAED,IAAI;gBACF,MAAM,IAAA,6DAA6B,EAAC;oBAClC,SAAS;oBACT,mBAAmB;oBACnB,GAAG;oBACH,uBAAuB,EAAE,GAAG;iBAC7B,CAAC,CAAC;aACJ;YAAC,OAAO,GAAG,EAAE;gBACZ,MAAM,IAAI,GAAG,GAAY,CAAC;gBAC1B,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,gBAAgB,CAAC,CAAC;aAClD;SACF;aAAM;YACL,IAAI;gBACF,0FAA0F;gBAC1F,MAAM,IAAA,iDAAuB,EAAC,GAAG,CAAC,GAAG,CAAC,+CAAsB,CAAC,EAAE,gBAAgB,CAAC,CAAC;aAClF;YAAC,OAAO,GAAG,EAAE;gBACZ,MAAM,IAAI,GAAG,GAAY,CAAC;gBAC1B,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,gBAAgB,CAAC,CAAC;aAClD;SACF;QAED,QAAQ,GAAG,MAAM,IAAA,iCAAe,EAAC;YAC/B,SAAS,EAAE,GAAG;YACd,aAAa;YACb,QAAQ,EAAE,GAAG,CAAC,CAAC,CAAC;SACjB,CAAC,CAAC;KACJ;SAAM;QACL,MAAM,OAAO,GAAW,+BAAW,CAAC,GAAa,CAAC,CAAC;QAEnD,QAAQ,GAAG,MAAM,IAAA,iCAAe,EAAC;YAC/B,SAAS,EAAE,GAAG;YACd,aAAa;YACb,mBAAmB;YACnB,aAAa,EAAE,OAAO;SACvB,CAAC,CAAC;KACJ;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AA/GD,0DA+GC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@simplewebauthn/server",
|
|
3
|
-
"version": "
|
|
3
|
+
"version": "6.1.0",
|
|
4
4
|
"description": "SimpleWebAuthn for Servers",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
@@ -30,7 +30,7 @@
|
|
|
30
30
|
"access": "public"
|
|
31
31
|
},
|
|
32
32
|
"engines": {
|
|
33
|
-
"node": ">=
|
|
33
|
+
"node": ">=14.0.0"
|
|
34
34
|
},
|
|
35
35
|
"scripts": {
|
|
36
36
|
"build": "rimraf dist && tsc",
|
|
@@ -46,27 +46,24 @@
|
|
|
46
46
|
"node"
|
|
47
47
|
],
|
|
48
48
|
"dependencies": {
|
|
49
|
+
"@noble/ed25519": "^1.6.1",
|
|
49
50
|
"@peculiar/asn1-android": "^2.1.7",
|
|
50
51
|
"@peculiar/asn1-schema": "^2.1.7",
|
|
51
52
|
"@peculiar/asn1-x509": "^2.1.7",
|
|
52
|
-
"@simplewebauthn/typescript-types": "^
|
|
53
|
+
"@simplewebauthn/typescript-types": "^6.0.0",
|
|
53
54
|
"base64url": "^3.0.1",
|
|
54
55
|
"cbor": "^5.1.0",
|
|
55
56
|
"debug": "^4.3.2",
|
|
56
|
-
"elliptic": "^6.5.3",
|
|
57
57
|
"jsrsasign": "^10.4.0",
|
|
58
58
|
"jwk-to-pem": "^2.0.4",
|
|
59
|
-
"node-fetch": "^2.6.0"
|
|
60
|
-
"node-rsa": "^1.1.1"
|
|
59
|
+
"node-fetch": "^2.6.0"
|
|
61
60
|
},
|
|
62
|
-
"gitHead": "
|
|
61
|
+
"gitHead": "865a44488e6ab6cda3ab2332008cd2609e24dfed",
|
|
63
62
|
"devDependencies": {
|
|
64
63
|
"@types/cbor": "^5.0.1",
|
|
65
64
|
"@types/debug": "^4.1.7",
|
|
66
|
-
"@types/elliptic": "^6.4.13",
|
|
67
65
|
"@types/jsrsasign": "^8.0.13",
|
|
68
66
|
"@types/jwk-to-pem": "^2.0.1",
|
|
69
|
-
"@types/node-fetch": "^2.5.12"
|
|
70
|
-
"@types/node-rsa": "^1.1.1"
|
|
67
|
+
"@types/node-fetch": "^2.5.12"
|
|
71
68
|
}
|
|
72
69
|
}
|