Add helper to generate challenges

1 files changed, 16 insertions, 0 deletions

diff --git a/packages/server/src/helpers/generateChallenge.ts b/packages/server/src/helpers/generateChallenge.ts
new file mode 100644
index 0000000..44969b3
--- /dev/null
+++ b/packages/server/src/helpers/generateChallenge.ts
@@ -0,0 +1,16 @@
+import crypto from 'crypto';
+
+/**
+ * Generate a suitably random value to be used as an attestation or assertion challenge
+ */
+export default function generateChallenge(): Buffer {
+  /**
+   * WebAuthn spec says that 16 bytes is a good minimum:
+   *
+   * "In order to prevent replay attacks, the challenges MUST contain enough entropy to make
+   * guessing them infeasible. Challenges SHOULD therefore be at least 16 bytes long."
+   *
+   * Just in case, let's double it
+   */
+  return crypto.randomBytes(32);
+}