diff options
| author | Matthew Miller <matthew@millerti.me> | 2020-05-22 18:22:21 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-05-22 18:22:21 -0700 |
| commit | d6dc6e5bfc588036db2c1b2212b8f8bc74b1c0f5 (patch) | |
| tree | b58d6593de62689f0a13a8ea932e5892aefb29de /packages/server/src/attestation/verifications/verifyAndroidSafetyNet.ts | |
| parent | efe856ed238e7a2be8d847c94ba8e0155b17ce9c (diff) | |
| parent | 2548e4fd6a5e3d82b2f1b348eec442bd318e4872 (diff) | |
Merge pull request #2 from MasterKale/feature/example-site
feature/example-site
Diffstat (limited to 'packages/server/src/attestation/verifications/verifyAndroidSafetyNet.ts')
| -rw-r--r-- | packages/server/src/attestation/verifications/verifyAndroidSafetyNet.ts | 28 |
1 files changed, 15 insertions, 13 deletions
diff --git a/packages/server/src/attestation/verifications/verifyAndroidSafetyNet.ts b/packages/server/src/attestation/verifications/verifyAndroidSafetyNet.ts index 6f5365a..5705065 100644 --- a/packages/server/src/attestation/verifications/verifyAndroidSafetyNet.ts +++ b/packages/server/src/attestation/verifications/verifyAndroidSafetyNet.ts @@ -11,8 +11,7 @@ import toHash from "@helpers/toHash"; import verifySignature from '@helpers/verifySignature'; import convertCOSEtoPKCS from '@helpers/convertCOSEtoPKCS'; import getCertificateInfo from '@helpers/getCertificateInfo'; - -import parseAttestationAuthData from '../parseAttestationAuthData'; +import parseAuthenticatorData from '@helpers/parseAuthenticatorData'; /** @@ -23,6 +22,20 @@ export default function verifyAttestationAndroidSafetyNet( base64ClientDataJSON: string, ): VerifiedAttestation { const { attStmt, authData, fmt } = attestationObject; + const authDataStruct = parseAuthenticatorData(authData); + const { counter, credentialID, COSEPublicKey, flags } = authDataStruct; + + if (!flags.up) { + throw new Error('User was not present for attestation (None)'); + } + + if (!COSEPublicKey) { + throw new Error('No public key was provided by authenticator (SafetyNet)'); + } + + if (!credentialID) { + throw new Error('No credential ID was provided by authenticator (SafetyNet)'); + } if (!attStmt.response) { throw new Error('No response was included in attStmt by authenticator (SafetyNet)'); @@ -107,19 +120,8 @@ export default function verifyAttestationAndroidSafetyNet( if (toReturn.verified) { - const authDataStruct = parseAttestationAuthData(authData); - const { counter, credentialID, COSEPublicKey, flags } = authDataStruct; - toReturn.userVerified = flags.uv; - if (!COSEPublicKey) { - throw new Error('No public key was provided by authenticator (SafetyNet)'); - } - - if (!credentialID) { - throw new Error('No credential ID was provided by authenticator (SafetyNet)'); - } - const publicKey = convertCOSEtoPKCS(COSEPublicKey); toReturn.authenticatorInfo = { |