Add support for three more key crypto algos

2 files changed, 18 insertions, 6 deletions

diff --git a/packages/server/src/attestation/generateAttestationOptions.ts b/packages/server/src/attestation/generateAttestationOptions.ts
index d142740..e845e84 100644
--- a/packages/server/src/attestation/generateAttestationOptions.ts
+++ b/packages/server/src/attestation/generateAttestationOptions.ts
@@ -18,6 +18,15 @@ type Options = {
   extensions?: AuthenticationExtensionsClientInputs,
 };
 
+// Supported crypto algo identifiers
+// See https://w3c.github.io/webauthn/#sctn-alg-identifier
+const supportedCOSEAlgorithIdentifiers = [
+  -7,
+  -35,
+  -36,
+  -8
+];
+
 /**
  * Prepare a value to pass into navigator.credentials.create(...) for authenticator "registration"
  *
@@ -67,12 +76,10 @@ export default function generateAttestationOptions(
       name: userName,
       displayName: userDisplayName,
     },
-    pubKeyCredParams: [
-      {
-        alg: -7,
-        type: 'public-key',
-      },
-    ],
+    pubKeyCredParams: supportedCOSEAlgorithIdentifiers.map(id => ({
+      alg: id,
+      type: 'public-key',
+    })),
     timeout,
     attestation: attestationType,
     excludeCredentials: excludedCredentialIDs.map((id) => ({
diff --git a/packages/server/src/attestation/verifications/verifyPacked.ts b/packages/server/src/attestation/verifications/verifyPacked.ts
index 00135ab..20e27e1 100644
--- a/packages/server/src/attestation/verifications/verifyPacked.ts
+++ b/packages/server/src/attestation/verifications/verifyPacked.ts
@@ -190,9 +190,14 @@ const COSERSASCHEME: { [key: string]: SigningSchemeHash } = {
 };
 
 const COSECRV: { [key: number]: string } = {
+  // alg: -7
   1: 'p256',
+  // alg: -35
   2: 'p384',
+  // alg: -36
   3: 'p521',
+  // alg: -8
+  6: 'ed25519',
 };
 
 const COSEALGHASH: { [key: string]: string } = {